last executing test programs:

5m44.35220377s ago: executing program 3 (id=1929):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.self_freezing\x00', 0x275a, 0x0)
sync_file_range(r0, 0x6, 0x9fd, 0x3)

5m44.138712283s ago: executing program 3 (id=1932):
syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000300)='./file0\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYRES16=0x0], 0x1, 0xabd, &(0x7f0000005940)="$eJzs3U2MW0cBAODx7nqz2x/ilIQuaWgTCm356abZLOEngqRKhETUVIhLpYpLlKYlIgSJIgFVJZKcuNGqChInfsSpl6ogJHpBUU9cKtFIFVJPhQMHoiAqcSiBxCj2zNvniZ1nb3btdfx90ux43szzzPM+P7+/eROAiTXV+ru8vFAL4fwbrxz+x0N/n78+5UBRotH6O1NK1UMItZieyd7vvel2fPX9F493i2thqfU3pcOTl4t57wwhnAk7w4XQCNvPX3z5raUnjp49cm7X26/uv7Q+Sw8AAJPl6xf2L2/765/v23LltfsPhk3F9LR/3ojpu+J+/8G445/2/6dCZ7pWCmWzWbmZGKbmO8tNdylXrqeelZvpUf9sVn+9R7lN4eb1T5emdVtuGGdpPW6E2tRiR3pqanGxfUweWsf1s7XF0ydPPfv8iBoKrLl/PxBC2FkKh851pjdaOLAB2rDK0NwAbRjLcHB4dV1pto18mYcUmptHvQUCaMuvF97gTH5m4dYU7zbTX/2XH5/qPj+sgWGv/wPVPzvi+oP6f3PWFoe1c7uuTWm50vforpjOryPk9y/1/v7lVzo6p+bXI+p9trPXdYRxub7Qq53TQ27HavVqf75e3K6+HOP0OXylI/eBju9P/j8dl/8x0N0H+fl/QRA2dggd6fqtvFdzxNsfYOPK75trpuujUX5fX56/qSJ/riJ/viL/jor8OyvyYZL97vs/DS/VVs535cf0g50PnyvOs90d4w8N2J78fOSg5+Pz+34Hdav15/cTw0b2h2NPnfjCM09fbN//XyvW/2txfU+HG4343boQC6Tzhfl59eLe/0ZnPVM9yt2TtefuLuVbr7d2lqttXXmfUNrO3NCOhc75Nvcqt6OzXCMrNx/DXNbefP/kjmy+tP8x3d71KOabyZa3ni3HbNaOtF3ZEuO8HbAa6fvb6/7/tH4uhHrt2ZOnTjwW02k9/dN0fdP16XuG3G7g1vXb/2chdPb/uauYXp8qbxc2r0yvtbcLr8f365y+VNRTml76UUu/c9+anm+VXzz+3VPPrPGyw6R7/kcvfPvYqVMnvufFql98dWM0Y5AX6bBlo7THi0Ff7FzvKka8YQLW3e4ft3cCHj35nWPPnXjuxOm9+/btXVra98W9y7tb+/W7y3v3ZWdG0FpgLa386I+6JQAAAAAAAAAAAEC/fnDk8MV33vz8u+3+/yv9/1L//3Tnb+r//5Os/3/eTz71g0/9ALd0yW+VyR6wOpuVq8fw4ay9W7N6tmXzfSTGxTh+sf9/qi5/rmtqz73Z9HqPZPY4gRuelzKbPYMkHy/w4zE+F+NfBxih2nz3yTG+yfOtax+U1vX0fIpSF96m5wOPj/R/a60NpUcapf7fXZ/r1KW/NuNlGD0WR72MQHf/nKjnf/9rZcFH3hahd5gZbn0/n9x1otlzL73fEWwA1saox/9M5z1TfPqPX5u7HlKxy493bi/z55fCIP7yTmd6o48/ud715+P2Dbv+US//sMf/LMa/63v7l42Y11hdvf/5xaV3S9WG7f3Wny9/eg701sHqvxLrT0vzcOiv/uavsvrzC0J9+m9W/x191n/D8u9YXf3/i/Wnj+2RB/utv93i2lRnO+az5UjX//LzxsnVbPnTsz1vUv83Xui2/KscqPFarB8mWdU4s+M6nkW2H1HstK9+/N/ozNqO/1s0Ntus5fdhfC6m04Y43eeQj3cyaPvT/RXpd2Bb9v61it834/+Oty/FuOr7kMb/TetjI/7kl9KtzzKl610+23EZ0xomxXsTdf1vWOFS+zBodfPPjb79wgChOb2K+Yr96hG3v9lsru8JrQojrZyRf/6jPk4Ydf2j/vyr5OP/5vvw+fi/eX4+/m+en4//m+fPx/9Qr/x8/N/888zH/83z783eNx8feKEi/6MV+du75xeH7fdVzL+jIv9jFfm7ivwDHSVS/v03nX+lXK/3v6ci/8GK/E9U5H+yIv+hivxHSvnlMaBT/qcq5r/dpf4ocfnrk7b8MMny/nm+/zA50vWfXt//rRX5wPj62Wt7Dj3922822v3/Z4vzIek63sGYrsfjpx/GdH7dO5TS1/PejOm/Zfkb/XwHTJL8+Rn57/vDFfnA+Er3efl+wwSqzXWfHOOq51b12s9nvHw6xp+J8Wdj/GiMF2O8O8Z7Yrw0pPaxPg69/vv9L9VWjvc3Z/n93k+e9wfqeE5UCGFvn+3Jzw8Mej97/hy/Qd1q/avsDgYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAyU62/y8sLtRDOv/HK4aeOntx9fcqBokSj9XemlKoX84XwWIynY/zL+OLq+y8eL8fXYlwLS6EWasX08OTloqY7Qwhnws5wITTC9vMXX35r6YmjZ4+c2/X2q/svrd8nAAAAALe//wcAAP//di0VJA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x52)
ioctl$FITRIM(r0, 0xc0185879, &(0x7f00000000c0)={0x100000007, 0x8001, 0x9})

5m43.806628003s ago: executing program 3 (id=1935):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$mouse(&(0x7f00000000c0), 0x0, 0x2042)
writev(r0, &(0x7f0000000000)=[{&(0x7f0000000640)="f3", 0xf000}], 0x1)

5m42.784402612s ago: executing program 3 (id=1946):
syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file1\x00', 0x2200050, &(0x7f00000000c0)=ANY=[], 0xfe, 0x1af, &(0x7f0000000580)="$eJzs282O0lAYxvGnlALi99fGlYkL3QiKbtzJBXgD7ghUQixqxA3ExHgpcyfcydwAJDO7WU0nLWUCpMBpOzOF4f9LgDc5fc45JD1wzqICcLAehe+WLDlh5fv+v5eSvn6RVMx5cgCula9zH8Chsk/yngGAfEybdrgPGFvS8enf9iR6OYb7h2mzMCsqkhbyJdP8fyv8fFGUJgv5ctTl1v3L0Sz/Wsv5OwnHr67kq1ty1mV+9v3fvFrO35V0T9J9SQ8kPYzOWo8lPYkZv7My/nPD+QNZBHdfLWs+QwfB6vnW89x3cY329rwT5d/HNy/8hIxjLyhF+YbhfNflP6TMl6N8rf3T68S0F1L2C5go5Lz+benMX13/n83zxc3rH8AGg+Hoe8vz3N8JCicsylEPCeLB5QnHosijqMQ0OSnvlp0ugr+vHZiGaTFftTc5FoDbqv6n/6s+GI7e9vqtrtt1fzQ+fpofu8NzeX3t6RzAnlvenAMAAAAAAAAAAAAAgH30VNKzNEHTB/wAAAAA7IyrfWbIkRT/2B8AAAAAAAAAAAAAAAAAAACA7C4CAAD//3Y4Qng=")
syz_mount_image$fuse(0x0, &(0x7f0000000400)='./file4\x00', 0x1018000, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file4'}}], [], 0x2c})

5m42.289874781s ago: executing program 3 (id=1950):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000007040)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xd}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x89}, @NFTA_EXTHDR_OP={0x8, 0x6, 0x1, 0x0, 0x2}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0xc6}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}}, 0x0)

5m41.730226194s ago: executing program 3 (id=1956):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000001c00010428bd700002dcdf2507e089fe", @ANYRES32=r1, @ANYBLOB="8000e4090a000200bb"], 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x24040040)

5m41.150483359s ago: executing program 32 (id=1956):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000001c00010428bd700002dcdf2507e089fe", @ANYRES32=r1, @ANYBLOB="8000e4090a000200bb"], 0x30}, 0x1, 0x0, 0x0, 0x1}, 0x24040040)

4m37.409726426s ago: executing program 0 (id=2456):
r0 = socket$netlink(0x10, 0x3, 0x4)
bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x25dfdbfb}, 0xc)
bind$netlink(r0, &(0x7f0000000480)={0x10, 0x0, 0x25dfdbfb, 0x400000}, 0xc)

4m37.1724656s ago: executing program 0 (id=2458):
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
sendmmsg$inet(r0, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
connect$tipc(r0, &(0x7f0000000040)=@name={0x1e, 0x2, 0x0, {{0x43, 0x2}}}, 0x10)

4m36.862048248s ago: executing program 0 (id=2460):
syz_mount_image$jfs(&(0x7f00000002c0), &(0x7f0000000040)='./bus\x00', 0xa, &(0x7f0000000340)=ANY=[@ANYRES8=0x0], 0xfa, 0x6158, &(0x7f000000c680)="$eJzs3c1vHGcdB/DfvvolNLV6qEqEkJuWl1KaxEkJgQJtD3Dg0gPKFSVy3SoiBZQElFYWceULB078BSAkjghxRBz4A3rgyo0TJyLZSKCeGDT288Szk93aqe2dtefzkZyZ3zyz9jP73dmXzMw+AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADE97/3g5VORNz4eVqwFPGZ6EV0IxbKejkiFpaX8vr9iHgudprj2YgYzEWUt9/55+mIVyPio7MRW9vrq+Xiywfsx3f/+Pff/fDMW3/7w+Dif/90r/fapPXu3//Vf/784HDbDAAAAG1TFEXRSR/zz6XP992mOwUATEV+/S+SvPzU17/+51t/maX+qNVqtVo9hbqqGO9BtYiIjeptyvcMDscDwAmzER833QUaJP9W60fEmaY7Acy0TtMd4Fhsba+vdlK+nerrwfJuez4XZCT/jc6j6zsmTfdTP8dkWo+vzejFMxP6szClPsySnH+3nv+N3fZhWu+485+WSfkPdy99ap2cf6+ef83pyb87Nv+2yvn3nyj/nvwBAAAAAGCG5f//X2r4+O/c4TflQD7p+O/ylPoAAAAAAAAAAEftsOP/PWL8PwAAAJhZ5Wf10m/O7i2b9F1s5fLrnYinausDLZMulllsuh8AAAAAAAAAAAAA0Cb93XN4r3ciBhHx1OJiURTlT1W9flKHvf1J1/bthzZr+kkeAAB2fXS2di1/J2I+Iq6n7/obLC4uFsX8wmKxWCzM5fezw7n5YqHyuTZPy2VzwwO8Ie4Pi/KXzVduV7Xf5+X92uu/r/xbw6J3gI4dkUG6Nyc0NxQ2ACS7r0ZbXpFOmaJ4etKbDxhh/z+FlmKp6ccVs6/phykAAABw/IqiKDrp67zPpWP+3aY7BQBMRX79rx8XOFTdndAecTS/X61Wq9Vq9aeqq4rxHlSLiNio3qZ8z2A4fgA4YTbi46a7QIPk32r9iHiu6U4AM63TdAc4Flvb66udlG+n+nqQxnfP54KM5L/R2bldvv246X7q55hM6/G1Gb14ZkJ/np1SH2ZJzr9bz//GbvswrXfc+U/LpPyHO5fMtU/Ov1fPv+b05N8dm39b5fz7T5R/T/4AAAAAADDD8v//Lzn+mzcZAAAAAAAAAE6cre311Xzdaz7+/7kx67n+83TK+XeeNP+FNC//Ey3n363l/+Xaer3K/MM39/b/f2+vr/7+3r8+m6cHzX8uz3TSI6uTHhGd9Jc6/TQ9zNY9bnPQG5Z/adDp9vrpnJ9i8E7cituxFpdG1u2m+2OvfWWkvezpYKT98kh7/7H2KyPtg/S9A8VCbr8Qq/GTuB1v77QPR+/2seb3uX+Kfdpz/j3P/62U8+9Xfsr8F1N7pzYtPfyw+9h+X52O+ztv3Pr8Ly8d/+bsazN6j7atqty+8w30Z+c+OTOMn91du3Ph/s179+6sRJqMLL0caXLEcv6DnZ+5vef/F3bb8xNQdX99+OHwifOfFZvRn5j/C5X5cntfmnLfmpDzH6afnP/bqX38/n+S85+8/7/cQH8AAAAAAAAAAAAAAADgkxRFsXOJ6BsRcTVd/9PUtZkAwHTl1/8iycvVarVarVafvrqqGO/1ahERf63epnzP8ItxvwwAmGX/i4h/NN0JGiP/Fsvf91dOX2y6M8BU3X3/gx/dvH177c7dpnsCAAAAAAAAAHxaefzP5cr4zy9GxFJtvZHxX9+M5cOO/9nPM48GGD3igb4n2OwOe93KcOPPx8743Bcmjf99Ph4f/zuPidurbscEg33ah/u0z+3TPj926V5aYy/0qMj5P18Z77zM/1xt+PU2jP9aH/O+DXL+5yuP5zL/L9XWq+Zf/Hbm8t846Iqb0R3J/+K993568e77H7xy672b7669u/bjKysrl65cvXrt2rWL79y6vXZp99/j6fUMyPnnsa+dB9ouOf+cufzbJef/hVTLv11y/l9MtfzbJeef3+/Jv11y/vmzj/zbJef/Uqrl3y45/6+kWv7tsrW9Plfm/3Kq5d8uef//aqrl3y45/1dSLf92yflfSLX82yXnfzHVB8jf18OfIjn/fITL/t8uOf+VVMu/XXL+l1Mt/3bJ+V9JtfzbJef/aqrl3y45/6+lWv7tkvO/mmr5t0vO/+upln+75PyvpVr+7ZLz/0aq5d8uOf9vplr+7ZLzfy3V8m+XnP+3Ui3/dsn5fzvV8m+XnP93Ui3/dsn5v55q+bfL3vf/mzFjxkyeafqZCQAAAAAAAAAAAACom8bpxE1vIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2cHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdi7txi57voO4Gf2Yq8dQgyE4KQG1o4xxlmy60t8oXUx4doApUBCoRds17s2C77htUugSDYNlEgYFVVUTR/aAkJtpKrCqnigFaV5qHp5atoH+lJRVUJqVIUooCK1Fc1WM+f//3tmdnZm1ztez57/5yPZv92ZM3POnDkzu9+1v3sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAZlvfPPP5WlEU9T+NvzYVxYvqH28Y39S47A23egsBAACAlfq/xt/P35EuOLKEGzUt83ev+sdvzs/PzxcfHP7d0S/Pz6crxotidH1RNK6Lrv37h2rNywSPFWO1oabPh3qsfrjH9SM9rh/tcf26Htev73H9WI/rF+yABTaUP49p3Nn2xoebyl1a3FmMNq7b3uFWj9XWDw3Fn+U01Bq3mR89WcwWp4uZYqpl+XLZWmP5b2+tr+sdRVzXUNO6ttSPkB9++kTchlrYx9tb1nX9PqMfvKkY/9EPP33ijy8+e3en2XM3tNxfuZ07t9W387PhknJba8X6tE/idg41beeWDs/JcMt21hq3q3/cvp3PL3E7h69v5qpqf87HiqHGx0839tNI84/10n7aEi7773uLorhyfbPbl1mwrmKo2NhyydD152esPCLr91E/lF5ajCzrON26hOO0Pqe3tx6n7a+J+PxvDbcbWWQbmp+mH3xm3YLnfbnHaVR/1Iu9VtqPwX6/VgblGIzHxdONB/14x2Nwe3j8n96x+DHY8djpcAymx910DG7rdQwOrRtubHN6EmqN21w/Bne3LD/cWFOtMZ/Z0f0YnLx45vzk3Cc/9frZM8dPzZyaObt39+6pvfv3Hzx4cPLk7OmZqfLvG9zbg29jMZReA9vCvouvgde2Ldt8qM5/tX+vw7Eur8NNbcv2+3U40v7gaqvzglx4TJevjYfrO33s6lCxyGus8fzsWvnrMD3uptfhSNPrsOPXlA6vw5ElvA7ry5zftbTvWUaa/nTahpv1tWBT0zHY/v1I+zHY7+9HBuUYHAvHxb/uWvxrwZawvY9PLPf7keEFx2B6uOG9p35J+n5/7GBjdDou76lfcdu64tLczIX7Hz1+8eKF3UUYq+JlTcdK+/G6sekxFQuO16FlH69HZl/1+D0dLt8U9tXY6+t/jS36XNWX2Xd/9+eq8dWt8/5suXRPEUafrfb+7PTVvL4/U5bssj/ry3x2cuXfi6dc2vT+O7rI+2/M/S+U60t39djw6Ej5+h1Oe2e05f249akaabx31Rrrfn5yae/Ho+HPar8f39nl/Xhz27L9fj8ebX9w8f241uunHSvT/nyOhePk9FT39+P6Mpv3LPeYHOn6fnxvmLWw/18XkkLKRU3HzmLHbVrXyMhoeFwjcQ2tx+neluVHQzarr+vJPTd2nO68t7yv4fTorlut43S8bdl+H6fp/Wqx47TW66dvN6b9+RwLx8Wde7sfp/Vlntq38vfODfHDpvfOdb2OwdHhdfVtHk0HYfl+P78hHoP3FyeKc8XpYrpx7brG8VRrrGvigaUdg+vCn9V+r9zc5Rjc2bZsv4/B9HVssWOvNrLwwfdB+/M5Fo6LJx7ofgzWl3nLgf5+77ozXJKWafretf3na4v9zOuett10M3/mVd/OvznQ/Wez9WVOH1xuzuy+n+4Ll9zWYT+1v34Xe01NF6uznzaH7Xz24OL7qb499WW+fGiJx9ORoiguf/zBxs97w7+v/Pml736z5d9dOv2bzuWPP/jc7Sf/djnbD8Da90I5NpZf65r+ZWop//4PAAAArAkx9w+Fmcj/AAAAUBkx98f/FZ7I/wAAAFAZMfePhJlkkv83v+XZ2RcuF6mZPx/E69NueKhcLnZcp8Ln4/PX1S9/8OszP/7Ly0tb91BRFD956Dc6Lr/5obhdpfGwndfe2nr5whteXtL6jz1yfbnm/vpXwv3Hx7PUw6BTBXeqKIpv3/HFxnrGP3S1MZ966Fhjvu/K44/Vl3n+UPl5vP0zLyuX/4NQ/j1y8njL7Z8J++H7YU69s/P+iLf7xtXXbTnwgevri7erbXtx42E/8eHyfuPvyfnSY+XycT8vtv1/9YUnv1Ff/tHXdN7+y0Odt//JcL9fD/N/Xlku3/wc1D+Pt/tc2P64vni7+7/2nY7bf+3z5fLn31YudyzMuP6d4fPtb3t2tnl/PVo73vK4ireXy8X1T333txvXx/uL99++/WNHr7bsj/bj46l/Lu9nsm35eHlcT/QXbeuv30/z8RnX/+RvHWvZz73Wf+19z7yyfr/t67+vbbnhttu3/8amP/zcFzuuL27PkT873/J4jrw3vI7D+p/4cDgew/X/e+2LLeuNjr239f0nLv+VTZdbHk/0jh+V67/2xlON+R/jP/792150+4uvvLq+74ri6feX99dr/af+6FzL9n/1rl2N5yNeHzv67etfTFz/hU9MnD03d2l2ummvNn53zrvK7Vk/tmFjfXvvCO+t7Z8fPXfxIzMXxqfGp4pivLq/Qu+GfS3M58pxZbm33/VIeD7v+b1vb9zxT1+Il//Lw+XlV99Zft16bVjuS+HyTeXzN19b4fqf2HpX4/Vde6r8vKXH3gdbtv/nwSUtGB5/+/cF8Xg///KPNPZD/brG1434ul7h9n9vuryfb4X9Oh9+M/O2u66vr3n5+LsRrr6/fL2veP+Ft7n4vP5JeL7f/f3y/uN2xcf7vfB9zHc2t77fxePjW5eH2u+/8Vs8roT3k+JKeX1cKu7vq8/f1XHz4u8hKa7c3fj8d9L93L2sh7mYuU/OTZ6ePXvp0cmLM3MXJ+c++amjZ85dOnvxaON3eR79aK/bX39/2th4f5qe2b+vmNpQFMW5YmoV3rBuzvbXP1ra9p9/5MT0gakd0zMnj186efGR8zMXTp2YmzsxMz234/jJkzOf6HX72enDu/cc2ntgz8Sp2enDBw8d2ntoYvbsufpmlBvVw/6pj02cvXC0cZO5w/sO7X7ggX1TE2fOTc8cPjA1NXGp1+0bX5sm6rf+9YkLM6ePX5w9MzMxN/upmcO7D+3fv6fnbwM8c/7k3PjkhUtnJy/NzVyYLB/L+MXGxfWvfb1uTzXN/Vv5/Wy7WvmL+Ir33Lc//X7Wuq9/ZtG7Khdp+wWiz4bfRfMPLzl/cCmfx9w/GmaSSf4HAACAHMTcvy7MRP4HAACAyoi5f32YifwPAAAAlRFz/1iYSSb5X/9f/39p/f/yev3/vPr/5z9e9krXev8/9uf1//Nwi/v/K16//r/+f/X6/0vvz6/17df/1/9noUHr/8fcv6Eossz/AAAAkIOY+zeGmcj/AAAAUBkx998WZiL/AwAAQGXE3P+iMJNM8r/+/5L6/3t6Fa6q3/93/n/9/2Jt9v/jk6P/n41l9+8/8HDLp/r/gf6//r/+v/6//j8rNrroNbeq/x9z/+1hJpnkfwAAAMhBzP0vDjOR/wEAAKAyYu6/I8xE/gcAAIDKiLl/U5hJJvlf/9/5//X/9f8r3f9f6fn/mzZG/39tcP7/7pbd/1+v/7+0/v+Y/v9a7P+P9nf7B7v/33Pz9f+5KQbt/P8x978kzCST/A8AAAA5iLn/pWEm8j8AAABURsz9Lwszkf8BAACgMmLuvzPMJJP8r/+v/6//r/+v/995/b3P/19+pP8/WPT/u3P+/x6c/z+v/n+ft3+w+//9Pv//6Fvbb6//TyeD1v+Puf/lYSaZ5H8AAADIQcz9d4WZyP8AAABQGTH3vyLMRP4HAACAyoi5f3OYSSb5X/9f/1//X/9f/7/z+nv3/0v6/4NF/787/f8e9P/1//X/l9b/7/DNr/4/nQxa/z/m/rvDTDLJ/wAAAJCDmPvvCTOR/wEAAKAyYu7/qTAT+R8AAAAqI+b+LWEmmeR//X/9f/3/vPr/963T/9f/rzb9/+70/3vQ/9f/1/9f4vn/F1pO/399rzujMgat/x9z/yvDTDLJ/wAAAJCDmPtfFWYi/wMAAEBlxNz/6jAT+R8AAAAqI+b+8TCTTPK//n+1+v9/+tdPvLrQ/9f/77H+ivb/42Gg/585/f/u9P970P/X/9f/X5X+P/kYtP5/zP1bw0wyyf8AAACQg5j7t4WZyP8AAABQGTH33xtmIv8DAABAZcTcvz3MJJP8r/9frf5/pP+v/99t/RXt/yf6/3nT/++g6UWq/9+D/r/+f/b9//jdr/4//TFo/f+Y+18TZpJJ/gcAAIAcxNy/I8xE/gcAAIDKiLn/tWEm8j8AAABURsz9O8NMMsn/+v/6//r/+v/6/53Xr/+/Nun/d7fc/v86/X/9f/3/zPr/zv9Pfw1a/z/m/teFmWSS/wEAACAHMffvCjOR/wEAAKAy4v/fLP/fq/wPAAAAVRRz/0SYSSb5X/9f/z+n/n9N/1//X/+/8vT/u3P+/x70//X/9f/1/+mrQev/x9z/+jCTTPI/AAAA5CDm/vvDTOR/AAAAqIyY+yfDTOR/AAAAqIyY+6fCTDLJ//r/+v859f+d/1//X/+/+vT/u9P/70H/X/+/av3/otD/55YatP5/zP27w0wyyf8AAACQg5j794SZyP8AAABQGTH37w0zkf8BAACgMmLu3xdmkkn+1/+vav9/vtD/1/9fbP36//r/Vab/353+fw/6//r/Vev/O/8/t9ig9f9j7n8gzCST/A8AAAA5iLl/f5iJ/A8AAACVEXP/gTCTkP87/b9uAAAAYG2Juf9gmEkm//6v/1+R/v9v/n3Lup3/X/+/2/r70//foP8fpv7/YKlo/7/9ZXHD9P970P/X/9f/1/+nrwat/x9z/6Ewk0zyPwAAAOQg5v43hJnI/wAAAFAZMff/dJiJ/A8AAACVEXP/z4SZZJL/9f8r0v9vo/+v/99t/c7/r/9fZRXt//dNpfr/Q/r/+v+Dtf36//r/LHTz+//xo6X1/2PuPxxmkkn+BwAAgBzE3P+zYSbyPwAAAFRGzP1vDDOR/wEAAKAyYu4/EmaSSf7X/9f/1//X/785/f83Fu0Gsf9fP3j0/6tF/7+7SvX/nf9f/3/Atl//X/+fhQbt/P8x978pzCST/A8AAAA5iLn/wTAT+R8AAAAqI+b+N4eZyP8AAABQGTH3vyXMJJP8r/+v/6//r//v/P+d16//vzbp/3en/9+D/r/+v/6//j99NWj9/5j73xpmkkn+BwAAgBzE3P+2MBP5HwAAACoj5v63h5nI/wAAAFAZMfe/I8wkk/yv/6//r/+v/6//33n9+v9rk/5/d/r/Pej/6//r/+v/01eD1v+Puf/nwkwyyf8AAACQg5j7Hwozkf8BAACgMmLuf2eYifwPAAAAlRFz/7vCTDLJ//r/+v/6//r/+v+d16//vzbp/3en/9+D/r/+v/6//j99NWj9/5j73x1mkkn+BwAAgBzE3P/zYSbyPwAAAFRGzP3vCTOR/wEAAKAyYu7/hTCTTPK//r/+/2D1/+cvN99O/1//v+hX/79+I/3/LOj/d6f/30OH/v96/X/9f/1//X9u2KD1/2Puf2+YSSb5HwAAAHIQc//7wkzkfwAAAKiMmPvfH2Yi/wMAAEBlxNz/cJhJJvlf/z/L/n96yIPX/3f+f/1/5//X/18Z/f/u9P97cP5//X/9f/1/+mrQ+v8x9z8SZpJJ/gcAAIAcxNz/gTAT+R8AAAAqI+b+Xwwzkf8BAACgMmLu/2CYSSb5X/8/y/7/AJ//v2r9/5GW4yOn/v9Y0/OZjkv9f/3/VaD/353+fw/6//r/g9z/D0fzhkVur//PIBq0/n/M/R8KM8kk/wMAAEAOYu7/pTAT+R8AAAAqI+b+Xw4zkf8BAACgMmLu/5Uwk0zyv/6//r/+v/P/O/9/5/Xr/69N+v/d6f/3oP+v/z/I/f8e9P8ZRIPW/4+5/1fDTBYNfs/91xIeJgAAADBAYu7/cJhJJv/+DwAAADmIuf9omIn8DwAAAJURc/+xMJNM8r/+f3v/P55RVf9f/1//X/9f/38t6l///xW3F4X+v/6//r/+/2r2/4f0/6mcQev/x9x/PMwkk/wPAAAAOYi5/9fCTOR/AAAAqIyY+0+Emcj/AAAAUBkx90+HmVQx/7eXam9t/390MPv/zv9/o/3/n+j/6/8H+v+d6f+vDuf/707/vwf9f/1/5//X/6evBq3/H3P/TJhJFfM/AAAA5CX9ODjm/pNhJvI/AAAAVEbM/afCTOR/AAAAqIyY+z8SZpJJ/nf+f/1/5/+/Ff3/kZbl9f9L+v/6//2g/9+d/n8P+v/6//r/+v/01aD1/2Punw0zyST/AwAAQA5i7v9omIn8DwAAAJURc//HwkzkfwAAAKiMmPtPh5lkkv/1//X/c+//14riivP/6/93Wr/+/9qk/9+d/n8P+v/6//r/+v/01aD1/2PuPxNmkkn+BwAAgBzE3H82zET+BwAAgMqIuf9cmIn8z/+zdx/Ncp3VHof7+toKo3s/wh3fEUMYmY/AlBlVjKkimBxskzOYnIPJOedkcs45m5yjiYYqUZLWWtLRae0+0mmd3vtdzzNZSCXRfayWqD+qnzcAAADDyN1/z7ilyf7X/+v/u/f/q508/3/vj9f/n6X/1/9vw77+/ur1P+5iUfhF+/873PG6u+n/9f/6/0n6f/2//p8Lza3/z91/r7ilyf4HAACADnL33ztusf8BAABgGLn77xO32P8AAAAwjNz918UtTfa//l//r//X/+/p/2/R/+v/l83z/6fp/zfQ/+v/9f/6f7Zqbv1/7v77xi1N9j8AAAB0kLv/fnGL/Q8AAADDyN1//7jF/gcAAIBh5O5/QNzSZP/r//X/+v+l9P/HPP//gq9H/6//X0f/P03/v4H+X/+v/9f/s1Vz6/9z9z8wbmmy/wEAAKCD3P0PilvsfwAAABhG7v4Hxy32PwAAAAwjd/9D4pYm+1//r//X/y+l/z+i5//r//X/C3fz6tyfCUfd/x/bwr9/QP8/7/5/tdL/TzlwP7/+y1vO+78I/b/+n/3m1v/n7n9o3HLn1erY5X6RAAAAwKzk7n9Y3NLk7/8BAACgg9z918ct9j8AAAAMI3f/DXFLk/2v/9f/6//1//r/9a+v/18mz/+fdvj+////9x5379v/e/7/NM//33b/f/qTof9n2ebW/+fuvzFuabL/AQAAoIPc/Q+PW+x/AAAAGEbu/kfELfY/AAAADCN3/yPjlib7X/8/Wv//33t+3nn9/5naRf+v/9f/6/9Hp/+f5vn/G5z5Y+5kfVP/r//3/H/9P4czt/4/d/+j4pYm+x8AAAA6yN3/6LjF/gcAAIBh5O5/TNxi/wMAAMAwcvc/Nm5psv/1/6P1/3t/nuf/6//Xvb7+X/8/Mv3/NP3/BqM8//8yPzW77ucPa9fvX/+v/2e/ufX/ufsfF7c02f8AAADQQe7+x8ct9j8AAAAMI3f/E+IW+x8AAACGkbv/iXFLk/2v/9f/L6P/z1fQ/+v/r3z/n/T/y6T/n6b/32CU/v8y7bqfX/r71//r/9lvbv1/7v4nxS1N9j8AAAB0kLv/yXGL/Q8AAADDyN3/lLjF/gcAAIBh5O5/atzSZP/r//X/y+j/Pf9f/+/5//r/g9H/T9P/b6D/1//r//X/bNXc+v/c/TfFLU32PwAAAHSQu/9pcYv9DwAAAMPI3f/0uMX+BwAAgGHk7n9G3NJk/+v/9f/6f/2//n/96+v/l0n/P03/v4H+X/+v/9f/s1Uz6v/P+1knVs+MW5rsfwAAAOggd/+z4hb7HwAAAIaRu//ZcYv9DwAAAMPI3f+cuKXJ/tf/z6b/P5PzjdX/n1ytVvr/VdP+/+R5v571udT/6/+PgP5/mv5/A/2//l//r/9nq462/z/9Z/70vw8gd/9z45Ym+x8AAAA6yN3/vLjF/gcAAIBh5O5/ftxi/wMAAMAwcve/IG5psv/1/7Pp/88Yq//3/P8LPx+d+n/P/99P/3809P/T9P8b6P/1//p//T9bdbT9/+Zv5+5/Ydx07JrL/hIBAACAmcnd/6K4pcnf/wMAAEAHuftfHLfY/wAAALBQN+37ntz9L4lbmux//f92+/9j532f/l//f+HnQ/+v/9f/X3n6/2n6/w30//p//b/+n62aW/+fu/+lcUuT/Q8AAAAd5O6/OW6x/wEAAGAYuftfFrfY/wAAADCM3P0vj1ua7H/9v+f/6//1//r/9a+v/18m/f80/f8G+n/9/277/+Pn/qP+nzFcQv9/6tSp6694/5+7/xVxS5P9DwAAAB3k7n9l3GL/AwAAwDBy978qbrH/AQAAYBi5+18dtzTZ//r/pv1/ftSX1f/fsFrp//X/+n/9/zT9/zT9/wb6f/2/5//r/9mquT3/P3f/a+KWJvsfAAAAOsjd/9q4xf4HAACAYeTuf13cYv8DAADAMHL3vz5uabL/9f9N+3/P/9f/6/+Puv+/faX/PxKL6P9PXvz1597/36j/1/9PaNf/3+VOe76p/9f/s9/c+v/c/W+IW5rsfwAAAOggd/8b4xb7HwAAAIaRu/9NcYv9DwAAAMPI3f/muOnqJvtf/6//1//r//X/61//iJ//f2y1Wun/t2AR/f+Euff/23n+/4W/y8/R/+v/l/z+9f/6f/abW/+fu/8tcUuT/Q8AAAAd5O5/a9xi/wMAAMAwcve/LW6x/wEAAGAYufvfHrc02f/6f/2//l//P3z/f+Mi+n/P/98S/f+0efT/F6f/1/8v+f3r//X/HNyu+v/c/e+IW5rsfwAAAOggd/874xb7HwAAAIaRu/9dcYv9DwAAAMPI3f/uuKXJ/tf/6/8vpf/P96n/H6v/Pz67/v/Env++Js//1/9vif5/mv5/A/2//l//f5P+n22a2/P/c/e/J25psv8BAACgg9z9741b/9et/Q8AAADDyN3/vrjF/gcAAIBh5O5/f9zSZP/r//X/nv+v/x/++f/6/1b0/9P0/xvo//X/+n/P/2er5tb/5+7/QNzSZP8DAABAB7n7Pxi32P8AAAAwjNz9H4pb7H8AAAAYRu7+W+KWJvtf/6//1//r//X/Z38N9f9j0P9PO5r+/6T+X/9f/fx/xe8C/b/+f9PPZ0xz6/9z9384bmmy/wEAAKCD3P0fiVvsfwAAABhG7v6Pxi32PwAAACzS1Wu+L3f/x+KWJvtf/6//1//r//X/619f/79MO+n/80Oh//f8/9Cn//+/Pd9a2vP/L/zfL/2//p/tm1v/n7v/43FLk/0PAAAAHeTu/0TcYv8DAADAMHL3fzJusf8BAABgGLn7PxW3NNn/+n/9v/5f/6//X//6+v9l8vz/afr/DfT/O31+/tLfv/5f/89+c+v/c/d/Om5psv8BAACgg9z9n4lb7H8AAAAYRu7+z8Yt9j8AAAAM48zuz7is4f7X/+v/9f/6f/3/+tfX/y+T/n+a/n8D/b/+X/+v/2er5tb/f+7Mzzqx+nzc0mT/AwAAQAe5+78Qt9j/AAAAMIzc/V+MW+x/AAAAGEbu/i/FLU32v/5f/7+M/v/UqVPX6//1/3u/nnP9/636f4r+f5r+fwP9v/5f/6//Z6vm1v/n7v9y3NJk/wMAAEAHufu/ErfY/wAAADCM3P1fjVvsfwAAABhG7v6vxS1N9r/+fwb9/wn9v+f/6/9Xnv+v/98S/f80/f8GI/b/Jw7+5e+6nz+sXb9//b/+n/3m1v/n7v963NJk/wMAAEAHufu/EbfY/wAAADCM3P3fjFvsfwAAABhG7v5vxS1N9r/+/+j6/9P/7Lo8///kav371//r//X/+v8rTf8/Tf+/wYj9/yXYdT+/9Pev/9f/s9/c+v/c/d+OW/YOv2su7asEAAAA5iR3/3filiZ//w8AAAAd5O7/btxi/wMAAMAwcvd/L25psv/1/zN4/v+A/b/n/6//fOj/Z93/X6X/H4P+f5r+fwP9v/5f/7+l/j8/zfr/7ubW/+fu/37c0mT/AwAAQAe5+38Qt9j/AAAAMIzc/T+MW+x/AAAAGEbu/lvjlvP2/7q2exT6f/2//l//r/9f//r6/2XS/087aP9/fHW4/j/p//X/+v+u/b/n/3PW3Pr/3P0/ilv8/T8AAAAszjUX+f7c/T+OW+x/AAAAGEbu/p/ELfY/AAAADCN3/0/jltuu2tVbOlL6f/2//l//r/9f//r6/2XS/0/z/P8N9P/b6Oev1f+P0f+vVvp/Dm9u/X/u/p/FLf7+HwAAAIaRu//ncYv9DwAAAMPI3f+LuMX+BwAAgGHk7v9l3NJk/+v/9f+H7P/PpJn6/7P0/2fp/9fT/x8N/f80/f8G+n/P/9f/e/4/WzW3/j93/6/ilib7HwAAADrI3f/ruMX+BwAAgGHk7v9N3GL/AwAAwDBy9/82bmmy/3fW/8c/av3/4vt/z/+/4v3/6a9O/6//1/8flP5/mv5/A/2//l//r/9nq+bW/+fu/13c0mT/AwAAQAe5+38ft9j/AAAAMIzc/X+IW+x/AAAAGEbu/j/GLU32v+f/6//1/3Pv/z3/X/+v/78U+v9p+v/16hdK/6//1//r/9mqufX/ufv/FLc02f8AAADQQe7+P8ct9j8AAAAMI3f/bXGL/Q8AAADDyN3/l7ilyf7X/+v/9f/6f/3/+tfX/y+T/n/aLvv/u/7P5pf1/P+d9//5FvT/+n/9P1sxt/4/d/9f45Ym+x8AAAA6yN3/t7jF/gcAAIBh5O7/e9xi/wMAAMAwcvf/I25psv839P/H6wfq/yfp//e+f/3/+s+H/l//r/+/8vT/06b7//N+Nzd7/n/R/3v+v/5f/89Wza3/z93/z7ilyf4HAACADnL33x632P8AAAAwjNz9/4pb7H8AAAAYRu7+f8ctTfa/5/8vqf+/Vv+v/9f/6//1/xvo/6ft8vn/B6H/1/8v+f3r//X/7De3/j93/38CAAD//7iNUc0=")
setreuid(0x0, 0xee01)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)

