last executing test programs:

15.161759557s ago: executing program 3 (id=645):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000440)={0x34, r1, 0x101, 0x70bd26, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0x5, 0x34, @random="c4"}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x157c}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ_OFFSET={0x8, 0x122, 0xb8}]]}, 0x34}}, 0x0)

14.776893642s ago: executing program 3 (id=648):
r0 = semget$private(0x0, 0x3, 0x0)
semop(r0, &(0x7f0000000100)=[{0x2, 0xd5db}], 0x1)
semop(r0, 0x0, 0x0)
semctl$SETALL(r0, 0x0, 0x11, &(0x7f0000000080)=[0x7, 0x6, 0x7])

13.90505016s ago: executing program 3 (id=657):
syz_mount_image$ocfs2(&(0x7f0000000140), &(0x7f0000000040)='./file1\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB='acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noacl,\x00'/119, @ANYRES32], 0x1, 0x443a, &(0x7f00000088c0)="$eJzs3c9rHNcdAPA3I7mWXNuVXB9cKHShhpa2CMmntjJUlmXLkq2quLUpuaxX0tpWstIaaRVy8EG5GXIK5BByMAkEQtDJ6JCr8yfkkqNzNiSHXAIBE4XdnZV2RrvRRmil2Hw+4H0777f83Xl6axi/OFG5v7iaW1zNFZZz5fm7qxdyb5ZLa0vFEB+Sox6fznQjTmJ/dGYvX/3v7QshfL7w5fOtra2tUNUbWhppev/dtw/nm9OGONOm2m/r3g7KayGEs7vmVdUTQvj/ZyFEIYRLSd54kvaHEE6Hetnth+/cyR3QbJ48K17Mv5h5tDl6fnrj8Wb7nz0K4YPS7/52b+nrP/aMfvWXAxoeAAAAAAAAAAAAAAAAAICX3OTN2Vv/GR4JT6PQuxHtfl53MklbPB87+2k93ToYfziMHxcAAAAAAAAAAAAAAAAAAAB+kXae/89FZ1o8/z+RpGNt2m/9q/tzpHum/j07cWV4JDn/PdpV/vck65tLPWGwxbnv2fPfL2Xatz7/ffc4+9WYX2PcgRDFQ6nrOB4aCuGj5OD3c9GJuFRerfz1bnlteeHApvHSSse/fnp/KjrJgf6dxn8803/3z///7a5PU/X6zsF9xF5p6fj3tK338dtRR/G/nGl3GPFn/9Lx763l9TdXGKsvANX4v9u7d/wnMv13K/6nQwi5qDrXXGoFqO5hqvnt9iukpeN/rJaXWjqTv8h29//3mfhfyfR/VOv/evYXES2l4/+rWl5fqsbO/T8Y73X/94Wr2+/rH5yjiH91/ut+/3ckHf/j9czeptdkOeh0/Z/M9N+t+N+KkxmejlKfgI2ont/i/6ujhXT8+3aV73z/i39y/9fYM1zLtD+s73+NcRvf/xrL/5+j+vc/WkvHv79tvU7v/6lMu26v/2O1/R/7lY7/iVpeeu88UHvtNP7Tmf67Ff/arqSvEf+d9eSH4/X8D+3/OpKO/6/rmXFzjfXaa23/F+29/7+e6f8o9n/V+a/H3R31VZGO/8m29T5ZjMIXHfz7z41Mu2q/x7oz9W3D9vr7lo7/qbb1avd/397xn8m06/b9/6dudg4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwEhhP0oEQxUOp6zgeGgrhcnJ9LpyI5goL+blSef6N1RAmkvxcOBPdK5XnCqX84nJ5oZgvlErl+RCuJOVnQ1+0WipX8kuFB1e3++qP7hcLK5W5YqESQphM8n8fTjX6mlusLBUehBCubZf9Ji6vPLhfWM4vLK78c3h4eDhMbc9hMCq+VSkuV+qj10tDmN5uOxA1Ta5WfH17Liej18trK8uFUi3/RlObUnm+UGpqM5OUvRcGo8rK2vJ8oVLMl8r3GuMdpbEknZi6+b+bN0Z2ld+J6un44U4LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJ/p6eg/3g8h9Nav4hBCLkreRMmflCfPihfzL2YebY6en954vPm8VR0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmQHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKu3SM0kAQhQH4zYBo6TGslt3OdkURLVwRPIEew8PoUbyEd7BIkTZFCCSzEHan2Capvq95MD8z78E8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5R7fhvfXtotIcbW9jPj9/Ps/zp9L/b6rXL44z4ycztPLcP/QduXf0yy/LUerPu/TzfrrIyp19DPZk+k+Hcz7TFX3rWKcb+x7HSk3EdGX/Cbl3DTL3gIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAduzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhB44FAAAAAIT5W0fRtwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCvAAAA//8W2x2U")
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xc0185879, &(0x7f0000000080)={@desc={0x4100, 0x0, @desc3}})
fsetxattr$trusted_overlay_redirect(r0, &(0x7f0000000380), 0x0, 0x0, 0x1)

13.069264078s ago: executing program 3 (id=672):
syz_mount_image$bcachefs(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800000, &(0x7f0000000280)={[{@journal_transaction_names}, {@acl}, {@journal_flush_disabled}, {@fsck}, {@inodes_use_key_cache}, {@ratelimit_errors}, {@recovery_pass_last={'recovery_pass_last', 0x3d, 'set_may_go_rw'}}, {@reconstruct_alloc}, {@nocow}], [{@hash}]}, 0x1, 0x592b, &(0x7f0000009d00)="$eJzs3WuQXFWdAPBzu3synZk8JgEkgkyGQBRBzYRX4aM0ur4KkIqFpYSNwkAmGE1CNgkCASW44EIBFlpaivoBLaQWjRZVsEqkRB6bsIpSrC61hdTqLvrBLWRJCWQpy3W2ZvqeTs+dvnN7enpCAr9fJXP7nD79P+eee/r2Pad7pgMAAACvCLuv3bL3rCPe87PPDr9w1ft/tOHq0Fsey6/GAn3p9rKXqoXsT92VRWPb7Lh43RXf+f3Ahe/66Z09335x15qj1/763YdceO8nTt95y9cfeH7u3X99qihuHE/H70snzyQhVH+858uf2/XI4aN5SQihnPRtD2FBsvCBBUkmxOCfQwhr0sSizJ13vXDS2tHt1Td0j8ufnylnvL+yVdNxtm3vpSeE37xz1TW/WPz973XteHr7viJJtWE8hTDv/MbHd4UQZqf/R8XRFsdjHLQrQwg9DY87raBdx7TY/mU56SPT7ax021sQJ96/JJMuZcpl01FXZtuTLVAtaMAU5bWj3XJF5mTS2ZPRdOW1M+YvSLc/TLfHTzF+Of5PQikJlXrz1yf7xkhoOG5JSMaOZbWeLtWPbUj3P5NOMulSJl3uyuzXWL3pQCsnyfj8WC6TH0/HlTT/6IKhdXZO/qvTbTV9or4Y0yF7o6Z3wo36fo2J7dozSVv2h1LDOahZfv3ApwejN83rTRZOeMxIE/G+XatuXFpe/eDuvpx2JHcmafykrfjbfr5gzse+e/0l2df1evzzS2n8Ulvxf3vGo8+ee/23vpYb/+YYv9xW/BPv63nmjIeuXZLbP3ti/1Taij/01MM3LT70gh257b81xq+2FX/Fzke75+697/7c9g/G/pndVvwn3/re393x+D1P58YPMX5PW/FX79z0+e7+vcflxr8/9k9ve+PnuR2nPtHf/4eBvPiPxfhz24p/+/Zb3nLb/BtOzz2+K2P/9LUV/8xj771mzt57jso7dya3duqVE+CV6ZD0Guu6NN3uPHO6GuYLXx2o1K755qT/53ayoszF52g98zoZHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABCCIed8C/v+68P9z1TSdPd6Y0nS7VtzJ8VQjI7hLBl69Dmres2XjTwiYsv2bxxaP3A0NaB4Y1bN18+cPIbBjYPb1o/dPnovYNvPKn2uIUhqW2ToybU3T0yMlLqG58X6/ubY3f8Zulp//3HEAYP+1V/Jbf9y27ZcNuhTX5mJCtG3rHhkrN+dco30/3qS9vV16RdIyMjIyGnXf9zzl9u++Ke3x8XwuCrJmvXw0++/SfjGjSWsS9OqtQdag3qTnqatqPe6rQ9sb8qa9etHx6cvH9HH1/O2Y+/veLpP6+97At/qfVvNXc/Wuzf2StG1pe+surM//vKlbWMona9VMe9qL/jXsT2xf6rpv09L92veU33a/ZIJWe/rv3F/Y//+Ijrn98eBivPLZ5Yd9F+daUDoCt5ddN2Z+uNNfQkC8blV9Py8YjHxy3bumHTsi2Xb3vjug1DFw1fNLzxzctPXn7q4CmnnrJsbM+XtbT/E9uRt/+x/te2uP/7ZzzN/9T2H8afrY2nonYV9cdou4r7o7FFec+/nrM/96U33/LQWbWMonEeS9fPJ+m2Z/Q4Lw8N421iXzXbr6J+CCEMNOuHZ58/PRz+7+uuKToPNR6Zxp8ZyYqRR5b86ZunfWPR22oZ++U839igNs/z9Vbva89Yf1XT4zFygPZvdyin+9XbtF3LH3mo68bdf/x0vX2zZoXLhrZu3by89nNO2tI5yZFN25XNjfu1eOxnOaTdEurDtMl4HdUVau3Lnj9j8Wyv9qb39SYLm+5XVrxv16obl5ZXP7g7r6eTO2s1zg5za9vkNTkl12ceWK43uFn9B+rzr2h89L/vG3d/+O4fnDxhfJxY+1m0X0nOfn3/8du/9O0v/MMPOrdf73v7o31/+o+PL61lHCznlXqr0/YkjeeVE0Moev4tDs33I/f5V2q+P0XPv2w9+8o3jzeQSfeGclvP1xPv63nmjIeuXZL7fN3T6vP1ynGpcsHz9UAZP9nnV1IZ344ZeH6NlMeeX+MGSrJi5KfXHbL9gatWHlHLKBrX9dLNxvVJLcw/cvbrJ+c+0X/xwN//W+fOG995w13n/XpoxWdqGe0f99iWzhz3atq/1Zz+rbc6zjsb+/dNF168fk0t/8C9/k23BfOfeCrZcvm2Tw6tXz+8eUtr+9Xq62msJ9vL7b6exrPbwoL9Kk3Yr5m70Up/tfp8i+1f03Z/jX++9YakrdeFbT9fMOdj373+kr4Jj0orOr+Uxi+1Ff+3Zzz67LnXf+trufFvjvErbcUfeurhmxYfesGO3Pi3Jmn8alvxV+x8tHvu3vvuz40/GNs/u634T771vb+74/F7ns6NH2L83vb6/7kdpz7R3/+H3PiPJWk9o9dIIdz1wklra+kkdKXPt9iOrnHtCtl0kkmXMulyY7pUW2utV1BOkvH5sVyaf3RDW5r5SE5+vAqrLqptX4zpkL0xef6BptRw7m+WX3SdCgDwchff/4/XoPH9/+H0Qil/pQH2me48bFFO3DgP27eeM2vc/YvS+PHxcR2w/01hcHR79UDtQn+q7yPE50N2nTPWc9wx42Pkr09Mvs5ZtP6+JJOO7aqtl1ca5qGpifOaSmhh/X1iPZOvv2d2v3h9fOC6Cc0aaFi3yh6/rnTFrNnnHTLtrYxGyBsf2XWx+HmO/nlh5Vh9LY6P7Odo4nHIfo4m1nNE5sTZ7udopjs+YrMnGR9jTS5+f2Pi8QuT9O++49c8Wvb4TeF4V0fLz/T7sx1YN2x6Stt/64Yz+36Ydcmc+OkT7EBfN4z5cT8qLa4nfjgnv1PrifF0Edu1Z5K27A/WE4GXqzj/j68Ro/P/0Qvw/82UK7oOzV41xni5nxMqN29P0bxj4uf0etp6HV+9c9Pnu/v3Hpd7nXN/q5/72TQu1VPwuZ+iflyaSRf2Y84CTdF8L1tPUb9nP5fRG+a21e+3b7/lLbfNv+H03H5fWXshLe73L41LzS3o94NgvtA8vvnCK2K+MNPrZy/ZfCT94NNMzUc+lJM/1flIz4Qb9f0ac9DNR7r2b7sAgINHnP/X3z9L5///GQuk1xFF89bjM+kYL3femnN9kjdv/UC6vSxTvjf9jYqpXjefeey918zZe89RufOWW1udh/7juFRf4Tx0evPm3HnEys58Xjx3HlGfZ01vnpjb/vo8cXrz9Nz49Xn69ObRuf1Tn0dPbx0gN359HeBgn+cWrNdlKovJVtfrXrbz6PTXZ2dqHn12Tv5U59G9E27U92uMeTQAwEsrzv/jZVyc/z+UKTfd99lz5wUdum7P/j2QevzH9te8cqbnfTM9b53pef1Mr0sc7PPimV4Xmtl1slf8vDit1LwYAIADWZz/z07T+fP/6c1Pms3fusbNT8zPm8Y3Pz9A5ucH+/qX+b/3xYuZ/wMAvLzF+X/8tcf49//+OU1n/269eXpOfPN08/TJxk/DPH1Ws/j1eXrn19mCzwG8tOsAs/eVtw4AAMBLoWtspjTx9+w/mm6zv2ef93v55+aUb1UlvTy+YOvm4eHzLtm0Zmjr8HkbL14zvOW8Szev27p1eGOt3HTnjbnzlnTe2BUqaX80L5d9f3V++vcQ5uf8PYRs+Rj2yLEbE/8eQrba2QV/R2Df8WutvXnHrzRJ+WbjI+9458X/SE75qH78L/z4ieet3XLeuo3rtq4bWr9u2/D4cqOz1p4pfG9m7JYpfV9q5scEpal/f2dn2lGa0I6utD/yvp89ybRjQdqSBXnff5DT7p/96xc/dezIX+4IYfCw8mum1X/JipF/Omf4A1t3/2rTaPtLk7a/XjJtV9H3lWbLx/2prL94y9YT1l58ycbsN0q2J65nlOrpGVrPSJ/+5RbXJ1bn5E/1cwrlCTcOTC2vTwAAME58/z9ez8b3D7+QXkDF/Nbn6dN7/zh3nj7Y2jw9+71kRfP0bPm4v63O06vTnKdn6y+apzcr32yenjfvzov/oZzyTSUhbM+5q/VxMr3PeeSOk/NbGyfZ7zMoGifZ8lMdJ8k0x0m2/qJx0qx8s3GSd9zz4n8wp3ye1sfD9D6Xkzsebm5tPLw+ky4aD9nyUx0PpWmOh2z9ReOhWflm4yHv+ObFPyunfKvGj4/RgTE2LobPu/TizZ9sKDfT338x/fbN7Pd/tKv19s/s575mvv0z+7mymW//9D5Xltv+x6a3EtZ6+2f2+13atd/Wa9MPmxV9/qxoHXdVTv5U13FnTbhxYLKOCy+dOP+Pb/f8Xbq9Id12+m2gg/970nyPWdP4Hfoes6LrGK/nk1R2APB6DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANCa7sqise3ua7fsPeuI9/zss8MvXPX+H224+nVXfOf3Axe+66d39nz7xV1rjl7763cfcuG9nzh95y1ff+D5uXf/9anCwH1jPyvHp8lqCMkzSQjVH+/58ud2PXL4aF4SQignfdtDWJAsfGBBkokw+OcQwpp6O8ffedcLJ60d3V59Q/e4/PmZINn9Cr3l2J7GdoZwWeEecRCqpuNs295LTwi/eeeqa36x+Pvf69rx9PZ9RZJqw3gKYd75jY/vCiHMTv+PiqNtUXxwul0ZQuhpeNxpBe06psX2L8tJH5luZ6Xb3oI48f4lmXQpUy6bjroy256C+qYrrx3tlisyJ5POnoymK6+dMX9Buv1huj1+ivHL8X8SSkmo1Ju/Ptk3RkLDcUtCMnYsq/V0qX5sQ7r/mXSSSZcy6XJXZr/G6k0HWjlJxufHcpn8eDqupPlHN56rmzg7J//V6baaPlFfjOmQvVHTO+FGfb/GxHbtmaQt+0Op4RzULL9+4NOD0Zvm9SYLJzxmpIl4365VNy4tr35wd19OO5I7kzR+0lb8bT9fMOdj373+kkV58c8vpfFLbcX/7RmPPnvu9d/6Wm78m2P8clvxT7yv55kzHrp2SW7/7In9U2kr/tBTD9+0+NALduS2/9YYv9pW/BU7H+2eu/e++3PbPxj7Z3Zb8Z9863t/d8fj9zydGz/E+D1txV+9c9Pnu/v3Hpcb//7YP73tjZ/ndpz6RH//Hwby4j8W489tK/7t2295y23zbzg99/iujP3T11b8M4+995o5e+85Ku/cmdzaqVdOgFemQ9JrrOvSdLvzzOlqmC98daBSu+abk/6f28mKMkbrmTeD8QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeHn65ZUnf/Scd3xwVSUJIckpM9JEvK88a8WKgTbqHXrq4ZsWH3rBjsa8RW3EAQAAAIrFeXipnlMNi8KlyexwZNPycY3gyJhKxudn1xBinOwaQbtxSh2KU+5QnEqH4nR1KM6sDsXp7lCcakGcamgtzuxJ4lRGR0WL7emZtD2tx+ntUJw5HYozt0Nx5nUozvwOxembNE7r43BBh+Is7FCcQzoU59AOxTmsQ3Fe1aE4h3coTnZNearjcG5a8oi8OGM3yoVxKkm5fkez9fTD03qOmmY9vQX1zC16PW6xntkt1nNM5nGlKdZTbbGe106znqTFel4/zXpKBfXEcXtZtn2xnphqcfxf3qE42zoU54oOxbmyQ3E+3aE4n+lQnKumGQegVXH+v2++1xe6K28LPekZJ7sKEOe7i8d+Tny9yzshxXivyeTPKoqXnahn4i2eavuyCwghhJGGOpZk7usaF69Sn49MEq/a2L6lmTsL9ze7oJCK8Y7P5HcXxcsuLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADADPrllSd/9Jx3fHBVSMLov6ZGmoj3lWetWDHQRr27Vt24tLz6wd2Ned2VNgIBAAAAheI8vKueUw3dleWhO5k1rlw1XQeopulyX23bPy+sHN0mA6WxdE+yYNLHVdLHLdu6YdOyLZdve+O6DUMXDV80vPHNy09efurgKaeesmztuvXDg7WfIXQXxAshjC0/bLl82yeH1q8f3ryllplt/6L0cYvSdJI+rv9NYXB0e3Xa/oUF9ZUm1DdzN4qPHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8P/s2l2InFf9B/DzzMzOTLfNP/unb9PQbIa8lKhFk7iVVEv3AcFCm4QsBZmtriXYBIubJrRJiXVsA7Y1QRFaAiGSCyOx2Fq86YstYl8IRGo04MYgbdFe6IXSaiUtuZCUkezOmZ2ZncmsY2na+PlczDNzzu+c33PmYuH77AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB+sqerIRGV0bHwwCSHpUlPrIM5l82la7qPvl5/f/v3C8OmVzWOFXB8bAQAAAD3FHD7QGCmGQi4bsuGq6U9LQ9NEmM39AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/56p6shEZXRs/OIkhKRLTa2DOJfNp2m5j75vvPPkZ14dHv5r81ipj30AAACA3mIOzzRGiqEUloWB5KqWuvhsYFHb+va6uM/ieda1PzvoVrdsnnXXzLPuYz3qNtSvuwIAAAB89MX8n2uMDIVCbkHX/N8r18e6JW112fq1n98KAAAAAP+dmP8LjZFSKORKjbw+37y/tK0uru/1f/u4fkWX9b3+n7++fvV/egAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD46JiqjkxURsfGs0kISZeaWgdxLptP03Iffde8MPj3W448tLR5rJDrYyMAAACgp5jDZ6N3MRRyg2EgXDyd+4dvOvj0F59+diSEMBPz8/mwa9OOHXevmXmNdauPHRn43tG3vjWnbvXM63k7IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8L6Zqo5MVEbHxi9KQki61NQ6iHPZfJqW++j7+ue+8OfHTz73ZvNYqY99AAAAgN5iDp/N/sVQCvmQD1dMf2rO+mdl2tZ3e2YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXDju+cZ9X980Obn5bm+88cabxpvz/ZcJAAB4vy0JSaj9h67ceL7vGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+DCYqo5MVEbHxotJCEmXmloHcS6bT9NyH33T548XFpx+4aXmsVIf+wAAAAC9xRw+m/2LoRQGwkC4fPpTp2cC0/l/6AO8SQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBDZao6MlEZHRtfkISQdKmpdRDnsvk0LffR97HdBz57eOF3b24eK+T62AgAAADoKebwfGOkGAq5j4dCuLr+ebJ1QZKtXzs/F5hdt71l2eC811Vb1mXnvW5P28ly9dPMrCvG/YZmro115bnryk3rSqHRvtyyLuxrWbWgx30GAAAAOI9i/i80RoZCIVdoyrk/aakfknMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC6mqiMTldGx8SQJIelSU+sgzmXzaVruo+99v/n/S77y0707m8dKfewDAAAA9BZz+Gz2L4ZSWBz+Lyyezv1hqLU+1v2jcubwo//8y8oQVl1xYjjXvu0P45tfvX7ji+0vIWRaqzMhLKz3S7r0+/XvHr13ee3M4yGsujx79Zx+4dz9WrdMa89UNq/fcfTE9h5fDgAAAFwgYv4faIwMhULurq75PybvHvm/YTqAL7x3988vq7/WE3nbisxQvV+mS7/PL3/yTyvW/u2ts/n/XP0+dWDr4ctaGs6MtEnS2ujWnRtOXHcoE0890z/b1j9+L1/65pv/2rLrkTMz/YuhWB9flOvUf+5rm4vS2mRm//i69/ZXW/vnupz/od++dPKXi/a+e7b/O0sGG/2vOcf5z91/8NaH911/4MiG1v4hhHKn/m+/e3O48g93Pth+/sG2jZu/+ebXNklaO7b01KG1B0s3tPZP2vrH7/9nJx/b9+NHvvNs7B9/K7Jy2Xz7Z9r6v7Ln0t0vP7BxUWv/TJfzv3jbq8Pbyt/+ffv572jZNdf1Luae/4lrn7r9tU3p/e1TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF5ap6shEZXRsPJOEkHSpqXUQ57L5NC330feNW46/fdveH/2geazUxz4AAABAbzGHz2b/YiiFfMiHwenc/0xl8/odR09sD0Mzs0n9mpvcds+OT2zZtvOuO87TnQMAAADzFfN/rjEyFAq55WGgnv9Ht+7ccOK6Q5mY/zMx/2+5c3LzqtCoe2XPpbtffmDjosZzghCmfxZQPFv36dm6m248PnTqj19b0bFuzWzdsaWnDq09WLoh1oXmutWh8XziiWufuv21Ten9jftrrvvkV7dN1h9PxH0Hb3143/UHjmxonKN+HazvG+smM/vH1723vxrrsvVrsX5uAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCuqerIRGV0bDxkQ0i61NQ6iHPZfJqW++i7bvkvHrzk9HOLm8cKuT42AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4NztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYr5/QOMo+DuDPs5u82WaTNmlfMCqmaVWUerAoiOhFRUVakYKnSpFqaw+iIIgo9WAqrViq4kWweimighqloGBjsbRKKv4rXjyooFA9CKUY0IbiQWV359nuTjOuTqqgfj4wPPs8M/Od38zzZDYLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP8pA31izPbzj/rlbzrnho0fvOvHITe/cu+2ih1/9bmLTdR/uHXzp5MzmFVu+vH7Zpv13r5ne/fyhn4bf+uVoz+CHWs2qrFsLIR6PIdTenX3msZmPz2qMxRBCNY5MhjAalx4ajbmE1T+HEDa36+ze+eaJy7c02m27BrrGl+RC8vcV6tVUT8tId738u9SydbZ17sFLwtfXrt/+6fI3Xu+fOjZ56pBY61hPISze2Hl+fwhhUbY1pNU2lk7O2nUhhMGO867sUdf5f7D+Swv652bt/7K23iMn7V+Z61dyx+X7SX+uHexxvYUqqqPscb0M5fr5l9FCFdWZxkez9u2sXfUn86tpi6ESQ1+7/HviqTUSOuYthticy1q7X2nPbcjuP9ePHf2T+evHEKr9uftqXjdbaNUYu8fTcbnx9Druy8ZXdL6r53FrwfjZWVsb6y64nZULrZ/2oX1fTamu2d+p5e9Q6XgHzTfenvhsMurZWD0uPe2cX1v604eGtG9m/RMXVje8d3ikoI64N2b5sVd+l7Rv6yejQ7e/tvOBsaL8jZUsv1Iq/5u1R364becLzxXmP53yq6XyLzsweHzt+ztWFj6f2fR8+krl33H0gyeX///Oqfnmupm/J+XXSuVfM31kYHjuwMHC+len57OoVP5XV9/47Suf7ztWmB9S/mCp/A3T9z01MD53cWH+wdafQr25Qkusnx+nrvhifPz7iaL8z9LzH54nP/bMf3ly91UvLtm1pnB9rkvPZ6RU/TdfsH/70Ny+84renXHPmfrmBPhvWpb9j/V41i/7O3OhOn4vPDvR1/oGGsq24TN5oZzGdRb/hfkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Bs7cEACAAAAIOj/63YECgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8FQAA///zIigX")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000002c0)=0x20)
statx(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0x8, &(0x7f0000000240))