4m35.630450812s ago: executing program 0 (id=2464):
syz_mount_image$jfs(&(0x7f00000001c0), &(0x7f0000000180)='./file0\x00', 0x2, &(0x7f0000000600)=ANY=[@ANYBLOB="6e6f71756f74612c6e6f696e746567726974792c6e6f646973636172642c67727071756f74612c696f636861727365743d63703933322c6e6f646973636172642c71756f74612c6e6f71756f74612c6e6f696e746567726974792c004d5afe2de1b3a136431fa8ea7b501ecb08f40540fff494c16f9b0781a740588d55fa"], 0x1, 0x614f, &(0x7f000000ccc0)="$eJzs3c1vHGcdB/Df7JtfSlOrh6pECLlteCmleS0hUKDpAQ5cOKBcUSLXrSJSQElAaRURV75w4I8AIXFEiCMn/oAeuHLjDyBSAgL11EFjP48znq69dt3dWXs+H8mZ+e0z430m35198czsEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/PAHP75QRMT1X6UbViI+F/2IXsRSVa9GxNLqSl5+EBHPx1ZzPBcRw4WIav2tf56JeC0iPjwV8ejx/bXq5osH7Mf3//yPP/zkqR/9/U/Dc//7y93+63std+/eb//71wdH22YAAADomrIsyyJ9zD+dPt/32u4UADAT+fW/TPLt6rmrN+asP2q1Wq0+hnVdOd6DehERG/V1qvcMDscDwDGzER+13QVaJP9OG0TEU213AphrRdsdYCoePb6/VqR8i/rrwep2ez4XZFf+G8XO9R17TSdpnmMyq8fXZvTj2T36szSjPsyTnH+vmf/17fZRWm7a+c/KXvmPti996pycf7+Zf8PJyb83Nv+uyvkPDpV/X/4AAAAAADDH8t//V1o+/rtw9E05kP2O/67OqA8AAAAAAAAA8Fk76vh/O4z/BwAAAHOr+qxe+d2pJ7ft9V1s1e3XioinG8sDHZMullluux8AAAAAAAAAAAAA0CWD7XN4rxURw4h4enm5LMvqp65ZH9ZR1z/uur790GVtP8kDAMC2D081ruUvIhYj4lr6rr/h8vJyWS4uLZfL5dJCfj87Wlgsl2qfa/O0um1hdIA3xINRWf2yxdp6dZM+L09qb/6+6r5GZf8AHZuNFgMHgIjYfjV65BXphCnLZ6LtdzkcD/b/k8f+z0G0/TgFAAAApq8sy7JIX+d9Oh3z77XdKQBgJvLrf/O4gFqtVqvV6pNX15XjPagXEbFRX6d6z2A4fgA4Zjbio7a7QIvk32mDiHi+7U4Ac61ouwNMxaPH99eKlG9Rfz1I47vnc0F25b9RbK2X1x83naR5jsmsHl+b0Y9n9+jPczPqwzzJ+fea+V/fbh+l5aad/6zslX+1nSst9KdtOf9+M/+Gk5N/b2z+XZXzHxwq/778AQAAAABgjuW//6/M1fHf0afdnIn2O/67OrV7BQAAAAAAAIDpevT4/lq+7jUf///CmOVc/3ky5fwL+XdSzr/XyP+rjeX6tfmHbz7J/9+P76/98e6/Pp+nB81/Ic8U6ZFVpEdEke6pGKTpUbbukzaH/VF1T8Oi1x+kc37K4dtxM27FepzftWwv/X88ab+wq73q6XCrvexvt1/c1T7Yac/rX9rVPkxnOpVLuf1srMXP41a8tdVetS1M2P7FCe3lhPacfz/+s9Nn+3935PwHtZ8q/+XUXjSmlYcf9D6x39en4+7n6s0v/ub89Ddnos3o72xbXbV9L7bQn63/k6dG8cs767fP3rtx9+7tC5Emu269GGnyGcv5D9PPzvP/S9vt+Xm/vr8+/GB06PznxWYM9sz/pdp8tb0vz7hvbcj5j9JPzv+t1D5+/z+W+VcP7333/1dm3ycAAAAAAAAAAAAAAADYV1mWW5eIXo2Iy+n6n7auzQQAZutq+sqNMsm3z6ruz/j+1OpjXhdz1p+Z1h+X89Uftfo41nXleG/Ui4j4W32dyxHx63G/DACYZx9HxD/b7gStkX+H5e/7q6Zn2u4MMFN33nv/pzdu3Vq/faftngAAAAAAAAAAn1Ye/3O1Nv73mbIsHzSW2zX+65uxetTxPwd5ZmeA0T0Gqu4ffpv2s9kb9Xu14cZfiL3G/x7uzO03/vdgwv0NJ7SPJrQvTGhfnNA+9kKPmpz/C7Xxzs9ExOnG8OsnYPzXLfuN/9oc874Lcv4v1h7PVf5faSxXz7/8/XHOv7cr/3N33/3FuTvvvf/qzXdvvLP+zvrPLl24cP7S5ctXrlw59/bNW+vnt/9tscfTlfPPY187D7Rbcv45c/l3S87/S6mWf7fk/L+cavl3S84/v9+Tf7fk/PNnH/l3S87/5VTLv1ty/l9Ltfy7Jef/Sqrl3y05/6+nWv7dkvN/NdXy75ac/9lUy79bcv7nUn3A/Jem3S9mI+efj3DZ/7sl55/PbJB/t+T8L6Za/t2S87+Uavl3S87/tVTLv1ty/t9Itfy7Jed/OdXy75ac/zdTLf9uyflfSbX8uyXn/61Uy79bcv7fTvWh8l+ZXr+YjZz/66m2/3dLzv87qZZ/t+T8v5tq+XdLzv97qZZ/t+T830i1/Lvlyff/mzFjxkyeafuZCQAAAAAAAAAAAABomsXpxG1vIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPB/duBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFvXuLkeuu7wB+9uq1czMQUic1sHaMMc4mu77EF1oXE64NtxIIhZZiu961WfANr11CGsmOAiUSRo0q2oaHtoCiNi8VVpUHWgWUB9SqUiXSPtAXRIXKQ1QFFJAqtVXIVnPm///vzOzZmV3v2J455/OR4p935sycM2fOnN3vOt8ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAabXr7zJcGsiyr/Zf/sT7Lbqz9fe34+vyyt1zvLQQAAABW65f5ny/dki44uIwbNSzzT6///jPz8/Pz2ceG/nTkq/Pz6YrxLBtZk2X5ddHlH398oHGZ4LFsbGCw4evBDqsf6nD9cIfrRzpcP9rh+jUdrh/rcP2iHbDI2vrvY/I725L/dX19l2a3ZiP5dVsKbvXYwJrBwfi7nNxAfpv5kWPZbHYim8mmmpavLzuQL//sptq63pPFdQ02rGtj7Qj5+SNH4zYMhH28pWldC/cZ/fRt2fgvfv7I0b8+9+LtRbPjbmi6v/p2bttc284vhEvq2zqQrUn7JG7nYMN2bix4ToaatnMgv13t763b+dIyt3NoYTOvqdbnfCwbzP/+fL6fhht/rZf208Zw2f/cmWXZxYXNbl1m0bqywWxd0yWDC8/PWP2IrN1H7VB6dTa8ouN00zKO09qc3tJ8nLa+JuLzvyncbniJbWh8mn766GjD8/7y/JUcp1HtUS/1Wmk9Brv9WumVYzAeF8/nD/rxwmNwS3j8j2xd+hgsPHYKjsH0uBuOwc2djsHB0aF8m9OTMJDfZuEY3NG0/FC+poF8vrC1/TE4ee7kmcm5zz989+zJI8dnjs+c2rVjx9SuPXv27ds3eWz2xMxU/c8r3Nu9b102mF4Dm8O+i6+BN7Us23iozn9jdNH590pfh2NtXofrW5bt9utwuPXBDVybF+TiY7r+2vhIbaePXRrMlniN5c/P9tW/DtPjbngdDje8Dgu/pxS8DoeX8TqsLXNm+/J+Zhlu+K9oG5b+XrC6Y3B9wzHY+vNI6zHY7Z9HeuUYHAvHxQ+3L/29YGPY3scnVvrzyNCiYzA93HDuqV2Sft4f25ePouPyjtoVN4xm5+dmzt7z0JFz587uyMK4Jl7TcKy0Hq/rGh5Ttuh4HVzx8Xpw9vWP31Fw+fqwr8burv0xtuRzVVtm9z3tn6v8u1vx/my6dGcWRpdd6/1Z9N28tj9Hs+xr33v0ge888rW3L7k/a3nzC5Or/1k85dKG8+/IEuffmPtfqa8v3dVjQyPD9dfvUNo7I03n4+anajg/dw3k635pcnnn45Hw37U+H9/a5ny8oWXZbp+PR1ofXDwfD3T6bcfqtD6fY+E4OTHV/nxcW2bDzpUek8Ntz8d3hjkQ9v+bQ1JIuajh2FnquE3rGh4eCY9rOK6h+Tjd1bT8SMhmtXU9vfPKjtNtd9bvayg9ugXX6jgdb1m228dp+t3XUsfpQKffvl2Z1udzLBwXt+5qf5zWlnlu9+rPnWvjXxvOnaOdjsGRodHaNo+kgzA/32fza+MxeE92NDudncim82tH8+NpIF/XxL3LOwZHw3/X+ly5oc0xuK1l2W4fg+n72FLH3sDw4gffBa3P51g4Lp68t/0xWFvmHXu7+7PrtnBJWqbhZ9fW368t9TuvO1p209U6VobDdn5vb/vfzdaWObFvpTmz/X66K1xyQ8F+an39LvWams6uzX7aELbzxX1L76fa9tSW+er+ZR5PB7Msu/DZ+/Lf94Z/X/m78z94punfXYr+TefCZ+/72U3H/nEl2w9A/3ulPtbVv9c1/MvUcv79HwAAAOgLMfcPhpnI/wAAAFAaMffH/ys8kf8BAACgNGLuHw4zqUj+3/COF2dfuZClZv58EK9Pu+H++nKx4zoVvh6fX1C7/L6nZv77Hy4sb92DWZa9fP8fFi6/4f64XXXjYTsvv7P58kWeuXtZ6z784IW03sb++tfD/cfHs9zDoKiCO5Vl2bO3fCVfz/jHL+XzufsP5/OBi48/Vlvmpf31r+PtX3hNffm/COXfg8eONN3+hbAffhLm1HuL90e83bcuvXnj3o8urC/ebmDzzfnDfvKT9fuN75PzxGP15eN+Xmr7v/Plp79VW/6hNxZv/4XB4u1/OtzvU2H+7+vqyzc+B7Wv4+2+GLY/ri/e7p5vfrdw+y9/qb78mXfVlzscZlz/tvD1lne9ONu4vx4aONL0uLJ315eL65/6wR/n18f7i/ffuv1jhy417Y/W4+O5f6vfz2TL8vHyuJ7o71vWX7ufxuMzrv/pPzrctJ87rf/yAy+8rna/reu/q2W5M5/dnq9/4f6a37HpL7/4lcL1xe05+Ldnmh7PwQ+F13FY/5OfDMdjuP7/Ltfvr/XdFQ5/qPn8E5f/+voLTY8nes8v6uu//Nbj+VwztnbdDTfedPPFN9T2XZY9v6Z+f53Wf/yvTjdt/zduq++PeH3s6Leufylx/Wc/N3Hq9Nz52em0Vx+5JX/vnPfVtydu7y3h3Nr69aHT5z41c3Z8anwqy8bL+xZ6V+ybYf6sPi62X3p+0Rl0+4Ph+bzjz59dt/Vfvxwv//eP1C+/9N769603heWeCJevD8/fyta/2JObbstf3wPPhS2cX/x+wauxcct/7VvWguHxt/5cEI/3M6/9VL4fatfl3zfi63qV2/+j6fr9fDvs1/nwzsybb1tYX+Py8b0RLn24/npf9f4Lp7n4vP5NeL7f/5P6/cftio/3R+HnmO9uaD7fxePj2xcGW+8/fxePi+F8kl2sXx+Xivv70ku3FW5efB+S7OLt+dd/ku7n9hU9zKXMfX5u8sTsqfMPTZ6bmTs3Off5hw+dPH3+1LlD+Xt5Hvp0p9svnJ/W5een6Zk9u7P8bHW6Pq6y6739Zx48Or13auv0zLEj54+de/DMzNnjR+fmjs5Mz209cuzYzOc63X52+sCOnft37d05cXx2+sC+/ft37Z+YPXW6thn1jepgz9RnJk6dPZTfZO7A7v077r1399TEydPTMwf2Tk1NnO90+/x700Tt1n8wcXbmxJFzsydnJuZmH545sGP/nj07O74b4Mkzx+bGJ8+ePzV5fm7m7GT9sYyfyy+ufe/rdHvKae4/6j/PthqovxFf9sG79qT3Z6156tEl76q+SMsbiL4Y3ovmn191Zt9yvo65fyTMpCL5HwAAAKog5v7RMBP5HwAAAEoj5v41YSbyPwAAAJRGzP1jYSYVyf+l6/9vuLCs9ev/6/837i/9/4r1/z/ca/3/+vlC/787Vtu/1/8P9P/1//X/9f/1/+mCXuv/x9y/Nssqmf8BAACgCmLuXxdmIv8DAABAacTcf0OYifwPAAAApRFz/41hJhXJ//r/+v/6//r/+v/F69f/70/6/+3p/3eg/z+ZVav/f7Gb26//r//PYr3W/4+5/6Ywk4rkfwAAAKiCmPtvDjOR/wEAAKA0Yu6/JcxE/gcAAID+tHbxRTH3rw8zqUj+1//X/9f/1//X/y9ev/5/f9L/b0//vwP9f5//r/+v/09X9Vr/P+b+V4WZVCT/AwAAQBXE3P/qMBP5HwAAAHrP8JXdLOb+14SZLMr/V7gCAAAA4LqLuf/WrKUIXpF//9f/1//X/9f/1/8vXv/y+/9Dmf5/79D/b0//vwP9f/1//X/9f7qq1/r/ee7PxrLXhplUJP8DAABAFcTcf1uYifwPAAAAvW1s+YvG3P8rrTeU/wEAAKA0Yu7fEGZSkfyv/6//r/+v/6//X7x+n//fn/T/29P/76DX+v8tR5D+f29vv/6//j+L9Vr/P+b+28NMKpL/AQAAoApi7r8jzET+BwAAgNKIuf9Xw0zkfwAAACiNmPs3hplUJP/r//d4/z/2/vT/9f/1//X/9f+XRf+/Pf3/Dnqt/99C/7+3t1//X/+fxXqt/x9z/+vCTCqS/wEAAKAKYu5/fZiJ/A8AAAClEXP/G8JM5H8AAAAojZj7x8NMKpL/9f97vP/v8//1//X/9f/1/1dE/789/f8O9P/1//X/9f/pql7r/8fcvynMpCL5HwAAAKog5v7NYSbyPwAAAJRGzP13hpnI/wAAAFAaMfdvCTOpSP7X/9f/1//X/9f/L16//n9/0v9vbzn9//ycpv+v/6//r/+v/08X9Fr/P+b+N4aZVCT/AwAAQBXE3L81zET+BwAAgNKIuf9NYSbyPwAAAJRGzP3bwkwqkv/1//X/9f/1//X/i9ev/9+f9P/b8/n/Hej/6//r/+v/01W91v+Puf/NYSYVyf8AAABQBTH3bw8zkf8BAACgNGLuvyvMRP4HAACA0oi5fyLMpCL5X/9f/1//X/9f/794/fr//akK/f9PrPROG+j/d6D/r/+v/6//T1f1Wv8/5v67w0wqkv8BAACgCmLuvyfMRP4HAACA0oi5fzLMRP4HAACA0oi5fyrMpCL5X/9f/1//X/9/Rf3/Nyzcr/5/nf5/b6lC/3819P870P/X/7/u/f8R/X9Kpdf6/zH37wgzqUj+BwAAgCqIuX9nmIn8DwAAAKURc/+uMBP5HwAAAEoj5v7dYSYVyf/6//r/+v/6/z7/v3j9+v/9Sf+/ve73/+ND1P/X/9f/9/n/+v8s1mv9/5j77w0zqUj+BwAAgCqIuX9PmIn8DwAAAKURc//eMBP5HwAAAEoj5v59YSYVyf/6//r/+v/6//r/xevX/+9P+v/t+fz/DvT/9f/1//X/6ape6//H3L8/zKQi+R8AAACqIOb+t4SZyP8AAABQGjH3/1qYifwPAAAApRFz/6+HmVQk/+v/6//r/+v/6/8Xr1//vz/p/7en/9+B/r/+v/6//j9d1Wv9/5j7D4SZVCT/AwAAQBXE3P8bYSbyPwAAAJRGzP1vDTOR/wEAAKA0Yu4/GGZSkfyv/6//r/+v/6//X7x+/f/+pP/fnv5/B/r/+v/6//r/dFWv9f9j7n9bmElF8j8AAABUQcz994WZyP8AAABQGjH3vz3MRP4HAACA0oi5/x1hJhXJ//r/+v/6//r/+v/F69f/70/6/+3p/3eg/6//r/+v/09X9Vr/P+b+d4aZVCT/AwAAQBXE3P+uMBP5HwAAAEoj5v53h5nI/wAAAFAaMfe/J8ykIvlf/1//X/9f/1//v3j9+v/9Sf+/Pf3/DvT/S9b/H79J/1//n6ulKAEtdmX9/xtfXnKFq+z/x9z/m2EmFcn/AAAAUAUx998fZiL/AwAAQGnE3P/eMBP5HwAAAEoj5v73hZlUJP/r/+v/6//r/+v/F69f/78/6f+312f9/1/eHC7X/6/T/+/t7e/J/v+Pl+r/z69pvb3+P1fDlfX/C3Wl/x9z//vDTCqS/wEAAKAKYu7/QJiJ/A8AAAClEXP/B8NM5H8AAAAojZj7fyvMpCL5X/+/th0L7WX9f/3//AL9f/1//f++pf/fXp/1/33+fwv9/97e/p7s//v8f66zXuv/x9z/oTCTiuR/AAAAqIKY+x8IM5H/AQAAoDRi7v9wmIn8DwAAAKURc/9Hwkwqkv/1/33+v/6//r/+f/H69f/7k/5/e/r/Hej/6//3Wv//P/X/6W+91v+Puf/BMJOK5H8AAACogpj7PxpmIv8DAABAacTc/9thJvI/AAAAlEbM/R8LM6lI/tf/75f+/7j+v/6//n/L49H/1/8vov/fnv5/B/r/+v+91v/3+f/0uV7r/8fc//Ewk+Xn/7FlLwkAAABcFzH3/06YSUX+/R8AAACqIOb+3w0zkf8BAACgNGLu/0SYSUXyv/5/v/T/ff5/pv+v/9/yePT/9f+LXLv+fzzz6P/r/+v/R/r/+v/6/7Tqtf5/zP2/F2ZSkfwPAAAAVRBz/yfDTOR/AAAA6AtF/092q5j7D4WZyP8AAABQGjH3Hw4zqUj+1//X/9f/79H+/59t/pcffv8Dh3fo/+v/6/+vyFXt/8eTTfz8/9qL3+f/6//r/yf6//r/+v+06rX+f8z9R8JMKpL/AQAAoApi7v/9MBP5HwAAAEoj5v6jYSbyPwAAAJRGzP3TYSYVyf/6//r/+v892v/v48//j/tD/79Z1/r/8aSr/1/o2n3+f/3rJ/T/r7D/P1p4qf6//n8/b7/+v/4/i12V/v/8mnThSvv/MffPhJlUJP8DAABAFYTcP3isPheukP8BAACgNGLuPx5mIv8DAABAacTc/6kwk4rkf/1//X/9f/1/n/9fvP6e7f/7/P+29P/b653+fzH9f/3/ft5+/X/9fxbrtc//j7l/NsykIvkfAAAAqiDm/k+Hmcj/AAAAUBox938mzET+BwAAgNKIuf9EmElF8r/+v/6//r/+v/5/8fr1//uT/n97+v8d6P/r/+v/6//TVb3W/4+5/2SYSUXyPwAAAFRBzP2nwkzkfwAAAPh/9u6j2dK62uP4bmzK7uIFOHBClUNfAgMd6wtw4MSBVlkORMWcaMwRcw6YMwZQxISKYgATilnMWTFgRq22tNdafU6ffZ59ut3nnGf/1+czWfe2t937KgX86P7Wfxi5+y+OW+x/AAAAGEbu/ofELU32v/5f/z9s/38P/f9un6//1/+PTP8/7XD7/92jzqT/1/9v8vfX/+v/2Wlu/X/u/ofGLU32PwAAAHSQu/9hcYv9DwAAAMPI3X9J3GL/AwAAwDBy9z88bmmy/8/o/48sevb/mfHq//ez/z/P+//6f/2//n//HWz/f9l//8yn//f+v/4/6P/1//p/zjS3/j93/yPilib7HwAAADrI3f/IuMX+BwAAgGHk7n9U3GL/AwAAwDBy9z86bmmy/73/7/3/Yd//1//v+vn6f/3/yLz/P61T/3/JLRc8+PZr7nrt2Xy+/r9D/3/Dvn1//b/+n53m1v/n7n9M3NJk/wMAAEAHufsfG7fY/wAAADCM3P2Pi1vsfwAAABhG7v7Hxy1N9r/+X/+v/9f/6/+Xf77+fzPp/6d16v/P5fP1/x36//37/vp//T87za3/z93/hLilyf4HAACADnL3PzFusf8BAABgGLn7L41b7H8AAAAYRu7+E3FLk/2v/9///v/f+n/9f1z9v/5f/7//9P/T9P8r6P/1//p//T9rNbf+P3f/ZXFLk/0PAAAAHeTuf1LcYv8DAADAMHL3Pzlusf8BAABgGLn7nxK3NNn/+n/v/+v/9f/6/+Wfr//fTPr/aQff/y/7K+Tu9P8b3/+fr//X/+v/2eos+/87Jv60vZb+P3f/U+OWJvsfAAAAOsjd/7S4xf4HAACAYeTuf3rcYv8DAADAMHL3PyNuabL/9f/6/z31//Hf8aX6f/3/Fvr/U/T/86L/nzab9/+PHF36w/r/je//vf+v/9f/s83c3v/P3f/MuKXJ/gcAAIAOcvc/K26x/wEAAGAYufufHbfY/wAAADCM3P3PiVua7H/9v/7f+//6f/3/8s+f6v+v3fL99P/zov+fNpv+fxf6f/3/Jn9//b/+n53m1v/n7n9u3NJk/wMAAEAHufsvj1vsfwAAABhG7v7nxS32PwAAAAwjd//z45Ym+395/3/6X9f/743+f/v31/8v/+NjXf1//jvq/yf7/3t6/78n/f80/f8K+n/9v/5/t/7/+Kqfr/9nmbn1/7n7XxC3NNn/AAAA0EHu/hfGLfY/AAAADCN3/4viFvsfAAAAhpG7/8VxS5P97/1//b/+f/P6f+//n3KY7/8vDrz/P6r/3yP9/zT9/wr6f/2//t/7/6zV3Pr/3P0viVua7H8AAADoIHf/S+MW+x8AAAA2w9bfO3DmbygNuftfFrfY/wAAADCM3P0vj1ua7H/9v/5f/6//793/H9uQ/t/7/3ul/5+m/1/hcPv/I4P2/0cH6/+v2O3nz6H/v1T/z8xs6/+vO/3jh9X/5+5/RdzSZP8DAABAB7n7Xxm32P8AAAAwjNz9r4pb7H8AAAAYRu7+V8ctTfb/vvf/x3f/bP2//l//r/8//P5/U97/1//vlf5/mv5/Be//e//f+//6f9ZqW/+/xWH1/7n7XxO3/hFAk/0PAAAAHeTuf23cYv8DAADAMHL3XxG32P8AAAAwjNz9r4tbmux/7//r//X/+n/9//LP1/9vJv3/NP3/Cvp//b/+X//PWs2t/8/d//q4pcn+BwAAgA5y978hbrH/AQAAYBi5+98Yt9j/AAAAMIzc/W+KW5rsf/3//vb/+eP6f/3/Qv+v/9f/H4i2/f+RZX8l2mmX/v+mB5649/Yf0f/r//X/+n/9P2swi/7/5Om/u8zd/+a4pcn+BwAAgA5y978lbrH/AQAAYBi5+98at9j/AAAAMIzc/W+LW/63/8+sUDfPsRX/uv7f+//6f/2//n/55+v/N1Pb/n+PvP+/gv5f/6//1/+zVrPo/7f877n73x63+PV/AAAAGEbu/nfELfY/AAAADCN3/zvjFvsfAAAAhpG7/11xS5P9r//X/+v/9f/6/+Wfr//fTPr/afr/FfT/+n/9v/6ftZpb/5+7/8q4pcn+BwAAgA5y9787brH/AQAAYBi5+98Tt9j/AAAAMIzc/e+NW5rsf/2//l//r//X/y//fP3/ZtL/T9P/LxaLqya+wLL+/+Sd9f/6f/2//p9zNLf+P3f/++KWJvsfAAAAOsjdf1XcYv8DAADAMHL3Xx232P8AAAAwjNz9749bmux//b/+X/+v/2/U/x/R/49P/z9N/7+C9//1//p//T9rNbf+P3f/B+KWJvsfAAAAOsjdf03cYv8DAADAMHL3fzBusf8BAABgGLn7r41bdt3/5x3Atzo4+n/9v/5f/9+o/x/w/f9jqz+4mf3r/xf6f/2//n8F/b/+X//PmebW/+fu/1Dc4tf/AQAAYBi5+z8ct9j/AAAAMIzc/R+JW+x/AAAAGEbu/o/GLU32v/5f/6//1//r/5d//mb0/6s/txvv/0/T/6+g/9f/6//1/6zV3Pr/3P0fi1ua7H8AAADoIHf/dXGL/Q8AAADDyN3/8bjF/gcAAIBh5O7/RNzSZP/r//X/2/v/xUL/r//X/59yAP3/sYX+f+30/9P0/yvo/8fs/89bDNT/H9/15+v/maO59f+5+z8ZtzTZ/wAAANBB7v7r4xb7HwAAAIaRu/9TcYv9DwAAAMPI3f/puKXJ/tf/6/839v3/8+Mn6P/1/5vb/9d/qvr/9dH/T9P/r6D/H7P/9/6//p9DM7f+P3f/DXFLk/0PAAAAHeTu/0zcYv8DAADAMHL3fzZusf8BAABgGLn7Pxe3NNn/+n/9/8b2/97/1//r//X/S+j/p+n/V9D/6//1//p/1mpu/X/u/s/HLU32PwAAAHSQu//GuMX+BwAAgGHk7r8pbrH/AQAAYBi5+78QtzTZ//p//b/+fzP7/2P6f/2//n+pufT/F110r5v1//p//b/+X/+v/+9ubv1/7v4vxi1N9j8AAAB0kLv/S3GL/Q8AAADDyN3/5bjF/gcAAIBh5O7/StzSZP/v7P/PX5wqVE9Z1v9Ho6b/30L/v/376/+X//Hh/X/9v/5//82l//f+/7l9f/2//n+Tv/9Z9f8X7vz5+n9GNLf+P3f/zXFLk/0PAAAAHeTu/2rcYv8DAADAMHL3fy1usf8BAABgGLn7b4lbmux/7//r//X/+n/9//LP1/9vJv3/NP3/Cvp//b/3/y++/530/6zP3Pr/3P1fj1ua7H8AAADoIHf/N+IW+x8AAACGkbv/m3GL/Q8AAADDyN3/rbilyf7X/+v/9f/6f/3/8s/X/28m/f80/f8KM+3/8+9Q9f/z/v7D9P/e/2eN5tb/5+7/dtzSZP8DAABAB7n7vxO32P8AAAAwjNz9341b7H8AAAAYRu7+78UtTfb/+vv/C/X/Qf8/l/7/fvr/Mz5f/6//H5n+P/+Kvpz+f4WZ9v9J/z/v76//1/+z09z6/9z9t8YtTfY/AAAAdJC7//txi/0PAAAAw8jd/4O4xf4HAACAYeTu/2Hc0mT/e/+/V/9/ZNGx//f+v/5f/9+J/n+a/n8F/b/+X/+v/2et5tb/5+7/UdzSZP8DAADAprrP3R90617/b3P3/zhusf8BAABgGLn7fxK32P8AAAAwjNz9P41bmux//X+v/r/n+//6f/2//r8T/f80/f8K+n/9v/5f/89aza3/z93/s7hly/A7etb/XwIAAABzkrv/53FLk1//BwAAgA5y9/8ibtmx/0/u8Xe1AwAAAHOTu/+Xccsefv3/bvv2rQ6O/n/m/f9i/P7/toX+X/9/iv5f/78O+v9p/2f/f/KI/l//P0H/r//X/3OmufX/uft/Fbf4/f8AAACwybb9E4Xc/b+OW+x/AAAAGEbu/t/ELfY/AAAADCN3/2/jlib7X/8/8/7/nN7/P17/0yb0/97/38f+//JjSz9f/6//H5n+f5r3/1fQ/+v/9f/6f9Zqbv1/7v7b4pYm+x8AAAA6yN3/u7jF/gcAAIBh5O7/fdxi/wMAAMAwcvf/IW5psv/1/yP2/5v1/r/+3/v/597/3+WCEzfe9wFXX6n/57SD7P/zjwX9/4H0/9cv+/fT/+v/5/T99f/6f3aaW/+fu/+PcUuT/Q8AAAAd5O6/PW6x/wEAAGAYufv/FLfY/wAAADCM3P1/jlua7H/9v/5/Lv1//md9CP3/ic3r/7Mp7t7/e/9f/7+T9/+nbXD/7/1//f/sv7/+X//PTnPr/3P3/yVuabL/AQAAoIPc/X+NW+x/AAAAGEbu/r/FLfY/AAAADCN3/9/jlib7X/+v/59L/5+8/3/653n//xT9v/7/bOj/p+n/V9D/6//1//p/1mpu/X/u/n/ELU32PwAAAHSQu/+OuMX+BwAAgGHk7v9n3GL/AwAAwDBy9/8rbmmy//X/+n/9v/5f/7/88/X/m0n/P03/v4L+X/+v/9f/s1Zz6/9z9/8nAAD//1XOc+E=")
mount$overlay(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
mkdirat(0xffffffffffffff9c, &(0x7f0000001080)='./file0/file0\x00', 0x19a)

4m34.687750528s ago: executing program 0 (id=2474):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_BEARER_SET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x18, r1, 0x1, 0x70bd28, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x400ccc4}, 0x4040140)

4m33.654344379s ago: executing program 0 (id=2482):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000003c0)={0x34, r1, 0xef5ebf77ce25880d, 0x70bd2d, 0x25dfdbfd, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x1c, 0x2, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x8c0}, 0x10)

4m33.272220023s ago: executing program 33 (id=2482):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000003c0)={0x34, r1, 0xef5ebf77ce25880d, 0x70bd2d, 0x25dfdbfd, {}, [@ETHTOOL_A_STRSET_HEADER={0x4}, @ETHTOOL_A_STRSET_STRINGSETS={0x1c, 0x2, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x3}]}, {0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_STRINGSET_ID={0x8, 0x1, 0x4}]}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x8c0}, 0x10)

2m20.719278967s ago: executing program 5 (id=3347):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x9, 0x17, 0x8, 0x40, 0x42, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100), &(0x7f0000000580), 0x1000, r0}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000440)={r0, &(0x7f0000000600), &(0x7f0000000580)=""/95}, 0x20)

2m20.388164907s ago: executing program 5 (id=3350):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=ANY=[@ANYBLOB='T\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="01002cbd7000ffff05000c00000008000300", @ANYRES32=r2, @ANYBLOB="2c005080050002000600000009000a0000"], 0x54}}, 0x40)

2m20.257387265s ago: executing program 5 (id=3352):
r0 = inotify_init()
inotify_add_watch(r0, &(0x7f0000000340)='./cgroup.cpu/cpuset.cpus\x00', 0xd)
r1 = syz_open_procfs(0x0, &(0x7f00000006c0)='fdinfo/3\x00')
pread64(r1, &(0x7f0000000140)=""/116, 0x74, 0x4)

2m20.125216563s ago: executing program 5 (id=3354):
syz_mount_image$erofs(&(0x7f00000000c0), &(0x7f0000000000)='./file2\x00', 0x0, &(0x7f00000003c0)=ANY=[], 0xfd, 0x1dc, &(0x7f0000000640)="$eJzslr+PEkEUx78zu1nAaEwsbSwkUQuX3UWNjYk0VhYm/iAWJhJZCbJKAhRCYtC/wN7EwsLef8BE2/sjLtxV13DdNdfsZXZmd+cICxwcUNz7JDy+s8y8ffPe5A0gCOLCsr93NAqRj/RlFJFTzw+MdA7X5u/mD7/8f/qk+v3N753cyC5M8xmGi7/fBPCvYqCXrD29uqi+X4An+iU47ihdBYOt9FtwvFLaB8NrpT9oui3m2/b7ZuDb79pBXQhHGFcYT5jyZHzjbwx1LT6m/d7tD1q1IPA7axTz8jeucDzS4tPrZUNG62j5c8HhKl0Gw3OlHyIX50amRNv/dTP1b8zcv4V1Z0SEcoZV165klsoCsFwYAEsc/sRK28FXdWTXeYYyhIFIxBU9J8/GhnYhDvqcOTA3nlW2WjKXqcXfx3JN/CQcynE052qGw3C44CssLJONtD+Fvxhuaf1JtpIf0VUjSljq9gd3mx9rDb/hf/K88gPnnuPc90pRI5J2Rv8rRP3pUup/6p0ksJiFz7Ver+NKm4w9aad1XB71P47bN+VYFNea8JvXNFMfEyaY7L2tP5nREwRBbI8bYMehwoyFuk2g/dd9tsUYCYIgCIIgCIIgCIJYjZMAAAD//4U6Q1I=")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000040)='./file0\x00')
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})

2m19.866265048s ago: executing program 5 (id=3357):
r0 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f0000000240)={r0, 0xf, 0x25, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e1406ca000000000e000a000f000000028000001294", 0x2e}], 0x1}, 0x0)

2m19.092272154s ago: executing program 5 (id=3364):
setresgid(0xee00, 0xee01, 0x0)
setgroups(0x0, 0x0)
setuid(0xee00)
shmget$private(0x0, 0x4000, 0x78000a32, &(0x7f0000007000/0x4000)=nil)

2m18.705918418s ago: executing program 34 (id=3364):
setresgid(0xee00, 0xee01, 0x0)
setgroups(0x0, 0x0)
setuid(0xee00)
shmget$private(0x0, 0x4000, 0x78000a32, &(0x7f0000007000/0x4000)=nil)

2m2.265955131s ago: executing program 6 (id=3465):
r0 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f0000000040)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR2(r0, 0xc02464bb, &(0x7f0000000180)={0x1, r2, 0x40, 0x1, 0xffff, 0x0, 0x0, 0xb0b7, 0x862f})

2m2.021365645s ago: executing program 6 (id=3469):
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f0000000c00)=ANY=[], 0x1, 0x6e5, &(0x7f0000000680)="$eJzs3c1vHGcdB/DvrNeON1TBaRMaoSBMIhWkiMSJlUK4YBBCOVSoKoeercRprGySKnFRWiFwAcEJiUP/gILkGweExD0oXLiUW68+VkLiEnGIelk0s7P27nr9lvgloZ9PNZnnmeeZZ377m2dmvOtaG+AL6+q5NB+myNVzbzwo66srs+3VldkjdXM7SVluJM3uKsWdpHiUzJXtRd+SvvUGHy1eeevTx6ufdWvNeqn6j2213wgj+i7XS6br8aZH7jm+00Ms1+HlpSTX6vWgiZ2ONdCxTNrZeg2HrjOokc7ybnbfzXULPGd6T6ei+9zcYCo5mmSy/jkg9d2hcXAR7qlv9Aq7ussBAADAC+qTu4cdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALx4qu//b61VG91NyXSK3vf/T/S21eXn0NyOez7c1zgAAAAAAAAA4GB8/Ume5EGO9eqdovqd/5mqciKfd5Iv5b3cz0Lu5XweZD5LWcq9XEwy1TfQxIP5paV7F9f2LI3e89LIPS8d1CsGAAAAAAAAgP9Lv0pr/ff/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwPCiSse6qWk7U60yl0cx6W5aTfyWZOOx4d6EYtfHhwccBAAAAz2TyKfb58pM8yYMc69U7RfWe/yvV++XJvJc7WcpiltLOQq7X76HLd/2N1ZXZ9urK7O1yKeuD4/7gP7sKY6IeYayqjTryqapHKzeyWG05n2tVMNfT6B77bHKqF09fXH0+LGMqvl/bYWTNOq3lwf6w2acIe2Lwo4jGFj1b68ElaxmZqWMr9zzezUBRfVCTDGdi+OxsOFhzoDZVdRlfO9LFNNY++TmxDzk/Wq/L1/Pbfc35TvTnYi0TjVSZuNSbfeU1s3Umkm/+7c9v32zfuXXzxv1zh/uSdmFsk+3Dc2K2LxOvvtCZaO6y/0yViZNr9av5cX6ac5nOm7mXxfws81nKQjp1+3w9n8t/p7bO1NxA7c3tIpmoz0v3nO0kpun8qCrN50y177EspsjdXM9CXq/+u5SL+U4u53Ku9J3hk5vGXb226qpvDF/1vTP995HBn/1WXSjvbr9bv8vNbfWKN5ude6V77y/zerwvr91Z/3it1/G+62CmL0sv97IzPnLwp7k3Nr9aF8pj/Hqb58TBmqozUV5AvadEL7pXuploVs+ijfP8j51yv7TvdDo359/dZPzlofpr9bqcVitf2653z+hTsbfK+fJyJus7yeDsKNteWbvL9LV11udyt23wiVvud7JqK4relfqT3K0mwMYrdaL+GW7jSJeqtleH2k7X9/Cy7VRf28DPW7mbdq4fQP4AeBr/fHutOJWjE61/tz5pfdz6Tetm643JHx757pHTExn/x/j3mjNjrzVOF3/Nx/nF+vt/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6d1//4Nb8+32wr3RhcbmTQOFVoa3bDfyUKGov9BnVJ9b9bcU7GrAQy5MJhnYUn3P0YGH0RoOY0Oh88vkwPPT+xLB0X1+XxaaOzrdcwNb/rJxwA+3j2csQ/NwB9fFPhYaOdiDjmX0BDisOxJwUC4s3X73wv33P/j24u35dxbeWbgzfvnylZkrl1+fvXBjsb0w0/33sKME9sP6Q/+wIwEAAAAAAAAAAAB2atQfBpx5abs/GtlQaCQZ/hsP/2chAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsCeunkvzYYpcnDk/U9ZXV2bb5dIrr/dsJmk0kuLnSfEomUt3yVTfcEX+9CidEcf5aPHKW58+Xv1sfaxmt3/SqNeb27o1yXK9ZDrJWL1+BgPjXXvm8Yr/9l5DmbDPO53O3LPFB3vjfwEAAP//qWztYw==")
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
r0 = creat(&(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
write$binfmt_script(r0, &(0x7f0000000400)={'#! ', './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0xfd)

2m1.398639752s ago: executing program 6 (id=3474):
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000140)=@IORING_OP_WRITEV={0x2, 0x8, 0x2007, @fd_index=0xa, 0x7, 0x0, 0x0, 0x15, 0x0, {0x2}})
r0 = socket$rxrpc(0x21, 0x2, 0x2)
bind$rxrpc(r0, &(0x7f0000000140)=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x0, @local}}, 0x24)
bind$rxrpc(r0, &(0x7f0000000100)=@in4={0x21, 0x400, 0x2, 0x10, {0x2, 0x0, @local}}, 0x24)

2m1.043890344s ago: executing program 6 (id=3479):
syz_mount_image$minix(&(0x7f0000000100), &(0x7f0000000180)='./file2\x00', 0x4000, &(0x7f0000001f00)=ANY=[], 0x1, 0x210, &(0x7f0000000700)="$eJzs28tOE1Ecx/Hf9EZFI17iJa5MTIwbqQIJ6Up5ADcuTVyQWkjjoEbcQEiUl3Dv1pWPQKLv4QvAwp0rjjkzp2nHDp0LM0yg309C50/n/M6cAc6h04sAzKznwa0nT+2gMsZ8vi/p1QtJjYoHB6BUxm2PDYDZU8899V8P1xAA59LRWl1SWwee9PvPXu/QfbVTPn44WquFhScdjuUvpc3ve8H2XiOan5d0eaL15AWJ+RbmH2qYtyPf613JePx5RY+va2nz4fk/eqCmxvJXJS1IQTfXJd2QdFOas21vSapFjt9y343yd8M79lOeBgAAAAAAU9mrz8XT5hM7qEt6ErvHXgdvDPx+/N5kTZd/mjPfcvmlaY1Mcn55/M7aSa29UdkMN3Muv9h777/JMG6gCLVs83/iaUH7F32Q0MGJ08GtDNH530w/GveM4Mbga6YMgND2zu7bdd/vfyyyeDatjZS1Q7siFDzC+OK7LfQ3fGWk5GPlKeximzc+fEGm6IF9UXIbk6LNRSoaxf6cf8r7f542IpPoh/vdZuj5ZdyuliLzNKJ+xgsTgNJ1Pm196Gzv7D4ebK1v9jf771ZWu93VleWlbid4WG5vzULVowRQhtF//5idad/EAwAAAAAAAAAAAAAAKnVb0p2g+nWcIcY7AwAAAIBz6Cw+FFX1OQIAAAAAAAAAAAAAcNH9CwAA///UBDZV")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x1d4)
getdents64(r0, 0xfffffffffffffffe, 0xffffffffffffff15)

2m0.649481268s ago: executing program 6 (id=3482):
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=@base={0x12, 0x81, 0x8, 0x2, 0x0, 0x1}, 0x48)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000280)={r0, &(0x7f00000004c0), &(0x7f0000000400)=@udp6=r1}, 0x3f)
recvfrom(r1, 0x0, 0x0, 0x3d61b865aca356e6, 0x0, 0x0)

2m0.235340722s ago: executing program 6 (id=3485):
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000002040)=[{0x4, 0x8, 0x8, 0x6}]}, 0x10)

1m59.642723097s ago: executing program 35 (id=3485):
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000002040)=[{0x4, 0x8, 0x8, 0x6}]}, 0x10)

4.385464828s ago: executing program 4 (id=4488):
r0 = eventfd2(0x0, 0x0)
io_setup(0x3ff, &(0x7f0000000500)=<r1=>0x0)
pselect6(0x40, &(0x7f0000000000)={0x0, 0x0, 0xffff, 0x7, 0x9, 0x8, 0x5955ec84, 0x10000}, 0x0, &(0x7f00000000c0)={0x8, 0x0, 0x6, 0x100, 0x3, 0x4, 0x7, 0x8000000000000000}, 0x0, 0x0)
io_submit(r1, 0x1, &(0x7f0000000440)=[&(0x7f0000001840)={0x0, 0x0, 0x0, 0x0, 0x200, r0, 0x0, 0x0, 0x4, 0x0, 0x1, r0}])

3.360730139s ago: executing program 4 (id=4503):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'veth0_to_bond\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000540)=@newqdisc={0x48, 0x24, 0xf0b, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xc}, {0xffff, 0xffff}, {0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x14, 0x2, [@TCA_FQ_CODEL_ECN={0x8}, @TCA_FQ_CODEL_QUANTUM={0x8, 0x6, 0x5}]}}]}, 0x48}}, 0x40000c4)

3.040421739s ago: executing program 1 (id=4507):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000500)={r1}, 0xc)

2.986332912s ago: executing program 4 (id=4508):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000d40)={0x48, 0x5, r1, 0x0, <r2=>0xffffffffffffffff})
ioctl$IOMMU_TEST_OP_ACCESS_RW(r0, 0x3ba0, &(0x7f0000000300)={0x48, 0x8, r2, 0x0, 0x3fff, 0x1, &(0x7f0000000100)='\x00', 0x1})

2.85297209s ago: executing program 1 (id=4510):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r1 = openat$cgroup_devices(r0, &(0x7f0000000300)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r1, &(0x7f0000000080)=ANY=[@ANYBLOB='b 7:'], 0xd)