11.890805037s ago: executing program 3 (id=687):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=ANY=[@ANYBLOB="4400000010004b0400000000000000007a000000", @ANYRES32=r2, @ANYBLOB="00000000000b0000240012800b0001006272696467650000140002800800080088a8ffff0500070007000000"], 0x44}}, 0x0)

11.523053421s ago: executing program 3 (id=690):
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000340)='./file0\x00', 0xc0ed0040, &(0x7f0000000600)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6}}, {@acl}, {@mblk_io_submit}, {@noacl}, {@barrier_val={'barrier', 0x3d, 0x101}}], [{@obj_type={'obj_type', 0x3d, '\x00\x00\x00\x00\x00\x00\x00\x00\x00'}}]}, 0x1, 0x476, &(0x7f0000008b80)="$eJzs3MtvG0UYAPBvHSdN+iCllEdLC4GCqHgkTfqgBy4gkDiAQIJDEafgpFWp26AmSLSKIHAIQhxQJe6IIxJ/ASe4IOCExBXuqBJCubQgDkbr3c2rdsjDiVP8+0muZ3bXnfl2duzZGTsBdKyB9J8kYndE/BoR/Vl26QED2dPNuenKX3PTlSRqtdf+TOrH3ZibruT/xfzrdmUbarU8v6NBubNvRoxWq+OX8/zQ1MV3hiavXH3q/MXRc+Pnxi+NnD594vjhnlMjJ1sSZxrXjYPvTxw68OIb116unLn21o9fp/XdXVQ+j6OVBrKz29CjrS6szfZkT9npLLe5Mqxa2m5pc3XX+39/dEXf/L7+eOGjtlYO2FS1Wq3W6PM5N1MD/seSaHcNgPYoPujT+/jisUVDj23hj2ezG6A07pv5I9tTjlJ+TPfC/W3L9UbEmZm/v0gfsWg+BQBgs3ybjn+ebDT+K8U9i467I19D2RsRd0bEvoi4KyL2R8TdEfVj742I+9ZY/vIVklvHP6Xr6wpsldLx3zP52tbS8V8x+ou9XXluTz3+7uTs+er4sfycHI3uHWl+eMlLlvru+V8+W77t03yafWDR+C99pOUXY8G8HtfLyyboxkanRlsSfBr/hxEHy43iT6JYxkki4kBEHFxnGecf/+pQs33/Hf8KWrDOVPsy4rGs/WdiWfyFpOn65PDTp0ZODvVGdfzYUHFV3Oqnn2dfbVb+huJvgbT9dza8/rP403vEpDdi8srVC/X12sm1lzH728eVpMm+/eu8/nuS1+vpnnzbe6NTU5eHI3qSl9Js35LtIwuvLfLF8Wn8R4807v/7stuz+pm4PyLSi/hwRDwQEQ/mbfdQRDwcEUdWiP+H5x55u9m+5u2/wqx8C6Xxj63Q/ulbXppaaP+1J7oufP9Ns/Jrefz/rNj+J+qpo/mW1bz/rbaCGzl3AAAAcLso1b+0nZQG59Ol0uBg9h3+/bGzVJ2YnHri7MS7l8ayL3fvje5SMdPVv2g+dDifGy7yI8vyx/N548+7+ur5wcpEdazdwUOH29Wk/6d+72p37YBN5/da0Ln0f+hc+j90Lv0fOpf+Dx2qp/HmD7a6HkBbrP3zv3dT6gFsPeN/6Fz6P3Qu/R86UtPfxpc29JP/2zVR3h7VaJjo2x7VKBJR2hbVaF3ilU+yLrFd6lMkyqv+YxbrTOxouKvd70wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACt8W8AAAD//4Np5jA=")
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$bt_hci(r0, 0x0, 0x1, &(0x7f0000000b00)=""/4096, &(0x7f0000001b00)=0x1000)

11.420892777s ago: executing program 32 (id=690):
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000340)='./file0\x00', 0xc0ed0040, &(0x7f0000000600)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6}}, {@acl}, {@mblk_io_submit}, {@noacl}, {@barrier_val={'barrier', 0x3d, 0x101}}], [{@obj_type={'obj_type', 0x3d, '\x00\x00\x00\x00\x00\x00\x00\x00\x00'}}]}, 0x1, 0x476, &(0x7f0000008b80)="$eJzs3MtvG0UYAPBvHSdN+iCllEdLC4GCqHgkTfqgBy4gkDiAQIJDEafgpFWp26AmSLSKIHAIQhxQJe6IIxJ/ASe4IOCExBXuqBJCubQgDkbr3c2rdsjDiVP8+0muZ3bXnfl2duzZGTsBdKyB9J8kYndE/BoR/Vl26QED2dPNuenKX3PTlSRqtdf+TOrH3ZibruT/xfzrdmUbarU8v6NBubNvRoxWq+OX8/zQ1MV3hiavXH3q/MXRc+Pnxi+NnD594vjhnlMjJ1sSZxrXjYPvTxw68OIb116unLn21o9fp/XdXVQ+j6OVBrKz29CjrS6szfZkT9npLLe5Mqxa2m5pc3XX+39/dEXf/L7+eOGjtlYO2FS1Wq3W6PM5N1MD/seSaHcNgPYoPujT+/jisUVDj23hj2ezG6A07pv5I9tTjlJ+TPfC/W3L9UbEmZm/v0gfsWg+BQBgs3ybjn+ebDT+K8U9i467I19D2RsRd0bEvoi4KyL2R8TdEfVj742I+9ZY/vIVklvHP6Xr6wpsldLx3zP52tbS8V8x+ou9XXluTz3+7uTs+er4sfycHI3uHWl+eMlLlvru+V8+W77t03yafWDR+C99pOUXY8G8HtfLyyboxkanRlsSfBr/hxEHy43iT6JYxkki4kBEHFxnGecf/+pQs33/Hf8KWrDOVPsy4rGs/WdiWfyFpOn65PDTp0ZODvVGdfzYUHFV3Oqnn2dfbVb+huJvgbT9dza8/rP403vEpDdi8srVC/X12sm1lzH728eVpMm+/eu8/nuS1+vpnnzbe6NTU5eHI3qSl9Js35LtIwuvLfLF8Wn8R4807v/7stuz+pm4PyLSi/hwRDwQEQ/mbfdQRDwcEUdWiP+H5x55u9m+5u2/wqx8C6Xxj63Q/ulbXppaaP+1J7oufP9Ns/Jrefz/rNj+J+qpo/mW1bz/rbaCGzl3AAAAcLso1b+0nZQG59Ol0uBg9h3+/bGzVJ2YnHri7MS7l8ayL3fvje5SMdPVv2g+dDifGy7yI8vyx/N548+7+ur5wcpEdazdwUOH29Wk/6d+72p37YBN5/da0Ln0f+hc+j90Lv0fOpf+Dx2qp/HmD7a6HkBbrP3zv3dT6gFsPeN/6Fz6P3Qu/R86UtPfxpc29JP/2zVR3h7VaJjo2x7VKBJR2hbVaF3ilU+yLrFd6lMkyqv+YxbrTOxouKvd70wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACt8W8AAAD//4Np5jA=")
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$bt_hci(r0, 0x0, 0x1, &(0x7f0000000b00)=""/4096, &(0x7f0000001b00)=0x1000)

1.818740365s ago: executing program 4 (id=743):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x7, &(0x7f00000001c0)=0x8, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'vcan0\x00', <r1=>0x0})
sendmsg$can_raw(r0, &(0x7f0000000440)={&(0x7f0000000000)={0x1d, r1}, 0x10, &(0x7f00000005c0)={&(0x7f00000004c0)=@can={{}, 0x80, 0x1, 0x4, 0x2, "07000000008000"}, 0x210}}, 0x0)

1.691954024s ago: executing program 1 (id=748):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000100)={0x0, <r1=>0x0}, &(0x7f0000000000)=0xc)
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000980)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000240)={[{@nobarrier}, {@uid={'uid', 0x3d, r1}}, {@creator={'creator', 0x3d, "bd3d66f1"}}, {@creator={'creator', 0x3d, "64eb8ba9"}}, {@nodecompose}, {@part={'part', 0x3d, 0x2}}, {@barrier}]}, 0x3, 0x6a4, &(0x7f0000001b40)="$eJzs3U9sHFcdB/DvbDbrbJBS918aEFKtRqqgEYmdVUmQkBoQQjlEKIJLr1biNFY2aeW4KK0Q2QAFiRMn1AOHIhQOPSGEkMoJUc5ISFw4+R6JG4ccAKOZnV2v7Y1jJ7HXbT8faTzv7Zv33m9+nT+7s402wGfW+ddzsJci509cuFXWV+52uit3O9cH5SRTSRpJs79K0U6Kj5Nz6S/5fPliPVzxoHlevfdR0Xz/w06/1qyXavvGVv02GbtlLzk0rBxIMtMv/mfbw24ar1qqcS6tjfeIimHcZcKODxIHk7a6SW+tsfHQ7ts/b4F963b/vrnJdHI4/btr+T4g9dXh4VeGydvy2tTbuzgAAABgt4z9LD/qqfu5n1s5sjfhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKdD0f/NwKJeGoPyTIrB7/+3Rn5TvzXhcB/Te1eq1XefmnQgAAAAAAAAAPBYXryf+7mVI4P6alF95/9SVXmu+vu5vJ2bWchSTuZW5rOc5SxlLsn0yECtW/PLy0tzm3v+MmXP1dXV23XP02N7nl4fV29joOP+T4NNGwEAAAAAAADAZ9aPcn7t+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgPiuRAf1Utzw3K02k0kxxK0ipmhpu3JhrsE/DnSQcAAAAAu69dr48U/+sXVovqM//R6nP/obydG1nOYpbTzUIuV88C+p/6G3/vdbordzvXy2XzwN/4147iqEZM/9nD+Jlnqy2eH/Y4n2/nezmRmVzMUhbz/cxnOQuZybeq0nyKTNdPL6ZX7rYziHVzvOfW1S5ujO3FkXIZ37EqknauZLGK7WQutQahN+rtjo3M9sdWsmHGO2V2itdq28zR5Xpd7tEv6vX+MF3t+cFhRmbr3JfZeHo075tzv8PjZONMc2kMn0E9tzZLWd040yPl/HC9LnP9093N+Q4fpa3PRO/nZW1w9B3dOufJl//xl4tXGzeuXb1y88T+OYwe0cZjojOSiRe2lYlumYneY2Ti0OPE/+S06mz0r6I7u1q+VPU9ksV8J2/mchZyJrOZy9nM5ms5nU5Oj+T1+a3zWp1rjZ2da8e/VBfKe9LPRu5Ne2bqQQ1lXp8eyevolW66aht9ZS1Lz2wjS0Ur47P0z7GhNL9QF8o5fjxyx5m8jZmYG8nEs1tn4tf/XU1ys3vj2tLV+be2Od/L9bo8bd9bf23+zRPZoZ2rd7c8Xp4p/2Olf9sYPTrKtmcHbRvy1aq/cWnWg61ra6U6n/ttDztTy5GO3hk3Ur/thbGzdKq2YyNt697l5M10h+9CANjHDr9yuNW+1/5b+4P2T9pX2xcOfXPq7NQXWzn41+afDvyu8dvG14tX8kF+mCOTjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Nbr7z7rX5bndhaR8W0njCA94Z2zRIRf+V1v7Y909qYWqrI+r3Sbbo3ppEzO0k+yJ1ae7BXFMZ03Rh+Eo7aQzjSXJtn/zAHbAbTi1ff+vUzXfe/cri9fk3Ft5YuHH67JnXznS+Onf71JXF7sJs/++kowR2w9rbgElHAgAAAAAAAAAAAGzXXvzzhjHTFr0J7CsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwyXT+9Rzspcjc7MnZsr5yt9Mtl0F5bctmkkaS4gdJ8XFyLv0l0yPDFQ+a59V7H/3q5fc/7KyN1Rxs39jQ7w//Xl3d4V706iUzSQ7U64eb2tZ4l0bG6+0wsL5iuIdlwo4PEgeT9v8AAAD//x5LB84=")
unlinkat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x200)

1.691644511s ago: executing program 4 (id=749):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0x8, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000000800000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x34}, [@ldst={0x3, 0x0, 0x3, 0x1c10a1, 0x0, 0x23}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x85, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x52)

1.604556694s ago: executing program 4 (id=750):
syz_usb_connect$uac1(0x6, 0x0, 0x0, &(0x7f0000000680)={0x0, 0x0, 0x5, &(0x7f00000001c0)={0x5, 0xf, 0x5}})
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$getregset(0x4205, r0, 0x403, &(0x7f0000000240)={&(0x7f0000000180)=""/116, 0x74})

1.482039172s ago: executing program 1 (id=752):
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
r2 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB=',privport,access=', @ANYRESDEC])

1.275810466s ago: executing program 1 (id=755):
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000001080)='ext4\x00', &(0x7f0000000480)='./bus\x00', 0x0, &(0x7f0000000280)={[{@i_version}, {@discard}, {@user_xattr}]}, 0x1, 0x468, &(0x7f0000000840)="$eJzs3M1vFVUfB/Dv3L7w+jzlecQ3BKmCUEVbWxQ1ISTsXBBd6MJtQ0tDKKC0JkKIgcSFWxP9A3Qvf4JRE19WrgxbNbpQEmKgCxbG1MztveW29PYF2l5sP59kyjkzU86ZOf3N3HvyywmwbnWXP4pka5Ifk3RNVWee0D31z8SNi8fLrcjk5Bt/FtXzbt64eLx+av33tpQ/KklPJal8UOSxOdodO3/h1ODo6PC5Wr1v/PTbfWPnLzx38vTgyPDI8Jn+g/2HDr304ssD/ct2ra/+MPHbZ+2vbUxy5taRgc1lf7fWjjVex3LpTvfMe9lg33I31mIPNpSL9oXPn2x2Y1hVbUnK4eqoxn9X2nJ78Lry3c8t7RywoiZLG5oevjQJrGFFZtYraVVPgNVVf9GX33/rW5p/HmCNub576gvgzdrczsT0PEh7KlOFd/Z989WM7/fLqTvJW8de31VuWaF5GAAAAID17MujSZ5NDnc1zP9VVfLQ9Fmd1fLDSR5J8miSHUk1r2dnkl1JHk+yu55PtLDp7I/Z5985/1O5dg+XxwKuH00ON+R2TTSMf822tlrtP2UlHcWJk6PDzyf5b5KedGwo682ztJom+mysF+rzf+VWtl+fC6z141r7rPnoocHxwbu+YGa4fjnZ0T7X+BfTmUDlCD6R5MnF/IffVjPqRrZf+Wt61ysfPnC12endC44/K2ny02T/nPF/O26L+fMz+6rPg776U+FO339y6PNm7Rv/1irjf/P847+taMzXHVt6G19v/+WnZscWHv+5n/+dxZvVDnbW9r03OD5+rj/pLI7duX9g6X1eq+r3o36/yvHv2TP3+///td8pb+ieJHuTPFXLXd5fffcnTyd5JsmBedq8NPLr382Oif/WKsd/aEnxv/TCH5c/2tus/cXF/wvVzvTU9vj8t7DFDlCr+wkAAAAAAADA8qhU18ArKr3T5Uqlt3dqDb/t2VwZPTs2fuDE2XfPDE2tlbctHZV6pldXQz5of7V8uz4wq34wyf+SfNy2qVrvPX52dKjVFw/r3JYm8V/6va3VvQNW3CLWa02yacX7Aay+xcV/I6s3w1qx9PgH1orFxb9VQWEt8v6H9Uv8w/ol/mH9Ev+wfs2O//evHjty64udV1rUHWC1dLS6A0CL3Mu6fgoKd1+o/wWeGpys5ZnfJx379xc2LeZmFsX8T4BWPZEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7i//BAAA//+sAMBz")
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=@newlink={0x48, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x6, 0x0, 0x0, 0xffffff81}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @wireguard={{0xe}, {0x4}}}, @IFLA_GROUP={0x8, 0x1b, 0x3}, @IFLA_LINKMODE={0x5, 0x11, 0x30}]}, 0x48}}, 0x0)

951.732667ms ago: executing program 1 (id=759):
r0 = socket$inet6(0xa, 0x2, 0x3a)
r1 = dup(r0)
bind$unix(r1, &(0x7f00000001c0)=@abs={0xa, 0x2}, 0x6e)
connect$unix(r1, &(0x7f00000043c0)=@abs={0x0, 0x0, 0x4e22}, 0x6e)

944.715763ms ago: executing program 0 (id=761):
io_setup(0x40, &(0x7f0000000080)=<r0=>0x0)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
sync_file_range(0xffffffffffffffff, 0x0, 0x4be4, 0x0)
io_pgetevents(r0, 0x1, 0x1, &(0x7f0000001940)=[{}], 0x0, 0x0)

870.144001ms ago: executing program 4 (id=762):
r0 = socket$inet6(0xa, 0x3, 0x5)
setsockopt$inet6_int(r0, 0x29, 0x1000000000021, &(0x7f0000000180)=0xffffffc1, 0x4)
connect$inet6(r0, &(0x7f0000000040)={0xa, 0x4e24, 0x0, @remote, 0x8}, 0x1c)
sendmmsg(r0, &(0x7f0000000100)=[{{&(0x7f0000000080)=@l2tp6={0xa, 0x500, 0x8000, @remote}, 0x80, 0x0}, 0x5b4}], 0x1, 0x0)

863.031003ms ago: executing program 1 (id=763):
syz_mount_image$ocfs2(&(0x7f0000000100), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000004680)={[{@acl}, {@nointr}, {@resv_level={'resv_level', 0x3d, 0x4}}, {@localflocks}, {@data_writeback}, {@resv_level={'resv_level', 0x3d, 0x7}}, {@intr}, {@heartbeat_none}]}, 0x1, 0x4430, &(0x7f0000000240)="$eJzs3c9PHNcdAPA3A67BtV1wfXClSl2pllq1FQKf2mKpGGNjsKkrt7aqXNYLrG2ShbVgiXLwgdws5RQphygHK5Fy42RxyNX5E3LJ0TlbSg65RIpkhWh3Z2FndldsEAux8/kcGOb9Zr8zb98chhcnKg+W1nJLa7nCSq68cG/tQu7tcml9uRjiQ9K2/2OH1z/d6cV1ctTX3i/ZzctX/3vnQgifL375Ynt7eztU9Ye2xpp+/+7bRwvNx4Y4U6fabvvWDsobIYSzLeOq6gsh/P+zEKIQwqUkbTI5DoYQToV63p1H793NHdBonj4vXsy/nHu8NX5+dvPJVue/PQrho9Lv/nZ/+es/9o1/9ZcD6h4AAAAAAAAAAAAAAAAAgFfc9K2bt/8zOhaeRaF/M2p9X3c6OXZ6P3b7wPyh938sAAAAAAAAAAAAAAAAAAAA/Eztvv+fi860ef9/KjlOdKi//a/ej5Hemfn3zakro2PJ/u9RS/7fk6RvLvWF4Tb7vmf3f7+Uqd9+//fWfvarMb5Gv0MhikdS53E8MhLCJ8nG7+eiE3GpvFb5673y+srigQ3jlZWOf333/lR0kg39u43/ZKb93u///9uWq6l6fvfgLrHXWjr+fR3Lffpu1FX8L2fqHUb82b90/PtraYPNBSbqE0A1/u/37x3/qUz7vYr/6RBCLqqONZeaAaprmGp6p/UKaen4H6ulpabO5IPsdP9/n4n/lUz7RzX/b2S/iGgrHf9f1dIGUiV27//heO/7/2qm/aOIf3X8G77/u5KO//F6Yn+qSO2T7Hb+n86036v4346TcZ6OUlfAZlRP7/T/6khLx3+gJX/3+S/uav13LVP/sJ7/Gv02nv8a0/+fo/rzH+2l4z/YsVy39/9Mpl6v5/+J2vqP/UrH/0QtLb12Hqr97Db+s5n2exX/2qpkoBH/3fnkh+P19I+t/7qSjv+v64lxc4mN2s/a+i/ae/1/PdP+Uaz/quPfiHvb6+siHf+THctV4/9FF9//NzL1muLfurg4IKPW+vuWjv+pjuVq9//A3vGfy9Tr9f3/p142DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAKmEyOQyEaSp/H8chICJeT83PhRDRfWMzPl8oLb62FMJWk58KZ6H6pPF8o5ZdWyovFfKFUKi+EcCXJPxsGorVSuZJfLjy8utPWYPSgWFitzBcLlRDCdJL++3Cq0db8UmW58DCEcG0n7zdxefXhg8JKfnFp9Z+jo6OjYWZnDMNR8Z1KcaVS772eG8LsTt2hqGlwtezrO2M5Gb1ZXl9dKZRq6Tea6pTKC4VSU525JO+DMBxVVtdXFgqVYr5Uvt/o7yhNJMepmVv/u3VjrCX/blQ/Th7usAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4iZ6N/+PDEEJ//SwOIUw0fonalX/6vHgx/3Lu8db4+dnNJ1svOpUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Ed24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsEvHKA0EURiA34yF2nkMq2W3s11RRAtXBE+gx/AwehQv4R1SpEibIgSSWQibXdgmqb6veTA/M+/BPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHme3ruPt7qJSHG1uYz4+/pfHOYvpf7cj9+/OMOMnM7za/fwWDfl39NRfleOlm3epevV92eM1N7vYE+G+7TX97menGtq36bm6/veRMpVRLQlv005V9W8twAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALTtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgWMBAAAAAGH+1lH0bQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD//9kGHvg=")
syz_mount_image$fuse(0x0, &(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2095, 0x0, 0x1, 0x0, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

755.44624ms ago: executing program 4 (id=765):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f0000000100), 0x2, 0x50e, &(0x7f0000000f40)="$eJzs3U9sI1cZAPBvJsnau02bLfQAqNClFBa0WjvxtquqF8qpQqgSokcO25B4oyh2HMVOacIeskfuSFTiBCeOiAMSB6SeuCNxAE5cygGpwArUIHEwmrGdOn+8sbaxnca/n/TkN/Nsf+/FmvesL/K8AKbWjYjYj4grEfF2RCx0zyfdEq93Sva8jx49WDl49GAliXb7rX8meXt2Lvpek3mq+57FiPjeGxE/SI4F/WNEc3dvY7lWq253T5Vb9a1yc3fv9np9ea26Vt2sVO4u3V189c4rlXMb6wv1X394NSJ+99svfvCH/W/8KOvWfLetfxznqTP0ucM4mdmI+M4ogk3ATHc8V57kxU/0Is5TGhGfiYgX8+t/IWbyT/Ooox/TN8fYOwBgFNrthWgv9B8DAJddmufAkrTUzQXMR5qWSp0c3nNxLa01mq1b9xs7m6udXNn1mEvvr9eqi91c4fWYS+6vz1aX8nrvuFatHDu+ExHPRsRPClfz49JKo7Y6yS8+ADDFnjq2/v+n0Fn/AYBLrvhxtTDJfgAA41OcdAcAgLGz/gPA9LH+A8D0sf4DwPSx/gPA9LH+A8BU+e6bb2alfdC9//XqO7s7G413bq9Wmxul+s5KaaWxvVVaazTW8nv21M96v1qjsbX0cuy8W25Vm61yc3fvXr2xs9m6l9/X+151biyjAgAe59kX3v9zEhH7r13NS/Td7//Mtfr5UfcOGKV00h0AJmZm0h0AJubkbl/AtJCPB/q26H3Yd7p4onLce0O9fWrfULh4bn7+E+T/gU81+X+YXk+W//ddHi4D+X+YXu12Ys9/AJgycvwwzYabAfr//7/Y7jsY7v//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcCnN5yVJS929wOcjTUuliKcj4nrMJffXa9XFiHgmIv5UmCtkx0tD7xoCAFxM6d+TiMjKzYWX5o+3Xin8t5A/RsQPf/bWT99dbrW2lyKuJP86PN96r3u+Mon+AwBn6a3TvXW856NHD1Z6ZZz9+fBbnc1Fs7gH3dJpmY3Z/LGY5xqu/TvpHndk31dmziH+/sOI+Nxp40/y3Mj17s6nx+NnsZ8ea/z0SPw0b+s8Zn+Lzx62/OUcegXT4f1s/nn9tOsvjRv54+nXfzGfoT653vx3cGL+Sw/nv5kB89+NYWO8/PtvnzjZXui0PYz4wmzEQe/N++afXvxkQPyXhoz/1+e/9OKgtvbPI27GaeNPjsQqt+pb5ebu3u31+vJada26WancXbq7+OqdVyrlPEdd7mWqT/rHa7eeGRQ/G/+1AfGLZ4z/q0OO/xf/e/v7X35M/K9/5fTP/7nHxM/WxK8NGX/52m+Kg9qy+KtHx99d1s7+/G8NGf+Dv+2tDvlUAGAMmrt7G8u1WnV71JV09CHyShKxP/g5vzrfoIVf/viNMY1rlJW4GN1QuUiVSc9MwKh9fNFPuicAAAAAAAAAAAAAAMAgI/nx0EZEbPtlAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKP3/wAAAP//NjvUFA==")
syz_mount_image$fuse(0x0, &(0x7f0000000240)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./bus\x00', 0x0)
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)

754.828685ms ago: executing program 2 (id=766):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000180)='ip6_vti0\x00', 0x10)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x32, &(0x7f0000000880)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0)

613.140065ms ago: executing program 0 (id=767):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), r0)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000140)={'wpan0\x00', <r2=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_DEVKEY(r0, &(0x7f0000000e40)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000300)={0x38, r1, 0x1, 0x70bd25, 0x25dfdbfb, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r2}, @NL802154_ATTR_SEC_DEVKEY={0x1c, 0x2f, 0x0, 0x1, [@NL802154_DEVKEY_ATTR_EXTENDED_ADDR={0xc, 0x2, {0xaaaaaaaaaaaa0302}}, @NL802154_DEVKEY_ATTR_ID={0xc, 0x3, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8}]}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x20008045}, 0x4880)

612.458067ms ago: executing program 2 (id=768):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000001040)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000200)={0x3c, r0, 0x1, 0x70bd29, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x20, 0x11d, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xc0}, @NL80211_TID_CONFIG_ATTR_TX_RATE_TYPE={0x5, 0xc, 0x2}, @NL80211_TID_CONFIG_ATTR_AMSDU_CTRL={0x5}]}]}]}, 0x3c}}, 0x0)

572.628421ms ago: executing program 2 (id=769):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x109842, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000080)=0x2)
mmap$dsp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x2000009, 0x8012, r0, 0x0)
ioctl$SNDCTL_DSP_GETIPTR(r0, 0x800c5011, &(0x7f0000000100))

533.604896ms ago: executing program 4 (id=770):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000040)='./file1\x00', 0x10044, &(0x7f0000000240)={[{@usebackuproot}, {@compress_algo={'compress', 0x3d, 'lzo'}}, {@max_inline={'max_inline', 0x3d, [0x31, 0x74, 0x78, 0x31, 0x39, 0x70, 0xe9d06d928962abf5, 0x6b, 0x3c, 0x36]}}, {@datacow}, {@ssd_spread}, {@space_cache_v1}, {@datasum}]}, 0x5, 0x55af, &(0x7f000000ac40)="$eJzs3X1sVWcdB/BzeykFavoyZRnqwvwHJ4hUTCxC0CLtBAajA02GgVEcsCEMShOEjU075nSOTBrmGCu+MJAKGLv6smJihugixjmZLA4bRuQli4gLrDCikkxneu89t/eeS9s7nOs2Pp+lPfe5v/M85zkn549+73jODQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAIgoMrFv593Q9XfOuh605O3Xj/mQdO1D73+KZJd8/dPfbwA6uu7Djd0lL46vNnb1h838OVI07sWXAoCGKJfrFU//mfnjJr8ez5MwaFA9bdmNyWlfV0yGTXY8nGwKw3u/pl/ywIgqAwMkA8ta0pzmjHogcIGnIH7NX2yvGryjdWT99cNGXoonh9c+6p02VQf0+gv6Tuqxe776WqxO+CyB7pdsatF8u6RZP9ozfcm3ISAMDrUlGb2KT/HE39iZtuN0brkXZVpN0UaYd/ITRlNi5FctyBPc3zmmi9n+ZZlYwKRT3OM1JPXf90uzbaP9KORI3XMc/sXVORZlBP86yP1PtrngAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABvJXcfv+Xpgk0/fv+y9WPix4eN/OXXWrZ8v6azdOrX923o+EP7c+9taSl89fmzNyy+7+HKESf2LDgUBGWJfrFk99i8He0bfr5y6upfzH209dz77tgVT40bbgdk7Bx0hC8+URoEX8iovBgOe6okCGqzC4lm8GhuYUnixdSwAAAAwDvJsMTvgnQ7GQcLs9qxRJqMJf4LJcPi9srxq8o3Vk/fXDRl6KJ4ffOlj1fbw3hVFx0v3S7r/ollBOMw/kbH666HuzbkjNO76IjRPD92xIXDR76xYsPa5uKT+weXx2t+/ZW6YVfMHffKtRPG3/a3R3bk5P+y3vN/eOXkfwAAAP4X8n90nN71lf9HHrn/zF2nfrau7rPb5h2f9M26kndXrPlz60c+v37ktOoBx67ckpP/r8k6ZE7+D2cc5v+C4NLyPwAAALyV/b/zf1XOOL3rK/8vXzP6H9MvzK5+YuKFH525c/ivDh4J9jaO/mLb7R/cP2dISdNPc/J/RX75f0DmtMM3nwknvLQ0CCryv6gAAABAlvD/u3d/tBDm9eQnB9G8Pvf8wZqbCx88+9E5147YdnT4rs7z/1y6YtOFca0zR1V+5umyDTn5vyq//F/45pwuAAAAkIenlnzypp3BjJoPV91zeP/C7Y80Ll/bsKy5KDbtPw0d1/+7dWBO/q/NL/8X9c/pAAAAABdx6Mvbdr82a3n7qNai81v/+NpfHr961OoDLRVHG35XXriyvW5JTv6vyy//D0ltUysfkp32h/8K4aHSIBjU9aI+Wfht0PSpdAEAAAB4g4Q5/V/HOsbsvK7oN0/94OXNs7/7naF7vz3zYPP3JhffUv3ggZkHnqzLyf/1vT//P3zSQbj+P+v5fznr/zMKyaf+TfBgAAAAAC5Huev5w8fjJ7+5oKfv3893/f+NX2p/6fjtC77a+Z7hNy1/+bYrbv34pFN/mnFnfOfEuwqmTXvpdE7+b8wv/8czt2/k9/8BAADAJXi7ff/fnJxxur3rIufX1/P/Zz12z9HOv74wcfSs5rWLT07a+JP5W555bHfl1ecW3jz4Q88u25uT/5vyy//htjjz9PaF1+fe0iC4qutF6mmCu8LpLo0U2gozCskLH+kxO+yRKrQVZRQS6iM9xpYGwQe6XjRGCuVhoSlS6CxJFbZGCs+GhdT9kC60Rgr7wjttU0lqutHCnrCQWmDRFq6gKE4viYj0eKWnHl2Fi/Z4IX1wAACAy0oYnlNZtjC7GUSjbFusrx2G9LVDQV87xPvaYUBkh+iOPb0f1GUXwvfPr3ni9xUfK/jcoVvvmDxqzKJ19zZNOBCfN/n6J3cMPrfy9LjVOfl/a375P7wUA5Obntb/B+H6/9T3GqbX/9eFhbJIoS0s1EafGFAbHiMZdteHxyirTfXovCpdAAAAgHe08HOBeD/PAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4L/s3XucVNWdIPDTTT9oaJoW4ytibHVtRYemQVE/wQdqJhpgTaPszLj4aIRGkVYQYSKuUVCzm4TBKCpRZ0ZhFUZWcfAFZDUBNaKJaDSOZkYdQzDquDt+FEf0M2sc99N96xRVt7rsQkBp8/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH8cNjx201F/d8lTo0dtnD9gxatH/veP6g9fvvjd//WH566/fd/5P9iweunSyj+8sOmUyd+78cjGjasmvBhCS2e5sqR42ZlLVv5o9UXf+s5DZ9x8z3t7z15Wlak3Ew99O/6UZ+5cHVv9fb8QVpWFUJEODK5NApWZ+7WxvoG1IewStgSyJdr6JCXSDYfHa0JYFLYEslX9pCaE2pzAuF8/umZ+R+KGmhAODCFUp9v45+qkjZp0oLEqCfRJB6ZVJIEPP0lkA6vLkwBss/hmyL7oV7TkZ6jvulyR11/lduvYFys9vF4xUV8839vH7+BO5ahKP9CyTU9bQXXsEAVvj7XebT3g3Vawna/1tOV+kcp8Q/lkS6g6lE9qmzxhVvvM+Eh5aGrqVaymHfQ8v7Tpsolbk+4xr8PYgfrt8jp84sKBdy1sHLP7LY9snPxG1XMLt7WbxTbvjlYdMq+5HvM8RiN9nvSAt1/Bt6QGX7pCCHecuPmd37889v/+5qFnBr//7aHnDHnx1aF1t3x/Wr8/P/f/VN46dVPB/L/+0+f/8eUcb8vzcsdWP6pL5ubxkdqYeKcumZsDAABAj9ET9pq+OeKQd2rXNzyy/zdXTr5g8fzXzzz/P6p+3nfCISefNvSHd9409YyC+X9Dacf/4yH/2tzRrg1hZGfiqv4h7Nn5eBJYFrtzTv8Q9utMteQHjk8F1oawV2diULaqVInesURDKvBmXSYwMhVYFwMtqcCSGLg2Fbg6BlakAhNjYG0qcEIMhCn54zikLjOOkgM1MdCabMQV8SyEf6uLraW21cvZqgAAALaTzOywMv9uzrkO25ohTi9X1HSXIZ6BXTRDdaqG9Aw2O60qWkNFdzWUd1dDdtxzPn34BTWXdVdzwWkYZfkZ3j/4/rlrHvynn9404YinD/mo9axXNqx+bPTmXn/17pifXj5uwbDxBfP/5k+f/1d30ZGyguP/IYzt/Btzl2ci7dl4a0teBgAAAGAbVLy+7NRfzf24bOkvztt04J+eMe6a3iv333/AukPv/38Nbw04cfWBBfP/kaWd/x/3ifTKyRzWx90QU/uH0JwfSKodURhIjnr3zQQAAACgJ8gej88eC5+SuU1O0U7Ppwvzt2xl/njgf2SX+QePu2Z985o7Tpsy4vC1azeftfsryzc+vduB77548KlnnvTA1IZ7C+b/LaWd/98n/zbpxLrYi+v7h9A7J/BE7GVHoFNDDGw4Lj+QGf+6uAHmxaoyJyZkq5oXS7TGQHMqsKhYiWezJfbMD2SerGzjV2XHMSVTIicAAAAAn7u4OyAel4/n/z9zfr/H/nb5rZc9tHR96Hvuil9dcezwgQsG93572rOHPfqX7506tWD+37p15/93zoMLTu9v7xvCkIoQeqV/GLC+T7IwYAzUlmUSP+2T1NUrXdWVfUIY0TGwdFUbM+v/V6TXGHy+JqkqBvbc/85NjR2JO2pCGJIbeHH84uEdiVmpQLbxP6sJYd+O0aYbX9k7abwy3fhNvUP4Wk4gW9XE3iF0NFaVruqx6sx1DNJVragOYdecQLaqI6tDmB0A6Kni/9JJuQ9ePPvSqRPa29tm7MBE3IlfEyZPaW9rmjitfVJ1kT5NSvU5bx2juYVjKvXSN69k1ii6e1RT/1LS2R8KNue2ldmRX3DmYOZ+/DJU2TnOYZV5dw9LD/ngAwqbCDlfpYoNuXwHD7lPbiVbnsSC+mP+qtA39J51cduMpksmzJw5Y2jyt9Tsw5K/8ThTsq2GprdVn676VsLLo+hyWSmfdVs15lYyZOYF04dcPPvSwVMumHBu27ltFx4x/Iijjhp2+OHDh3QMqjn5281IG7uqOTXSTxaXOKztONKvVuRU8nl8aEhISPS0xOp/2euVY3db9oOVty6Z8cv2Y9p++c1ddx2ztOrbL26+/IoDn/kfHxbM/6d/+vw/furED/7M+gzFjv/Xx8P8yeNbDvO3xsCiUo//1xc7mp89MaAhFZgTA3Mc5gcAAODLIe6OjHsz407pRxfs8Q93jbt/zIINhz61/vmyDX0O/euP/rW88opx/+W4Bxtu//5fFMz/55T2+//ttP5/dun6UcWW+R8USzQXW/8/vcx/dv3/OcXW/08v859d/3/RF7D+/6xsILVJ/s36/wAAwJfB57f+f7fL+6cvEFCQodvl/dMXCCjI0O0y/qVeIGCr1/9/tOGQkT9b873fNS6/aNq7/23I/aMH7N3wL4/uc/WkqSNHjx4x+B8K5v/Xljb/t3A/AAAA7DwOmnj805sm7Xv8Nf/z9l32+lnrd3c/YrcfLj+6bcHmDRP/4vb3zvvzgvn/otLm/5//+n+h2Pn/DcUCLcUWBrT+HwAAAD1UsfX/ht70nStfW3LCA/deOW1Ua+v42Vddc8Cag6pPDy+PXtDwJzPu+7hg/r+itPl/PO2iPC937M1HdcmadiG9pt07ddmfDAAAAEDPUB6amipLzJu3MOrxn73NlzJLgX5aOtdTDx3wwoNfH3HygiVV17xetsewT56+YeahJ37jx69t2ueyO8+/4ICC+f/a0ub/eb/LeOLCgXctbByz+0e3PLJx8htVzy3ccvwfAAAA2HFK3S8BAAAAAAAAAAAAAAB88U565GfXvDNx6TfmLPr17j/vNfa5FRtnzWmaXXvDaz++7jdH3fXIuILf/4exneWK/f4/Xvcv/r7gK3m5Y6vdr/+XuT9u9D2zO5csXF8XwgG5galXTt0lZK7Nf1BuYM2Zg/boSFyZLvHwqye83pE4Ox04efCADzoSR6cCrXGRxL3SgXhVxQ/6pQJxecXn04G4PVakA1WZwA/6JeMoS2+rt2qTbVWW3lYv1YbQPyeQ3VarapM2ytIDvCEVyA7wonQgDvCUTKA83at7+ia9ioHaWPS2vkmvAADYacVvgZVh8pT2tub4FT7efrUi/zbKW7JsbmG1ZSU2/0pmabK7RzX1LyXdK/1ddMu1xitDdccQhhZ8Xc3NUtY5yu1TSzeb7itFhtzdam/lRcqlbe2mqyo+oppkRE0Tp7VPqux24Id1n2VYRbdZhhZMdnKzlHdu0hJqKaEvJYyoxG1TQpfj/fLQ1NQrlevrMVgf8nT3iij19/q56/wVexXk5nnqrfann/z7F1bt98R/PHPuh3826buXzz/nrPeOPq/6b/5z2TP/deCuBfP/+tLm/9W54/ogczGAOfHKeiP6h9Ba4ogAAADgy++8C19d8P3HrntzQ0vj69OGXLfmH2ffdGlF3bKr//Slh/9y8/hrzt7W+Fu/vHO/RyZPePYr5x+2/KQ39jv0isaz377/T+aPe2he31t/vODOHxXM/xtKm//HPViZQ8HJ3o618fr/V/UPofPS+vVJYFkc7jn9Q9ivM9USSyQX1B8VSzQngWVxh8mgWKK1Jb+q3jGwIhV4sy4TWJsKrIuBzF6KO0NmV851dSEM70yNzS8xPZaoTwW+HQMNqUBTDDSnAv1iYGQq8K/9MoGWVOCpGAhT8rfV/f0y2woAAGBrZOZZlfl3Q3qet6Kiuwxl3WXo012G8u4yVHeXodgo4v37YobK1MkrZTmZKtO11qRqKcgQL4a/1f0qyBCezc+ZLljQdDz/IHu+QVl+hgdP/fq98xZOHlT+m4/XLWt9/4GJK2+bfeyq8x7+qycn7b/47hv2LZj/N5c2/++Tf5u0vi7O/7dc/y8JPBG7d308dbwhBjYclx/I7BhYFye787JVtWRKZCbt82KJkTHQkApMj4GRqUDr2Exg0R75gcxMO9v4VdnGp2RK5AQAAADgcxd3EMTdNHH+/+/Lnzvm8YrFd//ja+Pvvm/O2/fe9/N7773tvtF3bP7m81dd+t4lHxfM/0eWNv+P7fXNbezq2Jvf9wthVdmW3mQDg2uTQNyPURt/Hj+wNoRdcnZwZEu09UlKVKUaDo/XJL9Qr0pX9ZOaZI2BeH/crx9dM78jcUNNCAfm7H3JtvHP1UkbNelAY1US6JMOTKtIAnHPTzawujwJwDbL7hWML6jMqS5Z9V2XK/L6+7JcEzQ9vIJ9oF3k6+o3VztKdfqBzD7VrK172gqqY4coeHus9W7rie+2eu+23C9SmW8on2wJVYfySW2TJ8xqnxkfyf0la4Ed9Dzn/kq1lPR2eB3O+ey97V51ugPNqY+P5q7Ldf06LIvVPXHhwLsWNo7Z/ZZHNk5+o+q5hSV3o4j4Q+FnqwbU527eHa06ZF5zPe7zpMXnSU/8N9DgaQshbLz8pOtHVk2/atXow47e5/UzTque+f78v37g5Qff2/9vV04c9o0BBfP/ltLm/xWp207/Hjfmxf1DODhn466Pm//E/snnYE4g+ZTctTCQHHJ/ra7oJycAAABsb9ndHdn9BVMyt8kJ4el5cmH+lq3MH/dXjOwyf6n9/smg0/Z5YI97xl13+jE3//3vxvbbNP6lpcetbD2mcdmxv/hPZ9fML5j/t376/L93qpuO/zv+zw7i+H+XdvZd0b3TD8zZpl3RBdWxQzj+36Wd/d3m+H+XHP93/L8rjv93w/H/Lu3sT1vBt6TpvnSFEIaNOWtw7d2Dn/xg4JrfPvn0lH+a2zrh3m/Nu3XvT75bv2Rh/e59C+b/00ub/1v/r+tF+7Lr/7UWW/9verH1/+ZY/w8AANihiiw0l57nFazeV5AhvXpfQYZuFwjsdonBP9r1/+b1LtZ0d+v/PX7M0eNXjF7y27X7jjnoir5z556+21M3v9Qy84Oa2z/8YI9fHTyqYP4/p7T5f3w59M1tvaes/9cwtkhV18bAdAsDAgAAsDMqtm8CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAL9aeN14//rjm6lN+d+LlNaN/+PD6g6qvffX0y5dPuG3S1+64cNCslUuXVv7hhU2nTP7ejUc2blw14cUQpnSWK0uKl525ZOWPVl/0re88dMbN97y39+xl1Zl6KzO3e+fljq1+VBfCopxHamPinbqOO1sC40bfM7uiI7G+LoQDcgNTr5y6S0diSV0IB+UG1pw5aI+OxJXpEg+/esLrHYmz04GTBw/4oCNxdCZQlu7u3/RLuluW7u78fiH0zwlku3t+v/yqsm2clAmUp9v4u9qkjRiojUVvqk3aiIH2WGJK7xCGVITQK13VL6qTqnqlq/rf1UlVvdJVXVEdwogQQkW6qt9WJVVVpEf+bFVSVQzsuf+dmxo7EourQhiSG3hx/OLhHYkZqUC28dOqQti34yWTbvz+yqTxynTjN1aG8LUQQlW6xOaKpERVusTGihB2zQls2YgVIcwOfDnET59JuQ9ePPvSqRPa29tm7MBEVaatmjB5Sntb08Rp7ZOqU30qpiwn/cnczz72VzZdNrHj9u5RTf1LSVdkylV2dnlYZd7dw3b23sd+9cmtZMvzUVB/zF8V+obesy5um9F0yYSZM2cMTf6Wmn1Y8rdXJppsq6E9ZVs15lYyZOYF04dcPPvSwVMumHBu27ltFx4x/Iijjhp2+OHDh3QMqjn5uz1GuvjzH+lXK3Iq+Tze/19YolfYKbohIdHzEuV5n27NO/vneMEX/S0drQzVnR/QBdOK3CxlnaPcHoM+/jOO+LN8Tel2REMLJg4FWYZ1n+WwgsnEliw1SZbOr3UFk8Pcmso7N2m8Xx6amnoV2w71+XdzN+/b27B5X8psulLTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/2cHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBYwEAAAAAYf7WYfRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwKAAD//9DgIgE=")
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x30000c6, &(0x7f0000000080), 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0)
pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)

392.817352ms ago: executing program 0 (id=771):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f00000038c0), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
r1 = eventfd2(0x10, 0x80001)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})