2.84394684s ago: executing program 4 (id=4511):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000400)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6e6f757365725f78617474722c636f686572656e63793d66756c6c2c646174613d77726974656261636b2c6c6f63616c616c6c6f633d30303030303030303030303030303030303030312c61636c2c6e6f61636c2c6c6f63616c616c6c6f633d30303030303030303030303030303030302c00a89f6b8d5800aa954e6c8735dcd52921ce08462fb4ce7c1600883251443ac332f4d17b77d29867e4321610916dbc5963e9fb59a032c92e32ebffc3b739951e866d52bff6bd63136a656222062a8eea0cf97480bc8ac6c0e8a2aa38ffa8fa758cd54b9ef39a7f536d7b85173a83c34d78e210ecf4d040817bbe989e9eb015acb84b99b2ed90f71810cd92eeca69f5275cb7b7027d4babf643bd69b0a68134c022fe5dcd03834f547325ac2d1a5d16f074d898946ff71afa90180b317e645dd58a922e5d907462cd50dc23801c48c0d49ab012961d84d2eb85a3730a3f3177da048c3bc991216b11dca020afefc24ae7583b59534a0ab1fca82bf473216141db8e9864f7861d0500a920e1a8d3352d0662f586e743386e87b6c0c5ed6e4d192ef2990b44cedbb708e7a18b20dcd5573b603c4d659992647ffa8210abf4e9d232b52a8ea1dd1c045afd8e472cd1fbb775e89cca49d136a6"], 0x1, 0x4446, &(0x7f00000088c0)="$eJzs3b9vHFkdAPDvjH3ENslhH1ccEhIrcRIIkGVfBfgkHMeJz76YoMCdEM1mbW8Sw9ob2WtEkcJ0kaiQKBBFBBKdq8gFbfgTaChDHQkKGiSkCKPdnXV2xrt4E3kdkvt8Co/n/ba/M2/fFLMvzTTubu6WNndLle1Sff327geln9dre1vVSM9Jz/7fOr/+GcwwrpNXfe19lt24cu2Hn34Q8eeNvz49Ojo6iqbR6Gm26/d//fP+evexIy3Uabbbu7Wz8pOIePfEuJpGIuLHf4pIIuJylraQHccj4lK08z69/6tbpTMazaMn1Q/Lz1YfHM69v3Lw8LD/355E/K72pW/d2fr7V0fm/vaNM+oeAAAAAAAAAAAAAAAAAIDX3NLNG5/8YGY2HicxepCcfF93KTv2fT/26Kx8JWJy6H8uAAAAAAAAAAAAAAAAAAAA/F96/v5/KXmnx/v/i9lxvk/9o+8Nf4wMz/L3byxenZnN9n9PTuR/O0v6x+WRmOqx73tx//fLhfq9938/2c/L6oyv0+9kJOl07jxNp6cj/pBt/P5eMpHW6ruNb96u721vnNkwXlv5+Ld3789FJ9vQf9D4LxTaH/7+/188cTU1z2+d3SX2RsvHf6RvuT/+Mhko/lcK9c4j/ry8fPxHW2nj3QXm2xNAM/6/Hj09/ouF9ocV/7cjopQ0x1rKzQDNNUwzvd96hbx8/N9qpeWmzuwf2e/+/3ch/lcL7b+q+X+/+EFET/n4f66VNpYr8fz+n0pPv/+vFdp/FfFvjn/f5/9A8vG/0E4czRVp/ScHnf+XCu0PK/6fpNk4305yV8BB0k7v+3115OTjP3Yi//nzXzrQ+u+jQv3zev7r9Nt5/utM/19P2s9/9JaP/3jfcoPe/8uFesOe/+ejFElc7Jya9V9QPv4TrbT82rn9pZzd8b/wP+K/Umh/WPFvrUrG2vHvnv//c6Gd/nvrv4Hk4//5dmLaXWK/9bO1/ktOX/9/XGi/Hf9h3pYn13/N8e+nQ+zyDZKP/8W+5Zrx/8sAn//XC/WGv/6PmDHrv7R8/C/1Lde6/8dOj/9qod6w4/+1YTYOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8BpYyI6TkaTTufM0nZ6OuJKdvxcTyVplo7xWq6//bDdiMUsvxTvJnVp9rVIrb27XN6rlSq1WX4+4muW/G2PJbq3eKG9V7l07bms8uVut7DTWqpVGRCxl6V+OS5221jYbW5V7EfHRcd4X0vrOvbuV7fLG5s53Z2ZmZmL5eAxTSfUXjep2o917Ozdi5bjuZNI1uFb2x8djuZj8tL63s12ptdKvd9Wp1dcrta46q1neb2Iqaezsba9XGtVyrX6n099pkv0XDM4LmG/+SCMWl2/+6Ob12Yli/q2kfVwY3hAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAOP577z24gYbZ+lETHf+SXpVf7Rk+qH5WerDw7n3l85eHj4tF85AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sgMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYVdOkZpIIjCAPxmLNTOY1gtu53tiiJauCJ4Aj2Gh9GjeAnvkCJF2hQhkMxC2OzCNkn1fc2D+Zl5D+YBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADDP03v38VY3ESmuNpcRf1//i8P8pdSf+/H7F2eYkdN5fu0eHuum/Hs6yu/K0bLNu3S9+v6Mkdr7HezJcJ/2+j7Xk3NN7dvUfH3fm0i5ioi25Lcp56qa9xYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzZgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCwAAAAAI87eOom8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB+BQAA///8NR6x")
creat(&(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x65)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x90)
getdents(r0, 0x0, 0x0)

2.582154516s ago: executing program 1 (id=4514):
r0 = syz_usb_connect(0x5, 0x24, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000096d5c4004233e0269d7010203010902120001180000000904"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000600)={0x44, &(0x7f0000000200)=ANY=[@ANYBLOB="000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_FUNCS(r1, 0x705, &(0x7f0000000040)=0x2)

1.774174834s ago: executing program 7 (id=4516):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f00000000c0)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2008404, &(0x7f0000000a80)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYBLOB="999c07c03c5bc6a3d07b90faae21d196274f93a6593a9830472d5633665f2f51cfb24aaad481c74e142cd734ec6fd04935a94af71c756dbd6f5e2f39b2c4c30725d103d40d7e65129bb928ef73849dae618e438695e0a9078605ba418298145bf2fec11b0d16763288e7ecfe663aa5ff450d1e46d251160109c0378e04fe2629890c28366a6489e706ecf23195dc7f19e03fad", @ANYRESHEX, @ANYRESDEC, @ANYBLOB="c5ce1b9733c9152002284d3be668bd36e2d9b2c62fb43e3a2a12e6020000003cf5ab1f668b2855d9a2bb426304b9bbf1debf4d593fe5104d570a0e27e1a13f2c01075fbe51ea8c8dc547aa8756126f6f13390c0531382cb79112000f0b539950a3"], 0x41, 0x2bd, &(0x7f00000007c0)="$eJzs3LFrE2EYx/HHpDZpSpsIIiioD7roEto4OGqQFsSAUpuiDsLVXjTkTMpdqETEZhFX/47i6Cao/0AXcXF3K4Lg0kE86d2lvbRpm7ZJk9rvB8r75p73x71NruVJILfy4N3zUsFJF4yqROIqEZG6rIqk1maBE8EY8eaDElaXq8O/v5+///DRnWwuNzGlOpmdvpZR1dGLn168en/pS3V45sPox5gspx6v/Mr8WB5cPrvyd/pZ0dGio+VKVQ2drVSqxqxl6lzRKaVV71mm4ZhaLDum3VQvWJX5+Zoa5bmRxLxtOo4a5ZqWzJpWK1q1a2o8NYplTafTOpKQYywiMtDGsvzS1JSR3bbsRju6KXTdUKuDtp2tty7mlw5hTwAAoM/s3P/7vf72/X9uxh/30v+f2b3/F6H/75J606Nd+n8cVdfDV79tZ41E8PfbjP4fAAAAAAAAAAAAAAAAAAAAAICjYNV1k67rJtfG4JD3OCYicRFxg3qPt4kuCb/+buhnl9f/Ro+2iw4LfXEvLmK9Xcgv5P3Rr2cLUhRLTBmTpPzxroeAP5+8nZsYU09KPluLQX5xIR+VWCPfkGqVv3Bq3M9rc/6kJMLnz0hSTrc+f6ZlflCuXA7l05KUr0+kIpbMedf1Rv71uOqtu7lN+SFvHQAAAAAA/4O0rtvy/t2rewvisrXu50OfD7iuu7jT5wOb3l8PyLl2blEJAAAAAAAOzKm9LBmWZdr7mMRE5ADxzk9cV6T324hKfzwbzZObItIH2zisSVxE/CO6n/jP9XhbKbeNNQMi0vOnZQ+TXv9nAgAAANBpG03/HkLf3nRxRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHD/t3g+ssX5LqVHYIR46XfTQf0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgj/wLAAD//7KDHOI=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
syz_mount_image$fuse(0x0, &(0x7f0000000580)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000780)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000680)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2)

1.5184129s ago: executing program 2 (id=4517):
r0 = openat$ocfs2_control(0xffffffffffffff9c, &(0x7f0000000000), 0x102, 0x0)
read$FUSE(r0, &(0x7f0000000040)={0x2020}, 0x2020)
writev(r0, &(0x7f00000022c0)=[{&(0x7f0000002080)='T01\n', 0x4}], 0x1)
write$binfmt_script(r0, 0x0, 0xb00)

1.34191601s ago: executing program 2 (id=4518):
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000003480)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
read$FUSE(r0, &(0x7f0000000480)={0x2020}, 0x2020)

1.33900323s ago: executing program 7 (id=4519):
syz_open_dev$vim2m(&(0x7f0000000000), 0x8, 0x2)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x3, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x7c, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x80000000, 0x3, 0x0, 0x5, 0x24, 0x1, 0x7, 0x3c5b, 0x1, 0x24, 0x6, 0x5, 0x5, 0xffffffff, 0xe661, 0x4, 0x7, 0x5, 0x9, 0x4c74, 0x80000000, 0x40000, 0xf3f7, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x407, 0x5, 0x3e, 0x8f, 0x4006, 0x6, 0x0, 0x7, 0x4, 0x8, 0x400, 0x80, 0x0, 0x5, 0x7, 0x8, 0x4, 0xfffffffe, 0x40], [0x10000007, 0xf0000000, 0x8000012f, 0x8004, 0x5, 0x6, 0x1a9432e6, 0xc8, 0xf9, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0xd, 0xea4, 0xffffffff, 0x5, 0x7, 0x7fff, 0x5a80, 0x420, 0x401, 0x6, 0x0, 0xff, 0x1, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0xb, 0x4, 0x9, 0x8, 0x8, 0x9, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0xfffffffe, 0x7, 0x9, 0x5, 0x3, 0x9, 0x1, 0x3, 0x6c0, 0xbc46, 0x48c93690, 0x800042, 0x3], [0x7, 0x408, 0x8004, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x8, 0x7fff, 0x0, 0x5, 0x8, 0x4, 0x9, 0x2, 0x0, 0x1ef, 0x5, 0x8, 0x10000, 0x3, 0x5, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x1, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0xffe, 0xa2, 0x7, 0xa9, 0x5, 0x9, 0xac8, 0xbf, 0x1, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xfffffffa, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2e9, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x9, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0x2000a620, 0x2, 0x5, 0x1, 0x2, 0x5, 0xe7, 0x1, 0x16, 0xffffffff, 0x80000003, 0x5, 0x20004, 0xc8, 0x9, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9602, 0x7, 0xaf, 0x8, 0x6, 0x226, 0x5, 0x5, 0x8, 0x30b1d693, 0xa1f, 0xf40, 0x738, 0x1, 0x6c1b, 0x80, 0x4, 0x5, 0xb1e, 0x20000d7, 0x200, 0xffff3441, 0xfff]}, 0x45c)
syz_open_dev$vim2m(&(0x7f00000001c0), 0x7fffffff, 0x2)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

1.282267154s ago: executing program 4 (id=4520):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x0, 0x0)
preadv(r1, &(0x7f00000000c0)=[{&(0x7f00000004c0)=""/127, 0x7f}], 0x1, 0x0, 0x0)

1.029891239s ago: executing program 2 (id=4521):
syz_mount_image$hfsplus(&(0x7f0000000040), &(0x7f0000000000)='./file1\x00', 0x10008, &(0x7f0000000140)=ANY=[], 0xfb, 0x6b0, &(0x7f0000000300)="$eJzs3c1vHGcdB/DvrDd2Ni3BSZM2oEq1GgkQEYkTKy3mQkAI5VBVVTlwthKnseKkxXGRWyHi8HrtoX9AOeSCOCFx4hKpcOBCb70hH5GQEFI5EC4smtlZe727Xm/axHbUzyeafV7neZ75zcy+WdEG+Ny6fCbN+yly+cwra2V5497c8sa9uZud/KvNJFNJ1pMy20hS/Kfdbn+YXEqKzWGKvnTA+0vzr3/8ycbfO6VmvVX9G6P261P3W++rXu/WzSSZqNPPYNt4Vz7zeMXmyi8lOV2nsO8OJWlv86O/PL3Z0qM1bO/De7JG4PEqOq+bA6aTI/WNXr4P6L7yNvZ2deOZ6C5yDP3vIAAAAOBJU30Gbg5Ub6v54oM8yFpxdA+XBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE+09WSy/vn8ot4a3fxMiu7v/0/WdanzB8sLD9f9/uNaBwAAAAAAAADsoRce5EHWcrRbbhfV3/xfrAonqsen8nZuZzErOZu1LGQ1q1nJ+STTPQNNri2srk51S6P2vLBtz1aShdXVlQu7LHSqpz8AAAAAAAAA0O9nubz1938AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgIimSik6S421M9nUYzyeEkk2XFevJRN/8ku7/fCwAAAIA9MJU8yFqOdsvtIieSPFt9B3A4b+dWVrOU1SxnMVer7wU6n/obG/fmljfuzd0st8Fxv/PPnWacHlZZjZjOdw/DZz5V9WjlWpaqmrO5kjeznKtpVHuWTtXr6Y7at6675ZqKb9de3i00/6oer9al8sjfq9MBd3YbaywP+WXKdBWRQ52ITCSz9drKaBzrnpnhZ2jns7P7TFnM+TQ2F3uib6bJ7QezPeZbQzZGzXekTsvj+dVOMd8XnUj8r92xmAs9V9+zo2OefPUPv/vhbJ0/OIc0nok6bVePrcFrYq4nEs+NE4nry7duXL92+8yTFokBs1UkTm6WL+f7+UHOZCavZSVL+XEWsprFzOR7VW6hPvlFzy2/Q6QubSu9tttKJusrtHOyHm5NL1b7Hs1SXs2buZrFvFT9u5DzeTkXczHzPWf45OgzXN31jcG7vtL+wtDFn/5anWkl+XWdHgxlXI/1xHXrqp+t4n1sW00dpaKZ42NEachz4yjNL9eZco6f7/ZEuqf6I3G+53p5ZnQkflM9rdxevnVj5frCW+NNd/y9OlPeR79MZg7OE0l5vRwvT1ZVmtp2dZRtz2y2bY9X2XZis60x0HYyf0yz2Z1lKes73qmT9Xu4wZEuVG3PDW2bq9pO9bQNe78FwIF35OtHJlv/aP219UHrF63rrVcOf3fqm1PPT+bQnw59qzk78ZXG88Xv80F+uvX5HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+PRuv/PujYXl5cWVvky73b7z0fCmMTPd36v5lLv3Z7q/CjVG58z87amy65CmibTv7ND0uDJfejrZq7kObua/7Xa7ril26PPbP/cHair7FLr6d/7aByJ0IzKHH939NZDZt6ckYI+cW7351rnb77z7jaWbC28svrF4a/7ixfnZ+YsvzZ27trS8ONt53O9VAo/D1ov+fq8EAAAAAAAAAAAAGNcj/j8D68Oa9vsYAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCfb5TNp3k+R87NnZ8vyxr255XLr5rd6NpM0khQ/SYoPk0vpbJnuGa7YaZ73l+Zf//iTjX+3O+rxqv6NUfuNZ73eMpNkopPefVTjXanTkYpRh1BsHmEZsNPdwMF++38AAAD//24hDxw=")
setxattr$trusted_overlay_opaque(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000140), 0x0, 0x0, 0x1)
setresuid(0x0, 0xee01, 0x0)
llistxattr(&(0x7f0000000080)='./file1\x00', &(0x7f00000001c0)=""/47, 0x2f)

1.029753279s ago: executing program 7 (id=4522):
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/resume_offset', 0x102, 0x0)
r0 = syz_io_uring_setup(0x235, &(0x7f0000001240)={0x0, 0x10008cc8, 0x10100, 0x2, 0x75}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x3b, 0x2, 0x1})
io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0xfffffffffffffc76)

871.120268ms ago: executing program 7 (id=4523):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file1\x00', 0xc000, &(0x7f00000006c0), 0x2, 0x246, &(0x7f0000000ac0)="$eJzs3T9oM2UcB/DvXRJf+75BXnURxD8gIloor5vg8rooFKQUEUGFioiL0gq1xa1xcnHQWaWTSxE3q6N0KS6K4FS1Q10ELQ4WBx0iybVS24ja1Jz0Ph+43l3vee73HLnvkyyXBGisq0muJ2klmU7SSVIcb3B3tVw93F2f2l5I+v0nfiqG7ar9ylG/K0l6SR5KslUWeamdrG4+s/fLzmP3vbnSuff9zaenJnqRh/b3dh8/eG/ujY9mH1z94qsf5opcT/dP13X+ihH/axfJLf9Fsf+Jol33CPgn5l/78OtB7m9Ncs8w/52UqV68t5Zv2OrkgXf/qu/bP355+yTHCpy/fr8zeA/s9YHGKZN0U5QzSartspyZqT7Df9O6XL68tPzq9ItLK4sv1D1TAeelm+w++smlj6+cyP/3rSr/wMU1yP+T8xvfDrYPWnWPBpiIO6rVIP/Tz63dH/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmHC6xztNEbeVj+obnkH5pL/qG5jucfAGiW/qW6n0AG6lL3/AMAAAAAAAAAAAAAAAAAAJy2PrW9cLRMquZn7yT7jyRpj6rfGv4ecXLj8O/ln4tBsz8UVbexPHvXmCcY0wc1P31903f11v/8znrrry0mvdeTXGu3T99/xeH9d3Y3/83xzvNjFviXihP7Dz812fon/bZRb/3ZneTTwfxzbdT8U+a24Xr0/NM9/hXLZ/TKr2OeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIn5PQAA//8PK23M")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x107042, 0x20)
fallocate(r0, 0x10, 0x0, 0x8800000)
lseek(r0, 0x0, 0x3)

792.570253ms ago: executing program 2 (id=4524):
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000040)={@private1, 0x1, 0x0, 0xfe, 0x5, 0x2, 0x9}, 0x20)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl(r0, 0x8b32, &(0x7f0000000040))

684.899159ms ago: executing program 4 (id=4525):
r0 = syz_io_uring_setup(0x895, &(0x7f0000000140)={0x0, 0x8c36, 0x80, 0xfffffffe, 0xbfdffddc}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_SYMLINKAT={0x26, 0x8, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)

665.334971ms ago: executing program 1 (id=4526):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)={0x44, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x100e}, @CTA_SEQ_ADJ_REPLY={0x4, 0x4}]}, 0x44}}, 0x0)

598.168244ms ago: executing program 1 (id=4527):
r0 = syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000e00)='./file0\x00', 0x10000, &(0x7f0000000940)=ANY=[], 0x0, 0xdab, &(0x7f0000000e80)="$eJzs3ctvXNX9APBzx544L36x8wuNm6ZJSkigj9iQumklNkaii1KE1CVLmgaa1gmP0AUoi5RFV0i1hPgDipDIpuqi6oJNFbGiG1Sp+wqx6iaVkLJAUcCV7XPG429mdGcc2+PxfD7SnTP3fs+955x53LlzXycBI6ux8jg3N12l9N5H7z7zr7O/+NvylJOtHKdWHsfz2HxKqdmaL6XJsLz5idX0qy+uX2xPv85plc6nKlWt6en52615D6SUbqRT6VaaTE+9cOfeh4vPPrc4debm0Xc+vbs1rV9TbXUBAACwA3z58w9e+8djP70+dfcvJ+bTRGt62T6fz+MH83b/fN5QLtvL5X9A1ZZWHban94R843lohHxjHfK1l9MM+ca7lL8nLLfZJd9ETfljbdM6tRuG2dr/+Koxs2680ZiZWf1PvuyzsT3VzNXLCy9dG1BFgU1352TexWcwGEZuWDo06DUQwKp43PA+Nzb3SF1raeO9lX/76Ubn+WETbPfnX/nDVf4Hv7fGYfPs1k9TaVf5Hh3M4/E4wniYr9/vf1lePB7R7LGe3Y4jDMvxhW71HNvmemxUt/rHz8Vu9e2cltfhRIi3f3/iezos7zHQ2Zf2/xsMIzssDXoFBOxY8by5pazE43l9MT5RE99bE99XE99fEz9QE4dR9tc3/pgWq7X/+fE/fb/7w8p+tody+n991ifuj+y3/Hjeb78etPx4PjHsZL8898mf7/zu1j/j+f9fh/P/T+ff0sm8gij7C+N+9da5/+HC4EaXfIdDfR7qkH/l+ZH1+aoja8tJbeuZ++oxvX6+Q93yHV+fbzLk25+3RfaG+sbtk/1hvrL9Udar5fUaD+1thnbsCfUo78xUTveG9kx1a1fYkb0n5Gvm4f9Du46Edj0c5vtGaFc1vb5dcf95qc/RMD0eJyn5wtt23+9SfC/idRmP5PTtnL6f049z+nmHckdR+Tx2O/+/fD6nU7N66fLCpSfyePmcfjLWnFie/uQ21xt4cL1e/zOd1l//c7A1vdloXy8cWpteta8XJsP0812m/zCPl9+zX4/tW5k+c/GVhV9tduNhxF17863fvriwcOl1TzzxxJPWk0GvmYCtNvvGlVdnr7351rnLV158+dLLl65e+MmPzj8x9+MLF2ZXNutn2zfugV1l7Ud/0DUBAAAAAAAAAAAAelbt6zw5p3X3ty3Xk5fr0+P18QyH8r6VT0O5j0G5/rPbfV3K9ZtT21BHNt92XE406DYCnf3X/X8NhpEdlpbcxR/YGQbd/1+572FJr/79Z3uXh5Lt9tPr15fx/oXwIHZ6/3PK3139/7X6v+p5/Rd6zJrcWLlX7j16s63YdKzX8mP7y31gj/RX/tVcfmnN2dRb+Ut/CuXHG5X26JVQ/v4ey7+v/cc3Vv6rufzysj1+utfyV2tcNdbXI+43LvcBjPuNi9dC+8u9/fpu/wY7ans9lw+jbFj6mezXsPT/2U1ZblkP5tVz6zhduf927O+g3/qX+36X34GHw/Krmt83/X8Ot7r+P8vnb1b/n7DrfOb4n8EwssPS0tJAuz4Z1X5XdopBv/6D3oYcdPmDfv3rxP4/4/+l2P9njMf+P2M89v8Z47F/rRiP/X/G1zP2/xnjR8NyY/+g0zXxb9bEj9XEv1UTP14Tj//fYvxUTfxETfxkTfxwTfyRmvjpmvijNfEzNfHHauKP18R3u+/kdFTbD6Ms9hvp+w+joxz/6fb9P1ITB4ZX7Nc5fr/P1sSB4VXO8/D9hhFUdb5jR9zfXvbjvp3T93P6cU4/37IKsh2+m9Pv5fT7Of1BTs/ldCansznVNeRw+8N/jp1YrNbO8zsU4r2eTxqvB4j3iXmyx/rE43P9ns96tMdytqr8DV4OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA0GiuPc3PTVUrvffTuM/8+95vDy1NOtnKcWnkcz2PzKaVmSqnK4+NheTcmVtOvvrh+sVNapfMrj2U8PX+7Ne+B5fnTqXQrTaanXrhz78PFZ59bnDpz8+g7n97dmtavqba6AAAAABig/wUAAP//vrPsgA==")
r1 = openat(r0, &(0x7f0000000240)='./file0\x00', 0x0, 0x0)
setreuid(0xffffffffffffffff, 0xee01)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0x40106e8c, 0x0)

481.538781ms ago: executing program 2 (id=4528):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r1=>0x0})
bind$can_j1939(r0, &(0x7f0000000380)={0x1d, r1, 0xfffffffffffffffd, {0x0, 0xf0, 0x4}, 0x2}, 0x18)
bind$can_j1939(r0, &(0x7f0000000240)={0x1d, r1, 0x1, {0x2, 0xf0, 0x1}, 0x2}, 0x18)

316.771391ms ago: executing program 7 (id=4529):
socket$packet(0x11, 0x3, 0x300)
socket$packet(0x11, 0x2, 0x300)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/ptype\x00')
preadv(r0, &(0x7f0000000180)=[{&(0x7f0000000040)=""/106, 0x6a}], 0x1, 0x78, 0xc)

194.140419ms ago: executing program 2 (id=4530):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x40, 0x7, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x89f9b000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
open_by_handle_at(0xffffffffffffffff, 0x0, 0x4000)

121.358153ms ago: executing program 1 (id=4531):
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000580)=@newqdisc={0x6c, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x3c, 0x2, {{0x9, 0x3, 0x0, 0x6, 0xfffffffa, 0x22}, [@TCA_NETEM_RATE={0x14, 0x6, {0xe1, 0x79d, 0x0, 0x3}}, @TCA_NETEM_RATE64={0xc, 0x8, 0xe61c6a5c983a3b82}]}}}]}, 0x6c}}, 0x0)

0s ago: executing program 7 (id=4532):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$NL80211_CMD_JOIN_OCB(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x2c, r2, 0x1, 0x70bd25, 0x25dfdbff, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_WIPHY_FREQ={0x8}, @NL80211_ATTR_CHANNEL_WIDTH={0x8, 0x9f, 0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000004}, 0x448d0)

kernel console output (not intermixed with test programs):

14770] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  483.358506][T14770] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  483.397335][T14770] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  483.442466][T14770] BTRFS info (device loop1): use zstd compression, level 3
[  483.457958][T14770] BTRFS info (device loop1): using free space tree
[  483.694819][T14770] BTRFS info (device loop1): enabling ssd optimizations
[  483.725078][T14770] BTRFS info (device loop1): auto enabling async discard
[  483.917981][   T28] audit: type=1800 audit(1770917169.337:162): pid=14770 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3168" name="file1" dev="loop1" ino=260 res=0 errno=0
[  483.938645][    C0] vkms_vblank_simulate: vblank timer overrun
[  484.043390][ T5772] BTRFS info (device loop1): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  484.139468][T14813] loop2: detected capacity change from 0 to 8192
[  484.502646][T14825] loop4: detected capacity change from 0 to 1764
[  484.531276][T14823] loop1: detected capacity change from 0 to 4096
[  484.577615][T14823] ntfs3: loop1: Different NTFS sector size (2048) and media sector size (512).
[  484.793208][T14827] loop5: detected capacity change from 0 to 4096
[  484.869758][T14827] ntfs: (device loop5): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match.  Run ntfsfix or chkdsk.
[  484.923974][T14827] ntfs: (device loop5): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  484.971467][T14827] ntfs: (device loop5): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn.
[  485.051986][T14827] ntfs: (device loop5): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  485.137482][T14827] ntfs: (device loop5): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  485.192007][T14827] ntfs: volume version 3.1.
[  485.205899][T14827] ntfs: (device loop5): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5.
[  485.260936][T14827] ntfs: (device loop5): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys.
[  485.304668][T14827] ntfs: (device loop5): load_system_files(): Failed to determine if Windows is hibernated.  Will not be able to remount read-write.  Run chkdsk.
[  485.739602][T14844] bridge0: entered allmulticast mode
[  485.921734][T14846] loop2: detected capacity change from 0 to 8192
[  487.126053][T14873] loop5: detected capacity change from 0 to 16
[  487.144451][T14873] MTD: Attempt to mount non-MTD device "/dev/loop5"
[  487.384774][T14862] loop1: detected capacity change from 0 to 32768
[  487.425419][T14881] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3203'.
[  487.650069][T14883] loop5: detected capacity change from 0 to 2048
[  487.680445][T14883] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  488.692368][T14877] loop2: detected capacity change from 0 to 32768
[  488.761102][T14877] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  488.782334][T14877] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  489.043622][T14877] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms
[  489.328369][T14877] gfs2: fsid=syz:syz.s: first mount done, others may mount
[  490.013877][T14920] sit0: entered promiscuous mode
[  490.036917][T14920] netlink: 'syz.2.3218': attribute type 1 has an invalid length.
[  490.055298][T14921] loop4: detected capacity change from 0 to 2048
[  490.072879][T14921] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  490.084176][T14920] netlink: 1 bytes leftover after parsing attributes in process `syz.2.3218'.
[  490.102632][T14921] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  490.563643][T14926] loop2: detected capacity change from 0 to 512
[  490.587314][T14926] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  490.626591][T14926] EXT4-fs (loop2): 1 truncate cleaned up
[  490.645040][T14926] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  490.747638][ T5775] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  491.712064][ T5841] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  491.745039][T14946] loop5: detected capacity change from 0 to 32768
[  491.939305][ T5841] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  491.953351][ T5841] usb 2-1: config 0 has no interface number 0
[  491.970096][ T5841] usb 2-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  491.987422][ T5841] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  492.007740][ T5841] usb 2-1: Product: syz
[  492.012646][ T5841] usb 2-1: Manufacturer: syz
[  492.017289][ T5841] usb 2-1: SerialNumber: syz
[  492.038409][ T5841] usb 2-1: config 0 descriptor??
[  492.045554][T14949] loop2: detected capacity change from 0 to 32768
[  492.081516][T14949] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 12
[  492.262897][ T5841] usb 2-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  492.303999][T11987] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 12
[  492.316885][ T5841] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  492.351259][ T5841] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  492.374105][ T5841] usb 2-1: media controller created
[  492.401081][T14953] loop4: detected capacity change from 0 to 32768
[  492.445146][T14953] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.3232 (14953)
[  492.459000][ T5841] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  492.509321][T14953] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  492.557653][T14953] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  492.566441][T14953] BTRFS info (device loop4): metadata ratio 2
[  492.606885][ T5841] i2c i2c-1: ec100: i2c rd failed=-71 reg=33
[  492.617477][T14953] BTRFS info (device loop4): allowing degraded mounts
[  492.659185][T14953] BTRFS info (device loop4): force zlib compression, level 3
[  492.666774][T14953] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  492.738898][T14953] BTRFS info (device loop4): use zstd compression, level 3
[  492.746216][T14953] BTRFS info (device loop4): force clearing of disk cache
[  492.779144][T14953] BTRFS info (device loop4): turning on flush-on-commit
[  492.791779][T14960] program syz.5.3233 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  492.796838][ T5841] usb 2-1: USB disconnect, device number 25
[  492.807948][T14953] BTRFS warning (device loop4): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  492.857434][T14953] BTRFS info (device loop4): trying to use backup root at mount time
[  492.883056][T14953] BTRFS info (device loop4): using free space tree
[  492.928798][T14963] hsr0: entered promiscuous mode
[  492.935474][T14963] macsec1: entered allmulticast mode
[  492.957811][T14963] hsr0: entered allmulticast mode
[  492.967808][T14963] hsr_slave_0: entered allmulticast mode
[  492.977918][T14963] hsr_slave_1: entered allmulticast mode
[  493.012886][T14963] hsr0: left allmulticast mode
[  493.056920][T14963] hsr_slave_0: left allmulticast mode
[  493.070962][T14963] hsr_slave_1: left allmulticast mode
[  493.086921][T14953] BTRFS info (device loop4): enabling ssd optimizations
[  493.144591][T14953] BTRFS info (device loop4): rebuilding free space tree
[  493.300929][T14982] netlink: 124 bytes leftover after parsing attributes in process `syz.1.3238'.
[  493.701455][T14424] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  494.258681][T14987] loop1: detected capacity change from 0 to 32768
[  494.276767][T14987] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 scanned by syz.1.3240 (14987)
[  494.325730][T14987] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  494.366467][T14987] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  494.407486][T14987] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  494.416970][T14987] BTRFS info (device loop1): use zstd compression, level 3
[  494.434297][T14987] BTRFS info (device loop1): using free space tree
[  494.584098][T14987] BTRFS info (device loop1): enabling ssd optimizations
[  494.605971][T14987] BTRFS info (device loop1): auto enabling async discard
[  494.861169][T14996] loop5: detected capacity change from 0 to 32768
[  494.932819][ T5772] BTRFS info (device loop1): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  495.117010][T14996] UFO tlock:0xffffc9000288a3a8
[  495.160896][T14996] MetaData crosses page boundary!!
[  495.166909][T14996] lblock = 6300000010, size  = -820051968
[  495.228701][T14996] CPU: 1 PID: 14996 Comm: syz.5.3245 Not tainted syzkaller #0
[  495.236264][T14996] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  495.246381][T14996] Call Trace:
[  495.249715][T14996]  <TASK>
[  495.252687][T14996]  dump_stack_lvl+0x18c/0x250
[  495.257426][T14996]  ? show_regs_print_info+0x20/0x20
[  495.262076][ T6372] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 10 /dev/loop1 scanned by udevd (6372)
[  495.262660][T14996]  ? load_image+0x400/0x400
[  495.279038][T14996]  ? folio_unlock+0x118/0x2e0
[  495.283789][T14996]  __get_metapage+0xaac/0xfa0
[  495.288535][T14996]  dtSearch+0x591/0x21b0
[  495.292869][T14996]  ? txBegin+0x8ee/0xb60
[  495.297181][T14996]  dtDelete+0x128/0x2d40
[  495.301477][T14996]  ? __mutex_trylock_common+0x159/0x260
[  495.307063][T14996]  ? trace_raw_output_contention_end+0xd0/0xd0
[  495.313243][T14996]  ? rcu_is_watching+0x15/0xb0
[  495.318029][T14996]  ? dtInsertEntry+0x13e0/0x13e0
[  495.323006][T14996]  ? trace_contention_end+0x39/0xe0
[  495.328245][T14996]  ? down_write_nested+0x175/0x200
[  495.333379][T14996]  ? down_read_non_owner+0x310/0x310
[  495.338687][T14996]  ? get_UCSname+0x3dd/0x5c0
[  495.343307][T14996]  jfs_unlink+0x29f/0xa10
[  495.347674][T14996]  ? jfs_link+0x5f0/0x5f0
[  495.352034][T14996]  ? down_write+0x16e/0x200
[  495.356561][T14996]  ? down_read_killable+0x340/0x340
[  495.361782][T14996]  ? bpf_lsm_inode_unlink+0x9/0x10
[  495.366916][T14996]  ? security_inode_unlink+0xcf/0x110
[  495.372323][T14996]  vfs_unlink+0x389/0x600
[  495.376684][T14996]  do_unlinkat+0x339/0x590
[  495.381143][T14996]  ? fsnotify_link_count+0xf0/0xf0
[  495.386305][T14996]  ? getname_flags+0x20a/0x500
[  495.391115][T14996]  __x64_sys_unlink+0x49/0x50
[  495.395959][T14996]  do_syscall_64+0x55/0xa0
[  495.400434][T14996]  ? clear_bhb_loop+0x40/0x90
[  495.405143][T14996]  ? clear_bhb_loop+0x40/0x90
[  495.409850][T14996]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  495.415774][T14996] RIP: 0033:0x7f5f3939bf79
[  495.420228][T14996] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  495.439894][T14996] RSP: 002b:00007f5f3a233028 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[  495.448347][T14996] RAX: ffffffffffffffda RBX: 00007f5f39615fa0 RCX: 00007f5f3939bf79
[  495.456373][T14996] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040
[  495.464467][T14996] RBP: 00007f5f394327e0 R08: 0000000000000000 R09: 0000000000000000
[  495.472462][T14996] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  495.480450][T14996] R13: 00007f5f39616038 R14: 00007f5f39615fa0 R15: 00007ffea0f6ed08
[  495.488459][T14996]  </TASK>
[  495.569409][T14996] bread failed!
[  495.573193][T14996] jfs_unlink: dtDelete returned -5
[  495.580842][T14996] ERROR: (device loop5): jfs_unlink: 
[  495.580842][T14996] 
[  495.602776][T14996] ERROR: (device loop5): remounting filesystem as read-only
[  496.165689][T15034] loop4: detected capacity change from 0 to 1024
[  496.574326][T15041] loop1: detected capacity change from 0 to 512
[  496.633415][T15041] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  496.657617][T15041] ext4 filesystem being mounted at /850/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  496.779969][T15041] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  496.862352][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  497.752198][T15057] loop1: detected capacity change from 0 to 40427
[  497.774884][T15057] F2FS-fs (loop1): invalid crc value
[  497.789846][T15057] F2FS-fs (loop1): Found nat_bits in checkpoint
[  497.904237][T15057] F2FS-fs (loop1): Start checkpoint disabled!
[  497.946269][T15057] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  498.171395][T15064] loop5: detected capacity change from 0 to 32768
[  498.197964][T15064] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by syz.5.3265 (15064)
[  498.242838][T15064] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  498.263639][T15064] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm
[  498.288045][T15064] BTRFS info (device loop5): metadata ratio 2
[  498.294316][T15064] BTRFS info (device loop5): allowing degraded mounts
[  498.314583][T15064] BTRFS info (device loop5): force zlib compression, level 3
[  498.332329][T15064] BTRFS info (device loop5): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  498.336876][ T2958] kworker/u4:12: attempt to access beyond end of device
[  498.336876][ T2958] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  498.354327][T15064] BTRFS info (device loop5): use zstd compression, level 3
[  498.381534][ T2958] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  498.396899][ T2958] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  498.403806][T15064] BTRFS info (device loop5): force clearing of disk cache
[  498.403831][T15064] BTRFS info (device loop5): turning on flush-on-commit
[  498.403851][T15064] BTRFS warning (device loop5): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  498.403869][T15064] BTRFS info (device loop5): trying to use backup root at mount time
[  498.403885][T15064] BTRFS info (device loop5): using free space tree
[  498.535246][T15064] BTRFS info (device loop5): enabling ssd optimizations
[  498.615720][T15064] BTRFS info (device loop5): rebuilding free space tree
[  499.022309][T13619] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  499.283816][ T6372] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 11 /dev/loop5 scanned by udevd (6372)
[  499.547801][    T9] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  499.757948][    T9] usb 5-1: Using ep0 maxpacket: 16
[  499.774017][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  499.802938][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  499.842492][    T9] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  499.865873][    T9] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  499.913840][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  499.943596][    T9] usb 5-1: config 0 descriptor??
[  500.414982][T15103] loop5: detected capacity change from 0 to 40427
[  500.431262][    T9] microsoft 0003:045E:07DA.002D: No inputs registered, leaving
[  500.443605][T15103] F2FS-fs (loop5): heap/no_heap options were deprecated
[  500.461645][T15103] F2FS-fs (loop5): build fault injection attr: rate: 19, type: 0x7ffff
[  500.463675][    T9] microsoft 0003:045E:07DA.002D: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[  500.500889][T15120] bond0: (slave bond_slave_0): Releasing backup interface
[  500.512946][T15103] F2FS-fs (loop5): build fault injection attr: rate: 0, type: 0x77e8c
[  500.518324][    T9] microsoft 0003:045E:07DA.002D: no inputs found
[  500.561555][T15103] F2FS-fs (loop5): invalid crc value
[  500.564680][T15120] team0: Port device bond_slave_0 added
[  500.573283][    T9] microsoft 0003:045E:07DA.002D: could not initialize ff, continuing anyway
[  500.601834][T15120] A link change request failed with some changes committed already. Interface bond_slave_0 may have been left with an inconsistent configuration, please check.
[  500.622838][T15103] F2FS-fs (loop5): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x21d/0x9b0
[  500.630154][    T9] usb 5-1: USB disconnect, device number 8
[  500.660776][T15103] F2FS-fs (loop5): Found nat_bits in checkpoint
[  500.769837][T15121] fido_id[15121]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  500.834631][T15103] F2FS-fs (loop5): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_bio+0x134/0x650
[  500.880899][    C1] F2FS-fs (loop5): inject read IO error in f2fs_read_end_io of blk_update_request+0x597/0xe40
[  500.922350][T15103] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  501.025170][T15103] F2FS-fs (loop5): inject no more block in inc_valid_node_count of f2fs_new_node_page+0x187/0x910
[  501.054762][T15103] F2FS-fs (loop5): inject checkpoint error in f2fs_balance_fs of f2fs_convert_inline_inode+0x792/0x800
[  501.081061][T15103] F2FS-fs (loop5): Stopped filesystem due to reason: 1
[  501.184551][T15133] netlink: 'syz.1.3286': attribute type 1 has an invalid length.
[  501.366282][T15137] loop4: detected capacity change from 0 to 512
[  501.407156][T15137] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  501.463031][T15137] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  501.544897][T15137] EXT4-fs (loop4): 1 truncate cleaned up
[  501.563460][T15137] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  501.604554][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  501.611216][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  501.832666][T14424] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  502.120961][    T9] hid-generic 0000:0000:0000.002E: unknown main item tag 0x0
[  502.161433][    T9] hid-generic 0000:0000:0000.002E: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  502.787213][T15143] loop5: detected capacity change from 0 to 32768
[  502.911714][T15143] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  503.068997][T15143] XFS (loop5): Ending clean mount
[  503.099837][    T9] XFS (loop5): Metadata CRC error detected at xfs_inobt_read_verify+0x42/0xd0, xfs_finobt block 0x10 
[  503.149586][    T9] XFS (loop5): Unmount and run xfs_repair
[  503.155466][    T9] XFS (loop5): First 128 bytes of corrupted metadata buffer:
[  503.176928][    T9] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff  FIB3............
[  503.221729][    T9] 00000010: 00 00 00 00 00 00 00 10 00 00 00 01 00 00 00 10  ................
[  503.257665][    T9] 00000020: d7 dc 42 4e 79 90 42 cb 9f 91 9c b7 20 0a 10 1d  ..BNy.B..... ...
[  503.293310][    T9] 00000030: 00 00 00 00 0f 8d d2 a2 00 00 18 00 00 00 40 37  ..............@7
[  503.311756][    T9] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00  ................
[  503.331537][    T9] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  503.355694][T15162] loop1: detected capacity change from 0 to 32768
[  503.375624][    T9] 00000060: 00 00 00 00 00 f0 00 00 00 00 00 00 00 00 00 00  ................
[  503.406167][    T9] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  503.440427][T15143] XFS (loop5): metadata I/O error in "xfs_btree_read_buf_block+0x1df/0x2e0" at daddr 0x10 len 4 error 74
[  503.463497][T15143] XFS (loop5): Failed to initialize disk quotas.
[  503.592335][T13619] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  503.686940][T15181] loop1: detected capacity change from 0 to 64
[  504.379801][T15191] loop5: detected capacity change from 0 to 512
[  504.410719][T15191] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  504.435424][T15191] EXT4-fs (loop5): 1 orphan inode deleted
[  504.459841][T15191] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  504.661913][T13619] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  505.375415][T15219] netlink: 'syz.1.3317': attribute type 10 has an invalid length.
[  505.756275][T15237] loop4: detected capacity change from 0 to 512
[  505.787570][T15235] loop1: detected capacity change from 0 to 2048
[  505.839586][T15235] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  505.875099][T15235] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  505.902556][T15242] syz.2.3326 uses obsolete (PF_INET,SOCK_PACKET)
[  505.918892][T15237] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  505.938414][T15237] ext4 filesystem being mounted at /52/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  505.993752][   T28] kauditd_printk_skb: 6 callbacks suppressed
[  505.993767][   T28] audit: type=1800 audit(1770917191.417:163): pid=15237 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3325" name="file1" dev="loop4" ino=15 res=0 errno=0
[  506.020738][    C0] vkms_vblank_simulate: vblank timer overrun
[  506.071785][T14424] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  506.305847][T15250] netlink: 284 bytes leftover after parsing attributes in process `syz.2.3331'.
[  506.605799][T15263] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3336'.
[  506.621230][T15260] loop4: detected capacity change from 0 to 4096
[  506.634877][T15260] EXT4-fs: Ignoring removed mblk_io_submit option
[  506.662843][T15260] EXT4-fs: Ignoring removed orlov option
[  506.683441][T15260] EXT4-fs (loop4): Test dummy encryption mode enabled
[  506.729846][T15260] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  506.943443][T14424] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  507.179713][T15280] loop5: detected capacity change from 0 to 512
[  507.239910][T15280] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  507.263706][T15280] ext4 filesystem being mounted at /86/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  507.287779][  T788] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  507.361014][T13619] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  507.480795][  T788] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  507.501481][  T788] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  507.524448][  T788] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  507.545136][  T788] usb 2-1: config 0 descriptor??
[  507.572149][  T788] pwc: Askey VC010 type 2 USB webcam detected.
[  507.756568][T15296] netlink: 12 bytes leftover after parsing attributes in process `syz.5.3350'.
[  507.777150][T15296] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3350'.
[  508.006041][  T788] pwc: recv_control_msg error -32 req 02 val 2b00
[  508.076053][T15306] loop5: detected capacity change from 0 to 16
[  508.098345][T15306] erofs: (device loop5): mounted with root inode @ nid 36.
[  508.243878][  T788] pwc: recv_control_msg error -71 req 02 val 2c00
[  508.276703][  T788] pwc: recv_control_msg error -71 req 04 val 1000
[  508.289033][  T788] pwc: recv_control_msg error -71 req 04 val 1300
[  508.310379][  T788] pwc: recv_control_msg error -71 req 04 val 1400
[  508.324784][  T788] pwc: recv_control_msg error -71 req 02 val 2000
[  508.344392][  T788] pwc: recv_control_msg error -71 req 02 val 2100
[  508.357488][  T788] pwc: recv_control_msg error -71 req 04 val 1500
[  508.384142][T15311] loop4: detected capacity change from 0 to 2048
[  508.391350][  T788] pwc: recv_control_msg error -71 req 02 val 2500
[  508.407660][  T788] pwc: recv_control_msg error -71 req 02 val 2400
[  508.416353][  T788] pwc: recv_control_msg error -71 req 02 val 2600
[  508.433278][  T788] pwc: recv_control_msg error -71 req 02 val 2900
[  508.450761][T15311] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  508.463675][  T788] pwc: recv_control_msg error -71 req 02 val 2800
[  508.470968][  T788] pwc: recv_control_msg error -71 req 04 val 1100
[  508.481630][  T788] pwc: recv_control_msg error -71 req 04 val 1200
[  508.500589][  T788] pwc: Registered as video103.
[  508.542212][  T788] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input27
[  508.591703][  T788] usb 2-1: USB disconnect, device number 26
[  508.602051][T15311] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  508.668437][T15311] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  508.714248][T15311] EXT4-fs (loop4): This should not happen!! Data will be lost
[  508.714248][T15311] 
[  508.781130][T15311] EXT4-fs (loop4): Total free blocks count 0
[  508.787227][T15311] EXT4-fs (loop4): Free/Dirty block details
[  508.826627][T15311] EXT4-fs (loop4): free_blocks=66060288
[  508.833456][T15311] EXT4-fs (loop4): dirty_blocks=32
[  508.867964][T15311] EXT4-fs (loop4): Block reservation details
[  508.888156][T15311] EXT4-fs (loop4): i_reserved_data_blocks=2
[  509.020703][ T2917] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 16384 with max blocks 1 with error 28
[  509.270523][ T2958] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  509.930631][ T5085] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  509.932645][ T2958] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  509.958939][ T5085] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  509.975441][ T5085] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  509.987822][ T5085] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  509.997053][ T5085] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  510.004621][ T5085] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  510.211686][ T2958] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  510.212544][T15340] loop4: detected capacity change from 0 to 128
[  510.386317][ T2958] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  510.807996][ T5836] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  510.997218][T15333] chnl_net:caif_netlink_parms(): no params data found
[  511.017954][ T5836] usb 5-1: Using ep0 maxpacket: 8
[  511.036602][ T5836] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  511.078006][ T5836] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  511.101691][ T5836] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  511.113779][ T5836] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  511.136319][ T5836] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  511.186896][ T5836] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  511.454250][ T5836] usb 5-1: GET_CAPABILITIES returned 0
[  511.467994][ T5836] usbtmc 5-1:16.0: can't read capabilities
[  511.581275][T15333] bridge0: port 1(bridge_slave_0) entered blocking state
[  511.608401][T15333] bridge0: port 1(bridge_slave_0) entered disabled state
[  511.635042][T15333] bridge_slave_0: entered allmulticast mode
[  511.652600][T15333] bridge_slave_0: entered promiscuous mode
[  511.691769][ T5155] usb 5-1: USB disconnect, device number 9
[  511.786637][T15333] bridge0: port 2(bridge_slave_1) entered blocking state
[  511.804036][T15333] bridge0: port 2(bridge_slave_1) entered disabled state
[  511.813462][T15333] bridge_slave_1: entered allmulticast mode
[  511.822133][T15333] bridge_slave_1: entered promiscuous mode
[  512.087682][ T5777] Bluetooth: hci2: command tx timeout
[  512.475112][T15333] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  512.510535][T15389] loop1: detected capacity change from 0 to 512
[  512.522790][T15385] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3384'.
[  512.573349][T15389] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  512.645680][T15389] EXT4-fs (loop1): 1 orphan inode deleted
[  512.658837][T15389] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  512.787012][T15396] loop4: detected capacity change from 0 to 1764
[  512.855172][T15333] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  512.894796][T11987] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  512.996545][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  513.231901][T15333] team0: Port device team_slave_0 added
[  513.324416][T15333] team0: Port device team_slave_1 added
[  513.497831][T15333] batman_adv: batadv0: Adding interface: batadv_slave_0
[  513.504965][T15333] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  513.577399][T15333] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  513.614286][T15333] batman_adv: batadv0: Adding interface: batadv_slave_1
[  513.627636][T15333] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  513.653555][    C0] vkms_vblank_simulate: vblank timer overrun
[  513.697508][T15333] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  513.849636][T15408] loop1: detected capacity change from 0 to 32768
[  514.154827][T15333] hsr_slave_0: entered promiscuous mode
[  514.166686][ T5777] Bluetooth: hci2: command tx timeout
[  514.202978][T15333] hsr_slave_1: entered promiscuous mode
[  514.230063][T15333] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  514.267840][T15333] Cannot create hsr debugfs directory
[  514.567249][ T2958] hsr_slave_0: left promiscuous mode
[  514.604515][ T2958] hsr_slave_1: left promiscuous mode
[  514.619108][ T2958] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  514.626612][ T2958] batman_adv: batadv0: Removing interface: batadv_slave_0
[  514.653994][ T2958] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  514.677556][ T2958] batman_adv: batadv0: Removing interface: batadv_slave_1
[  514.685537][ T2958] bridge_slave_1: left allmulticast mode
[  514.691438][ T2958] bridge_slave_1: left promiscuous mode
[  514.697220][ T2958] bridge0: port 2(bridge_slave_1) entered disabled state
[  514.749709][ T2958] bridge_slave_0: left allmulticast mode
[  514.755437][ T2958] bridge_slave_0: left promiscuous mode
[  514.783550][ T2958] bridge0: port 1(bridge_slave_0) entered disabled state
[  514.991199][ T2958] veth1_macvtap: left promiscuous mode
[  514.996896][ T2958] veth0_macvtap: left promiscuous mode
[  515.027126][ T2958] veth1_vlan: left promiscuous mode
[  515.039444][ T2958] veth0_vlan: left promiscuous mode
[  515.141372][T15429] loop4: detected capacity change from 0 to 32768
[  515.189201][T15429] BTRFS: device fsid c6b85f58-0c7e-41ca-a553-c8d9f94f6663 devid 1 transid 8 /dev/loop4 scanned by syz.4.3402 (15429)
[  515.290144][T15429] BTRFS info (device loop4): first mount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663
[  515.328193][T15429] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  515.358240][T15429] BTRFS info (device loop4): using free space tree
[  515.447951][T15429] BTRFS info (device loop4): enabling ssd optimizations
[  515.455021][T15429] BTRFS info (device loop4): auto enabling async discard
[  515.990660][T15442] loop1: detected capacity change from 0 to 40427
[  516.027795][T15442] F2FS-fs (loop1): Invalid segment count (1)
[  516.033857][T15442] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  516.061092][T15442] F2FS-fs (loop1): heap/no_heap options were deprecated
[  516.109101][T15442] F2FS-fs (loop1): invalid crc value
[  516.124449][T15442] F2FS-fs (loop1): Found nat_bits in checkpoint
[  516.180782][T14424] BTRFS info (device loop4): last unmount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663
[  516.263101][ T5777] Bluetooth: hci2: command tx timeout
[  516.285511][T15442] F2FS-fs (loop1): Try to recover 1th superblock, ret: -30
[  516.301402][T15442] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  517.293447][ T2958] team0 (unregistering): Port device team_slave_1 removed
[  517.363343][ T2958] team0 (unregistering): Port device team_slave_0 removed
[  517.431070][ T2958] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  517.500067][ T2958] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  518.046808][ T2958] bond0 (unregistering): Released all slaves
[  518.186685][T15453] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3407'.
[  518.203763][T15467] netlink: 'syz.2.3407': attribute type 12 has an invalid length.
[  518.213898][T15467] netlink: 132 bytes leftover after parsing attributes in process `syz.2.3407'.
[  518.337503][ T5777] Bluetooth: hci2: command tx timeout
[  518.451272][T15486] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3411'.
[  518.667674][  T788] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  518.753450][T15333] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  518.786119][T15333] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  518.818128][T15333] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  518.877458][  T788] usb 2-1: Using ep0 maxpacket: 8