333.667915ms ago: executing program 2 (id=772):
sendmsg$NL80211_CMD_SET_COALESCE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0xffffffffffffff8c, &(0x7f0000000b00)={&(0x7f0000000040)={0x28, 0x0, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8}, @void}}}, 0x28}, 0x1, 0x6c00}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl(r0, 0x8b32, &(0x7f0000000040))

231.600786ms ago: executing program 2 (id=773):
r0 = syz_io_uring_setup(0xe41, &(0x7f0000000140)={0x0, 0x2119, 0x1000}, &(0x7f0000000240)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_OPENAT2={0x1c, 0x0, 0x0, 0xffffffffffffff9c, &(0x7f00000004c0)={0x40102, 0x0, 0x3d}, &(0x7f0000000040)='./file0/file0\x00', 0xff52})
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)

201.492122ms ago: executing program 0 (id=774):
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)={0x200000, 0x200000})
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r0 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
ioctl$sock_bt_hidp_HIDPCONNDEL(r0, 0x400448c9, 0x0)

99.824656ms ago: executing program 0 (id=775):
r0 = fsopen(&(0x7f0000000040)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchownat(r1, &(0x7f0000000080)='.\x00', 0xffffffffffffffff, 0x0, 0x0)

48.117829ms ago: executing program 1 (id=776):
syz_usb_connect$hid(0x1, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x5ac, 0x240, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xa0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x20, 0x0, 0x87}}}}}]}}]}}, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan0\x00'})
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl(r0, 0x8b27, &(0x7f0000000040))

22.178803ms ago: executing program 0 (id=777):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = dup(r0)
r2 = syz_open_procfs(0x0, &(0x7f00000000c0)='attr/sockcreate\x00')
mount$9p_fd(0x0, &(0x7f0000000140)='.\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}})

0s ago: executing program 2 (id=778):
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_sock_size\x00', 0x2, 0x0)
write$cgroup_int(r0, &(0x7f0000000340)=0x4, 0x12)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r1, 0x0, 0x48b, &(0x7f00000000c0)={0x1, 'geneve0\x00'}, 0x18)

kernel console output (not intermixed with test programs):