[  518.898875][T15333] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  518.911655][  T788] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  518.927943][  T788] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  519.412686][T15333] 8021q: adding VLAN 0 to HW filter on device bond0
[  519.429378][  T788] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  519.439999][  T788] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  519.450651][  T788] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  519.464995][  T788] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  519.484649][  T788] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  519.555552][T15333] 8021q: adding VLAN 0 to HW filter on device team0
[  519.595494][ T2917] bridge0: port 1(bridge_slave_0) entered blocking state
[  519.602735][ T2917] bridge0: port 1(bridge_slave_0) entered forwarding state
[  519.640347][ T2917] bridge0: port 2(bridge_slave_1) entered blocking state
[  519.647602][ T2917] bridge0: port 2(bridge_slave_1) entered forwarding state
[  519.755976][  T788] usb 2-1: GET_CAPABILITIES returned 0
[  519.777632][  T788] usbtmc 2-1:16.0: can't read capabilities
[  519.895202][T15492] loop4: detected capacity change from 0 to 32768
[  519.958540][T15492] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 12
[  520.045048][T15485] usb 2-1: usbtmc_ioctl_clear_in_halt returned -32
[  520.089480][T12643] usb 2-1: USB disconnect, device number 27
[  520.235560][ T6372] BTRFS error: device /dev/loop4 already registered with a higher generation, found 8 expect 12
[  520.376754][T15333] 8021q: adding VLAN 0 to HW filter on device batadv0
[  520.791511][T15542] loop1: detected capacity change from 0 to 128
[  521.060473][T15551] syz.1.3424: attempt to access beyond end of device
[  521.060473][T15551] loop1: rw=1, sector=145, nr_sectors = 672 limit=128
[  521.380074][ T2917] kworker/u4:11: attempt to access beyond end of device
[  521.380074][ T2917] loop1: rw=1, sector=817, nr_sectors = 224 limit=128
[  521.500095][T15333] veth0_vlan: entered promiscuous mode
[  521.550521][T15333] veth1_vlan: entered promiscuous mode
[  521.636909][T15333] veth0_macvtap: entered promiscuous mode
[  521.672701][T15333] veth1_macvtap: entered promiscuous mode
[  521.728814][T15333] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  521.767625][T15333] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  521.797664][T15333] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  521.827680][T15333] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  521.847493][T15333] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  521.878269][T15333] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  521.909887][T15333] batman_adv: batadv0: Interface activated: batadv_slave_0
[  521.936348][T15333] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  521.963896][T15333] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  521.987430][T15333] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  522.017507][T15333] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  522.057688][T15333] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  522.077503][T15333] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  522.099046][T15333] batman_adv: batadv0: Interface activated: batadv_slave_1
[  522.151223][T15572] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3432'.
[  522.182467][T15572] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3432'.
[  522.189523][T15556] loop4: detected capacity change from 0 to 32768
[  522.198991][T15572] netlink: 'syz.1.3432': attribute type 6 has an invalid length.
[  522.229021][T15333] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  522.281314][T15333] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  522.306673][T15333] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  522.350175][T15333] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  522.360410][   T28] audit: type=1800 audit(1770917207.767:164): pid=15556 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.3427" name="file1" dev="loop4" ino=4 res=0 errno=0
[  522.434093][T15556] syz.4.3427: attempt to access beyond end of device
[  522.434093][T15556] loop4: rw=34817, sector=4680064, nr_sectors = 120 limit=32768
[  522.503976][  T114] blkno = 8ed30, nblocks = f
[  522.509178][  T114] ERROR: (device loop4): dbFree: block to be freed is outside the map
[  522.509178][  T114] 
[  522.574515][  T114] ERROR: (device loop4): remounting filesystem as read-only
[  522.668126][   T49] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  522.676042][   T49] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  522.813232][ T2903] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  522.848763][ T2903] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  523.627266][T15597] loop4: detected capacity change from 0 to 256
[  523.994585][T15609] netlink: 8 bytes leftover after parsing attributes in process `syz.6.3442'.
[  524.047133][T15612] bridge0: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[  524.112668][T15612] bridge0: port 2(bridge_slave_1) entered disabled state
[  524.120707][T15612] bridge0: port 1(bridge_slave_0) entered disabled state
[  524.292266][T15570] netlink: 192 bytes leftover after parsing attributes in process `syz.2.3431'.
[  525.308353][T15656] TCP: tcp_parse_options: Illegal window scaling value 215 > 14 received
[  526.164591][T15685] loop4: detected capacity change from 0 to 512
[  526.203630][T15684] loop6: detected capacity change from 0 to 1024
[  526.231668][T15685] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  526.261229][T15685] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  526.327113][T15685] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  526.385886][T15685] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  526.468292][T15685] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  526.483238][T15685] EXT4-fs (loop4): orphan cleanup on readonly fs
[  526.490347][T15684] hfsplus: b-tree write err: -5, ino 3
[  526.548204][T15685] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz.4.3468: bg 0: block 34: padding at end of block bitmap is not set
[  526.626875][T15685] Quota error (device loop4): write_blk: dquota write failed
[  526.658040][T15685] Quota error (device loop4): qtree_write_dquot: Error -28 occurred while creating quota
[  526.674008][   T49] hfsplus: b-tree write err: -5, ino 3
[  526.688943][T15685] EXT4-fs error (device loop4): ext4_acquire_dquot:6949: comm syz.4.3468: Failed to acquire dquot type 1
[  526.758917][T15685] EXT4-fs (loop4): 1 truncate cleaned up
[  526.789056][T15685] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  527.096387][T15714] loop6: detected capacity change from 0 to 64
[  527.101425][T14424] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  527.424653][T15333] VFS: Lookup of 'À.' in minix loop6 would have caused loop
[  527.459647][T15333] VFS: Lookup of 'À.' in minix loop6 would have caused loop
[  528.143758][ T2958] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  528.382050][ T2958] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  528.596087][ T2958] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  528.812290][ T2958] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  528.910503][T15755] loop4: detected capacity change from 0 to 2048
[  529.550056][ T5085] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  529.560417][ T5085] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  529.572482][ T5085] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  529.590237][ T5085] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  529.605378][ T5085] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  529.618238][ T5085] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  529.734738][T15780] loop1: detected capacity change from 0 to 4096
[  529.789334][T15780] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[  530.221383][T15792] loop4: detected capacity change from 0 to 512
[  530.603026][T15800] loop1: detected capacity change from 0 to 256
[  530.666388][T15800] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  530.689386][T15800] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  530.705173][T15800] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000ff98, chksum : 0xaaf53d22, utbl_chksum : 0xe619d30d)
[  530.958267][T15773] chnl_net:caif_netlink_parms(): no params data found
[  531.255493][T15814] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  531.465184][T15825] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3515'.
[  531.505063][ T5824] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  531.515551][T15773] bridge0: port 1(bridge_slave_0) entered blocking state
[  531.547528][T15773] bridge0: port 1(bridge_slave_0) entered disabled state
[  531.561878][T15773] bridge_slave_0: entered allmulticast mode
[  531.608864][T15773] bridge_slave_0: entered promiscuous mode
[  531.665749][ T2958] hsr_slave_0: left promiscuous mode
[  531.676954][ T2958] hsr_slave_1: left promiscuous mode
[  531.681486][ T5777] Bluetooth: hci2: command tx timeout
[  531.691495][ T2958] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  531.705698][ T2958] batman_adv: batadv0: Removing interface: batadv_slave_0
[  531.715423][ T2958] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  531.723534][ T2958] batman_adv: batadv0: Removing interface: batadv_slave_1
[  531.734260][ T5824] usb 2-1: too many endpoints for config 0 interface 0 altsetting 144: 127, using maximum allowed: 30
[  531.735732][ T2958] bridge_slave_1: left allmulticast mode
[  531.749626][ T5824] usb 2-1: config 0 interface 0 altsetting 144 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  531.763517][ T5824] usb 2-1: config 0 interface 0 altsetting 144 endpoint 0x81 has invalid wMaxPacketSize 0
[  531.764753][ T2958] bridge_slave_1: left promiscuous mode
[  531.774319][ T5824] usb 2-1: config 0 interface 0 altsetting 144 has 1 endpoint descriptor, different from the interface descriptor's value: 127
[  531.793890][ T5824] usb 2-1: config 0 interface 0 has no altsetting 0
[  531.801093][ T5824] usb 2-1: New USB device found, idVendor=5543, idProduct=004d, bcdDevice= 0.00
[  531.806661][ T2958] bridge0: port 2(bridge_slave_1) entered disabled state
[  531.811792][ T5824] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  531.829617][ T5824] usb 2-1: config 0 descriptor??
[  531.845018][ T2958] bridge_slave_0: left allmulticast mode
[  531.856275][ T2958] bridge_slave_0: left promiscuous mode
[  531.866941][ T2958] bridge0: port 1(bridge_slave_0) entered disabled state
[  531.935522][ T2958] veth1_macvtap: left promiscuous mode
[  531.941459][ T2958] veth0_macvtap: left promiscuous mode
[  531.948134][ T2958] veth1_vlan: left promiscuous mode
[  531.953540][ T2958] veth0_vlan: left promiscuous mode
[  532.664286][ T5824] uclogic 0003:5543:004D.002F: failed retrieving Huion firmware version: -71
[  532.678866][ T5824] uclogic 0003:5543:004D.002F: failed probing parameters: -71
[  532.686645][ T5824] uclogic: probe of 0003:5543:004D.002F failed with error -71
[  532.700711][ T5824] usb 2-1: USB disconnect, device number 28
[  532.950123][ T2958] team0 (unregistering): Port device team_slave_1 removed
[  533.022541][ T2958] team0 (unregistering): Port device team_slave_0 removed
[  533.090415][ T2958] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  533.156120][ T2958] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  533.633308][T15839] loop1: detected capacity change from 0 to 64
[  533.651984][T15839] hfs: unable to locate alternate MDB
[  533.672761][T15839] hfs: continuing without an alternate MDB
[  533.775191][ T5777] Bluetooth: hci2: command tx timeout
[  533.985575][ T2958] bond0 (unregistering): Released all slaves
[  534.099422][T15773] bridge0: port 2(bridge_slave_1) entered blocking state
[  534.106743][T15773] bridge0: port 2(bridge_slave_1) entered disabled state
[  534.114364][T15773] bridge_slave_1: entered allmulticast mode
[  534.123929][T15773] bridge_slave_1: entered promiscuous mode
[  534.153608][T15831] netlink: 84 bytes leftover after parsing attributes in process `syz.2.3519'.
[  534.177908][T15841] netlink: 8 bytes leftover after parsing attributes in process `syz.1.3523'.
[  534.200844][T15773] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  534.243880][T15773] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  534.423869][T15773] team0: Port device team_slave_0 added
[  534.465677][T15773] team0: Port device team_slave_1 added
[  534.579070][T15773] batman_adv: batadv0: Adding interface: batadv_slave_0
[  534.586210][T15773] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  534.653108][T15773] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  534.696894][T15773] batman_adv: batadv0: Adding interface: batadv_slave_1
[  534.761656][T15773] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  534.787727][    C0] vkms_vblank_simulate: vblank timer overrun
[  534.861360][T15773] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  535.034453][T15862] netlink: 'syz.1.3528': attribute type 29 has an invalid length.
[  535.065409][T15773] hsr_slave_0: entered promiscuous mode
[  535.098229][T15773] hsr_slave_1: entered promiscuous mode
[  535.108248][T15773] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  535.127914][T15773] Cannot create hsr debugfs directory
[  535.139199][T15862] netlink: 'syz.1.3528': attribute type 29 has an invalid length.
[  535.168797][T15869] netlink: 'syz.1.3528': attribute type 29 has an invalid length.
[  535.850086][ T5777] Bluetooth: hci2: command tx timeout
[  535.936508][T15897] loop4: detected capacity change from 0 to 4096
[  535.993604][T15773] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  536.024095][T15900] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  536.043537][T15773] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  536.053719][T15773] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  536.102590][T15773] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  536.446307][T15773] 8021q: adding VLAN 0 to HW filter on device bond0
[  536.522264][T15773] 8021q: adding VLAN 0 to HW filter on device team0
[  536.573812][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  536.581031][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  536.643405][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  536.650638][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  536.707177][T15920] loop1: detected capacity change from 0 to 4096
[  536.821558][T15926] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  536.888976][T15920] NILFS error (device loop1): nilfs_readdir: zero-length directory entry
[  536.965618][T15920] Remounting filesystem read-only
[  537.150527][T15934] loop4: detected capacity change from 0 to 128
[  537.460802][T15773] 8021q: adding VLAN 0 to HW filter on device batadv0
[  537.493857][ T5155] Process accounting resumed
[  537.512753][T12643] Process accounting resumed
[  537.927701][ T5777] Bluetooth: hci2: command tx timeout
[  538.297287][T15962] loop4: detected capacity change from 0 to 512
[  538.323874][T15962] EXT4-fs: Ignoring removed bh option
[  538.361173][T15962] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  538.426273][T15962] EXT4-fs (loop4): 1 truncate cleaned up
[  538.440203][T15773] veth0_vlan: entered promiscuous mode
[  538.463392][T15962] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  538.535777][T15773] veth1_vlan: entered promiscuous mode
[  538.620954][T14424] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294901760 (level 0)
[  538.700180][T15773] veth0_macvtap: entered promiscuous mode
[  538.706659][T14424] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 4294967295 (level 1)
[  538.727198][T15773] veth1_macvtap: entered promiscuous mode
[  538.761951][T14424] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #13: comm syz-executor: invalid indirect mapped block 65535 (level 2)
[  538.804738][T15773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  538.846447][T15773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  538.872802][T15773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  538.888704][T15773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  538.899101][T15773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  538.911663][T15773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  538.930606][T14424] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  538.946834][T15773] batman_adv: batadv0: Interface activated: batadv_slave_0
[  539.011023][T15773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  539.035364][T15773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  539.072399][T15773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  539.103460][T15773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  539.114544][T15773] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  539.147456][T15773] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  539.166767][T15773] batman_adv: batadv0: Interface activated: batadv_slave_1
[  539.216967][T15773] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  539.241991][T15773] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  539.254068][T15773] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  539.307546][T15773] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  539.605247][ T2917] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  539.632774][ T2917] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  539.741710][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  539.788719][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  540.466539][T16024] syz.1.3572 (16024) used greatest stack depth: 19656 bytes left
[  540.510937][T16029] program syz.4.3573 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  542.243624][T16106] bridge0: port 2(bridge_slave_1) entered disabled state
[  542.278136][T16106] hsr0: left promiscuous mode
[  542.317097][T16108] sit0: left promiscuous mode
[  542.334096][T16108] bridge0: port 2(bridge_slave_1) entered blocking state
[  542.341517][T16108] bridge0: port 2(bridge_slave_1) entered forwarding state
[  542.414666][T16108] ipvlan2: left promiscuous mode
[  542.691756][ T5824] kernel write not supported for file /input/event0 (pid: 5824 comm: kworker/1:3)
[  542.768264][ T5085] Bluetooth: hci1: unexpected event for opcode 0x2035
[  542.787571][ T5874] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  542.989864][ T5874] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  543.009205][ T5874] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  543.062729][ T5874] usb 5-1: config 0 descriptor??
[  543.069652][T16133] block nbd1: Unsupported socket: should be TCP or UNIX.
[  543.085943][ T5874] cp210x 5-1:0.0: cp210x converter detected
[  543.154496][T16135] loop7: detected capacity change from 0 to 2048
[  543.327730][T16135] EXT4-fs (loop7): mounted filesystem 00050000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  543.584605][T15773] EXT4-fs (loop7): unmounting filesystem 00050000-0000-0000-0000-000000000000.
[  543.714202][ T5874] cp210x 5-1:0.0: failed to get vendor val 0x000e size 678: -71
[  543.753045][ T5874] cp210x 5-1:0.0: GPIO initialisation failed: -71
[  543.790804][ T5874] usb 5-1: cp210x converter now attached to ttyUSB0
[  543.840637][ T5874] usb 5-1: USB disconnect, device number 10
[  543.872628][ T5874] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  543.905688][ T5874] cp210x 5-1:0.0: device disconnected
[  544.237900][ T5085] Bluetooth: hci2: command tx timeout
[  544.921939][T16159] loop1: detected capacity change from 0 to 32768
[  544.979944][T16159] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  545.009301][T16159] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  545.040249][T16159] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  545.076213][T16159] BTRFS info (device loop1): use zstd compression, level 3
[  545.105710][T16159] BTRFS info (device loop1): using free space tree
[  545.386112][T16159] BTRFS info (device loop1): enabling ssd optimizations
[  545.436883][T16159] BTRFS info (device loop1): auto enabling async discard
[  545.463495][T16202] vcan0: tx address claim with dlc 0
[  545.825135][ T5772] BTRFS info (device loop1): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  545.952718][T16179] loop4: detected capacity change from 0 to 32768
[  546.061200][T16179] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  546.331280][T16179] XFS (loop4): Ending clean mount
[  546.356622][T16223] loop7: detected capacity change from 0 to 2048
[  546.399408][T16179] XFS (loop4): Quotacheck needed: Please wait.
[  546.504264][T16223]  loop7: p2 < > p4
[  546.518758][T16223] loop7: p4 size 262144 extends beyond EOD, truncated
[  546.646952][T16179] XFS (loop4): Quotacheck: Done.
[  546.760987][T11987] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  547.002040][T11987] udevd[11987]: inotify_add_watch(7, /dev/loop7p4, 10) failed: No such file or directory
[  547.038607][ T6372] udevd[6372]: inotify_add_watch(7, /dev/loop7p2, 10) failed: No such file or directory
[  547.090830][T14424] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  547.253145][T16247] loop1: detected capacity change from 0 to 256
[  547.316164][T16247] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  547.487839][   T28] audit: type=1800 audit(1770917232.897:165): pid=16247 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.3631" name="file1" dev="loop1" ino=1048842 res=0 errno=0
[  547.554763][T16247] syz.1.3631: attempt to access beyond end of device
[  547.554763][T16247] loop1: rw=34817, sector=256, nr_sectors = 8 limit=256
[  547.997645][ T5085] Bluetooth: hci2: command tx timeout
[  548.463379][T16251] loop7: detected capacity change from 0 to 32768
[  548.747846][T16251] XFS (loop7): Invalid device [./file0], error=-6
[  549.940805][T16331] program syz.7.3659 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  550.814150][T16360] loop4: detected capacity change from 0 to 256
[  550.815884][T16326] loop1: detected capacity change from 0 to 40427
[  550.890261][T16326] F2FS-fs (loop1): Invalid log blocks per segment (4278190089)
[  550.927851][T16326] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  550.956854][T16362] loop7: detected capacity change from 0 to 512
[  550.975581][T16326] F2FS-fs (loop1): invalid crc value
[  550.995272][T16362] EXT4-fs: Ignoring removed i_version option
[  551.029088][T16326] F2FS-fs (loop1): Found nat_bits in checkpoint
[  551.038687][T16362] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  551.140868][T16362] EXT4-fs (loop7): 1 truncate cleaned up
[  551.154332][T16362] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  551.208219][T16326] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  551.215359][T16326] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  551.456166][T16326] F2FS-fs (loop1): Corrupted max_depth of 3: 255
[  551.491978][T15773] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  551.521557][T16326] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  551.742903][T16326] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=6b636f6c, run fsck to fix.
[  552.472151][T16373] loop4: detected capacity change from 0 to 32768
[  552.501466][T16380] loop7: detected capacity change from 0 to 32768
[  552.568046][T16380] BTRFS error: device /dev/loop7 already registered with a higher generation, found 8 expect 11
[  552.604695][T16373] XFS (loop4): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  552.847293][T11987] BTRFS error: device /dev/loop7 already registered with a higher generation, found 8 expect 11
[  553.025460][T16373] XFS (loop4): Starting recovery (logdev: internal)
[  553.123950][T16373] XFS (loop4): Ending recovery (logdev: internal)
[  553.524139][T16421] loop7: detected capacity change from 0 to 256
[  553.664607][T16421] FAT-fs (loop7): Directory bread(block 64) failed
[  553.671982][T16421] FAT-fs (loop7): Directory bread(block 65) failed
[  553.694486][T16421] FAT-fs (loop7): Directory bread(block 66) failed
[  553.715794][T16421] FAT-fs (loop7): Directory bread(block 67) failed
[  553.739261][T16421] FAT-fs (loop7): Directory bread(block 68) failed
[  553.766291][T16421] FAT-fs (loop7): Directory bread(block 69) failed
[  553.793784][T16421] FAT-fs (loop7): Directory bread(block 70) failed
[  553.806065][T16421] FAT-fs (loop7): Directory bread(block 71) failed
[  553.846315][T16421] FAT-fs (loop7): Directory bread(block 72) failed
[  553.875234][T16421] FAT-fs (loop7): Directory bread(block 73) failed
[  554.150430][T14424] XFS (loop4): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  555.124051][   T28] audit: type=1326 audit(1770917240.547:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16445 comm="syz.7.3688" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff50819bf79 code=0x0
[  555.269342][T16430] loop1: detected capacity change from 0 to 32768
[  555.337230][T16430] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 scanned by syz.1.3684 (16430)
[  555.419362][T16430] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  555.439833][T16430] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  555.466382][T16430] BTRFS info (device loop1): using free space tree
[  555.651252][T16430] BTRFS info (device loop1): enabling ssd optimizations
[  555.722786][T16430] BTRFS info (device loop1): auto enabling async discard
[  556.058581][ T5772] BTRFS info (device loop1): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  556.393836][T16488] loop4: detected capacity change from 0 to 1024
[  556.466269][T16488] hfsplus: invalid length 32517 has been corrected to 255
[  556.518298][T16491] netlink: 40 bytes leftover after parsing attributes in process `syz.2.3697'.
[  556.589288][T16488] hfsplus: invalid length 32517 has been corrected to 255
[  556.644061][T16488] hfsplus: invalid length 32517 has been corrected to 255
[  556.938459][ T2903] hfsplus: b-tree write err: -5, ino 4
[  557.931220][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  558.967856][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  559.837832][T16578] loop7: detected capacity change from 0 to 512
[  559.858086][T16578] EXT4-fs: Ignoring removed bh option
[  559.863653][T16578] EXT4-fs: inline encryption not supported
[  559.905697][T16578] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  559.963763][T16578] EXT4-fs warning (device loop7): ext4_update_dynamic_rev:1154: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  560.002412][ T5155] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  560.114402][T16578] EXT4-fs error (device loop7): ext4_validate_block_bitmap:439: comm syz.7.3724: bg 0: block 248: padding at end of block bitmap is not set
[  560.165863][T16588] 9pnet_fd: Insufficient options for proto=fd
[  560.208243][T16578] Quota error (device loop7): write_blk: dquota write failed
[  560.237611][T16578] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota
[  560.259569][T16578] EXT4-fs error (device loop7): ext4_acquire_dquot:6949: comm syz.7.3724: Failed to acquire dquot type 1
[  560.285592][T16578] EXT4-fs (loop7): 1 truncate cleaned up
[  560.312478][T16578] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  560.376552][T16570] loop4: detected capacity change from 0 to 40427
[  560.433450][T16570] F2FS-fs (loop4): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  560.452383][T16570] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  560.464853][T16570] F2FS-fs (loop4): invalid crc value
[  560.475534][T15773] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  560.536383][T16570] F2FS-fs (loop4): Found nat_bits in checkpoint
[  560.732995][T16570] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  560.754746][T16570] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  560.899569][T16570] syz.4.3720: attempt to access beyond end of device
[  560.899569][T16570] loop4: rw=2051, sector=65536, nr_sectors = 65536 limit=40427
[  560.952282][T16570] F2FS-fs (loop4): Issue discard(8192, 8192, 8192) failed, ret: -5
[  560.962305][ T5836] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  561.040301][ T5155] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  561.986360][T16633] loop1: detected capacity change from 0 to 1024
[  562.021094][T16633] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  562.074289][T16633] EXT4-fs error (device loop1): ext4_ext_check_inode:520: inode #3: comm syz.1.3740: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 3, max 3(4), depth 0(0)
[  562.092837][ T5155] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  562.106616][T16633] EXT4-fs error (device loop1): ext4_quota_enable:7143: comm syz.1.3740: Bad quota inode: 3, type: 0
[  562.127395][T16633] EXT4-fs warning (device loop1): ext4_enable_quotas:7184: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  562.142620][T16633] EXT4-fs (loop1): mount failed
[  563.039019][ T5836] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  563.049641][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  563.055979][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  563.118950][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  563.508683][T16677] loop7: detected capacity change from 0 to 1024
[  563.757002][T16658] loop4: detected capacity change from 0 to 32768
[  563.783236][ T2917] hfsplus: b-tree write err: -5, ino 3
[  563.901591][T16658] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  564.000363][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  564.065676][T16701] loop7: detected capacity change from 0 to 256
[  564.158818][ T5155] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  564.233689][T16658] XFS (loop4): Ending clean mount
[  564.580192][T14424] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  564.683446][T16713] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  564.757960][T16713] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  564.803931][T16713] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  564.845701][T16713] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  564.861740][T16679] loop1: detected capacity change from 0 to 40427
[  564.876917][T16713] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  564.913549][T16713] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  564.914485][T16679] F2FS-fs (loop1): invalid crc value
[  564.950089][T16679] F2FS-fs (loop1): Ignore s_resuid=980643439, s_resgid=0 w/o reserve_root
[  564.959414][T16713] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  564.996978][T16713] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  565.039773][T16679] F2FS-fs (loop1): Found nat_bits in checkpoint
[  565.053040][T16713] batadv_slave_1: entered promiscuous mode
[  565.127878][T16713] batadv_slave_1: left promiscuous mode
[  565.197843][ T5155] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  565.267065][T16679] F2FS-fs (loop1): Start checkpoint disabled!
[  565.290389][T16679] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  565.457051][T16679] F2FS-fs (loop1): Ignore s_resuid=980643439, s_resgid=0 w/o reserve_root