 New replicast peer: 255.255.255.255
[   43.755691][ T6828] tipc: Enabled bearer <udp:syz2>, priority 10
[   43.785855][ T6482] bcachefs (loop3): marking filesystem clean
[   43.827102][ T6835] loop2: detected capacity change from 0 to 128
[   43.854144][ T6835] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[   43.857612][ T6835] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   43.864106][ T6482] bcachefs (loop3): shutdown complete
[   44.256512][ T6850] loop1: detected capacity change from 0 to 512
[   44.262712][ T6848] loop2: detected capacity change from 0 to 4096
[   44.302287][ T6848] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.307803][ T6850] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.354441][ T6848] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #15: comm syz.2.90: corrupted inode contents
[   44.359100][ T6848] EXT4-fs error (device loop2): ext4_dirty_inode:6103: inode #15: comm syz.2.90: mark_inode_dirty error
[   44.359890][ T6848] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #15: comm syz.2.90: corrupted inode contents
[   44.360139][ T6848] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #15: comm syz.2.90: mark_inode_dirty error
[   44.360336][ T6848] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #15: comm syz.2.90: corrupted inode contents
[   44.360912][ T6848] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #15: comm syz.2.90: mark_inode_dirty error
[   44.361426][ T6848] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #15: comm syz.2.90: corrupted inode contents
[   44.362356][ T6848] EXT4-fs error (device loop2): ext4_truncate:4255: inode #15: comm syz.2.90: mark_inode_dirty error
[   44.362576][ T6848] EXT4-fs error (device loop2) in ext4_setattr:5628: Corrupt filesystem
[   44.373986][ T6848] EXT4-fs error (device loop2): ext4_do_update_inode:5211: inode #15: comm syz.2.90: corrupted inode contents
[   44.406447][ T6475] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.412501][ T6480] EXT4-fs warning (device loop2): ext4_evict_inode:262: couldn't mark inode dirty (err -117)
[   44.449019][ T6480] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   44.483769][ T6039] Bluetooth: hci4: command tx timeout
[   44.483841][ T6039] Bluetooth: hci2: command tx timeout
[   44.486444][ T6478] Bluetooth: hci3: command tx timeout
[   44.486482][ T6486] Bluetooth: hci0: command tx timeout
[   44.486669][ T6479] Bluetooth: hci1: command tx timeout
[   44.704073][ T6857] loop1: detected capacity change from 0 to 32768
[   44.752872][ T6857] JBD2: Ignoring recovery information on journal
[   44.799700][ T6857] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[   44.860606][ T6867] loop4: detected capacity change from 0 to 512
[   44.873751][    T9] tipc: Node number set to 2886997007
[   44.881016][ T6861] loop2: detected capacity change from 0 to 40427
[   44.887044][ T6861] F2FS-fs (loop2): Insane cp_payload (553648128 >= 504)
[   44.889400][ T6861] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   44.920168][ T6857] (syz.1.92,6857,0):ocfs2_remove_inode_range:1794 ERROR: status = -22
[   44.920571][ T6857] (syz.1.92,6857,0):__ocfs2_change_file_space:2045 ERROR: status = -22
[   44.927936][ T6861] F2FS-fs (loop2): invalid crc value
[   44.959182][ T6867] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   44.986011][ T6475] ocfs2: Unmounting device (7,1) on (node local)
[   45.000587][ T6861] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   45.000823][ T6861] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   45.067301][ T6472] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   45.124950][ T6861] syz.2.94: attempt to access beyond end of device
[   45.124950][ T6861] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   45.125316][ T6861] CPU: 0 UID: 0 PID: 6861 Comm: syz.2.94 Not tainted 6.15.0-rc2-syzkaller-gc72692105976 #0 PREEMPT 
[   45.125335][ T6861] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   45.125343][ T6861] Call trace:
[   45.125348][ T6861]  show_stack+0x2c/0x3c (C)
[   45.125368][ T6861]  dump_stack_lvl+0xe4/0x150
[   45.125383][ T6861]  dump_stack+0x1c/0x1028
[   45.125395][ T6861]  f2fs_handle_critical_error+0x380/0x534
[   45.125409][ T6861]  f2fs_stop_checkpoint+0x58/0x6c
[   45.125424][ T6861]  f2fs_write_end_io+0x99c/0xdb0
[   45.125437][ T6861]  bio_endio+0x840/0x87c
[   45.125449][ T6861]  submit_bio_noacct+0x158/0x17cc
[   45.125462][ T6861]  submit_bio+0x374/0x564
[   45.125475][ T6861]  f2fs_submit_write_bio+0x13c/0x36c
[   45.125487][ T6861]  __submit_merged_bio+0x258/0x79c
[   45.125499][ T6861]  __submit_merged_write_cond+0x248/0x4e8
[   45.125511][ T6861]  f2fs_write_data_pages+0x20fc/0x2acc
[   45.125524][ T6861]  do_writepages+0x2f8/0x7c4
[   45.125540][ T6861]  filemap_fdatawrite+0x180/0x23c
[   45.125551][ T6861]  f2fs_sync_dirty_inodes+0x2c0/0x7d4
[   45.125566][ T6861]  f2fs_write_checkpoint+0x6c0/0x174c
[   45.125581][ T6861]  f2fs_issue_checkpoint+0x2b4/0x448
[   45.125596][ T6861]  f2fs_sync_fs+0x1e0/0x54c
[   45.125607][ T6861]  f2fs_mkdir+0x3ec/0x4e8
[   45.125617][ T6861]  vfs_mkdir+0x288/0x42c
[   45.125629][ T6861]  do_mkdirat+0x25c/0x5ec
[   45.125652][ T6861]  __arm64_sys_mkdirat+0x8c/0xa4
[   45.125664][ T6861]  invoke_syscall+0x98/0x2b8
[   45.125677][ T6861]  el0_svc_common+0x130/0x23c
[   45.125689][ T6861]  do_el0_svc+0x48/0x58
[   45.125701][ T6861]  el0_svc+0x54/0x168
[   45.125716][ T6861]  el0t_64_sync_handler+0x84/0x108
[   45.125730][ T6861]  el0t_64_sync+0x198/0x19c
[   45.125745][ T6861] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   45.219776][ T6876] loop4: detected capacity change from 0 to 128
[   45.238318][ T6876] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[   45.253153][ T6874] block nbd1: NBD_DISCONNECT
[   45.254506][ T6873] block nbd1: Disconnected due to user request.
[   45.256039][ T6876] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   45.259445][ T6836] loop0: detected capacity change from 0 to 131072
[   45.260794][ T6873] block nbd1: shutting down sockets
[   45.342297][ T6836] F2FS-fs (loop0): Mounted with checkpoint version = 1b41e955
[   45.530465][ T6890] loop1: detected capacity change from 0 to 64
[   45.916664][ T6907] loop3: detected capacity change from 0 to 2048
[   45.930910][ T6907] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[   45.937563][ T6907] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   46.042676][ T6482] UDF-fs: warning (device loop3): udf_evict_inode: Inode 1367 (mode 100000) has inode size 257 different from extent length 512. Filesystem need not be standards compliant.
[   46.182863][ T6903] loop1: detected capacity change from 0 to 32768
[   46.364401][ T6913] loop2: detected capacity change from 0 to 32768
[   46.429628][ T6943] loop4: detected capacity change from 0 to 2048
[   46.437947][ T6913] find_entry called with index >= next_index
[   46.450178][ T6903] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[   46.450266][ T6903] bcachefs (loop1): initializing new filesystem
[   46.455373][ T6903] bcachefs (loop1): going read-write
[   46.457135][ T6943] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   46.503803][ T6903] bcachefs (loop1): marking superblocks
[   46.529767][ T6903] bcachefs (loop1): initializing freespace
[   46.543450][ T6903] bcachefs (loop1): done initializing freespace
[   46.556180][ T6903] bcachefs (loop1): reading snapshots table
[   46.556276][ T6903] bcachefs (loop1): reading snapshots done
[   46.606030][ T6903] bcachefs (loop1): done starting filesystem
[   46.623614][ T6941] loop3: detected capacity change from 0 to 32768
[   46.627453][ T6941] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.122 (6941)
[   46.703047][ T6941] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[   46.703166][ T6941] BTRFS info (device loop3): using sha256 (sha256-ce) checksum algorithm
[   46.703203][ T6941] BTRFS info (device loop3): using free-space-tree
[   46.728599][ T6956] loop0: detected capacity change from 0 to 1024
[   46.742527][ T6475] bcachefs (loop1): shutting down
[   46.742579][ T6475] bcachefs (loop1): going read-only
[   46.742618][ T6475] bcachefs (loop1): finished waiting for writes to stop
[   46.765869][ T6475] bcachefs (loop1): flushing journal and stopping allocators, journal seq 2
[   46.797358][ T6956] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   46.873483][ T6471] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   46.914995][ T6475] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 3
[   46.915800][ T6475] bcachefs (loop1): clean shutdown complete, journal seq 4
[   46.954248][ T6475] bcachefs (loop1): marking filesystem clean
[   46.968372][ T6979] loop0: detected capacity change from 0 to 128
[   47.012165][ T6979] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   47.048004][ T6475] bcachefs (loop1): shutdown complete
[   47.062652][ T6482] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[   47.137839][ T6471] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   47.239695][ T6967] loop2: detected capacity change from 0 to 32768
[   47.260327][ T6983] loop4: detected capacity change from 0 to 32768
[   47.280240][ T6983] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   47.364181][ T6479] Bluetooth: hci0: Malformed LE Event: 0x0b
[   47.371897][ T6983] XFS (loop4): Ending clean mount
[   47.380306][ T6983] XFS (loop4): Quotacheck needed: Please wait.
[   47.395407][  T623] XFS (loop4): Metadata CRC error detected at xfs_allocbt_read_verify+0x50/0xf0, xfs_cntbt block 0x8 
[   47.395539][  T623] XFS (loop4): Unmount and run xfs_repair
[   47.395559][  T623] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[   47.395579][  T623] 00000000: 41 42 33 43 00 00 00 02 ff ff ff ff ff ff ff ff  AB3C............
[   47.395598][  T623] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 80  ................
[   47.395617][  T623] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91  ..G...N..b..1...
[   47.395636][  T623] 00000030: 00 00 00 00 b0 b0 1a b8 00 00 00 0d 00 00 00 13  ................
[   47.395664][  T623] 00000040: 00 00 12 48 00 00 0d b8 00 00 00 00 00 00 00 00  ...H............
[   47.395682][  T623] 00000050: 00 00 00 00 00 f9 ff ff ff ff ff ff ff 00 00 00  ................
[   47.395701][  T623] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[   47.395719][  T623] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[   47.395879][  T623] XFS (loop4): metadata I/O error in "xfs_btree_read_buf_block+0x274/0x434" at daddr 0x8 len 4 error 74
[   47.397222][ T6983] XFS (loop4): Quotacheck: Unsuccessful (Error -117): Disabling quotas.
[   47.486373][ T7003] loop0: detected capacity change from 0 to 256
[   47.591193][ T6983] XFS (loop4): Metadata CRC error detected at xfs_allocbt_read_verify+0x50/0xf0, xfs_cntbt block 0x8 
[   47.594971][ T6983] XFS (loop4): Unmount and run xfs_repair
[   47.596676][ T6983] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[   47.598864][ T6983] 00000000: 41 42 33 43 00 00 00 02 ff ff ff ff ff ff ff ff  AB3C............
[   47.604496][ T6983] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 80  ................
[   47.607143][ T6983] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91  ..G...N..b..1...
[   47.609775][ T6983] 00000030: 00 00 00 00 b0 b0 1a b8 00 00 00 0d 00 00 00 13  ................
[   47.612404][ T6983] 00000040: 00 00 12 48 00 00 0d b8 00 00 00 00 00 00 00 00  ...H............
[   47.615151][ T6983] 00000050: 00 00 00 00 00 f9 ff ff ff ff ff ff ff 00 00 00  ................
[   47.617694][ T6983] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[   47.620158][ T6983] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[   47.622767][ T6983] XFS (loop4): metadata I/O error in "xfs_btree_read_buf_block+0x274/0x434" at daddr 0x8 len 4 error 74
[   47.642382][ T6983] XFS (loop4): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x590/0xae8 (fs/xfs/xfs_trans_buf.c:311).  Shutting down filesystem.
[   47.648826][ T6983] XFS (loop4): Please unmount the filesystem and rectify the problem(s)
[   47.671083][ T6472] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   47.789145][ T7016] loop3: detected capacity change from 0 to 4096
[   47.819979][ T7020] capability: warning: `syz.0.147' uses deprecated v2 capabilities in a way that may be insecure
[   47.820463][ T7016] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[   47.882879][ T7023] sock: sock_set_timeout: `syz.0.148' (pid 7023) tries to set negative timeout
[   47.890131][ T7016] ntfs3(loop3): ino=0, attr_set_size
[   47.890764][ T7016] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[   48.005556][ T7029] loop4: detected capacity change from 0 to 4096
[   48.034500][ T7029] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.081544][ T7029] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #15: comm syz.4.151: corrupted inode contents
[   48.086764][ T7029] EXT4-fs error (device loop4): ext4_dirty_inode:6103: inode #15: comm syz.4.151: mark_inode_dirty error
[   48.090363][ T7029] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #15: comm syz.4.151: corrupted inode contents
[   48.110873][ T7029] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #15: comm syz.4.151: mark_inode_dirty error
[   48.119529][ T7029] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #15: comm syz.4.151: corrupted inode contents
[   48.123262][ T7029] EXT4-fs error (device loop4): __ext4_ext_dirty:207: inode #15: comm syz.4.151: mark_inode_dirty error
[   48.130156][ T7029] EXT4-fs error (device loop4): ext4_do_update_inode:5211: inode #15: comm syz.4.151: corrupted inode contents
[   48.131595][ T7029] EXT4-fs error (device loop4): ext4_truncate:4255: inode #15: comm syz.4.151: mark_inode_dirty error
[   48.132603][ T7029] EXT4-fs error (device loop4): ext4_evict_inode:270: comm syz.4.151: couldn't truncate inode 15 (err -117)
[   48.200355][ T7038] loop3: detected capacity change from 0 to 512
[   48.206754][ T6472] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.225253][ T7038] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[   48.227515][ T7038] EXT4-fs (loop3): 1 truncate cleaned up
[   48.228409][ T7038] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.299154][ T7041] netlink: 32 bytes leftover after parsing attributes in process `syz.4.155'.
[   48.307912][ T6482] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   48.311315][ T7034] loop0: detected capacity change from 0 to 32768
[   48.314411][ T7034] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.152 (7034)
[   48.333215][ T7034] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   48.333311][ T7034] BTRFS info (device loop0): using crc32c (crc32c-arm64) checksum algorithm
[   48.333351][ T7034] BTRFS info (device loop0): using free-space-tree
[   48.479754][ T7065] loop3: detected capacity change from 0 to 256
[   48.538058][ T7065] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   48.538186][ T7065] FAT-fs (loop3): Filesystem has been set read-only
[   48.538260][ T7065] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   48.538299][ T7065] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   48.538988][ T7065] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[   48.618253][ T7069] loop2: detected capacity change from 0 to 512
[   48.652014][ T7069] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   48.659327][ T6471] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   48.755379][ T6480] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.093093][ T7099] netlink: 16 bytes leftover after parsing attributes in process `syz.0.172'.
[   49.230608][ T7074] loop4: detected capacity change from 0 to 32768
[   49.267277][ T7074] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[   49.270843][ T7074] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   49.336079][ T7074] XFS (loop4): Ending clean mount
[   49.344111][ T7074] XFS (loop4): Quotacheck needed: Please wait.
[   49.360114][ T7074] XFS (loop4): Quotacheck: Done.
[   49.374866][ T7119] loop1: detected capacity change from 0 to 512
[   49.405820][ T7119] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[   49.405912][ T7119] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2
[   49.428010][ T7119] EXT4-fs (loop1): 1 truncate cleaned up
[   49.428889][ T7119] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   49.458774][ T7097] loop2: detected capacity change from 0 to 32768
[   49.498469][ T7122] loop3: detected capacity change from 0 to 1024
[   49.514954][ T6475] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   49.611309][ T6472] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   49.662032][ T7117] loop0: detected capacity change from 0 to 40427
[   49.681971][ T7117] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x3fffff
[   49.682032][ T7117] F2FS-fs (loop0): Image doesn't support compression
[   49.694662][ T7117] F2FS-fs (loop0): invalid crc value
[   49.737246][ T7097] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,degraded,no_splitbrain_check,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,nocow
[   49.737390][ T7097] bcachefs (loop2): recovering from clean shutdown, journal seq 10
[   49.737612][ T7097] bcachefs (loop2): Version upgrade required:
[   49.737612][ T7097] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[   49.737612][ T7097] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.25: extent_flags
[   49.737612][ T7097]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[   49.737879][ T7097] bcachefs (loop2): dropping and reconstructing all alloc info
[   49.818346][ T7117] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   49.826888][ T7097] bcachefs (loop2): accounting_read... done
[   49.843768][ T7097] bcachefs (loop2): alloc_read... done
[   49.843887][ T7097] bcachefs (loop2): snapshots_read... done
[   49.844471][ T7097] bcachefs (loop2): done starting filesystem
[   50.000635][ T6480] bcachefs (loop2): shutting down
[   50.062843][  T564] hfsplus: b-tree write err: -5, ino 4
[   50.087968][ T6480] bcachefs (loop2): shutdown complete
[   50.095439][ T7131] loop1: detected capacity change from 0 to 32768
[   50.133104][ T7131] ERROR: (device loop1): jfs_readdir: DT_GETPAGE: dtree page corrupt
[   50.133104][ T7131] 
[   50.136091][ T7131] ERROR: (device loop1): remounting filesystem as read-only
[   50.180170][ T7142] loop3: detected capacity change from 0 to 2048
[   50.208687][ T7142] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[   50.215975][ T7142] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   50.484506][ T7156] loop4: detected capacity change from 0 to 2048
[   50.518549][ T7160] @: renamed from vlan0 (while UP)
[   50.531529][ T7156] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   50.631161][ T6472] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   50.658422][ T7154] loop0: detected capacity change from 0 to 32768
[   50.665242][ T7154] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.182 (7154)
[   50.702378][ T7154] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   50.702480][ T7154] BTRFS info (device loop0): using sha256 (sha256-ce) checksum algorithm
[   50.702516][ T7154] BTRFS info (device loop0): using free-space-tree
[   50.736393][ T7171] loop1: detected capacity change from 0 to 256
[   50.771799][ T7171] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x99a53fd9, utbl_chksum : 0xe619d30d)
[   50.840401][ T7148] loop3: detected capacity change from 0 to 32768
[   50.849881][ T7148] ocfs2: Slot 0 on device (7,3) was already allocated to this node!
[   50.879422][ T7148] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[   50.998835][   T14] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[   51.030999][ T6482] ocfs2: Unmounting device (7,3) on (node local)
[   51.115423][ T6471] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   51.467954][ T7198] loop3: detected capacity change from 0 to 32768
[   51.532838][ T7209] loop0: detected capacity change from 0 to 2048
[   51.551530][ T7209] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[   51.555766][ T7210] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   51.622433][ T7200] loop4: detected capacity change from 0 to 32768
[   51.699388][ T7200] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   51.801177][ T7203] loop1: detected capacity change from 0 to 32768
[   51.832033][ T7198] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[   51.832129][ T7198] bcachefs (loop3): initializing new filesystem
[   51.832690][ T7198] bcachefs (loop3): going read-write
[   51.862386][ T7203] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[   51.865282][ T7203] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   51.886223][ T7198] bcachefs (loop3): marking superblocks
[   51.925039][ T7198] bcachefs (loop3): initializing freespace
[   51.928233][ T7198] bcachefs (loop3): done initializing freespace
[   51.929386][ T7198] bcachefs (loop3): reading snapshots table
[   51.929446][ T7198] bcachefs (loop3): reading snapshots done
[   51.951886][ T7200] XFS (loop4): Ending clean mount
[   51.956619][ T7198] bcachefs (loop3): done starting filesystem
[   51.975348][ T7203] XFS (loop1): Ending clean mount
[   51.978506][ T7203] XFS (loop1): Quotacheck needed: Please wait.
[   52.002923][  T623] XFS (loop1): Metadata CRC error detected at xfs_allocbt_read_verify+0x50/0xf0, xfs_cntbt block 0x10 
[   52.003220][  T623] XFS (loop1): Unmount and run xfs_repair
[   52.003241][  T623] XFS (loop1): First 128 bytes of corrupted metadata buffer:
[   52.003262][  T623] 00000000: 41 42 33 43 00 00 00 02 ff ff ff ff ff ff ff ff  AB3C............
[   52.003282][  T623] 00000010: 00 00 00 00 00 00 00 10 00 00 00 01 00 00 00 10  ................
[   52.003301][  T623] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[   52.003319][  T623] 00000030: 00 00 00 00 20 bb 84 11 00 00 04 4e 00 00 00 02  .... ......N....
[   52.003338][  T623] 00000040: 00 00 04 60 00 00 0b a0 00 00 00 00 00 00 00 00  ...`............
[   52.003356][  T623] 00000050: 00 00 00 00 00 00 07 00 00 00 00 00 00 00 00 00  ................
[   52.003375][  T623] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[   52.003394][  T623] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[   52.003415][  T623] XFS (loop1): metadata I/O error in "xfs_btree_read_buf_block+0x274/0x434" at daddr 0x10 len 8 error 74
[   52.008099][ T7203] XFS (loop1): Quotacheck: Unsuccessful (Error -117): Disabling quotas.
[   52.071591][ T7250] IPVS: sh: FWM 4 0x00000004 - no destination available
[   52.074360][   T26] IPVS: starting estimator thread 0...
[   52.111932][ T6482] bcachefs (loop3): shutting down
[   52.111987][ T6482] bcachefs (loop3): going read-only
[   52.112026][ T6482] bcachefs (loop3): finished waiting for writes to stop
[   52.152017][ T6472] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   52.157277][ T6475] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   52.159930][ T6482] bcachefs (loop3): flushing journal and stopping allocators, journal seq 2
[   52.177097][ T7251] IPVS: using max 40 ests per chain, 96000 per kthread
[   52.179350][ T6475] XFS (loop1): Uncorrected metadata errors detected; please run xfs_repair.
[   52.232682][ T7255] netlink: 4 bytes leftover after parsing attributes in process `syz.2.216'.
[   52.270661][ T6482] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 3
[   52.289184][ T6482] bcachefs (loop3): clean shutdown complete, journal seq 4
[   52.333732][ T6482] bcachefs (loop3): marking filesystem clean
[   52.389585][ T7260] loop4: detected capacity change from 0 to 128
[   52.390794][ T7260] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   52.397907][ T7260] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   52.438445][ T7261] netlink: 32 bytes leftover after parsing attributes in process `syz.1.217'.
[   52.438544][ T7261] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   52.438701][ T7261] IPv6: NLM_F_CREATE should be set when creating new route
[   52.438731][ T7261] IPv6: NLM_F_CREATE should be set when creating new route
[   52.439633][ T7261] netlink: 32 bytes leftover after parsing attributes in process `syz.1.217'.
[   52.439692][ T7261] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[   52.439773][ T7261] Zero length message leads to an empty skb
[   52.469909][ T6482] bcachefs (loop3): shutdown complete
[   52.484101][ T7265] loop2: detected capacity change from 0 to 4096
[   52.488501][ T7265] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[   52.535097][   T45] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   52.575878][ T7265] ntfs3(loop2): ino=1a, mi_enum_attr
[   52.575964][ T7265] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[   52.577587][ T7265] ntfs3(loop2): Failed to initialize $Extend/$ObjId.
[   52.987434][ T7278] netlink: 'syz.1.226': attribute type 5 has an invalid length.
[   53.088482][ T7253] loop0: detected capacity change from 0 to 65536
[   53.120650][ T7285] loop2: detected capacity change from 0 to 2048
[   53.129733][ T7253] XFS (loop0): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[   53.130802][ T7285] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   53.205618][ T7253] XFS (loop0): Ending clean mount
[   53.219484][ T7253] XFS (loop0): Quotacheck needed: Please wait.
[   53.239878][   T45] XFS (loop0): Metadata corruption detected at xfs_dinode_verify+0x2e4/0x1154, inode 0x25 dinode
[   53.240007][   T45] XFS (loop0): Unmount and run xfs_repair
[   53.240026][   T45] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[   53.240047][   T45] 00000000: 49 4e a1 ff 03 01 00 00 00 00 00 00 00 00 00 00  IN..............
[   53.240066][   T45] 00000010: 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00  ................
[   53.240084][   T45] 00000020: 34 f7 58 68 7a bb 44 4d 34 f7 58 68 7a bb 44 4d  4.Xhz.DM4.Xhz.DM
[   53.240103][   T45] 00000030: 34 f7 58 68 7a bb 44 4d 00 00 00 00 00 00 00 27  4.Xhz.DM.......'
[   53.240121][   T45] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[   53.240139][   T45] 00000050: 00 00 00 02 00 00 00 00 00 00 00 00 0c 44 49 b4  .............DI.
[   53.240158][   T45] 00000060: ff ff ff ff f1 fd ce d1 00 00 00 00 00 00 00 02  ................
[   53.240176][   T45] 00000070: 00 00 00 01 00 00 00 10 00 00 00 00 00 00 00 08  ................
[   53.294770][ T7253] XFS (loop0): Quotacheck: Unsuccessful (Error -117): Disabling quotas.
[   53.398202][ T6471] XFS (loop0): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[   53.402383][ T6471] XFS (loop0): Uncorrected metadata errors detected; please run xfs_repair.
[   53.485627][ T7304] loop1: detected capacity change from 0 to 256
[   53.486076][ T7304] exfat: Deprecated parameter 'namecase'
[   53.486161][ T7304] exfat: Deprecated parameter 'utf8'
[   53.539103][ T7304] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d)
[   53.672515][ T7302] loop4: detected capacity change from 0 to 32768
[   53.675928][ T7302] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.234 (7302)
[   53.713958][ T7302] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   53.714060][ T7302] BTRFS info (device loop4): using sha256 (sha256-ce) checksum algorithm
[   53.714097][ T7302] BTRFS info (device loop4): using free-space-tree
[   53.945770][ T7308] loop2: detected capacity change from 0 to 32768
[   53.948667][ T7308] BTRFS: device /dev/loop2 (7:2) using temp-fsid a66b7148-1a7e-43f5-a785-05584fe76ad4
[   53.948836][ T7308] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.238 (7308)
[   54.001329][ T7308] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   54.001425][ T7308] BTRFS info (device loop2): using sha256 (sha256-ce) checksum algorithm
[   54.001479][ T7308] BTRFS info (device loop2): disk space caching is enabled
[   54.001506][ T7308] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[   54.114416][  T623] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared)
[   54.138542][ T7308] BTRFS info (device loop2): rebuilding free space tree
[   54.178482][ T7308] BTRFS info (device loop2): disabling free space tree
[   54.178578][ T7308] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   54.178680][ T7308] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   54.181114][ T6472] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   54.360140][ T7350] loop1: detected capacity change from 0 to 32768
[   54.377681][ T7350] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.243 (7350)
[   54.378101][ T7321] loop0: detected capacity change from 0 to 32768
[   54.390842][ T7350] BTRFS info (device loop1 state S): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[   54.390937][ T7350] BTRFS info (device loop1 state S): using blake2b (blake2b-256-generic) checksum algorithm
[   54.390980][ T7350] BTRFS info (device loop1 state S): using free-space-tree
[   54.391012][ T7350] workqueue: max_active 2097158 requested for btrfs-worker is out of range, clamping between 1 and 2048
[   54.392677][ T7321] 
[   54.392677][ T7321]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   54.392677][ T7321] 
[   54.403149][ T7350] workqueue: max_active 2097158 requested for btrfs-delalloc is out of range, clamping between 1 and 2048
[   54.434210][ T7321] 
[   54.434210][ T7321]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   54.434210][ T7321] 
[   54.434350][ T7321] 
[   54.434350][ T7321]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   54.434350][ T7321] 
[   54.434373][ T7321] 
[   54.434373][ T7321]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   54.434373][ T7321] 
[   54.434392][ T7321] 
[   54.434392][ T7321]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   54.434392][ T7321] 
[   54.445573][  T102] 
[   54.445573][  T102]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   54.445573][  T102] 
[   54.451543][ T7350] workqueue: max_active 2097158 requested for btrfs-endio is out of range, clamping between 1 and 2048
[   54.470784][ T7350] workqueue: max_active 2097158 requested for btrfs-endio-meta is out of range, clamping between 1 and 2048
[   54.471132][ T7350] workqueue: max_active 2097158 requested for btrfs-rmw is out of range, clamping between 1 and 2048
[   54.479707][ T7350] workqueue: max_active 2097158 requested for btrfs-endio-write is out of range, clamping between 1 and 2048
[   54.487771][ T6471] 
[   54.487771][ T6471]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   54.487771][ T6471] 
[   54.491468][ T7350] workqueue: max_active 2097158 requested for btrfs-compressed-write is out of range, clamping between 1 and 2048
[   54.498982][ T6471] 
[   54.498982][ T6471]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   54.498982][ T6471] 
[   54.510816][  T564] BTRFS warning (device loop1 state S): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0x3fff8ff18ac4f264f26c9b61444b99be3a51e4b9014c9227426415668fcd4ed9 level 0, ignored
[   54.527830][  T701] BTRFS warning (device loop1 state CS): checksum verify failed on logical 5328896 mirror 1 wanted 0xe27e479340067083b74b333c1de55c530774f48d9bb4dbb5f2229db663324412 found 0x95f62be744ba79d2c7edda0b7f35c3ed250500c283e6cfbf6ba5d84a2ae65a3d level 1, ignored
[   54.528023][  T701] BTRFS error (device loop1 state CS): level verify failed on logical 5328896 mirror 1 wanted 0 found 1
[   54.573115][ T7377] sch_fq: defrate 9 ignored.
[   54.664129][   T14] BTRFS info (device loop2): qgroup scan completed (inconsistency flag cleared)
[   54.748963][ T6475] BTRFS info (device loop1 state CS): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[   54.758202][ T6480] BTRFS info (device loop2): last unmount of filesystem a66b7148-1a7e-43f5-a785-05584fe76ad4
[   55.161960][ T7374] loop4: detected capacity change from 0 to 32768
[   55.162379][ T7374] btrfs: Deprecated parameter 'usebackuproot'
[   55.162408][ T7374] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[   55.162900][ T7374] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.246 (7374)
[   55.220176][ T7374] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   55.220281][ T7374] BTRFS info (device loop4): using sha256 (sha256-ce) checksum algorithm
[   55.220316][ T7374] BTRFS info (device loop4): disk space caching is enabled
[   55.220337][ T7374] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[   55.229105][ T7398] loop2: detected capacity change from 0 to 1024
[   55.256764][ T7399] loop3: detected capacity change from 0 to 1024
[   55.267276][ T7407] loop0: detected capacity change from 0 to 256
[   55.279483][ T7399] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   55.306039][ T7374] BTRFS info (device loop4): rebuilding free space tree
[   55.308775][ T7407] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0xc4a18cab, utbl_chksum : 0xe619d30d)
[   55.314367][ T7398] hfsplus: bad catalog entry type
[   55.331737][ T7374] BTRFS info (device loop4): disabling free space tree
[   55.331814][ T7374] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   55.331840][ T7374] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   55.350601][  T701] hfsplus: b-tree write err: -5, ino 4
[   55.458296][   T14] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared)
[   55.588667][ T6472] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   55.843284][ T7444] loop2: detected capacity change from 0 to 2048
[   55.866173][ T7444] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[   55.867287][ T7444] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   55.879104][ T7446] loop4: detected capacity change from 0 to 2048
[   55.893680][ T7448] netlink: 'syz.0.271': attribute type 29 has an invalid length.
[   55.905056][ T7446] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   55.907952][ T7448] netlink: 'syz.0.271': attribute type 29 has an invalid length.
[   55.916468][ T7448] netlink: 'syz.0.271': attribute type 29 has an invalid length.
[   55.983618][ T7428] loop1: detected capacity change from 0 to 32768
[   55.996777][ T6480] UDF-fs: warning (device loop2): udf_evict_inode: Inode 1367 (mode 120777) has inode size 70 different from extent length 512. Filesystem need not be standards compliant.
[   56.051285][ T7427] loop3: detected capacity change from 0 to 32768
[   56.060880][ T7428] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   56.092497][ T7428] XFS (loop1): Ending clean mount
[   56.095573][ T7428] XFS (loop1): Quotacheck needed: Please wait.
[   56.133946][ T7428] XFS (loop1): Quotacheck: Done.
[   56.227291][ T6475] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   56.255520][ T7427] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[   56.255616][ T7427] bcachefs (loop3): initializing new filesystem
[   56.256250][ T7427] bcachefs (loop3): going read-write
[   56.314017][ T7478] loop2: detected capacity change from 0 to 1024
[   56.316227][ T7427] bcachefs (loop3): marking superblocks
[   56.321636][ T7478] hfsplus: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended.  mounting read-only.
[   56.326473][ T7478] hfsplus: failed to load extents file
[   56.331653][ T7427] bcachefs (loop3): initializing freespace
[   56.339387][ T7427] bcachefs (loop3): done initializing freespace
[   56.351830][ T7427] bcachefs (loop3): reading snapshots table
[   56.355005][ T7427] bcachefs (loop3): reading snapshots done
[   56.385561][ T7427] bcachefs (loop3): done starting filesystem
[   56.497094][ T7489] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci4/hci4:200/input3
[   56.592505][ T7493] netlink: 12 bytes leftover after parsing attributes in process `syz.2.284'.
[   56.595674][ T7493] netlink: 12 bytes leftover after parsing attributes in process `syz.2.284'.
[   56.759453][ T7476] loop4: detected capacity change from 0 to 32768
[   56.778545][ T6482] bcachefs (loop3): shutting down
[   56.778623][ T6482] bcachefs (loop3): going read-only
[   56.778659][ T6482] bcachefs (loop3): finished waiting for writes to stop
[   56.816168][ T6482] bcachefs (loop3): flushing journal and stopping allocators, journal seq 4
[   56.861116][ T7476] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): filesystem UUID already open
[   56.861226][ T7476] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutdown complete
[   56.883350][ T6482] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 4
[   56.886736][ T6482] bcachefs (loop3): clean shutdown complete, journal seq 5
[   56.912058][ T7500] loop0: detected capacity change from 0 to 32768
[   56.934594][ T6482] bcachefs (loop3): marking filesystem clean
[   56.958831][ T7500] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   56.983164][ T7476] bcachefs: bch2_fs_get_tree() error: EINVAL
[   56.999381][   T31] audit: type=1400 audit(56.977:2): lsm=SMACK fn=smack_inode_permission action=denied subject="w" object="_" requested=wx pid=7518 comm="syz.2.291" name="59" dev="tmpfs" ino=322
[   57.024965][ T6482] bcachefs (loop3): shutdown complete
[   57.067298][ T7500] XFS (loop0): Ending clean mount
[   57.159126][ T7531] loop4: detected capacity change from 0 to 1024
[   57.180526][ T6471] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   57.229729][   T14] hfsplus: b-tree write err: -5, ino 4
[   57.317448][ T7535] loop4: detected capacity change from 0 to 8
[   57.332388][ T7535] squashfs image failed sanity check
[   57.652269][ T7533] loop1: detected capacity change from 0 to 40427
[   57.669282][ T7533] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504)
[   57.669352][ T7533] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   57.670887][ T7533] F2FS-fs (loop1): invalid crc value
[   57.746217][ T7533] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   57.746286][ T7533] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   57.789714][ T7533] syz.1.298: attempt to access beyond end of device
[   57.789714][ T7533] loop1: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[   57.816852][ T7537] loop0: detected capacity change from 0 to 40427
[   57.818947][ T6475] syz-executor: attempt to access beyond end of device
[   57.818947][ T6475] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   57.827611][ T6475] CPU: 1 UID: 0 PID: 6475 Comm: syz-executor Not tainted 6.15.0-rc2-syzkaller-gc72692105976 #0 PREEMPT 
[   57.827646][ T6475] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   57.827655][ T6475] Call trace:
[   57.827659][ T6475]  show_stack+0x2c/0x3c (C)
[   57.827678][ T6475]  dump_stack_lvl+0xe4/0x150
[   57.827692][ T6475]  dump_stack+0x1c/0x1028
[   57.827704][ T6475]  f2fs_handle_critical_error+0x380/0x534
[   57.827717][ T6475]  f2fs_stop_checkpoint+0x58/0x6c
[   57.827731][ T6475]  f2fs_write_end_io+0x99c/0xdb0
[   57.827748][ T6475]  bio_endio+0x840/0x87c
[   57.827759][ T6475]  submit_bio_noacct+0x158/0x17cc
[   57.827772][ T6475]  submit_bio+0x374/0x564
[   57.827784][ T6475]  f2fs_submit_write_bio+0x13c/0x36c
[   57.827795][ T6475]  __submit_merged_bio+0x258/0x79c
[   57.827806][ T6475]  __submit_merged_write_cond+0x248/0x4e8
[   57.827818][ T6475]  f2fs_write_data_pages+0x20fc/0x2acc
[   57.827830][ T6475]  do_writepages+0x2f8/0x7c4
[   57.827845][ T6475]  filemap_fdatawrite+0x180/0x23c
[   57.827856][ T6475]  f2fs_sync_dirty_inodes+0x2c0/0x7d4
[   57.827870][ T6475]  f2fs_write_checkpoint+0x6c0/0x174c
[   57.827884][ T6475]  kill_f2fs_super+0x220/0x590
[   57.827895][ T6475]  deactivate_locked_super+0xc4/0x12c
[   57.827908][ T6475]  deactivate_super+0xe0/0x100
[   57.827918][ T6475]  cleanup_mnt+0x34c/0x3dc
[   57.827931][ T6475]  __cleanup_mnt+0x20/0x30
[   57.827942][ T6475]  task_work_run+0x230/0x2e0
[   57.827955][ T6475]  do_notify_resume+0x178/0x1f4
[   57.827965][ T6475]  el0_svc+0xac/0x168
[   57.827979][ T6475]  el0t_64_sync_handler+0x84/0x108
[   57.827991][ T6475]  el0t_64_sync+0x198/0x19c
[   57.828180][ T6475] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[   57.875527][ T7537] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   57.875610][ T7537] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   57.882603][ T7537] F2FS-fs (loop0): invalid crc value
[   57.954282][ T7537] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   57.954347][ T7537] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   58.100174][ T7566] mkiss: ax0: crc mode is auto.
[   58.214195][ T7562] loop4: detected capacity change from 0 to 32768
[   58.222061][ T7562] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.306 (7562)
[   58.232833][ T7570] tun0: tun_chr_ioctl cmd 1074025677
[   58.234485][ T7566] Falling back ldisc for ttyS3.
[   58.241083][ T7570] tun0: linktype set to 821
[   58.246991][ T7562] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   58.250482][ T7562] BTRFS info (device loop4): using crc32c (crc32c-arm64) checksum algorithm
[   58.253410][ T7562] BTRFS info (device loop4): disk space caching is enabled
[   58.255710][ T7562] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[   58.387549][ T7589] loop2: detected capacity change from 0 to 128
[   58.392239][ T7562] BTRFS info (device loop4): rebuilding free space tree
[   58.407389][ T7562] BTRFS info (device loop4): disabling free space tree
[   58.409414][ T7562] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   58.412851][ T7562] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   58.682536][ T6472] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   58.988781][ T7622] loop2: detected capacity change from 0 to 512
[   58.998495][ T7622] EXT4-fs error (device loop2): ext4_orphan_get:1416: comm syz.2.325: bad orphan inode 15
[   58.998783][ T7622] ext4_test_bit(bit=14, block=18) = 1
[   58.998825][ T7622] is_bad_inode(inode)=0
[   58.998847][ T7622] NEXT_ORPHAN(inode)=1023
[   58.998868][ T7622] max_ino=32
[   58.998888][ T7622] i_nlink=0
[   59.001543][ T7622] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2962: inode #15: comm syz.2.325: corrupted xattr block 19: invalid header
[   59.002505][ T7622] EXT4-fs warning (device loop2): ext4_evict_inode:279: xattr delete (err -117)
[   59.003475][ T7622] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none.
[   59.121226][ T6480] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0009-000000000000.
[   59.239715][ T7609] loop0: detected capacity change from 0 to 32768
[   59.334051][ T7629] loop3: detected capacity change from 0 to 32768
[   59.342272][ T7629] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.327 (7629)
[   59.355053][ T7629] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[   59.359300][ T7629] BTRFS info (device loop3): using sha256 (sha256-ce) checksum algorithm
[   59.359377][ T7629] BTRFS info (device loop3): using free-space-tree
[   59.384163][ T7609] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[   59.384249][ T7609] bcachefs (loop0): initializing new filesystem
[   59.384819][ T7609] bcachefs (loop0): going read-write
[   59.424259][ T7609] bcachefs (loop0): marking superblocks
[   59.430076][ T7609] bcachefs (loop0): initializing freespace
[   59.449281][ T7609] bcachefs (loop0): done initializing freespace
[   59.454994][ T7609] bcachefs (loop0): reading snapshots table
[   59.455084][ T7609] bcachefs (loop0): reading snapshots done
[   59.499611][ T7609] bcachefs (loop0): done starting filesystem
[   59.519539][ T7629] BTRFS info (device loop3): rebuilding free space tree
[   59.552385][ T7637] loop4: detected capacity change from 0 to 40427
[   59.563720][ T7637] F2FS-fs (loop4): build fault injection attr: rate: 690, type: 0x3fffff
[   59.566545][ T7637] F2FS-fs (loop4): Image doesn't support compression
[   59.568905][ T7637] F2FS-fs (loop4): Image doesn't support compression
[   59.575449][ T7637] F2FS-fs (loop4): invalid crc value
[   59.610607][ T7637] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   59.625555][ T6471] bcachefs (loop0): shutting down
[   59.625605][ T6471] bcachefs (loop0): going read-only
[   59.625857][ T6471] bcachefs (loop0): finished waiting for writes to stop
[   59.668855][ T6482] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[   59.672317][ T6471] bcachefs (loop0): flushing journal and stopping allocators, journal seq 2
[   59.727151][ T6471] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 3
[   59.730953][ T6471] bcachefs (loop0): clean shutdown complete, journal seq 4
[   59.754196][ T6471] bcachefs (loop0): marking filesystem clean
[   59.760462][   T12] kworker/u8:0: attempt to access beyond end of device
[   59.760462][   T12] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   59.761404][   T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted 6.15.0-rc2-syzkaller-gc72692105976 #0 PREEMPT 
[   59.761426][   T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   59.761434][   T12] Workqueue: writeback wb_workfn (flush-7:4)
[   59.761457][   T12] Call trace:
[   59.761461][   T12]  show_stack+0x2c/0x3c (C)
[   59.761477][   T12]  dump_stack_lvl+0xe4/0x150
[   59.761490][   T12]  dump_stack+0x1c/0x1028
[   59.761502][   T12]  f2fs_handle_critical_error+0x380/0x534
[   59.761515][   T12]  f2fs_stop_checkpoint+0x58/0x6c
[   59.761529][   T12]  f2fs_write_end_io+0x99c/0xdb0
[   59.761541][   T12]  bio_endio+0x840/0x87c
[   59.761552][   T12]  submit_bio_noacct+0x158/0x17cc
[   59.761566][   T12]  submit_bio+0x374/0x564
[   59.761577][   T12]  f2fs_submit_write_bio+0x13c/0x36c
[   59.761589][   T12]  __submit_merged_bio+0x258/0x79c
[   59.761600][   T12]  __submit_merged_write_cond+0x248/0x4e8
[   59.761612][   T12]  f2fs_write_data_pages+0x20fc/0x2acc
[   59.761624][   T12]  do_writepages+0x2f8/0x7c4
[   59.761639][   T12]  __writeback_single_inode+0x15c/0x15a4
[   59.761667][   T12]  writeback_sb_inodes+0x650/0x1088
[   59.761680][   T12]  wb_writeback+0x3e0/0xe9c
[   59.761693][   T12]  wb_workfn+0x38c/0x1048
[   59.761706][   T12]  process_one_work+0x810/0x1638
[   59.761718][   T12]  worker_thread+0x97c/0xf08
[   59.761729][   T12]  kthread+0x674/0x7dc
[   59.761743][   T12]  ret_from_fork+0x10/0x20
[   59.761758][   T12] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[   59.827850][ T6471] bcachefs (loop0): shutdown complete
[   59.829521][ T7637] VFS:Filesystem freeze failed
[   60.030454][ T7676] loop1: detected capacity change from 0 to 256
[   60.039313][ T7676] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84977, utbl_chksum : 0xe619d30d)
[   60.117260][ T7680] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   60.302812][ T7688] loop3: detected capacity change from 0 to 2048
[   60.355044][ T7688] iocharset maccenteuƒo not found
[   60.491230][ T7697] sp0: Synchronizing with TNC
[   60.503893][ T7696] [U] è
[   60.587238][ T7683] loop4: detected capacity change from 0 to 32768
[   60.616634][ T7683] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   60.719508][ T7683] XFS (loop4): Ending clean mount
[   60.742691][ T6472] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   60.782262][ T7699] loop1: detected capacity change from 0 to 32768
[   60.859396][ T7699] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[   60.869333][   T14] (kworker/u8:1,14,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=16, inode=66, rec_len=491, name_len=2
[   60.984889][ T6475] ocfs2: Unmounting device (7,1) on (node local)
[   61.096484][ T7724] netlink: 24 bytes leftover after parsing attributes in process `syz.4.355'.
[   61.150632][ T7729] loop1: detected capacity change from 0 to 512
[   61.158504][ T7729] EXT4-fs: inline encryption not supported
[   61.203148][ T6039] Bluetooth: hci0: command 0x0c1a tx timeout
[   61.205088][ T7636] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[   61.225125][ T7729] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   61.318221][ T6475] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.420119][ T7743] loop0: detected capacity change from 0 to 512
[   61.432928][ T7743] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[   61.434886][ T7743] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #13: comm syz.0.361: invalid indirect mapped block 2683928664 (level 1)
[   61.439056][ T7743] EXT4-fs (loop0): 1 truncate cleaned up
[   61.440034][ T7743] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   61.444836][ T7743] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.361: Invalid block bitmap block 3 in block_group 0
[   61.461560][ T6471] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   61.756908][ T7762] capability: warning: `syz.4.369' uses 32-bit capabilities (legacy support in use)
[   61.869161][ T7767] loop0: detected capacity change from 0 to 256
[   62.222757][ T7638] Bluetooth: hci0: Opcode 0x080f failed: -4
[   62.224402][ T7780] loop1: detected capacity change from 0 to 512
[   62.273089][ T7780] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   62.273148][ T7780] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   62.297187][ T7785] loop2: detected capacity change from 0 to 512
[   62.299915][ T7785] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   62.300092][ T7780] EXT4-fs (loop1): 1 truncate cleaned up
[   62.300934][ T7780] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   62.329970][ T7785] EXT4-fs (loop2): 1 truncate cleaned up
[   62.330895][ T7785] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   62.372371][ T7771] loop3: detected capacity change from 0 to 32768
[   62.382571][ T7771] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.373 (7771)
[   62.390178][ T7771] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   62.393818][ T7771] BTRFS info (device loop3): using sha256 (sha256-ce) checksum algorithm
[   62.396543][ T7771] BTRFS info (device loop3): using free-space-tree
[   62.402052][ T6475] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.502495][ T7771] BTRFS info (device loop3): rebuilding free space tree
[   62.607192][ T7775] loop4: detected capacity change from 0 to 40427
[   62.616816][ T7775] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x3fffff
[   62.637582][ T7775] F2FS-fs (loop4): invalid crc value
[   62.726743][ T7775] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   62.799087][ T6482] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   62.801299][ T6480] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   62.809959][ T6472] syz-executor: attempt to access beyond end of device
[   62.809959][ T6472] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   62.810045][ T6472] CPU: 1 UID: 0 PID: 6472 Comm: syz-executor Not tainted 6.15.0-rc2-syzkaller-gc72692105976 #0 PREEMPT 
[   62.810060][ T6472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   62.810068][ T6472] Call trace:
[   62.810071][ T6472]  show_stack+0x2c/0x3c (C)
[   62.810091][ T6472]  dump_stack_lvl+0xe4/0x150
[   62.810104][ T6472]  dump_stack+0x1c/0x1028
[   62.810116][ T6472]  f2fs_handle_critical_error+0x380/0x534
[   62.810129][ T6472]  f2fs_stop_checkpoint+0x58/0x6c
[   62.810143][ T6472]  f2fs_write_end_io+0x99c/0xdb0
[   62.810155][ T6472]  bio_endio+0x840/0x87c
[   62.810166][ T6472]  submit_bio_noacct+0x158/0x17cc
[   62.810179][ T6472]  submit_bio+0x374/0x564
[   62.810191][ T6472]  f2fs_submit_write_bio+0x13c/0x36c
[   62.810202][ T6472]  __submit_merged_bio+0x258/0x79c
[   62.810213][ T6472]  __submit_merged_write_cond+0x248/0x4e8
[   62.810225][ T6472]  f2fs_write_data_pages+0x20fc/0x2acc
[   62.810237][ T6472]  do_writepages+0x2f8/0x7c4
[   62.810252][ T6472]  filemap_fdatawrite+0x180/0x23c
[   62.810263][ T6472]  f2fs_sync_dirty_inodes+0x2c0/0x7d4
[   62.810277][ T6472]  f2fs_write_checkpoint+0x6c0/0x174c
[   62.810290][ T6472]  kill_f2fs_super+0x220/0x590
[   62.810302][ T6472]  deactivate_locked_super+0xc4/0x12c
[   62.810315][ T6472]  deactivate_super+0xe0/0x100
[   62.810325][ T6472]  cleanup_mnt+0x34c/0x3dc
[   62.810338][ T6472]  __cleanup_mnt+0x20/0x30
[   62.810349][ T6472]  task_work_run+0x230/0x2e0
[   62.810362][ T6472]  do_notify_resume+0x178/0x1f4
[   62.810373][ T6472]  el0_svc+0xac/0x168
[   62.810386][ T6472]  el0t_64_sync_handler+0x84/0x108
[   62.810399][ T6472]  el0t_64_sync+0x198/0x19c
[   62.810412][ T6472] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[   62.930081][ T7782] loop0: detected capacity change from 0 to 32768
[   62.938111][ T7782] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.378 (7782)
[   62.971115][ T7782] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   62.971217][ T7782] BTRFS info (device loop0): using sha256 (sha256-ce) checksum algorithm
[   62.971253][ T7782] BTRFS info (device loop0): using free-space-tree
[   63.052095][ T7832] loop3: detected capacity change from 0 to 24
[   63.052707][ T7832] MTD: Attempt to mount non-MTD device "/dev/loop3"
[   63.062535][ T7832] romfs: Mounting image 'rom 637cf1fa' through the block layer
[   63.258913][ T6471] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   63.283410][ T6039] Bluetooth: hci0: command 0x0c1a tx timeout
[   63.338278][ T7847] loop3: detected capacity change from 0 to 128
[   63.340857][ T7847] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[   63.345687][ T7847] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   63.455084][ T7855] loop1: detected capacity change from 0 to 16
[   63.465429][ T7855] erofs (device loop1): mounted with root inode @ nid 36.
[   63.474100][ T7855] erofs (device loop1): bogus lookback distance 1388 @ lcn 42 of nid 36
[   63.481319][ T7855] erofs (device loop1): failed to decompress -29 in[58, 4038] out[1851]
[   63.481441][ T7855] erofs (device loop1): read error -117 @ 43 of nid 36
[   63.483815][ T7855] erofs (device loop1): bogus lookback distance 1388 @ lcn 42 of nid 36
[   63.492311][ T7855] erofs (device loop1): bogus lookback distance 1388 @ lcn 42 of nid 36
[   63.492378][ T7855] erofs (device loop1): readahead error at folio 42 @ nid 36
[   63.492421][ T7855] erofs (device loop1): bogus lookback distance 774 @ lcn 40 of nid 36
[   63.492444][ T7855] erofs (device loop1): readahead error at folio 41 @ nid 36
[   63.492465][ T7855] erofs (device loop1): bogus lookback distance 774 @ lcn 40 of nid 36
[   63.492486][ T7855] erofs (device loop1): readahead error at folio 40 @ nid 36
[   63.492514][ T7855] erofs (device loop1): readahead error at folio 39 @ nid 36
[   63.492536][ T7855] erofs (device loop1): readahead error at folio 38 @ nid 36
[   63.498825][ T7855] erofs (device loop1): readahead error at folio 36 @ nid 36
[   63.498931][ T7855] erofs (device loop1): bogus lookback distance 1468 @ lcn 31 of nid 36
[   63.498955][ T7855] erofs (device loop1): readahead error at folio 31 @ nid 36
[   63.499063][ T7855] erofs (device loop1): readahead error at folio 25 @ nid 36
[   63.499094][ T7855] erofs (device loop1): readahead error at folio 24 @ nid 36
[   63.499348][ T7855] erofs (device loop1): readahead error at folio 19 @ nid 36
[   63.517102][ T7855] syz.1.393: attempt to access beyond end of device
[   63.517102][ T7855] loop1: rw=524288, sector=784, nr_sectors = 64 limit=16
[   63.517688][ T7855] syz.1.393: attempt to access beyond end of device
[   63.517688][ T7855] loop1: rw=524288, sector=13478624080, nr_sectors = 24 limit=16
[   63.517849][ T7855] syz.1.393: attempt to access beyond end of device
[   63.517849][ T7855] loop1: rw=524288, sector=13478624032, nr_sectors = 48 limit=16
[   63.518067][ T7855] erofs (device loop1): failed to decompress -29 in[58, 4038] out[2639]
[   63.518311][ T7855] erofs (device loop1): bogus lookback distance 1586 @ lcn 46 of nid 36
[   63.518337][ T7855] erofs (device loop1): readahead error at folio 47 @ nid 36
[   63.518358][ T7855] erofs (device loop1): bogus lookback distance 1586 @ lcn 46 of nid 36
[   63.518379][ T7855] erofs (device loop1): readahead error at folio 46 @ nid 36
[   63.518419][ T7855] erofs (device loop1): readahead error at folio 45 @ nid 36
[   63.519155][ T7855] syz.1.393: attempt to access beyond end of device
[   63.519155][ T7855] loop1: rw=524288, sector=24, nr_sectors = 8 limit=16
[   63.519241][ T7855] syz.1.393: attempt to access beyond end of device
[   63.519241][ T7855] loop1: rw=524288, sector=16, nr_sectors = 8 limit=16
[   63.520303][ T7855] erofs (device loop1): failed to decompress -29 in[58, 4038] out[3537]
[   63.899211][ T7870] loop2: detected capacity change from 0 to 1024
[   63.934992][ T7870] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   63.999578][ T6480] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   64.173278][ T7868] loop0: detected capacity change from 0 to 32768
[   64.190077][ T7868] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   64.218656][ T7891] netlink: 'syz.2.404': attribute type 29 has an invalid length.
[   64.223130][ T7891] netlink: 'syz.2.404': attribute type 29 has an invalid length.
[   64.226138][ T7891] netlink: 'syz.2.404': attribute type 29 has an invalid length.
[   64.345875][ T7868] XFS (loop0): Ending clean mount
[   64.441850][ T7903] loop1: detected capacity change from 0 to 256
[   64.449918][ T6471] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   64.486283][ T2383] ieee802154 phy0 wpan0: encryption failed: -22
[   64.486430][ T2383] ieee802154 phy1 wpan1: encryption failed: -22
[   64.536680][ T7905] loop3: detected capacity change from 0 to 512
[   64.545285][ T7903] FAT-fs (loop1): Directory bread(block 64) failed
[   64.548259][ T7903] FAT-fs (loop1): Directory bread(block 65) failed
[   64.550220][ T7903] FAT-fs (loop1): Directory bread(block 66) failed
[   64.552271][ T7903] FAT-fs (loop1): Directory bread(block 67) failed
[   64.552365][ T7903] FAT-fs (loop1): Directory bread(block 68) failed
[   64.552406][ T7903] FAT-fs (loop1): Directory bread(block 69) failed
[   64.552465][ T7903] FAT-fs (loop1): Directory bread(block 70) failed
[   64.552505][ T7903] FAT-fs (loop1): Directory bread(block 71) failed
[   64.552573][ T7903] FAT-fs (loop1): Directory bread(block 72) failed
[   64.552613][ T7903] FAT-fs (loop1): Directory bread(block 73) failed
[   64.602669][ T7905] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   64.607378][ T7893] loop4: detected capacity change from 0 to 32768
[   64.638005][ T7893] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.406 (7893)
[   64.667551][ T7893] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[   64.670591][ T7893] BTRFS info (device loop4): using sha256 (sha256-ce) checksum algorithm
[   64.673359][ T7893] BTRFS info (device loop4): using free-space-tree
[   64.748091][ T7893] BTRFS info (device loop4): rebuilding free space tree
[   64.768594][ T7926] loop0: detected capacity change from 0 to 1024
[   64.769092][ T7926] EXT4-fs: Ignoring removed orlov option
[   64.855159][ T6482] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   64.860475][ T7926] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   64.893268][ T7893] BTRFS info (device loop4): setting incompat feature flag for COMPRESS_LZO (0x8)
[   64.978549][ T7941] loop3: detected capacity change from 0 to 256
[   65.005385][ T6472] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[   65.012443][ T7941] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[   65.023586][ T6471] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   65.066252][ T7940] loop1: detected capacity change from 0 to 4096
[   65.111398][   T31] audit: type=1400 audit(65.077:3): lsm=SMACK fn=smack_task_setpgid action=denied subject="y" object="_" requested=w pid=7942 comm="syz.2.423" opid=7942 ocomm="syz.2.423"
[   65.152377][ T7941] exFAT-fs (loop3): error, invalid access to FAT free cluster (entry 0x00000008)
[   65.152529][ T7941] exFAT-fs (loop3): Filesystem has been set read-only