[  566.241562][ T5155] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  566.293107][T16744] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3771'.
[  566.324956][T16744] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3771'.
[  566.722991][T16759] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3776'.
[  567.055295][ T5824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  567.307956][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  567.392937][T16786] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  567.470032][T16786] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  568.028701][T16811] fuseblk: Bad value for 'fd'
[  568.030429][T16810] Failed to get privilege flags for destination (handle=0x2:0xf7ffffff)
[  568.044997][T16811] /dev/loop0: Can't lookup blockdev
[  568.107884][ T5836] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  568.297065][T16821] loop4: detected capacity change from 0 to 512
[  568.304056][ T5836] usb 8-1: Using ep0 maxpacket: 32
[  568.324674][ T5836] usb 8-1: config index 0 descriptor too short (expected 35577, got 27)
[  568.329787][T12643] net_ratelimit: 4 callbacks suppressed
[  568.329824][T12643] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  568.347241][ T5836] usb 8-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  568.369332][ T5836] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 92
[  568.379968][T16821] EXT4-fs: Ignoring removed bh option
[  568.385393][T16821] EXT4-fs: inline encryption not supported
[  568.412755][ T5836] usb 8-1: config 1 has no interface number 0
[  568.431867][ T5836] usb 8-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  568.457244][T16821] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  568.470644][ T5836] usb 8-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  568.498067][ T5836] usb 8-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  568.538348][ T5836] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  568.563614][T16821] EXT4-fs warning (device loop4): ext4_update_dynamic_rev:1154: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  568.620075][T16821] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz.4.3797: bg 0: block 248: padding at end of block bitmap is not set
[  568.633732][ T5836] snd_usb_pod 8-1:1.1: Line 6 Pocket POD found
[  568.638011][T16821] Quota error (device loop4): write_blk: dquota write failed
[  568.650866][T16821] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  568.661149][T16821] EXT4-fs error (device loop4): ext4_acquire_dquot:6949: comm syz.4.3797: Failed to acquire dquot type 1
[  568.686189][T16821] EXT4-fs (loop4): 1 truncate cleaned up
[  568.700209][T16821] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  568.830379][ T5836] snd_usb_pod 8-1:1.1: Line 6 Pocket POD now attached
[  568.959001][T14424] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  569.093575][T16837] loop1: detected capacity change from 0 to 4096
[  569.227920][T16837] ntfs: volume version 3.1.
[  569.256004][ T5841] usb 8-1: USB disconnect, device number 2
[  569.272938][ T5841] snd_usb_pod 8-1:1.1: Line 6 Pocket POD now disconnected
[  569.357767][T12643] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  569.430503][T16837] ntfs: (device loop1): ntfs_cluster_alloc(): Failed to allocate clusters, aborting (error -28).
[  569.498616][T16837] ntfs: (device loop1): ntfs_attr_extend_allocation(): Cannot extend allocation of inode 0x43, attribute type 0x80, because the allocation of clusters failed with error code -28.
[  569.506716][T16846] loop4: detected capacity change from 0 to 256
[  569.613858][T16846] FAT-fs (loop4): Directory bread(block 64) failed
[  569.635184][T16846] FAT-fs (loop4): Directory bread(block 65) failed
[  569.658789][T16846] FAT-fs (loop4): Directory bread(block 66) failed
[  569.675910][T16846] FAT-fs (loop4): Directory bread(block 67) failed
[  569.699072][T16846] FAT-fs (loop4): Directory bread(block 68) failed
[  569.705686][T16846] FAT-fs (loop4): Directory bread(block 69) failed
[  569.753082][T16846] FAT-fs (loop4): Directory bread(block 70) failed
[  569.787787][T16846] FAT-fs (loop4): Directory bread(block 71) failed
[  569.821983][T16846] FAT-fs (loop4): Directory bread(block 72) failed
[  569.862663][T16846] FAT-fs (loop4): Directory bread(block 73) failed
[  570.080579][ T5836] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  570.409707][ T5841] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  571.036373][T16853] loop1: detected capacity change from 0 to 32768
[  571.102223][T16853] XFS (loop1): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  571.194525][T16853] XFS (loop1): Ending clean mount
[  571.388168][ T5772] XFS (loop1): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  571.438089][T12643] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  571.669295][T16900] loop7: detected capacity change from 0 to 128
[  571.902729][T16900] syz.7.3816: attempt to access beyond end of device
[  571.902729][T16900] loop7: rw=2049, sector=138, nr_sectors = 112 limit=128
[  572.126382][T16883] loop4: detected capacity change from 0 to 40427
[  572.160692][T16883] F2FS-fs (loop4): build fault injection attr: rate: 690, type: 0x7ffff
[  572.198458][T16883] F2FS-fs (loop4): Image doesn't support compression
[  572.216074][T16883] F2FS-fs (loop4): Image doesn't support compression
[  572.271191][T16883] F2FS-fs (loop4): invalid crc value
[  572.368931][T16883] F2FS-fs (loop4): Found nat_bits in checkpoint
[  572.479128][ T5841] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  572.614991][T16883] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  572.643898][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  572.898578][T14424] syz-executor: attempt to access beyond end of device
[  572.898578][T14424] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  572.939761][T14424] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  573.119110][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  573.553449][ T5841] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  574.228893][T16978] loop4: detected capacity change from 0 to 4096
[  574.607641][ T5155] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  575.286900][T16981] loop1: detected capacity change from 0 to 32768
[  575.368714][T17008] dvb_demux: dvb_demux_feed_del: feed not in list (type=0 state=0 pid=ffff)
[  575.453958][T16981] XFS (loop1): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  575.599951][T17026] loop7: detected capacity change from 0 to 1024
[  575.679538][ T5155] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  575.693375][T16981] XFS (loop1): Ending clean mount
[  575.722305][T17026] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  576.053460][T15773] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  576.161589][ T5772] XFS (loop1): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  576.172151][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  576.668802][T17028] loop4: detected capacity change from 0 to 32768
[  576.688496][T17028] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.3851 (17028)
[  576.727444][ T5155] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  576.783664][T17028] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  576.850323][T17028] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  576.904643][T17028] BTRFS info (device loop4): using free space tree
[  577.117537][T17028] BTRFS info (device loop4): enabling ssd optimizations
[  577.124851][T17028] BTRFS info (device loop4): auto enabling async discard
[  577.588100][ T5155] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  577.642183][ T2958] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared)
[  577.755983][T14424] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  577.766856][T12643] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  577.822297][ T5155] usb 8-1: Using ep0 maxpacket: 16
[  577.856604][ T5155] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  577.904169][ T5155] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  577.928197][ T5155] usb 8-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00
[  577.967474][ T5155] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  578.035487][ T5155] usb 8-1: config 0 descriptor??
[  578.516251][ T5155] corsair 0003:1B1C:1B02.0030: hidraw0: USB HID v0.00 Device [HID 1b1c:1b02] on usb-dummy_hcd.7-1/input0
[  578.695186][T17121] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  578.705779][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  578.807590][T12643] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  579.019183][T12643] usb 8-1: USB disconnect, device number 3
[  579.042128][T17129] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  579.204675][ T5836] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  579.788862][T17160] netlink: 12 bytes leftover after parsing attributes in process `syz.1.3887'.
[  579.848088][T12643] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  579.856137][T17153] block device autoloading is deprecated and will be removed.
[  580.703764][T17196] loop1: detected capacity change from 0 to 16
[  580.719017][T17192] team0: No ports can be present during mode change
[  580.728625][T17196] erofs: (device loop1): mounted with root inode @ nid 36.
[  580.888698][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  580.924092][T17201] netlink: 'syz.1.3903': attribute type 1 has an invalid length.
[  580.958155][T17201] netlink: 'syz.1.3903': attribute type 4 has an invalid length.
[  580.993142][T17201] netlink: 208 bytes leftover after parsing attributes in process `syz.1.3903'.
[  581.017224][T17201] NCSI netlink: No device for ifindex 3321692160
[  581.918217][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  582.161353][T17240] loop7: detected capacity change from 0 to 4096
[  582.196459][T17240] ntfs3: loop7: Different NTFS sector size (1024) and media sector size (512).
[  582.237899][ T5836] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  582.246221][ T5836] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  582.510345][T17254] 9pnet_fd: Insufficient options for proto=fd
[  582.812127][T17263] fuse: Bad value for 'fd'
[  582.873509][T17266] loop1: detected capacity change from 0 to 1024
[  583.073876][T17275] netlink: 'syz.4.3933': attribute type 6 has an invalid length.
[  583.374925][T17284] netlink: 152 bytes leftover after parsing attributes in process `syz.1.3935'.
[  583.411013][T17284] tipc: Started in network mode
[  583.416042][T17284] tipc: Node identity fe80000000000000000000000000002a, cluster identity 4711
[  583.472877][T17284] tipc: Enabled bearer <udp:syz0>, priority 10
[  583.955237][T17272] loop7: detected capacity change from 0 to 32768
[  583.998303][T12643] net_ratelimit: 1 callbacks suppressed
[  583.998320][T12643] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  584.015706][T17272] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop7 scanned by syz.7.3930 (17272)
[  584.115501][T17272] BTRFS info (device loop7): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  584.171912][T17272] BTRFS info (device loop7): using sha256 (sha256-avx2) checksum algorithm
[  584.225069][T17272] BTRFS info (device loop7): using free space tree
[  584.374633][T17328] netlink: 'syz.4.3949': attribute type 1 has an invalid length.
[  584.460145][T17272] BTRFS info (device loop7): enabling ssd optimizations
[  584.467171][T17272] BTRFS info (device loop7): auto enabling async discard
[  584.488098][T12643] tipc: Node number set to 4269801514
[  584.514168][T17338] loop1: detected capacity change from 0 to 512
[  584.597113][T17338] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  584.848939][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  585.041772][T15773] BTRFS info (device loop7): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  585.067512][T12643] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  585.082583][ T2903] BTRFS info (device loop7): qgroup scan completed (inconsistency flag cleared)
[  585.102711][T17347] loop4: detected capacity change from 0 to 8192
[  585.280116][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  586.078327][T12643] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  586.171164][T17355] loop1: detected capacity change from 0 to 32768
[  586.218310][T17355] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.3953 (17355)
[  586.258713][T17355] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  586.299007][T17355] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  586.339423][T17355] BTRFS info (device loop1): using free space tree
[  586.499578][T17355] BTRFS info (device loop1): enabling ssd optimizations
[  586.527623][T17355] BTRFS info (device loop1): auto enabling async discard
[  587.117748][T12643] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  587.534070][ T5772] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  587.887282][T17408] loop4: detected capacity change from 0 to 4096
[  587.905592][T17408] ntfs3: loop4: Different NTFS sector size (1024) and media sector size (512).
[  588.187693][T12643] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  588.318041][ T5836] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  590.467835][T17442] loop7: detected capacity change from 0 to 32768
[  590.602833][T17442] ocfs2: Slot 0 on device (7,7) was already allocated to this node!
[  590.646188][T17442] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  590.703180][T17442] (syz.7.3982,17442,0):ocfs2_read_blocks:239 ERROR: status = -12
[  590.711834][T17442] (syz.7.3982,17442,0):ocfs2_search_chain:1761 ERROR: status = -12
[  590.720852][T17442] (syz.7.3982,17442,0):ocfs2_search_chain:1871 ERROR: status = -12
[  590.729999][T17442] (syz.7.3982,17442,0):ocfs2_claim_suballoc_bits:1950 ERROR: status = -12
[  590.738682][T17442] (syz.7.3982,17442,0):ocfs2_claim_suballoc_bits:1993 ERROR: status = -12
[  590.747236][T17442] (syz.7.3982,17442,0):__ocfs2_claim_clusters:2365 ERROR: status = -12
[  590.755767][T17442] (syz.7.3982,17442,0):__ocfs2_claim_clusters:2373 ERROR: status = -12
[  590.764116][T17442] (syz.7.3982,17442,0):ocfs2_local_alloc_new_window:1203 ERROR: status = -12
[  590.773011][T17442] (syz.7.3982,17442,0):ocfs2_local_alloc_new_window:1228 ERROR: status = -12
[  590.782022][T17442] (syz.7.3982,17442,0):ocfs2_local_alloc_slide_window:1302 ERROR: status = -12
[  590.792065][T17442] (syz.7.3982,17442,0):ocfs2_local_alloc_slide_window:1321 ERROR: status = -12
[  590.802503][T17442] (syz.7.3982,17442,0):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -12
[  590.811518][T17442] (syz.7.3982,17442,0):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -12
[  590.820485][T17442] (syz.7.3982,17442,0):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -12
[  590.830859][T17442] (syz.7.3982,17442,0):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -12
[  590.840187][T17442] (syz.7.3982,17442,0):ocfs2_symlink:1914 ERROR: status = -12
[  590.848581][T17442] (syz.7.3982,17442,0):ocfs2_symlink:2068 ERROR: status = -12
[  591.188737][T17426] loop1: detected capacity change from 0 to 262144
[  591.220439][T17426] F2FS-fs (loop1): invalid crc value
[  591.234428][T16113] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  591.325857][T17435] loop4: detected capacity change from 0 to 32768
[  591.348736][T17426] F2FS-fs (loop1): Found nat_bits in checkpoint
[  591.384960][   T23] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  591.420139][T17426] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  591.533995][T15773] ocfs2: Unmounting device (7,7) on (node local)
[  591.548245][T17435] XFS (loop4): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  591.573319][T17426] F2FS-fs (loop1): recover xattr in inode (7), error(0)
[  591.839395][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  591.856142][T17435] XFS (loop4): Ending clean mount
[  592.133075][T14424] XFS (loop4): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  592.284290][T16113] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  592.404468][T17481] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  592.649436][T17485] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3993'.
[  592.874253][T17490] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  592.883371][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  593.105541][T17494] loop4: detected capacity change from 0 to 512
[  593.161862][T17494] EXT4-fs error (device loop4): ext4_orphan_get:1398: inode #15: comm syz.4.3996: inode has both inline data and extents flags
[  593.205361][T17494] EXT4-fs error (device loop4): ext4_orphan_get:1403: comm syz.4.3996: couldn't read orphan inode 15 (err -117)
[  593.243109][T17494] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  593.308111][ T5874] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  593.357699][ T5155] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  593.426619][T14424] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  593.538143][ T5874] usb 8-1: Using ep0 maxpacket: 16
[  593.555922][ T5874] usb 8-1: New USB device found, idVendor=061d, idProduct=c020, bcdDevice=9c.15
[  593.584199][ T5874] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  593.599634][ T5874] usb 8-1: Product: syz
[  593.603865][ T5874] usb 8-1: Manufacturer: syz
[  593.612088][ T5874] usb 8-1: SerialNumber: syz
[  593.648718][ T5874] usb 8-1: config 0 descriptor??
[  593.663013][ T5874] ssu100 8-1:0.0: Quatech SSU-100 USB to Serial Driver converter detected
[  594.398327][ T5155] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  594.406580][ T5836] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  594.514897][ T5874] ssu100: probe of 8-1:0.0 failed with error -71
[  594.537928][ T5874] usb 8-1: USB disconnect, device number 4
[  595.443676][ T5155] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  595.895005][T17556] netem: change failed
[  596.066924][T17562] loop4: detected capacity change from 0 to 47
[  596.408666][T17568] sctp: [Deprecated]: syz.1.4026 (pid 17568) Use of int in max_burst socket option deprecated.
[  596.408666][T17568] Use struct sctp_assoc_value instead
[  596.477755][T16113] net_ratelimit: 1 callbacks suppressed
[  596.477787][T16113] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  597.333427][T17605] team0: Device lo is loopback device. Loopback devices can't be added as a team port
[  597.379103][T17605] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  597.406412][T17606] loop1: detected capacity change from 0 to 2048
[  597.438194][ T5824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  597.518309][T17606] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  597.530688][ T5155] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  597.607956][T17606] ext4 filesystem being mounted at /1045/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  597.883014][T17606] overlayfs: failed to create directory ./bus/index (errno: 28); mounting read-only
[  597.924465][T17606] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index.
[  598.049642][T17623] netlink: 'syz.7.4049': attribute type 4 has an invalid length.
[  598.068388][T17623] netlink: 3657 bytes leftover after parsing attributes in process `syz.7.4049'.
[  598.126809][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  598.567418][T16113] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  598.767943][T17642] syz.7.4058 (17642) used greatest stack depth: 19560 bytes left
[  598.887281][ T5874] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  599.177299][T17637] loop1: detected capacity change from 0 to 32768
[  599.261458][T17637] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  600.438662][T17669] loop7: detected capacity change from 0 to 131072
[  600.528121][T17669] F2FS-fs (loop7): invalid crc value
[  600.560281][T17669] F2FS-fs (loop7): Found nat_bits in checkpoint
[  600.646790][T17637] XFS (loop1): Ending clean mount
[  600.657950][T17669] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e4
[  600.704999][T17637] XFS (loop1): Quotacheck needed: Please wait.
[  600.853853][ T5155] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  600.926839][T17637] XFS (loop1): Quotacheck: Done.
[  600.975619][ T5085] Bluetooth: hci3: command 0x0406 tx timeout
[  601.060598][T17679] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  601.329863][ T5772] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  601.440921][ T5836] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  601.921070][T16113] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  601.959282][ T5836] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  602.135882][T17694] could not allocate digest TFM handle cryptd(blake2b-160)
[  602.161810][T17701] loop4: detected capacity change from 0 to 512
[  602.198631][T17701] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  602.428531][T14424] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  602.800411][T17727] netlink: 'syz.4.4087': attribute type 14 has an invalid length.
[  603.001816][T17731] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4089'.
[  603.435515][T17745] ªªªªªª: renamed from vlan0 (while UP)
[  603.487137][T17747] sch_tbf: burst 4 is lower than device lo mtu (65550) !
[  603.756810][T17758] loop7: detected capacity change from 0 to 1024
[  603.800304][T17761] loop4: detected capacity change from 0 to 1024
[  603.811689][T17761] EXT4-fs: Ignoring removed bh option
[  603.831306][T17758] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  603.867871][T17761] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  603.933376][T17758] EXT4-fs (loop7): shut down requested (0)
[  603.974234][T17768] 9pnet_fd: Insufficient options for proto=fd
[  603.984281][T17761] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  604.096939][   T28] audit: type=1800 audit(1770917289.517:167): pid=17761 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4103" name="file2" dev="loop4" ino=16 res=0 errno=0
[  604.221709][T14424] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  604.329871][T15773] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  605.545043][T17800] loop1: detected capacity change from 0 to 1024
[  605.672738][T17804] loop4: detected capacity change from 0 to 16
[  605.680607][ T5085] Bluetooth: hci2: command tx timeout
[  605.703680][T17804] erofs: (device loop4): mounted with root inode @ nid 36.
[  605.830694][T17806] loop7: detected capacity change from 0 to 128
[  605.848832][T17806] EXT4-fs: Ignoring removed nobh option
[  605.911399][T17806] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  605.924813][T17806] ext4 filesystem being mounted at /129/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  606.025068][T15773] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  606.211254][T17815] loop4: detected capacity change from 0 to 8192
[  606.238387][T17815] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  606.256611][T17820] loop1: detected capacity change from 0 to 4096
[  606.266257][T17815] REISERFS (device loop4): found reiserfs format "3.5" with non-standard journal
[  606.304646][T17820] NILFS (loop1): invalid segment: Checksum error in segment payload
[  606.317923][T17815] REISERFS (device loop4): using ordered data mode
[  606.324482][T17815] reiserfs: using flush barriers
[  606.355920][T17820] NILFS (loop1): trying rollback from an earlier position
[  606.364397][T17815] REISERFS (device loop4): journal params: device loop4, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  606.404738][T17815] REISERFS (device loop4): checking transaction log (loop4)
[  606.419883][T17815] REISERFS (device loop4): Using r5 hash to sort names
[  606.428539][T17815] REISERFS (device loop4): Created .reiserfs_priv - reserved for xattr storage.
[  606.472189][T17820] NILFS (loop1): recovery complete
[  606.490824][T17823] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  606.499101][T17815] REISERFS warning (device loop4): super-6502 reiserfs_getopt: unknown mount option "ÿÿ18446744073709551615ÿÿÿÿ0177777777777777777777701777777777777777777777ÿÿ18446744073709551615ÿÿ"
[  607.096778][T17836] (null): rxe_set_mtu: Set mtu to 1024
[  607.121528][T17836] ip6_vti0 speed is unknown, defaulting to 1000
[  607.142879][T17836] ip6_vti0 speed is unknown, defaulting to 1000
[  607.153931][T17836] ip6_vti0 speed is unknown, defaulting to 1000
[  607.536556][T17833] loop1: detected capacity change from 0 to 32768
[  607.544680][ T5874] ip6_vti0 speed is unknown, defaulting to 1000
[  607.560119][T17836] infiniband syz2: set active
[  607.565502][T17836] infiniband syz2: added ip6_vti0
[  607.599157][T17833] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  607.733665][T17833] XFS (loop1): Ending clean mount
[  607.764824][T17836] RDS/IB: syz2: added
[  607.772514][T17836] smc: adding ib device syz2 with port count 1
[  607.779704][T17836] smc:    ib device syz2 port 1 has pnetid 
[  607.791593][ T5836] ip6_vti0 speed is unknown, defaulting to 1000
[  607.809776][T17836] ip6_vti0 speed is unknown, defaulting to 1000
[  607.843036][T17833] XFS (loop1): Quotacheck needed: Please wait.
[  607.957908][T17833] XFS (loop1): Quotacheck: Done.
[  608.153325][ T5772] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  608.172457][T17853] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4135'.
[  608.205951][T17836] ip6_vti0 speed is unknown, defaulting to 1000
[  608.595026][T17836] ip6_vti0 speed is unknown, defaulting to 1000
[  608.815067][T17861] loop1: detected capacity change from 0 to 256
[  608.866174][T17861] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d)
[  608.880401][T17861] exFAT-fs (loop1): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  609.099899][T17863] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4140'.
[  609.113557][T17836] ip6_vti0 speed is unknown, defaulting to 1000
[  609.703677][T17876] loop1: detected capacity change from 0 to 1024
[  609.786127][T17876] hfsplus: request for non-existent node 211 in B*Tree
[  609.808432][T17876] hfsplus: request for non-existent node 211 in B*Tree
[  609.886606][   T49] hfsplus: b-tree write err: -5, ino 8
[  610.027129][T17890] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4153'.
[  610.298479][T17902] loop1: detected capacity change from 0 to 512
[  610.467499][ T5155] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  610.668780][ T5155] usb 5-1: Using ep0 maxpacket: 32
[  610.687795][ T5155] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 102, changing to 10
[  610.705405][T17916] netlink: 'syz.7.4166': attribute type 4 has an invalid length.
[  610.714047][T17916] netlink: 20 bytes leftover after parsing attributes in process `syz.7.4166'.
[  610.717431][ T5155] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24624, setting to 1024
[  610.754203][ T5155] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  610.786905][ T5155] usb 5-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  610.807484][ T5155] usb 5-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  610.835814][ T5155] usb 5-1: Product: syz
[  610.847393][ T5155] usb 5-1: Manufacturer: syz
[  610.857553][ T5155] usb 5-1: SerialNumber: syz
[  610.876441][ T5155] input: appletouch as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/input/input30
[  611.120547][ T5155] usb 5-1: USB disconnect, device number 11
[  611.159573][ T5155] appletouch 5-1:1.0: input: appletouch disconnected
[  611.555419][T17944] loop7: detected capacity change from 0 to 1024
[  611.610814][T17948] loop1: detected capacity change from 0 to 512
[  611.610940][T17944] EXT4-fs (loop7): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  611.631457][T17948] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  611.653415][T17948] EXT4-fs (loop1): orphan cleanup on readonly fs
[  611.662236][T17948] EXT4-fs error (device loop1): mb_free_blocks:1954: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  611.690496][T17948] EXT4-fs (loop1): Remounting filesystem read-only
[  611.701697][T17948] EXT4-fs (loop1): 1 truncate cleaned up
[  611.715424][T17948] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  611.728050][T17944] ext4 filesystem being mounted at /138/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  611.849112][T17944] EXT4-fs error (device loop7): ext4_map_blocks:718: inode #15: comm syz.7.4179: lblock 0 mapped to illegal pblock 0 (length 1)
[  611.870783][T17944] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  611.884015][T17944] EXT4-fs (loop7): This should not happen!! Data will be lost
[  611.884015][T17944] 
[  611.895759][ T5772] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  611.906678][T17944] EXT4-fs error (device loop7): ext4_map_blocks:608: inode #15: comm syz.7.4179: lblock 0 mapped to illegal pblock 0 (length 1)
[  612.054248][T15773] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  612.331230][T17964] dvmrp1: tun_chr_ioctl cmd 1074812118
[  612.740381][T17954] loop4: detected capacity change from 0 to 32768
[  612.779447][T17954] (syz.4.4183,17954,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  612.814492][T17954] (syz.4.4183,17954,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  612.913657][T17954] JBD2: Ignoring recovery information on journal
[  613.036929][T17954] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  613.150488][T17985] nbd1: detected capacity change from 0 to 63
[  613.169513][ T5085] block nbd1: Receive control failed (result -32)
[  613.184869][   T97] block nbd1: Dead connection, failed to find a fallback
[  613.192524][   T97] block nbd1: shutting down sockets
[  613.200447][   T97] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  613.210295][   T97] Buffer I/O error on dev nbd1, logical block 0, async page read
[  613.245855][   T24] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  613.256418][   T24] Buffer I/O error on dev nbd1, logical block 1, async page read
[  613.265344][   T24] I/O error, dev nbd1, sector 4 op 0x0:(READ) flags 0x0 phys_seg 2 prio class 2
[  613.275085][   T24] Buffer I/O error on dev nbd1, logical block 2, async page read
[  613.283845][   T24] Buffer I/O error on dev nbd1, logical block 3, async page read
[  613.294395][   T24] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  613.304580][   T24] Buffer I/O error on dev nbd1, logical block 0, async page read
[  613.334504][   T97] I/O error, dev nbd1, sector 2 op 0x0:(READ) flags 0x0 phys_seg 3 prio class 2
[  613.347138][   T97] Buffer I/O error on dev nbd1, logical block 1, async page read
[  613.356007][   T97] Buffer I/O error on dev nbd1, logical block 2, async page read
[  613.364031][   T97] Buffer I/O error on dev nbd1, logical block 3, async page read
[  613.372768][   T97] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[  613.382451][   T97] Buffer I/O error on dev nbd1, logical block 0, async page read
[  613.390279][   T97] Buffer I/O error on dev nbd1, logical block 1, async page read
[  613.398342][   T97] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[  613.409849][   T97] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[  613.419321][   T97] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[  613.428721][   T97] I/O error, dev nbd1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 4 prio class 2