[   65.315476][ T7953] loop1: detected capacity change from 0 to 256
[   65.317981][ T7953] exfat: Deprecated parameter 'utf8'
[   65.433520][ T7948] loop2: detected capacity change from 0 to 32768
[   65.437006][ T7948] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.424 (7948)
[   65.446808][ T7948] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[   65.446905][ T7948] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[   65.446963][ T7948] BTRFS info (device loop2): using free-space-tree
[   65.677732][ T6480] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[   65.828024][ T7949] loop4: detected capacity change from 0 to 40427
[   65.844617][ T7949] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[   65.844700][ T7949] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   65.848846][ T7949] F2FS-fs (loop4): invalid crc value
[   65.917525][ T7984] loop3: detected capacity change from 0 to 4096
[   65.936002][ T7949] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   65.936062][ T7949] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   66.299531][ T7994] loop2: detected capacity change from 0 to 32768
[   66.303567][ T7994] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.437 (7994)
[   66.311768][ T7994] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[   66.315940][ T7994] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[   66.318663][ T7994] BTRFS info (device loop2): disk space caching is enabled
[   66.320803][ T7994] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[   66.350457][ T7996] loop3: detected capacity change from 0 to 32768
[   66.354668][ T7996] btrfs: Deprecated parameter 'usebackuproot'
[   66.359200][ T7994] BTRFS info (device loop2): rebuilding free space tree
[   66.363465][ T7996] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[   66.365496][ T7996] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.438 (7996)
[   66.376447][ T7996] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   66.376540][ T7996] BTRFS info (device loop3): using crc32c (crc32c-arm64) checksum algorithm
[   66.376573][ T7996] BTRFS info (device loop3): using free-space-tree
[   66.398066][ T7994] BTRFS info (device loop2): disabling free space tree
[   66.398138][ T7994] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   66.398164][ T7994] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   66.451071][ T6480] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[   66.480877][  T701] BTRFS warning (device loop3): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[   66.481092][ T7996] BTRFS error (device loop3): failed to load root extent
[   66.481133][ T7996] BTRFS warning (device loop3): try to load backup roots slot 1
[   66.492790][  T701] BTRFS warning (device loop3): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[   66.503423][ T7996] BTRFS warning (device loop3): couldn't read tree root
[   66.505411][ T7996] BTRFS warning (device loop3): try to load backup roots slot 2
[   66.507866][   T14] BTRFS error (device loop3): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[   66.510820][ T7996] BTRFS warning (device loop3): couldn't read tree root
[   66.512747][ T7996] BTRFS warning (device loop3): try to load backup roots slot 3
[   66.544148][ T7996] BTRFS info (device loop3): rebuilding free space tree
[   66.557720][ T7996] BTRFS info (device loop3): checking UUID tree
[   66.636109][ T8045] loop2: detected capacity change from 0 to 128
[   66.636941][ T8045] EXT4-fs (loop2): Test dummy encryption mode enabled
[   66.645925][ T8045] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   66.675377][ T6482] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   66.689141][ T6480] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   66.969755][ T6572] atkbd serio0: keyboard reset failed on 
[   67.013182][ T8071] netlink: 104 bytes leftover after parsing attributes in process `syz.2.458'.
[   67.082692][ T8067] loop1: detected capacity change from 0 to 32768
[   67.122398][ T8067] JBD2: Ignoring recovery information on journal
[   67.158612][ T8067] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[   67.222819][   T31] audit: type=1326 audit(67.197:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8076 comm="syz.2.460" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffbe35b728 code=0x7fc00000
[   67.246565][ T6475] ocfs2: Unmounting device (7,1) on (node local)
[   67.295291][ T8075] loop3: detected capacity change from 0 to 32768
[   67.320305][ T8075] JBD2: Ignoring recovery information on journal
[   67.348553][ T8075] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[   67.411167][ T6482] ocfs2: Unmounting device (7,3) on (node local)
[   67.931186][ T8106] loop4: detected capacity change from 0 to 32768
[   67.983343][   T31] audit: type=1326 audit(67.947:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8076 comm="syz.2.460" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=94 compat=0 ip=0xffffbe35b728 code=0x7fc00000
[   68.004656][ T8106] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   68.019715][ T8104] loop1: detected capacity change from 0 to 40427
[   68.032636][ T8104] F2FS-fs (loop1): Insane cp_payload (553648128 >= 504)
[   68.035289][ T8104] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[   68.043137][ T8104] F2FS-fs (loop1): heap/no_heap options were deprecated
[   68.043192][ T8104] F2FS-fs (loop1): build fault injection attr: rate: 17008, type: 0x3fffff
[   68.053598][ T8104] F2FS-fs (loop1): invalid crc value
[   68.117509][ T8104] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[   68.117574][ T8104] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   68.130100][ T8129] netlink: 40 bytes leftover after parsing attributes in process `syz.2.479'.
[   68.201677][ T8104] syz.1.472: attempt to access beyond end of device
[   68.201677][ T8104] loop1: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[   68.202708][ T8104] CPU: 0 UID: 0 PID: 8104 Comm: syz.1.472 Not tainted 6.15.0-rc2-syzkaller-gc72692105976 #0 PREEMPT 
[   68.202731][ T8104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   68.202739][ T8104] Call trace:
[   68.202744][ T8104]  show_stack+0x2c/0x3c (C)
[   68.202764][ T8104]  dump_stack_lvl+0xe4/0x150
[   68.202779][ T8104]  dump_stack+0x1c/0x1028
[   68.202791][ T8104]  f2fs_handle_critical_error+0x380/0x534
[   68.202806][ T8104]  f2fs_stop_checkpoint+0x58/0x6c
[   68.202821][ T8104]  f2fs_write_end_io+0x99c/0xdb0
[   68.202834][ T8104]  bio_endio+0x840/0x87c
[   68.202846][ T8104]  submit_bio_noacct+0x158/0x17cc
[   68.202859][ T8104]  submit_bio+0x374/0x564
[   68.202872][ T8104]  f2fs_submit_write_bio+0x13c/0x36c
[   68.202884][ T8104]  __submit_merged_bio+0x258/0x79c
[   68.202896][ T8104]  f2fs_submit_page_write+0xaf8/0x1b20
[   68.202908][ T8104]  do_write_page+0x4fc/0x71c
[   68.202919][ T8104]  f2fs_outplace_write_data+0x180/0x344
[   68.202931][ T8104]  f2fs_do_write_data_page+0xd94/0x121c
[   68.202949][ T8104]  f2fs_write_single_data_page+0x974/0x1614
[   68.202963][ T8104]  f2fs_write_data_pages+0x163c/0x2acc
[   68.202975][ T8104]  do_writepages+0x2f8/0x7c4
[   68.202992][ T8104]  filemap_write_and_wait_range+0x200/0x314
[   68.203004][ T8104]  f2fs_collapse_range+0x284/0x304
[   68.203020][ T8104]  f2fs_fallocate+0x3fc/0x954
[   68.203033][ T8104]  vfs_fallocate+0x578/0x6c0
[   68.203047][ T8104]  __arm64_sys_fallocate+0xc0/0x110
[   68.203060][ T8104]  invoke_syscall+0x98/0x2b8
[   68.203073][ T8104]  el0_svc_common+0x130/0x23c
[   68.203085][ T8104]  do_el0_svc+0x48/0x58
[   68.203097][ T8104]  el0_svc+0x54/0x168
[   68.203112][ T8104]  el0t_64_sync_handler+0x84/0x108
[   68.203125][ T8104]  el0t_64_sync+0x198/0x19c
[   68.231149][ T8104] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[   68.231322][ T8104] syz.1.472: attempt to access beyond end of device
[   68.231322][ T8104] loop1: rw=2049, sector=53272, nr_sectors = 8 limit=40427
[   68.258176][ T8104] CPU: 0 UID: 0 PID: 8104 Comm: syz.1.472 Not tainted 6.15.0-rc2-syzkaller-gc72692105976 #0 PREEMPT 
[   68.258200][ T8104] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   68.258208][ T8104] Call trace:
[   68.258212][ T8104]  show_stack+0x2c/0x3c (C)
[   68.258232][ T8104]  dump_stack_lvl+0xe4/0x150
[   68.258246][ T8104]  dump_stack+0x1c/0x1028
[   68.258259][ T8104]  f2fs_handle_critical_error+0x380/0x534
[   68.258273][ T8104]  f2fs_stop_checkpoint+0x58/0x6c
[   68.258287][ T8104]  f2fs_write_end_io+0x99c/0xdb0
[   68.258300][ T8104]  bio_endio+0x840/0x87c
[   68.258311][ T8104]  submit_bio_noacct+0x158/0x17cc
[   68.258324][ T8104]  submit_bio+0x374/0x564
[   68.258337][ T8104]  f2fs_submit_write_bio+0x13c/0x36c
[   68.258349][ T8104]  __submit_merged_bio+0x258/0x79c
[   68.258361][ T8104]  __submit_merged_write_cond+0x428/0x4e8
[   68.258373][ T8104]  f2fs_write_single_data_page+0xed4/0x1614
[   68.258386][ T8104]  f2fs_write_data_pages+0x163c/0x2acc
[   68.258399][ T8104]  do_writepages+0x2f8/0x7c4
[   68.258415][ T8104]  filemap_write_and_wait_range+0x200/0x314
[   68.258426][ T8104]  f2fs_collapse_range+0x284/0x304
[   68.258442][ T8104]  f2fs_fallocate+0x3fc/0x954
[   68.258455][ T8104]  vfs_fallocate+0x578/0x6c0
[   68.258469][ T8104]  __arm64_sys_fallocate+0xc0/0x110
[   68.258482][ T8104]  invoke_syscall+0x98/0x2b8
[   68.258495][ T8104]  el0_svc_common+0x130/0x23c
[   68.258507][ T8104]  do_el0_svc+0x48/0x58
[   68.258519][ T8104]  el0_svc+0x54/0x168
[   68.258533][ T8104]  el0t_64_sync_handler+0x84/0x108
[   68.258547][ T8104]  el0t_64_sync+0x198/0x19c
[   68.258560][ T8104] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[   68.308287][ T8132] loop2: detected capacity change from 0 to 2048
[   68.315915][ T8106] XFS (loop4): Ending clean mount
[   68.317918][ T8132] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[   68.327295][ T8106] XFS (loop4): Quotacheck needed: Please wait.
[   68.348017][ T8134] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   68.374245][ T8106] XFS (loop4): Quotacheck: Done.
[   68.391345][ T8114] loop3: detected capacity change from 0 to 32768
[   68.425596][ T8114] ocfs2: Slot 0 on device (7,3) was already allocated to this node!
[   68.433966][ T8114] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[   68.472419][ T6472] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   68.521193][ T6482] ocfs2: Unmounting device (7,3) on (node local)
[   68.600279][ T8142] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   68.738042][ T8152] debugfs: Directory 'ptm0' with parent 'caif_serial' already present!
[   68.881524][ T8161] team0: No ports can be present during mode change
[   68.882751][ T8158] bridge0: port 2(bridge_slave_1) entered learning state
[   68.884256][ T8158] bridge0: port 2(bridge_slave_1) entered disabled state
[   69.074690][ T8170] netlink: 8 bytes leftover after parsing attributes in process `syz.1.495'.
[   69.092479][ T8146] loop3: detected capacity change from 0 to 32768
[   69.102419][ T8146] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.486 (8146)
[   69.119007][ T8146] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   69.119107][ T8146] BTRFS info (device loop3): using sha256 (sha256-ce) checksum algorithm
[   69.119144][ T8146] BTRFS info (device loop3): using free-space-tree
[   69.215102][ T8146] BTRFS info (device loop3): rebuilding free space tree
[   69.321024][ T6482] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   69.322290][ T8200] loop2: detected capacity change from 0 to 1024
[   69.322722][ T8200] EXT4-fs: Ignoring removed oldalloc option
[   69.360361][ T8200] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   69.403683][ T8200] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   69.459640][ T6480] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   69.634047][   T10] cfg80211: failed to load regulatory.db
[   70.161290][ T8212] loop2: detected capacity change from 0 to 32768
[   70.203165][ T8212] XFS (loop2): DAX unsupported by block device. Turning off DAX.
[   70.203739][ T8212] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   70.229806][ T8197] loop4: detected capacity change from 0 to 65536
[   70.274484][ T8197] XFS (loop4): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[   70.282418][ T8212] XFS (loop2): Ending clean mount
[   70.289663][ T8212] XFS (loop2): Quotacheck needed: Please wait.
[   70.306957][ T8197] XFS (loop4): Ending clean mount
[   70.350443][  T701] XFS (loop2): Metadata CRC error detected at xfs_allocbt_read_verify+0x50/0xf0, xfs_cntbt block 0x10 
[   70.350623][  T701] XFS (loop2): Unmount and run xfs_repair
[   70.350655][  T701] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[   70.350682][  T701] 00000000: 41 42 33 43 00 00 00 02 ff ff ff ff ff ff ff ff  AB3C............
[   70.350702][  T701] 00000010: 00 00 00 00 00 00 00 10 00 00 00 01 00 00 00 10  ................
[   70.350721][  T701] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[   70.350740][  T701] 00000030: 00 00 00 00 20 bb 84 11 00 00 04 4e 00 00 00 02  .... ......N....
[   70.350758][  T701] 00000040: 00 00 04 60 00 00 0b a0 00 00 00 00 00 00 00 00  ...`............
[   70.350777][  T701] 00000050: 00 00 00 00 00 00 07 00 00 00 00 00 00 00 00 00  ................
[   70.350795][  T701] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[   70.350814][  T701] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[   70.350838][  T701] XFS (loop2): metadata I/O error in "xfs_btree_read_buf_block+0x274/0x434" at daddr 0x10 len 8 error 74
[   70.373848][ T8212] XFS (loop2): Quotacheck: Unsuccessful (Error -117): Disabling quotas.
[   70.433210][ T8212] XFS (loop2): Metadata CRC error detected at xfs_allocbt_read_verify+0x50/0xf0, xfs_cntbt block 0x10 
[   70.433369][ T8212] XFS (loop2): Unmount and run xfs_repair
[   70.433390][ T8212] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[   70.433411][ T8212] 00000000: 41 42 33 43 00 00 00 02 ff ff ff ff ff ff ff ff  AB3C............
[   70.433431][ T8212] 00000010: 00 00 00 00 00 00 00 10 00 00 00 01 00 00 00 10  ................
[   70.433450][ T8212] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[   70.433470][ T8212] 00000030: 00 00 00 00 20 bb 84 11 00 00 04 4e 00 00 00 02  .... ......N....
[   70.433489][ T8212] 00000040: 00 00 04 60 00 00 0b a0 00 00 00 00 00 00 00 00  ...`............
[   70.433508][ T8212] 00000050: 00 00 00 00 00 00 07 00 00 00 00 00 00 00 00 00  ................
[   70.433527][ T8212] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[   70.433546][ T8212] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[   70.433567][ T8212] XFS (loop2): metadata I/O error in "xfs_btree_read_buf_block+0x274/0x434" at daddr 0x10 len 8 error 74
[   70.447020][ T8212] XFS (loop2): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x590/0xae8 (fs/xfs/xfs_trans_buf.c:311).  Shutting down filesystem.
[   70.447072][ T8212] XFS (loop2): Please unmount the filesystem and rectify the problem(s)
[   70.530666][ T8226] loop1: detected capacity change from 0 to 32768
[   70.533043][ T8226] XFS: attr2 mount option is deprecated.
[   70.537002][ T6480] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   70.569919][ T8226] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   70.603853][ T6472] XFS (loop4): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[   70.620526][ T8223] loop0: detected capacity change from 0 to 32768
[   70.637068][ T8226] XFS (loop1): Ending clean mount
[   70.638561][ T8226] XFS (loop1): Quotacheck needed: Please wait.
[   70.653953][ T8223] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.511 (8223)
[   70.675422][ T8223] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[   70.675527][ T8223] BTRFS info (device loop0): using sha256 (sha256-ce) checksum algorithm
[   70.675562][ T8223] BTRFS info (device loop0): using free-space-tree
[   70.729320][ T8226] XFS (loop1): Quotacheck: Done.
[   70.837527][ T8270] loop4: detected capacity change from 0 to 512
[   70.840356][ T8223] BTRFS info (device loop0): rebuilding free space tree
[   70.876571][ T8270] EXT4-fs (loop4): Cannot turn on journaled quota: type 0: error -2
[   70.879478][ T8270] EXT4-fs (loop4): 1 truncate cleaned up
[   70.880422][ T8270] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   70.896885][ T6475] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   71.030193][   T31] audit: type=1326 audit(71.007:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8276 comm="syz.1.517" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa355b728 code=0x7ffc0000
[   71.043468][   T31] audit: type=1326 audit(71.017:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8276 comm="syz.1.517" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=220 compat=0 ip=0xffffa355b728 code=0x7ffc0000
[   71.065759][ T6472] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.091859][ T6471] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[   71.093803][   T31] audit: type=1326 audit(71.067:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8280 comm="syz.1.517" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=115 compat=0 ip=0xffffa3585e48 code=0x7ffc0000
[   71.093957][   T31] audit: type=1326 audit(71.067:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8276 comm="syz.1.517" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa355b728 code=0x7ffc0000
[   71.112749][   T31] audit: type=1326 audit(71.087:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8276 comm="syz.1.517" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa355b728 code=0x7ffc0000
[   71.217201][   T31] audit: type=1326 audit(71.197:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8276 comm="syz.1.517" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=117 compat=0 ip=0xffffa355b728 code=0x7ffc0000
[   71.217362][   T31] audit: type=1326 audit(71.197:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8276 comm="syz.1.517" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa355b728 code=0x7ffc0000
[   71.217480][   T31] audit: type=1326 audit(71.197:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8276 comm="syz.1.517" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffa355b728 code=0x7ffc0000
[   71.273050][   T31] audit: type=1326 audit(71.247:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=_ pid=8280 comm="syz.1.517" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=93 compat=0 ip=0xffffa355b728 code=0x7ffc0000
[   72.010623][ T8325] loop1: detected capacity change from 0 to 512
[   72.011094][ T8325] EXT4-fs: Ignoring removed orlov option
[   72.015698][ T8325] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   72.042427][ T8325] EXT4-fs (loop1): 1 orphan inode deleted
[   72.050365][ T8325] EXT4-fs (loop1): 1 truncate cleaned up
[   72.051297][ T8325] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.062802][ T8312] loop4: detected capacity change from 0 to 40427
[   72.158453][ T8312] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   72.204379][ T6475] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.321859][ T8322] loop2: detected capacity change from 0 to 32768
[   72.328160][ T6472] syz-executor: attempt to access beyond end of device
[   72.328160][ T6472] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   72.337122][ T6472] CPU: 0 UID: 0 PID: 6472 Comm: syz-executor Not tainted 6.15.0-rc2-syzkaller-gc72692105976 #0 PREEMPT 
[   72.337146][ T6472] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   72.337155][ T6472] Call trace:
[   72.337160][ T6472]  show_stack+0x2c/0x3c (C)
[   72.337179][ T6472]  dump_stack_lvl+0xe4/0x150
[   72.337193][ T6472]  dump_stack+0x1c/0x1028
[   72.337206][ T6472]  f2fs_handle_critical_error+0x380/0x534
[   72.337220][ T6472]  f2fs_stop_checkpoint+0x58/0x6c
[   72.337235][ T6472]  f2fs_write_end_io+0x99c/0xdb0
[   72.337248][ T6472]  bio_endio+0x840/0x87c
[   72.337260][ T6472]  submit_bio_noacct+0x158/0x17cc
[   72.337274][ T6472]  submit_bio+0x374/0x564
[   72.337286][ T6472]  f2fs_submit_write_bio+0x13c/0x36c
[   72.337299][ T6472]  __submit_merged_bio+0x258/0x79c
[   72.337311][ T6472]  __submit_merged_write_cond+0x248/0x4e8
[   72.337323][ T6472]  f2fs_write_data_pages+0x20fc/0x2acc
[   72.337336][ T6472]  do_writepages+0x2f8/0x7c4
[   72.337351][ T6472]  filemap_fdatawrite+0x180/0x23c
[   72.337363][ T6472]  f2fs_sync_dirty_inodes+0x2c0/0x7d4
[   72.337378][ T6472]  f2fs_write_checkpoint+0x6c0/0x174c
[   72.337393][ T6472]  kill_f2fs_super+0x220/0x590
[   72.337405][ T6472]  deactivate_locked_super+0xc4/0x12c
[   72.337418][ T6472]  deactivate_super+0xe0/0x100
[   72.337430][ T6472]  cleanup_mnt+0x34c/0x3dc
[   72.337443][ T6472]  __cleanup_mnt+0x20/0x30
[   72.337455][ T6472]  task_work_run+0x230/0x2e0
[   72.337469][ T6472]  do_notify_resume+0x178/0x1f4
[   72.337480][ T6472]  el0_svc+0xac/0x168
[   72.337494][ T6472]  el0t_64_sync_handler+0x84/0x108
[   72.337508][ T6472]  el0t_64_sync+0x198/0x19c
[   72.369301][ T6472] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[   72.392144][ T8322] XFS (loop2): DAX unsupported by block device. Turning off DAX.
[   72.409282][ T8322] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   72.486541][ T8322] XFS (loop2): Ending clean mount
[   72.519574][ T8322] XFS (loop2): Quotacheck needed: Please wait.
[   72.547782][ T8322] XFS (loop2): Quotacheck: Done.
[   72.603880][ T8350] loop3: detected capacity change from 0 to 1024
[   72.621679][ T8354] netlink: 8 bytes leftover after parsing attributes in process `syz.0.548'.
[   72.643903][ T8350] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.743318][ T6480] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   72.797960][ T6482] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.299052][ T8366] loop4: detected capacity change from 0 to 32768
[   73.312818][ T8366] XFS: ikeep mount option is deprecated.
[   73.321622][ T8386] loop3: detected capacity change from 0 to 4096
[   73.372206][ T8366] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   73.435495][ T8380] loop1: detected capacity change from 0 to 32768
[   73.440813][ T8366] XFS (loop4): Ending clean mount
[   73.441930][ T8366] XFS (loop4): Quotacheck needed: Please wait.
[   73.469243][ T8378] loop0: detected capacity change from 0 to 32768
[   73.474736][ T8378] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.557 (8378)
[   73.485913][ T8376] loop2: detected capacity change from 0 to 32768
[   73.487840][ T8378] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   73.487938][ T8378] BTRFS info (device loop0): using sha256 (sha256-ce) checksum algorithm
[   73.487973][ T8378] BTRFS info (device loop0): using free-space-tree
[   73.488894][ T8380] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[   73.489398][ T8380] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   73.491510][ T8366] XFS (loop4): Quotacheck: Done.
[   73.541061][ T8376] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[   73.555603][ T8380] XFS (loop1): Ending clean mount
[   73.560466][ T8380] XFS (loop1): Quotacheck needed: Please wait.
[   73.640555][ T8380] XFS (loop1): Quotacheck: Done.
[   73.670315][ T8376] XFS (loop2): Starting recovery (logdev: internal)
[   73.702241][ T8376] XFS (loop2): Ending recovery (logdev: internal)
[   73.707596][ T6472] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   73.789209][ T6475] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   73.791898][ T6480] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[   73.806277][   T14] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[   73.841858][ T6471] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   73.911945][ T8429] loop3: detected capacity change from 0 to 32768
[   73.982294][ T8439] loop1: detected capacity change from 0 to 512
[   73.985572][ T8439] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   74.021447][ T8439] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   74.180652][ T6475] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.202306][ T8429] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,recovery_pass_last=initialize_subvolumes,nojournal_transaction_names,noexcl,read_only
[   74.202434][ T8429] bcachefs (loop3): recovering from clean shutdown, journal seq 10
[   74.202563][ T8429] bcachefs (loop3): Version upgrade required:
[   74.202563][ T8429] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[   74.202563][ T8429] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.25: extent_flags
[   74.202563][ T8429]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[   74.246011][ T8429] bcachefs (loop3): bcachefs (loop3): error validating btree node at btree alloc level 0/0
[   74.246075][ T8429]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0
[   74.246103][ T8429]   node offset 8/24 bset u64s 375 bset byte offset 256: keys out of order: u64s 11 type alloc_v4 0:4294964982:0 len 0 ver 0 > u64s 11 type alloc_v4 0:3:0 len 0 ver 0, fixing
[   74.246561][ T8429] bcachefs (loop3): btree_node_read_work: rewriting btree node at due to error
[   74.246561][ T8429]   btree=alloc level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ac62141f8dc7e261 written 24 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0
[   74.271393][ T8429] bcachefs (loop3): accounting_read...
[   74.322250][ T8455] loop4: detected capacity change from 0 to 64
[   74.329228][ T8429]  done
[   74.329288][ T8429] bcachefs (loop3): alloc_read... done
[   74.329450][ T8429] bcachefs (loop3): Fixed errors, running fsck a second time to verify fs is clean
[   74.335503][ T8429] bcachefs (loop3): done starting filesystem
[   74.456821][ T6482] bcachefs (loop3): shutting down
[   74.511752][ T6472] hfs: node 4:3 still has 1 user(s)!
[   74.555584][ T6482] bcachefs (loop3): shutdown complete
[   74.655766][ T8476] loop1: detected capacity change from 0 to 512
[   74.686897][ T8476] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   74.689840][ T8476] EXT4-fs (loop1): 1 truncate cleaned up
[   74.690728][ T8476] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.790314][ T6475] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.841223][ T8473] loop2: detected capacity change from 0 to 32768
[   74.842084][ T8473] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.579 (8473)
[   74.860248][ T8473] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   74.860349][ T8473] BTRFS info (device loop2): using crc32c (crc32c-arm64) checksum algorithm
[   74.860382][ T8473] BTRFS info (device loop2): using free-space-tree
[   75.029278][ T6480] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   75.057810][ T8505] netlink: 16 bytes leftover after parsing attributes in process `syz.0.586'.
[   75.120560][ T8513] loop2: detected capacity change from 0 to 512
[   75.127015][ T8513] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   75.151638][ T8515] loop0: detected capacity change from 0 to 2048
[   75.189666][ T8513] EXT4-fs (loop2): 1 truncate cleaned up
[   75.190529][ T8513] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.212397][ T8518] veth0_to_team: entered promiscuous mode
[   75.214535][ T8518] veth0_to_team: entered allmulticast mode
[   75.276019][ T6480] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.313319][ T8522] loop1: detected capacity change from 0 to 1024
[   75.341295][ T8522] hfsplus: request for non-existent node 3 in B*Tree
[   75.348532][ T8522] hfsplus: request for non-existent node 3 in B*Tree
[   75.351220][ T8522] hfsplus: catalog searching failed
[   75.460991][ T8532] Bluetooth: MGMT ver 1.23
[   75.664889][ T8542] netlink: 12 bytes leftover after parsing attributes in process `syz.2.603'.
[   75.826066][ T8551] loop0: detected capacity change from 0 to 2048
[   75.841281][ T8552] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   75.907022][ T8538] loop1: detected capacity change from 0 to 32768
[   75.911076][ T8538] XFS: ikeep mount option is deprecated.
[   75.957830][ T8538] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[   75.980801][ T8548] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[   75.980973][ T8548] Bluetooth: hci0: Opcode 0x0406 failed: -4
[   75.995101][ T8548] Bluetooth: hci0: Opcode 0x0406 failed: -4
[   76.046069][ T8538] XFS (loop1): Ending clean mount
[   76.062811][ T8548] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[   76.071291][ T8548] Bluetooth: hci1: Opcode 0x0406 failed: -4
[   76.097381][ T8548] Bluetooth: hci1: Opcode 0x0406 failed: -4
[   76.104992][ T8548] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[   76.106822][ T8548] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   76.111607][ T8548] Bluetooth: hci2: Opcode 0x0406 failed: -4
[   76.116500][ T8548] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[   76.118433][ T8548] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   76.129623][ T8562] loop0: detected capacity change from 0 to 4096
[   76.130244][ T8538] XFS (loop1): User initiated shutdown received.
[   76.130332][ T8538] XFS (loop1): Log I/O Error (0x6) detected at xfs_fs_goingdown+0xe0/0x15c (fs/xfs/xfs_fsops.c:476).  Shutting down filesystem.
[   76.130369][ T8538] XFS (loop1): Please unmount the filesystem and rectify the problem(s)
[   76.156215][ T8548] Bluetooth: hci3: Opcode 0x0406 failed: -4
[   76.162700][ T8562] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512).
[   76.179157][ T8548] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[   76.179239][ T8548] Bluetooth: hci4: Opcode 0x0406 failed: -4
[   76.192626][ T6475] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[   76.195408][ T8548] Bluetooth: hci4: Opcode 0x0406 failed: -4
[   76.197878][ T8546] loop4: detected capacity change from 0 to 32768
[   76.232530][ T8546] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[   76.330189][ T8546] XFS (loop4): Ending clean mount