[  613.439391][T11987] ldm_validate_partition_table(): Disk read failed.
[  613.448786][T11987] Dev nbd1: unable to read RDB block 0
[  613.457171][T11987]  nbd1: unable to read partition table
[  613.528430][T11987] ldm_validate_partition_table(): Disk read failed.
[  613.550379][T11987] Dev nbd1: unable to read RDB block 0
[  613.598578][T11987]  nbd1: unable to read partition table
[  613.646634][T11987] block nbd1: NBD_DISCONNECT
[  613.652614][T11987] block nbd1: Send disconnect failed -32
[  613.935687][T14424] ocfs2: Unmounting device (7,4) on (node local)
[  613.994913][ T6372] udevd[6372]: inotify_add_watch(7, /dev/nbd1, 10) failed: No such file or directory
[  614.108850][T17988] loop1: detected capacity change from 0 to 32768
[  614.153700][T17988] 
[  614.153700][T17988]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  614.153700][T17988] 
[  614.389715][ T5772] 
[  614.389715][ T5772]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  614.389715][ T5772] 
[  614.440098][ T5772] 
[  614.440098][ T5772]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  614.440098][ T5772] 
[  615.388754][T18015] loop4: detected capacity change from 0 to 32768
[  615.473559][T18015] JBD2: Ignoring recovery information on journal
[  615.476024][T18017] loop7: detected capacity change from 0 to 40427
[  615.558566][T18017] F2FS-fs (loop7): invalid crc value
[  615.609697][T18015] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  615.627604][T18017] F2FS-fs (loop7): Found nat_bits in checkpoint
[  615.848725][T18017] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  616.015497][T14424] ocfs2: Unmounting device (7,4) on (node local)
[  616.026352][T15773] syz-executor: attempt to access beyond end of device
[  616.026352][T15773] loop7: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  616.076749][T15773] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  616.313738][T18046] netem: change failed
[  616.677108][T18061] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4226'.
[  616.932000][T18067] loop1: detected capacity change from 0 to 256
[  616.983654][T18067] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  617.009955][T18067] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  617.071796][T18067] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[  617.880461][T18103] pim6reg0: tun_chr_ioctl cmd 2147767517
[  618.102104][T18114] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4249'.
[  618.284306][T18115] loop1: detected capacity change from 0 to 8192
[  618.939081][T18140] loop1: detected capacity change from 0 to 4096
[  618.981688][T18144] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  619.058012][T18140] NILFS (loop1): nilfs_palloc_commit_free_entry (ino=6): entry number 15 already freed
[  620.342918][T18167] loop4: detected capacity change from 0 to 32768
[  620.379196][T18167] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  620.476654][T18167] XFS (loop4): Ending clean mount
[  620.514792][T18167] XFS (loop4): Quotacheck needed: Please wait.
[  620.676882][T18167] XFS (loop4): Quotacheck: Done.
[  620.783567][T14424] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  621.224473][T18200] netlink: 16 bytes leftover after parsing attributes in process `syz.4.4284'.
[  622.022540][   T28] audit: type=1326 audit(1770917307.447:168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18225 comm="syz.7.4290" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff50819bf79 code=0x0
[  623.076127][T18259] loop7: detected capacity change from 0 to 4096
[  624.012759][T18270] loop4: detected capacity change from 0 to 32768
[  624.368691][T18286] netlink: 48 bytes leftover after parsing attributes in process `syz.1.4316'.
[  624.499666][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  624.506117][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  627.506894][T18317] netlink: 64 bytes leftover after parsing attributes in process `syz.4.4327'.
[  628.773091][T18364] loop7: detected capacity change from 0 to 1024
[  628.824379][T18364] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  628.896727][T18335] loop4: detected capacity change from 0 to 32768
[  628.978991][T18364] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  629.056548][T18335] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  629.079847][T18364] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1231: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[  629.162209][T18364] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 44 with error 28
[  629.268866][T18335] XFS (loop4): Ending clean mount
[  629.302470][T18364] EXT4-fs (loop7): This should not happen!! Data will be lost
[  629.302470][T18364] 
[  629.313568][T18364] EXT4-fs (loop7): Total free blocks count 0
[  629.320590][T18364] EXT4-fs (loop7): Free/Dirty block details
[  629.330528][T18364] EXT4-fs (loop7): free_blocks=20480
[  629.335915][T18364] EXT4-fs (loop7): dirty_blocks=80
[  629.341227][T18364] EXT4-fs (loop7): Block reservation details
[  629.347247][T18364] EXT4-fs (loop7): i_reserved_data_blocks=5
[  629.452449][ T2903] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  629.552186][T14424] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  629.605812][T18391] infiniband syz2: set active
[  629.922107][T18391] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  629.984291][ T5824] ip6_vti0 speed is unknown, defaulting to 1000
[  630.200333][T18394] infiniband syz2: set active
[  630.293602][T18394] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  630.343452][T12643] ip6_vti0 speed is unknown, defaulting to 1000
[  630.592426][T18414] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4353'.
[  630.866222][T18416] loop1: detected capacity change from 0 to 8192
[  630.911579][T18416] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  630.937891][T18416] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal
[  630.978781][T18416] REISERFS (device loop1): using ordered data mode
[  631.017952][T18416] reiserfs: using flush barriers
[  631.057437][T18416] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  631.142339][T18416] REISERFS (device loop1): checking transaction log (loop1)
[  631.377008][T18416] REISERFS (device loop1): Using tea hash to sort names
[  631.396391][T18416] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[  631.885537][T18440] loop4: detected capacity change from 0 to 64
[  632.015612][T18442] netlink: 188 bytes leftover after parsing attributes in process `syz.1.4362'.
[  632.183264][T18447] loop4: detected capacity change from 0 to 256
[  632.199731][T18447] exfat: Deprecated parameter 'utf8'
[  632.262551][T18447] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xbc51571d, utbl_chksum : 0xe619d30d)
[  632.436570][T18455] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  632.534677][T18460] program syz.4.4372 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  632.666227][T18458] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  632.684115][T18464] @: renamed from vlan0 (while UP)
[  632.877806][T18473] fuse: Invalid group_id
[  633.015582][T18479] netlink: 1 bytes leftover after parsing attributes in process `syz.1.4381'.
[  633.637675][T16113] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  633.782918][T18502] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4391'.
[  633.792990][T18502] netlink: 8 bytes leftover after parsing attributes in process `syz.4.4391'.
[  633.806752][T18502] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  633.814533][T18502] macvlan2: entered allmulticast mode
[  633.820367][T18502] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[  633.857522][T16113] usb 2-1: Using ep0 maxpacket: 32
[  633.869796][T16113] usb 2-1: unable to get BOS descriptor or descriptor too short
[  633.889529][T16113] usb 2-1: config 4 has an invalid interface number: 136 but max is 0
[  633.901544][T16113] usb 2-1: config 4 has no interface number 0
[  633.909413][T16113] usb 2-1: config 4 interface 136 has no altsetting 0
[  633.924243][T16113] usb 2-1: string descriptor 0 read error: -22
[  633.933217][T16113] usb 2-1: New USB device found, idVendor=0b48, idProduct=300d, bcdDevice=16.c8
[  633.949072][T16113] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  633.975091][T16113] dvb-usb: found a 'Technotrend TT-connect CT-3650' in warm state.
[  633.992366][T16113] dvb-usb: bulk message failed: -22 (4/0)
[  634.003161][T16113] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[  634.024432][T16113] dvb-usb: bulk message failed: -22 (5/0)
[  634.032666][T16113] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[  634.061504][T16113] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  634.092113][T16113] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  634.112750][T16113] dvbdev: DVB: registering new adapter (Technotrend TT-connect CT-3650)
[  634.122461][T16113] usb 2-1: media controller created
[  634.169210][T16113] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  634.183680][T18488] ttusb2: more than 2 i2c messages at a time is not handled yet. TODO.
[  634.215573][T18488] dvb-usb: bulk message failed: -22 (7/0)
[  634.238253][T18488] ttusb2: there might have been an error during control message transfer. (rlen = 3, was 0)
[  634.239067][T16113] ttusb2: set interface to alts=3 failed
[  634.297355][T16113] DVB: Unable to find symbol tda10023_attach()
[  634.298762][T18488] ttusb2: i2c transfer failed.
[  634.304102][T16113] dvb-usb: no frontend was attached by 'Technotrend TT-connect CT-3650'
[  634.497589][T16113] rc_core: IR keymap rc-tt-1500 not found
[  634.503475][T16113] Registered IR keymap rc-empty
[  634.528907][T16113] rc rc0: Technotrend TT-connect CT-3650 as /devices/platform/dummy_hcd.1/usb2/2-1/rc/rc0
[  634.559526][T16113] input: Technotrend TT-connect CT-3650 as /devices/platform/dummy_hcd.1/usb2/2-1/rc/rc0/input31
[  634.582681][T16113] dvb-usb: schedule remote query interval to 150 msecs.
[  634.598083][T16113] dvb-usb: bulk message failed: -22 (4/0)
[  634.603923][T16113] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[  634.632664][T16113] dvb-usb: bulk message failed: -22 (5/0)
[  634.644386][T16113] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[  634.696807][T16113] dvb-usb: Technotrend TT-connect CT-3650 successfully initialized and connected.
[  634.737807][T16113] usb 2-1: USB disconnect, device number 29
[  634.878506][T16113] dvb-usb: Technotrend TT-connect CT-3650 successfully deinitialized and disconnected.
[  635.279020][T18528] loop7: detected capacity change from 0 to 128
[  635.973101][T18545] loop1: detected capacity change from 0 to 64
[  638.451932][T18607] loop7: detected capacity change from 0 to 128
[  638.474087][T18607] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=256, location=256
[  638.507202][T18607] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  638.527246][T18609] netlink: 12 bytes leftover after parsing attributes in process `syz.2.4437'.
[  638.625894][T18602] loop4: detected capacity change from 0 to 32768
[  638.656078][T18602] XFS: attr2 mount option is deprecated.
[  638.723681][T18602] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  638.870904][T18602] XFS (loop4): Ending clean mount
[  638.916601][T18602] XFS (loop4): Quotacheck needed: Please wait.
[  639.068023][T18602] XFS (loop4): Quotacheck: Done.
[  639.254211][T14424] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  639.855401][T18651] ip6t_rpfilter: only valid in 'raw' or 'mangle' table, not '
'
[  639.947760][T16113] usb 5-1: new full-speed USB device number 12 using dummy_hcd
[  640.135249][T18661] tmpfs: Bad value for 'mpol'
[  640.159710][T16113] usb 5-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  640.183063][T16113] usb 5-1: config 0 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 7
[  640.230948][T16113] usb 5-1: config 0 interface 0 has no altsetting 0
[  640.241443][T16113] usb 5-1: New USB device found, idVendor=047f, idProduct=c055, bcdDevice= 0.00
[  640.267056][T16113] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  640.296893][T16113] usb 5-1: config 0 descriptor??
[  640.306470][T18646] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  640.539638][T16113] usbhid 5-1:0.0: can't add hid device: -71
[  640.553800][T16113] usbhid: probe of 5-1:0.0 failed with error -71
[  640.565574][T18668] overlayfs: invalid origin (00000079000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000)
[  640.583381][T16113] usb 5-1: USB disconnect, device number 12
[  641.247558][T16113] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  641.447501][T16113] usb 2-1: Using ep0 maxpacket: 8
[  641.464893][T16113] usb 2-1: unable to get BOS descriptor or descriptor too short
[  641.488549][T18689] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4470'.
[  641.511938][T16113] usb 2-1: config 1 has an invalid interface number: 4 but max is 2
[  641.527560][T16113] usb 2-1: config 1 has an invalid interface descriptor of length 6, skipping
[  641.536629][T16113] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  641.583761][T16113] usb 2-1: config 1 has no interface number 1
[  641.600843][T16113] usb 2-1: config 1 interface 4 altsetting 7 has 0 endpoint descriptors, different from the interface descriptor's value: 8
[  641.635556][T16113] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  641.673838][T16113] usb 2-1: config 1 interface 4 has no altsetting 0
[  641.688407][T16113] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  641.727609][T16113] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  641.735777][T16113] usb 2-1: Product: syz
[  641.763317][T16113] usb 2-1: Manufacturer: syz
[  641.774536][T18695] loop4: detected capacity change from 0 to 256
[  641.787741][T16113] usb 2-1: SerialNumber: syz
[  641.910740][T18695] exFAT-fs (loop4): failed to load upcase table (idx : 0x000106cd, chksum : 0x3aeaf2c0, utbl_chksum : 0xe619d30d)
[  642.061767][T16113] usb 2-1: 2:1 : invalid UAC_AS_GENERAL desc
[  642.132538][T18695] exFAT-fs (loop4): invalid start cluster (520)
[  642.148878][T16113] usb 2-1: USB disconnect, device number 30
[  642.218667][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  642.265367][ T6372] udevd[6372]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  642.406431][T18685] loop7: detected capacity change from 0 to 32768
[  642.455819][T18685] XFS (loop7): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  642.524273][T18685] XFS (loop7): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  642.685424][T18685] XFS (loop7): Starting recovery (logdev: internal)
[  642.754858][T18685] XFS (loop7): Ending recovery (logdev: internal)
[  642.793217][T18685] XFS (loop7): Quotacheck needed: Please wait.
[  642.879647][T18717] sctp: [Deprecated]: syz.1.4479 (pid 18717) Use of struct sctp_assoc_value in delayed_ack socket option.
[  642.879647][T18717] Use struct sctp_sack_info instead
[  642.911995][T18685] XFS (loop7): Quotacheck: Done.
[  643.157601][T18725] Bluetooth: MGMT ver 1.22
[  643.264107][T18729] loop4: detected capacity change from 0 to 256
[  643.275601][T15773] XFS (loop7): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  643.375891][T18729] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x89cb6648, utbl_chksum : 0xe619d30d)
[  643.482076][   T28] audit: type=1800 audit(1770917328.907:169): pid=18729 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4483" name="file2" dev="loop4" ino=1048853 res=0 errno=0
[  643.565301][   T28] audit: type=1800 audit(1770917328.907:170): pid=18729 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4483" name="file2" dev="loop4" ino=1048853 res=0 errno=0
[  644.000372][T18751] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  645.281469][ T5085] Bluetooth: hci2: Opcode 0x0401 failed: -110
[  645.288281][T18727] Bluetooth: hci2: command 0x0401 tx timeout
[  645.827923][ T5836] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  645.836523][T18792] loop4: detected capacity change from 0 to 32768
[  645.949227][T18792] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  646.048694][ T5836] usb 2-1: New USB device found, idVendor=2304, idProduct=023e, bcdDevice=d7.69
[  646.067773][ T5836] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  646.083735][ T5836] usb 2-1: Product: syz
[  646.089908][ T5836] usb 2-1: Manufacturer: syz
[  646.094587][ T5836] usb 2-1: SerialNumber: syz
[  646.122832][ T5836] hub 2-1:24.0: bad descriptor, ignoring hub
[  646.140341][ T5836] hub: probe of 2-1:24.0 failed with error -5
[  646.180033][T18792] OCFS2: ERROR (device loop4): int ocfs2_claim_suballoc_bits(struct ocfs2_alloc_context *, handle_t *, u32, u32, struct ocfs2_suballoc_result *): Chain allocator dinode 73 has invalid next free chain record 12, but only 1 total
[  646.281727][T18792] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  646.322142][T18792] OCFS2: File system is now read-only.
[  646.355235][T18792] (syz.4.4511,18792,0):ocfs2_claim_suballoc_bits:1993 ERROR: status = -30
[  646.376942][ T5836] dvb-usb: found a 'Pinnacle PCTV Hybrid Stick Solo' in warm state.
[  646.393185][T18792] (syz.4.4511,18792,0):ocfs2_claim_metadata:2018 ERROR: status = -30
[  646.415615][ T5836] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  646.417792][T18792] (syz.4.4511,18792,0):ocfs2_claim_metadata:2031 ERROR: status = -30
[  646.435179][ T5836] dvbdev: DVB: registering new adapter (Pinnacle PCTV Hybrid Stick Solo)
[  646.444409][ T5836] usb 2-1: media controller created
[  646.464194][T18792] (syz.4.4511,18792,0):ocfs2_dx_dir_attach_index:2330 ERROR: status = -30
[  646.476817][T18806] loop7: detected capacity change from 0 to 128
[  646.498822][T18806] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  646.502075][T18792] (syz.4.4511,18792,0):ocfs2_expand_inline_dir:3023 ERROR: status = -30
[  646.532358][ T5836] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  646.551885][T18806] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  646.561868][T18792] (syz.4.4511,18792,0):ocfs2_extend_dir:3205 ERROR: status = -30
[  646.611132][T18792] (syz.4.4511,18792,0):ocfs2_prepare_dir_for_insert:4326 ERROR: status = -30
[  646.643601][T18792] (syz.4.4511,18792,0):ocfs2_mknod:298 ERROR: status = -30
[  646.665741][T18792] (syz.4.4511,18792,0):ocfs2_mknod:502 ERROR: status = -30
[  646.696306][T18792] (syz.4.4511,18792,0):ocfs2_create:676 ERROR: status = -30
[  646.722546][   T49] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  646.732464][ T5836] DVB: Unable to find symbol dib7000p_attach()
[  646.746001][ T5836] dvb-usb: no frontend was attached by 'Pinnacle PCTV Hybrid Stick Solo'
[  646.773441][T18792] syz.4.4511 (18792) used greatest stack depth: 17712 bytes left
[  646.853889][T14424] ocfs2: Unmounting device (7,4) on (node local)
[  646.958543][ T5836] rc_core: IR keymap rc-dib0700-rc5 not found
[  646.974943][ T5836] Registered IR keymap rc-empty
[  646.997996][ T5836] dvb-usb: could not initialize remote control.
[  647.019717][ T5836] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully initialized and connected.
[  647.059205][ T5836] usb 2-1: USB disconnect, device number 31
[  647.212529][ T5836] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully deinitialized and disconnected.
[  647.333480][T18823] loop7: detected capacity change from 0 to 128
[  647.436962][T18823] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  647.535555][T18823] ext4 filesystem being mounted at /203/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  647.588989][T18833] loop1: detected capacity change from 0 to 4096
[  647.598909][   T28] audit: type=1800 audit(1770917333.027:171): pid=18823 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.4523" name="file1" dev="loop7" ino=12 res=0 errno=0
[  647.688221][T18837] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  647.756552][T15773] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  648.227941][T16113] ------------[ cut here ]------------
[  648.234741][T16113] no supported rates for sta (null) (0xffffffff, band 0) in rate_mask 0xfff with flags 0x40
[  648.245848][T16113] WARNING: CPU: 0 PID: 16113 at net/mac80211/rate.c:385 __rate_control_send_low+0x635/0x880
[  648.256040][T16113] Modules linked in:
[  648.260018][T16113] CPU: 0 PID: 16113 Comm: kworker/0:6 Not tainted syzkaller #0
[  648.267632][T16113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  648.277769][T16113] Workqueue: mld mld_ifc_work
[  648.282529][T16113] RIP: 0010:__rate_control_send_low+0x635/0x880
[  648.288862][T16113] Code: 30 42 0f b6 04 28 84 c0 0f 85 e6 01 00 00 41 8b 0e 48 c7 c7 80 cc de 8b 48 8b 74 24 10 44 8b 44 24 1c 45 89 e1 e8 7b 94 56 f7 <0f> 0b e9 78 fe ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 03 fa ff
[  648.308576][T16113] RSP: 0018:ffffc900046ae6e0 EFLAGS: 00010246
[  648.314700][T16113] RAX: 3cdb1beefd747000 RBX: 000000000000000c RCX: ffff88807dd21e00
[  648.322790][T16113] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  648.330844][T16113] RBP: 0000000000000084 R08: ffffc900046ae2e7 R09: 1ffff920008d5c5c
[  648.338940][T16113] R10: dffffc0000000000 R11: fffff520008d5c5d R12: 0000000000000040
[  648.346978][T16113] R13: dffffc0000000000 R14: ffff888067be3358 R15: ffff88807d9857a8
[  648.355065][T16113] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  648.364071][T16113] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  648.370789][T16113] CR2: 0000000000000000 CR3: 000000006a6bd000 CR4: 00000000003506f0
[  648.378848][T16113] Call Trace:
[  648.382184][T16113]  <TASK>
[  648.385171][T16113]  rate_control_send_low+0x194/0x790
[  648.390572][T16113]  rate_control_get_rate+0x20b/0x5d0
[  648.395922][T16113]  ieee80211_tx_h_rate_ctrl+0xb63/0x1790
[  648.401671][T16113]  ? ieee80211_tx_h_select_key+0x19e0/0x19e0
[  648.407739][T16113]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  648.413779][T16113]  invoke_tx_handlers_late+0xb6/0x1810
[  648.419349][T16113]  ? ieee80211_tx_h_select_key+0xd18/0x19e0
[  648.425307][T16113]  ieee80211_tx_dequeue+0x38eb/0x4bc0
[  648.430861][T16113]  ? ieee80211_tx_frags+0x8e0/0x8e0
[  648.436117][T16113]  ? __local_bh_enable_ip+0x13a/0x1c0
[  648.441639][T16113]  ieee80211_handle_wake_tx_queue+0x133/0x2b0
[  648.447803][T16113]  ? ieee80211_ctstoself_duration+0x460/0x460
[  648.453926][T16113]  ? __local_bh_enable_ip+0x13a/0x1c0
[  648.459419][T16113]  ? _local_bh_enable+0xa0/0xa0
[  648.464330][T16113]  ? do_raw_spin_unlock+0x121/0x230
[  648.469645][T16113]  ieee80211_queue_skb+0x1a3e/0x21c0
[  648.475014][T16113]  ieee80211_tx+0x2c3/0x460
[  648.479600][T16113]  ? ieee80211_skb_resize+0x630/0x630
[  648.485053][T16113]  ? ieee80211_xmit+0x310/0x3f0
[  648.490010][T16113]  __ieee80211_subif_start_xmit+0xe10/0x1500
[  648.496053][T16113]  ? __ieee80211_subif_start_xmit+0x2ae/0x1500
[  648.502308][T16113]  ? ieee80211_txq_schedule_start+0x310/0x310
[  648.508483][T16113]  ? ieee80211_multicast_to_unicast+0x19c/0x310
[  648.514819][T16113]  ieee80211_subif_start_xmit+0xf4/0x560
[  648.520559][T16113]  ? ieee80211_build_hdr+0x2710/0x2710
[  648.526122][T16113]  dev_hard_start_xmit+0x246/0x740
[  648.531385][T16113]  __dev_queue_xmit+0x1ac2/0x36b0
[  648.536507][T16113]  ? __dev_queue_xmit+0x26b/0x36b0
[  648.541739][T16113]  ? lockdep_hardirqs_on+0x98/0x150
[  648.547017][T16113]  ? read_seqbegin+0x1c8/0x270
[  648.551873][T16113]  ? lockdep_hardirqs_on+0x98/0x150
[  648.557133][T16113]  ? neigh_event_send+0x110/0x110
[  648.562258][T16113]  ? netdev_core_pick_tx+0x340/0x340
[  648.567629][T16113]  ? __asan_memcpy+0x40/0x70
[  648.572277][T16113]  ? eth_header+0x11b/0x200
[  648.576852][T16113]  ? llc_sysctl_exit+0x70/0x70
[  648.581707][T16113]  ? neigh_resolve_output+0x618/0x730
[  648.587159][T16113]  ip6_finish_output2+0xe3d/0x1630
[  648.592379][T16113]  ? ip6_finish_output2+0x645/0x1630
[  648.597756][T16113]  ? ip6_mtu+0x7d/0x3f0
[  648.601972][T16113]  ? nf_hook+0x390/0x390
[  648.606267][T16113]  ? ip6_finish_output+0x57b/0x820
[  648.611460][T16113]  NF_HOOK+0x167/0x4a0
[  648.615576][T16113]  ? mld_send_report+0x2e0/0x2e0
[  648.620608][T16113]  ? NF_HOOK+0x4a0/0x4a0
[  648.624901][T16113]  ? icmp6_dst_alloc+0x388/0x400
[  648.629946][T16113]  ? icmp6_dst_alloc+0x388/0x400
[  648.634928][T16113]  mld_sendpack+0x7f5/0xd50
[  648.639548][T16113]  ? mld_sendpack+0x20c/0xd50
[  648.644295][T16113]  ? add_grec+0x1660/0x1660
[  648.648902][T16113]  mld_ifc_work+0x835/0xb40
[  648.653475][T16113]  ? _raw_spin_unlock_irq+0x23/0x50
[  648.658756][T16113]  ? process_scheduled_works+0x96f/0x15d0
[  648.664548][T16113]  ? process_scheduled_works+0x96f/0x15d0
[  648.670386][T16113]  process_scheduled_works+0xa5d/0x15d0
[  648.676031][T16113]  ? assign_work+0x430/0x430
[  648.680732][T16113]  ? assign_work+0x3d0/0x430
[  648.685398][T16113]  worker_thread+0xa55/0xfc0
[  648.690082][T16113]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  648.696049][T16113]  ? _raw_spin_unlock+0x40/0x40
[  648.700988][T16113]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  648.706961][T16113]  kthread+0x2fa/0x390
[  648.711144][T16113]  ? pr_cont_work+0x560/0x560
[  648.715873][T16113]  ? kthread_blkcg+0xd0/0xd0
[  648.720549][T16113]  ret_from_fork+0x48/0x80
[  648.725035][T16113]  ? kthread_blkcg+0xd0/0xd0
[  648.729708][T16113]  ret_from_fork_asm+0x11/0x20
[  648.734639][T16113]  </TASK>
[  648.737722][T16113] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  648.745029][T16113] CPU: 0 PID: 16113 Comm: kworker/0:6 Not tainted syzkaller #0
[  648.752615][T16113] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  648.762705][T16113] Workqueue: mld mld_ifc_work
[  648.767439][T16113] Call Trace:
[  648.770745][T16113]  <TASK>
[  648.773706][T16113]  dump_stack_lvl+0x18c/0x250
[  648.778453][T16113]  ? show_regs_print_info+0x20/0x20
[  648.783696][T16113]  ? load_image+0x400/0x400
[  648.788266][T16113]  panic+0x2dc/0x730
[  648.792213][T16113]  ? bpf_jit_dump+0xd0/0xd0
[  648.796768][T16113]  ? ret_from_fork_asm+0x11/0x20
[  648.801750][T16113]  __warn+0x2e0/0x470
[  648.805786][T16113]  ? __rate_control_send_low+0x635/0x880
[  648.811472][T16113]  ? __rate_control_send_low+0x635/0x880
[  648.817136][T16113]  report_bug+0x2be/0x4f0
[  648.821506][T16113]  ? __rate_control_send_low+0x635/0x880
[  648.827171][T16113]  ? __rate_control_send_low+0x635/0x880
[  648.832838][T16113]  ? __rate_control_send_low+0x637/0x880
[  648.838538][T16113]  handle_bug+0xcf/0x120
[  648.842844][T16113]  exc_invalid_op+0x1a/0x50
[  648.847391][T16113]  asm_exc_invalid_op+0x1a/0x20
[  648.852275][T16113] RIP: 0010:__rate_control_send_low+0x635/0x880
[  648.858575][T16113] Code: 30 42 0f b6 04 28 84 c0 0f 85 e6 01 00 00 41 8b 0e 48 c7 c7 80 cc de 8b 48 8b 74 24 10 44 8b 44 24 1c 45 89 e1 e8 7b 94 56 f7 <0f> 0b e9 78 fe ff ff 89 d9 80 e1 07 80 c1 03 38 c1 0f 8c 03 fa ff
[  648.878268][T16113] RSP: 0018:ffffc900046ae6e0 EFLAGS: 00010246
[  648.884377][T16113] RAX: 3cdb1beefd747000 RBX: 000000000000000c RCX: ffff88807dd21e00
[  648.892379][T16113] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000002
[  648.900385][T16113] RBP: 0000000000000084 R08: ffffc900046ae2e7 R09: 1ffff920008d5c5c
[  648.908393][T16113] R10: dffffc0000000000 R11: fffff520008d5c5d R12: 0000000000000040
[  648.916408][T16113] R13: dffffc0000000000 R14: ffff888067be3358 R15: ffff88807d9857a8
[  648.924444][T16113]  rate_control_send_low+0x194/0x790
[  648.929774][T16113]  rate_control_get_rate+0x20b/0x5d0
[  648.935114][T16113]  ieee80211_tx_h_rate_ctrl+0xb63/0x1790
[  648.940809][T16113]  ? ieee80211_tx_h_select_key+0x19e0/0x19e0
[  648.946843][T16113]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  648.952889][T16113]  invoke_tx_handlers_late+0xb6/0x1810
[  648.958420][T16113]  ? ieee80211_tx_h_select_key+0xd18/0x19e0
[  648.964370][T16113]  ieee80211_tx_dequeue+0x38eb/0x4bc0
[  648.969848][T16113]  ? ieee80211_tx_frags+0x8e0/0x8e0
[  648.975096][T16113]  ? __local_bh_enable_ip+0x13a/0x1c0
[  648.980558][T16113]  ieee80211_handle_wake_tx_queue+0x133/0x2b0
[  648.986678][T16113]  ? ieee80211_ctstoself_duration+0x460/0x460
[  648.992791][T16113]  ? __local_bh_enable_ip+0x13a/0x1c0
[  648.998239][T16113]  ? _local_bh_enable+0xa0/0xa0
[  649.003137][T16113]  ? do_raw_spin_unlock+0x121/0x230
[  649.008392][T16113]  ieee80211_queue_skb+0x1a3e/0x21c0
[  649.013757][T16113]  ieee80211_tx+0x2c3/0x460
[  649.018323][T16113]  ? ieee80211_skb_resize+0x630/0x630
[  649.023762][T16113]  ? ieee80211_xmit+0x310/0x3f0
[  649.028667][T16113]  __ieee80211_subif_start_xmit+0xe10/0x1500
[  649.034711][T16113]  ? __ieee80211_subif_start_xmit+0x2ae/0x1500
[  649.040929][T16113]  ? ieee80211_txq_schedule_start+0x310/0x310
[  649.047051][T16113]  ? ieee80211_multicast_to_unicast+0x19c/0x310
[  649.053346][T16113]  ieee80211_subif_start_xmit+0xf4/0x560
[  649.059036][T16113]  ? ieee80211_build_hdr+0x2710/0x2710
[  649.064567][T16113]  dev_hard_start_xmit+0x246/0x740
[  649.069741][T16113]  __dev_queue_xmit+0x1ac2/0x36b0
[  649.074822][T16113]  ? __dev_queue_xmit+0x26b/0x36b0
[  649.079985][T16113]  ? lockdep_hardirqs_on+0x98/0x150
[  649.085232][T16113]  ? read_seqbegin+0x1c8/0x270
[  649.090057][T16113]  ? lockdep_hardirqs_on+0x98/0x150
[  649.095298][T16113]  ? neigh_event_send+0x110/0x110
[  649.100376][T16113]  ? netdev_core_pick_tx+0x340/0x340
[  649.105717][T16113]  ? __asan_memcpy+0x40/0x70
[  649.110392][T16113]  ? eth_header+0x11b/0x200
[  649.114949][T16113]  ? llc_sysctl_exit+0x70/0x70
[  649.119755][T16113]  ? neigh_resolve_output+0x618/0x730
[  649.125195][T16113]  ip6_finish_output2+0xe3d/0x1630
[  649.130381][T16113]  ? ip6_finish_output2+0x645/0x1630
[  649.135728][T16113]  ? ip6_mtu+0x7d/0x3f0
[  649.139917][T16113]  ? nf_hook+0x390/0x390
[  649.144206][T16113]  ? ip6_finish_output+0x57b/0x820
[  649.149377][T16113]  NF_HOOK+0x167/0x4a0
[  649.153534][T16113]  ? mld_send_report+0x2e0/0x2e0
[  649.158526][T16113]  ? NF_HOOK+0x4a0/0x4a0
[  649.162830][T16113]  ? icmp6_dst_alloc+0x388/0x400
[  649.167811][T16113]  ? icmp6_dst_alloc+0x388/0x400
[  649.172798][T16113]  mld_sendpack+0x7f5/0xd50
[  649.177367][T16113]  ? mld_sendpack+0x20c/0xd50
[  649.182096][T16113]  ? add_grec+0x1660/0x1660
[  649.186679][T16113]  mld_ifc_work+0x835/0xb40
[  649.191244][T16113]  ? _raw_spin_unlock_irq+0x23/0x50
[  649.196482][T16113]  ? process_scheduled_works+0x96f/0x15d0
[  649.202251][T16113]  ? process_scheduled_works+0x96f/0x15d0
[  649.208027][T16113]  process_scheduled_works+0xa5d/0x15d0
[  649.213658][T16113]  ? assign_work+0x430/0x430
[  649.218310][T16113]  ? assign_work+0x3d0/0x430
[  649.222983][T16113]  worker_thread+0xa55/0xfc0
[  649.227630][T16113]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  649.233574][T16113]  ? _raw_spin_unlock+0x40/0x40
[  649.238466][T16113]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  649.244428][T16113]  kthread+0x2fa/0x390
[  649.248553][T16113]  ? pr_cont_work+0x560/0x560
[  649.253300][T16113]  ? kthread_blkcg+0xd0/0xd0
[  649.257920][T16113]  ret_from_fork+0x48/0x80
[  649.262367][T16113]  ? kthread_blkcg+0xd0/0xd0
[  649.266997][T16113]  ret_from_fork_asm+0x11/0x20
[  649.271826][T16113]  </TASK>
[  649.275481][T16113] Kernel Offset: disabled
[  649.280031][T16113] Rebooting in 86400 seconds..