[   76.334309][ T8546] XFS (loop4): Quotacheck needed: Please wait.
[   76.383262][ T8576] loop3: detected capacity change from 0 to 128
[   76.385944][ T8546] XFS (loop4): Quotacheck: Done.
[   76.421631][ T8576] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   76.602938][ T8588] loop1: detected capacity change from 0 to 4096
[   76.609987][ T8588] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[   76.707636][ T8597] loop0: detected capacity change from 0 to 2048
[   76.754439][ T8597] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.798327][ T6482] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   76.862382][ T6471] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[   76.882614][ T6471] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6548: Corrupt filesystem
[   76.937286][ T6471] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.065954][ T8613] netlink: 'syz.0.623': attribute type 4 has an invalid length.
[   77.179112][ T6472] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[   77.240224][ T8621] loop3: detected capacity change from 0 to 1024
[   77.342830][ T8625] loop0: detected capacity change from 0 to 512
[   77.345894][ T8604] loop2: detected capacity change from 0 to 32768
[   77.349909][  T564] hfsplus: b-tree write err: -5, ino 4
[   77.388697][ T8625] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.408799][ T8604] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[   77.419491][ T8625] EXT4-fs (loop0): shut down requested (2)
[   77.510093][ T6471] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.572763][ T8637] loop0: detected capacity change from 0 to 128
[   77.575310][ T8637] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   77.594239][ T8624] loop1: detected capacity change from 0 to 40427
[   77.603354][ T8624] F2FS-fs (loop1): build fault injection attr: rate: 690, type: 0x3fffff
[   77.612863][ T8624] F2FS-fs (loop1): invalid crc value
[   77.615587][ T6480] ocfs2: Unmounting device (7,2) on (node local)
[   77.650514][ T8637] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   77.685044][ T8642] netlink: 8 bytes leftover after parsing attributes in process `syz.4.637'.
[   77.724054][ T8624] F2FS-fs (loop1): Start checkpoint disabled!
[   77.773124][ T8624] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[   78.007924][ T6039] Bluetooth: hci0: command 0x0c1a tx timeout
[   78.021713][ T8635] loop3: detected capacity change from 0 to 32768
[   78.062025][ T8635] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[   78.083085][ T6039] Bluetooth: hci1: command 0x0c1a tx timeout
[   78.091210][ T8644] loop4: detected capacity change from 0 to 32768
[   78.126407][ T8635] XFS (loop3): Ending clean mount
[   78.159265][ T8644] XFS (loop4): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[   78.163405][ T6039] Bluetooth: hci3: command 0x0c1a tx timeout
[   78.165191][ T6479] Bluetooth: hci2: command 0x0c1a tx timeout
[   78.243040][ T6039] Bluetooth: hci4: command 0x0c1a tx timeout
[   78.251821][ T8644] XFS (loop4): Ending clean mount
[   78.263281][ T8655] loop2: detected capacity change from 0 to 32768
[   78.280663][ T8655] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   78.341987][ T6472] XFS (loop4): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[   78.385426][ T6482] XFS (loop3): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[   78.434410][ T8655] XFS (loop2): Ending clean mount
[   78.452834][ T8647] loop0: detected capacity change from 0 to 32768
[   78.464358][ T8647] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.639 (8647)
[   78.468107][ T8655] XFS (loop2): Quotacheck needed: Please wait.
[   78.477956][ T8647] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   78.478052][ T8647] BTRFS info (device loop0): using crc32c (crc32c-arm64) checksum algorithm
[   78.478083][ T8647] BTRFS info (device loop0): disk space caching is enabled
[   78.478103][ T8647] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[   78.499529][ T8655] XFS (loop2): Quotacheck: Done.
[   78.576198][ T6480] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   78.627474][ T8647] BTRFS info (device loop0): rebuilding free space tree
[   78.638396][ T8684] loop1: detected capacity change from 0 to 32768
[   78.640993][ T8647] BTRFS info (device loop0): disabling free space tree
[   78.641055][ T8647] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   78.641081][ T8647] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   78.642225][ T8684] BTRFS: device /dev/loop1 (7:1) using temp-fsid 3cfbf533-7bff-4981-a353-5b19356250ec
[   78.642264][ T8684] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.643 (8684)
[   78.656111][ T8684] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   78.656931][ T8684] BTRFS info (device loop1): using crc32c (crc32c-arm64) checksum algorithm
[   78.656986][ T8684] BTRFS info (device loop1): using free-space-tree
[   78.806066][ T6471] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   78.979299][ T6475] BTRFS info (device loop1): last unmount of filesystem 3cfbf533-7bff-4981-a353-5b19356250ec
[   79.102478][ T8701] loop4: detected capacity change from 0 to 32768
[   79.117979][ T8708] loop2: detected capacity change from 0 to 32768
[   79.152106][ T8701] XFS (loop4): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[   79.183515][ T8708] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   79.242603][ T8701] XFS (loop4): Ending clean mount
[   79.264955][ T8708] XFS (loop2): Ending clean mount
[   79.267906][ T8708] XFS (loop2): Quotacheck needed: Please wait.
[   79.308059][ T8708] XFS (loop2): Quotacheck: Done.
[   79.317927][ T6472] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[   79.404566][ T6480] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   79.593653][ T8755] loop4: detected capacity change from 0 to 1764
[   79.812609][ T8767] netlink: 28 bytes leftover after parsing attributes in process `syz.1.660'.
[   79.834742][ T8731] loop0: detected capacity change from 0 to 65536
[   79.841199][ T8731] XFS (loop0): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[   79.912377][ T8731] XFS (loop0): Ending clean mount
[   79.924438][ T8731] XFS (loop0): Quotacheck needed: Please wait.
[   79.992401][ T8731] XFS (loop0): Quotacheck: Done.
[   80.059640][ T8763] loop2: detected capacity change from 0 to 32768
[   80.073682][ T8763] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.659 (8763)
[   80.079665][ T6471] XFS (loop0): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[   80.084823][ T6039] Bluetooth: hci0: command 0x0c1a tx timeout
[   80.087277][ T8763] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   80.087387][ T8763] BTRFS info (device loop2): using sha256 (sha256-ce) checksum algorithm
[   80.087430][ T8763] BTRFS info (device loop2): using free-space-tree
[   80.163108][ T6039] Bluetooth: hci1: command 0x0c1a tx timeout
[   80.221953][ T8761] loop3: detected capacity change from 0 to 32768
[   80.226144][ T8763] overlayfs: workdir and upperdir must be separate subtrees
[   80.244747][ T6039] Bluetooth: hci3: command 0x0c1a tx timeout
[   80.244824][ T6039] Bluetooth: hci2: command 0x0c1a tx timeout
[   80.284756][ T8761] JBD2: Ignoring recovery information on journal
[   80.306159][ T6480] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   80.308708][ T8761] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[   80.323260][ T6479] Bluetooth: hci4: command 0x0c1a tx timeout
[   80.481725][ T8817] OCFS2: ERROR (device loop3): int ocfs2_validate_inode_block(struct super_block *, struct buffer_head *): Invalid dinode #65: signature = 
[   80.481917][ T8817] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[   80.481959][ T8817] OCFS2: File system is now read-only.
[   80.481984][ T8817] (syz.3.657,8817,1):ocfs2_assign_bh:2417 ERROR: status = -30
[   80.482051][ T8817] (syz.3.657,8817,1):ocfs2_inode_lock_full_nested:2512 ERROR: status = -30
[   80.482081][ T8817] (syz.3.657,8817,1):ocfs2_inode_lock_tracker:2694 ERROR: status = -30
[   80.482109][ T8817] (syz.3.657,8817,1):ocfs2_xattr_set:3577 ERROR: status = -30
[   80.509319][ T6482] ocfs2: Unmounting device (7,3) on (node local)
[   80.690254][ T8823] loop1: detected capacity change from 0 to 2048
[   80.711378][ T8823] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[   80.739770][ T8828] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   80.964849][ T8834] loop0: detected capacity change from 0 to 16
[   80.965277][ T8834] MTD: Attempt to mount non-MTD device "/dev/loop0"
[   81.083334][ T8830] loop4: detected capacity change from 0 to 32768
[   81.132707][ T8811] loop2: detected capacity change from 0 to 32768
[   81.147777][ T8821] loop3: detected capacity change from 0 to 32768
[   81.170088][ T8811] XFS (loop2): Mounting V5 Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6
[   81.247088][ T8811] XFS (loop2): Ending clean mount
[   81.275412][ T8821] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): filesystem UUID already open
[   81.275519][ T8821] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutdown complete
[   81.296781][ T8830] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[   81.301489][ T8830] bcachefs (loop4): initializing new filesystem
[   81.304024][ T8830] bcachefs (loop4): going read-write
[   81.324544][ T6480] XFS (loop2): Unmounting Filesystem ca7e2101-b8f1-4838-8e2d-7637b90620e6
[   81.343258][ T8830] bcachefs (loop4): marking superblocks
[   81.358132][ T8830] bcachefs (loop4): initializing freespace
[   81.366578][ T8830] bcachefs (loop4): done initializing freespace
[   81.367702][ T8830] bcachefs (loop4): reading snapshots table
[   81.367759][ T8830] bcachefs (loop4): reading snapshots done
[   81.422198][ T8830] bcachefs (loop4): done starting filesystem
[   81.427502][ T8821] bcachefs: bch2_fs_get_tree() error: EINVAL
[   81.529401][ T6472] bcachefs (loop4): shutting down
[   81.529469][ T6472] bcachefs (loop4): going read-only
[   81.529508][ T6472] bcachefs (loop4): finished waiting for writes to stop
[   81.563086][ T6472] bcachefs (loop4): flushing journal and stopping allocators, journal seq 3
[   81.598353][ T8865] loop1: detected capacity change from 0 to 32768
[   81.644266][ T6472] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 3
[   81.648598][ T8865] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   81.649795][ T6472] bcachefs (loop4): clean shutdown complete, journal seq 4
[   81.653126][ T8876] loop2: detected capacity change from 0 to 1024
[   81.653596][ T8876] EXT4-fs: Ignoring removed orlov option
[   81.653630][ T8876] EXT4-fs: Ignoring removed nomblk_io_submit option
[   81.690873][ T8840] loop0: detected capacity change from 0 to 32768
[   81.693903][ T8865] XFS (loop1): Ending clean mount
[   81.694196][ T6472] bcachefs (loop4): marking filesystem clean
[   81.699446][ T8865] XFS (loop1): Quotacheck needed: Please wait.
[   81.704371][ T8840] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.681 (8840)
[   81.718716][ T8840] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   81.718810][ T8840] BTRFS info (device loop0): using crc32c (crc32c-arm64) checksum algorithm
[   81.718850][ T8840] BTRFS info (device loop0): using free-space-tree
[   81.719977][ T8876] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   81.804731][ T6480] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.827532][ T6472] bcachefs (loop4): shutdown complete
[   81.845703][ T8865] XFS (loop1): Quotacheck: Done.
[   81.907138][ T8840] BTRFS info (device loop0): rebuilding free space tree
[   81.972871][ T8902] loop2: detected capacity change from 0 to 64
[   82.013341][ T8902] BFS-fs: bfs_readdir(): Bad f_pos=00000002 for loop2:00000002
[   82.072199][ T6475] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   82.099183][ T6471] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   82.187410][ T6039] Bluetooth: hci0: command 0x0c1a tx timeout
[   82.243074][ T6039] Bluetooth: hci1: command 0x0c1a tx timeout
[   82.337080][ T6039] Bluetooth: hci2: command 0x0c1a tx timeout
[   82.337158][ T6039] Bluetooth: hci3: command 0x0c1a tx timeout
[   82.461139][  T623] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.514067][ T6039] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[   82.515932][ T6039] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[   82.519466][ T6039] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[   82.521036][ T6039] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[   82.521367][ T6039] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[   82.675591][  T623] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.776472][ T8915] loop2: detected capacity change from 0 to 40427
[   82.816267][ T8915] F2FS-fs (loop2): invalid crc value
[   82.854023][  T623] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.908605][ T8915] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   82.961529][  T623] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   82.988084][ T6480] syz-executor: attempt to access beyond end of device
[   82.988084][ T6480] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   82.992323][ T6480] CPU: 0 UID: 0 PID: 6480 Comm: syz-executor Not tainted 6.15.0-rc2-syzkaller-gc72692105976 #0 PREEMPT 
[   82.992349][ T6480] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   82.992358][ T6480] Call trace:
[   82.992362][ T6480]  show_stack+0x2c/0x3c (C)
[   82.992382][ T6480]  dump_stack_lvl+0xe4/0x150
[   82.992396][ T6480]  dump_stack+0x1c/0x1028
[   82.992409][ T6480]  f2fs_handle_critical_error+0x380/0x534
[   82.992423][ T6480]  f2fs_stop_checkpoint+0x58/0x6c
[   82.992438][ T6480]  f2fs_write_end_io+0x99c/0xdb0
[   82.992451][ T6480]  bio_endio+0x840/0x87c
[   82.992463][ T6480]  submit_bio_noacct+0x158/0x17cc
[   82.992476][ T6480]  submit_bio+0x374/0x564
[   82.992489][ T6480]  f2fs_submit_write_bio+0x13c/0x36c
[   82.992501][ T6480]  __submit_merged_bio+0x258/0x79c
[   82.992513][ T6480]  __submit_merged_write_cond+0x248/0x4e8
[   82.992526][ T6480]  f2fs_write_data_pages+0x20fc/0x2acc
[   82.992539][ T6480]  do_writepages+0x2f8/0x7c4
[   82.992554][ T6480]  filemap_fdatawrite+0x180/0x23c
[   82.992566][ T6480]  f2fs_sync_dirty_inodes+0x2c0/0x7d4
[   82.992581][ T6480]  f2fs_write_checkpoint+0x6c0/0x174c
[   82.992596][ T6480]  kill_f2fs_super+0x220/0x590
[   82.992609][ T6480]  deactivate_locked_super+0xc4/0x12c
[   82.992622][ T6480]  deactivate_super+0xe0/0x100
[   82.992633][ T6480]  cleanup_mnt+0x34c/0x3dc
[   82.992656][ T6480]  __cleanup_mnt+0x20/0x30
[   82.992668][ T6480]  task_work_run+0x230/0x2e0
[   82.992682][ T6480]  do_notify_resume+0x178/0x1f4
[   82.992693][ T6480]  el0_svc+0xac/0x168
[   82.992708][ T6480]  el0t_64_sync_handler+0x84/0x108
[   82.992721][ T6480]  el0t_64_sync+0x198/0x19c
[   83.031555][ T6480] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   83.100388][ T8918] chnl_net:caif_netlink_parms(): no params data found
[   83.158666][ T8933] loop1: detected capacity change from 0 to 32768
[   83.210700][ T8933] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   83.293627][ T8933] XFS (loop1): Ending clean mount
[   83.296433][ T8933] XFS (loop1): Quotacheck needed: Please wait.
[   83.323086][ T8933] XFS (loop1): Quotacheck: Done.
[   83.370251][  T623] bridge_slave_1: left allmulticast mode
[   83.370425][  T623] bridge_slave_1: left promiscuous mode
[   83.371757][  T623] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.409180][  T623] bridge_slave_0: left allmulticast mode
[   83.409250][  T623] bridge_slave_0: left promiscuous mode
[   83.410833][  T623] bridge0: port 1(bridge_slave_0) entered disabled state
[   83.439184][ T6475] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   83.881540][ T8974] loop0: detected capacity change from 0 to 32768
[   83.886168][ T8974] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.705 (8974)
[   83.896991][ T8974] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   83.897089][ T8974] BTRFS info (device loop0): using sha256 (sha256-ce) checksum algorithm
[   83.897126][ T8974] BTRFS info (device loop0): using free-space-tree
[   84.122126][ T6471] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   84.573102][ T6039] Bluetooth: hci4: command tx timeout
[   84.743512][ T8999] loop2: detected capacity change from 0 to 40427
[   84.751940][ T8999] F2FS-fs (loop2): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[   84.752006][ T8999] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   84.762248][ T8999] F2FS-fs (loop2): invalid crc value
[   84.785245][ T8999] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   84.787427][ T8999] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[   84.823182][ T8999] syz.2.708: attempt to access beyond end of device
[   84.823182][ T8999] loop2: rw=2051, sector=36912, nr_sectors = 8152 limit=40427
[   84.827877][ T8999] syz.2.708: attempt to access beyond end of device
[   84.827877][ T8999] loop2: rw=2051, sector=45096, nr_sectors = 85976 limit=40427
[   84.846744][ T8999] F2FS-fs (loop2): Issue discard(4614, 4614, 1019) failed, ret: -5
[   84.849196][ T8999] F2FS-fs (loop2): Issue discard(5637, 5637, 10747) failed, ret: -5
[   85.161289][  T623] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   85.207071][  T623] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   85.239312][  T623] bond0 (unregistering): Released all slaves
[   85.303775][ T8918] bridge0: port 1(bridge_slave_0) entered blocking state
[   85.303852][ T8918] bridge0: port 1(bridge_slave_0) entered disabled state
[   85.304004][ T8918] bridge_slave_0: entered allmulticast mode
[   85.304876][ T8918] bridge_slave_0: entered promiscuous mode
[   85.306416][ T8918] bridge0: port 2(bridge_slave_1) entered blocking state
[   85.306455][ T8918] bridge0: port 2(bridge_slave_1) entered disabled state
[   85.306543][ T8918] bridge_slave_1: entered allmulticast mode
[   85.325401][ T9014] loop4: detected capacity change from 0 to 1024
[   85.360612][ T9016] netlink: 4 bytes leftover after parsing attributes in process `syz.2.715'.
[   85.360823][ T8918] bridge_slave_1: entered promiscuous mode
[   85.479303][  T701] hfsplus: b-tree write err: -5, ino 4
[   85.548305][ T9026] ALSA: mixer_oss: invalid OSS volume 'P×}VIN'
[   85.708462][ T9024] loop0: detected capacity change from 0 to 32768
[   85.711326][ T9024] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.718 (9024)
[   85.716750][ T9024] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   85.719635][ T9024] BTRFS info (device loop0): using crc32c (crc32c-arm64) checksum algorithm
[   85.722774][ T9024] BTRFS info (device loop0): disk space caching is enabled
[   85.724957][ T9024] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[   85.786467][ T9024] BTRFS info (device loop0): rebuilding free space tree
[   85.802571][ T9024] BTRFS info (device loop0): disabling free space tree
[   85.802679][ T9024] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   85.802705][ T9024] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   85.872659][ T8918] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   85.922230][ T8918] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   86.011213][ T6471] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   86.281151][ T9032] loop4: detected capacity change from 0 to 32768
[   86.370811][ T9032] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   86.466964][ T8918] team0: Port device team_slave_0 added
[   86.469929][ T8918] team0: Port device team_slave_1 added
[   86.502325][ T9080] loop2: detected capacity change from 0 to 256
[   86.512547][ T9080] exfat: Deprecated parameter 'namecase'
[   86.512632][ T9080] exfat: Deprecated parameter 'namecase'
[   86.512669][ T9080] exfat: Deprecated parameter 'namecase'
[   86.521312][ T9032] XFS (loop4): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[   86.541749][ T9032] XFS (loop4): Starting recovery (logdev: internal)
[   86.552825][ T9032] XFS (loop4): Ending recovery (logdev: internal)
[   86.559964][ T9080] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x079995a4, utbl_chksum : 0xe619d30d)
[   86.643516][ T6039] Bluetooth: hci4: command tx timeout
[   86.654469][ T8918] batman_adv: batadv0: Adding interface: batadv_slave_0
[   86.656662][ T8918] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   86.664816][ T8918] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   86.717316][  T623] hsr_slave_0: left promiscuous mode
[   86.719217][  T623] hsr_slave_1: left promiscuous mode
[   86.719241][ T6472] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   86.720015][  T623] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   86.720084][  T623] batman_adv: batadv0: Removing interface: batadv_slave_0
[   86.732540][  T623] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   86.732601][  T623] batman_adv: batadv0: Removing interface: batadv_slave_1
[   86.798100][  T623] veth1_macvtap: left promiscuous mode
[   86.798349][  T623] veth0_macvtap: left promiscuous mode
[   86.798440][  T623] veth1_vlan: left promiscuous mode
[   86.802445][  T623] veth0_vlan: left promiscuous mode
[   86.981478][ T9030] loop1: detected capacity change from 0 to 131072
[   86.985946][ T9030] F2FS-fs (loop1): Invalid segment count (0)
[   86.986012][ T9030] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[   86.986081][ T9030] F2FS-fs (loop1): QUOTA feature is enabled, so ignore jquota_fmt
[   87.024537][ T9030] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[   87.026722][ T9030] F2FS-fs (loop1): Mounted with checkpoint version = 1b41e955
[   87.570440][ T9098] Injecting memory failure for pfn 0x13b42f at process virtual address 0x2042f000
[   87.582232][ T9098] Memory failure: 0x13b42f: recovery action for dirty LRU page: Recovered
[   87.590901][ T9098] Injecting memory failure for pfn 0x13ae2f at process virtual address 0x2062f000
[   87.593690][ T9098] Memory failure: 0x13ae2f: recovery action for unsplit thp: Failed
[   88.723146][ T6039] Bluetooth: hci4: command tx timeout
[   88.787519][  T623] team0 (unregistering): Port device team_slave_1 removed
[   89.021955][  T623] team0 (unregistering): Port device team_slave_0 removed
[   90.803171][ T6039] Bluetooth: hci4: command tx timeout
[   91.139431][ T8918] batman_adv: batadv0: Adding interface: batadv_slave_1
[   91.141019][ T8918] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   91.141048][ T8918] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   91.161113][ T9088] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[   91.494849][ T9115] loop2: detected capacity change from 0 to 32768
[   91.531104][ T9122] loop4: detected capacity change from 0 to 32768
[   91.540874][ T9115] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   91.544998][ T9122] 
[   91.544998][ T9122]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   91.544998][ T9122] 
[   91.569962][ T6472] 
[   91.569962][ T6472]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   91.569962][ T6472] 
[   91.577202][ T6472] 
[   91.577202][ T6472]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   91.577202][ T6472] 
[   91.627579][ T9115] XFS (loop2): Ending clean mount
[   91.635275][ T9115] XFS (loop2): Quotacheck needed: Please wait.
[   91.657136][ T9136] loop4: detected capacity change from 0 to 256
[   91.672318][ T9115] XFS (loop2): Quotacheck: Done.
[   91.681083][ T9136] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[   91.831445][ T6480] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   91.957308][ T9150] loop1: detected capacity change from 0 to 1024
[   91.972929][ T8918] hsr_slave_0: entered promiscuous mode
[   91.973891][ T8918] hsr_slave_1: entered promiscuous mode
[   91.974186][ T8918] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   91.974214][ T8918] Cannot create hsr debugfs directory
[   92.100173][   T14] hfsplus: b-tree write err: -5, ino 4
[   92.133036][ T9162] loop2: detected capacity change from 0 to 4096
[   92.184386][ T9166] 9p: Unknown access argument 18446744073709551615: -34
[   92.219289][ T9168] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   92.340570][ T9177] loop1: detected capacity change from 0 to 512
[   92.360965][ T9177] EXT4-fs: Ignoring removed i_version option
[   92.389376][ T9177] EXT4-fs error (device loop1): __ext4_fill_super:5502: inode #2: comm syz.1.755: casefold flag without casefold feature
[   92.389804][ T9177] EXT4-fs (loop1): get root inode failed
[   92.397528][ T9177] EXT4-fs (loop1): mount failed
[   92.532190][ T9177] wireguard0: entered promiscuous mode
[   92.532252][ T9177] wireguard0: entered allmulticast mode
[   92.708187][ T8918] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   92.794818][ T8918] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   92.802320][ T8918] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   92.840343][ T8918] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   92.872386][ T9211] loop4: detected capacity change from 0 to 512
[   92.911467][ T9211] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[   93.011210][ T9211] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000d40000 ro.
[   93.061504][ T6472] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[   93.143396][ T8918] 8021q: adding VLAN 0 to HW filter on device bond0
[   93.151051][ T8918] 8021q: adding VLAN 0 to HW filter on device team0
[   93.160935][  T564] bridge0: port 1(bridge_slave_0) entered blocking state
[   93.161013][  T564] bridge0: port 1(bridge_slave_0) entered forwarding state
[   93.161747][  T564] bridge0: port 2(bridge_slave_1) entered blocking state
[   93.161790][  T564] bridge0: port 2(bridge_slave_1) entered forwarding state
[   93.234432][ T8918] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   93.286517][ T9209] loop1: detected capacity change from 0 to 32768
[   93.360177][ T9209] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[   93.534704][ T8918] 8021q: adding VLAN 0 to HW filter on device batadv0
[   93.571244][ T6475] ocfs2: Unmounting device (7,1) on (node local)
[   93.628734][   T24] kernel write not supported for file /349/attr/sockcreate (pid: 24 comm: kworker/1:0)
[   93.679898][ T9261] 
[   93.680567][ T9261] ======================================================
[   93.682399][ T9261] WARNING: possible circular locking dependency detected
[   93.684206][ T9261] 6.15.0-rc2-syzkaller-gc72692105976 #0 Not tainted
[   93.685960][ T9261] ------------------------------------------------------
[   93.687937][ T9261] syz.2.778/9261 is trying to acquire lock:
[   93.689558][ T9261] ffff800093071868 (rtnl_mutex){+.+.}-{4:4}, at: rtnl_lock+0x20/0x2c
[   93.691891][ T9261] 
[   93.691891][ T9261] but task is already holding lock:
[   93.693884][ T9261] ffff0000d0bd9628 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x170/0xd0c
[   93.696579][ T9261] 
[   93.696579][ T9261] which lock already depends on the new lock.
[   93.696579][ T9261] 
[   93.699443][ T9261] 
[   93.699443][ T9261] the existing dependency chain (in reverse order) is:
[   93.701827][ T9261] 
[   93.701827][ T9261] -> #2 (&smc->clcsock_release_lock){+.+.}-{4:4}:
[   93.704139][ T9261]        __mutex_lock_common+0x1f0/0x2604
[   93.705670][ T9261]        mutex_lock_nested+0x2c/0x38
[   93.707118][ T9261]        smc_switch_to_fallback+0x48/0xa7c
[   93.708664][ T9261]        smc_sendmsg+0xfc/0x9f8
[   93.709949][ T9261]        __sys_sendto+0x360/0x4d8
[   93.711301][ T9261]        __arm64_sys_sendto+0xd8/0xf8
[   93.712716][ T9261]        invoke_syscall+0x98/0x2b8
[   93.714070][ T9261]        el0_svc_common+0x130/0x23c
[   93.715487][ T9261]        do_el0_svc+0x48/0x58
[   93.716795][ T9261]        el0_svc+0x54/0x168
[   93.717974][ T9261]        el0t_64_sync_handler+0x84/0x108
[   93.719520][ T9261]        el0t_64_sync+0x198/0x19c
[   93.720894][ T9261] 
[   93.720894][ T9261] -> #1 (sk_lock-AF_INET){+.+.}-{0:0}:
[   93.722973][ T9261]        sockopt_lock_sock+0x88/0x148
[   93.724390][ T9261]        do_ip_setsockopt+0x138c/0x32c0
[   93.725914][ T9261]        ip_setsockopt+0x80/0x128
[   93.727267][ T9261]        raw_setsockopt+0x104/0x2a4
[   93.728680][ T9261]        sock_common_setsockopt+0xb0/0xcc
[   93.730321][ T9261]        do_sock_setsockopt+0x2a0/0x4e0
[   93.731800][ T9261]        __arm64_sys_setsockopt+0x170/0x1e0
[   93.733340][ T9261]        invoke_syscall+0x98/0x2b8
[   93.734738][ T9261]        el0_svc_common+0x130/0x23c
[   93.736142][ T9261]        do_el0_svc+0x48/0x58
[   93.737452][ T9261]        el0_svc+0x54/0x168
[   93.738608][ T9261]        el0t_64_sync_handler+0x84/0x108
[   93.740229][ T9261]        el0t_64_sync+0x198/0x19c
[   93.741599][ T9261] 
[   93.741599][ T9261] -> #0 (rtnl_mutex){+.+.}-{4:4}:
[   93.743579][ T9261]        __lock_acquire+0x17b8/0x32c4
[   93.745076][ T9261]        lock_acquire+0x150/0x2e8
[   93.746418][ T9261]        __mutex_lock_common+0x1f0/0x2604
[   93.747959][ T9261]        mutex_lock_nested+0x2c/0x38
[   93.749430][ T9261]        rtnl_lock+0x20/0x2c
[   93.750690][ T9261]        start_sync_thread+0xe0/0x24bc
[   93.752181][ T9261]        do_ip_vs_set_ctl+0x558/0xd84
[   93.753593][ T9261]        nf_setsockopt+0x270/0x290
[   93.755047][ T9261]        ip_setsockopt+0x118/0x128
[   93.756428][ T9261]        tcp_setsockopt+0xcc/0xe8
[   93.757808][ T9261]        sock_common_setsockopt+0xb0/0xcc
[   93.759354][ T9261]        smc_setsockopt+0x1f8/0xd0c
[   93.760761][ T9261]        do_sock_setsockopt+0x2a0/0x4e0
[   93.762315][ T9261]        __arm64_sys_setsockopt+0x170/0x1e0
[   93.763984][ T9261]        invoke_syscall+0x98/0x2b8
[   93.765346][ T9261]        el0_svc_common+0x130/0x23c
[   93.766768][ T9261]        do_el0_svc+0x48/0x58
[   93.768054][ T9261]        el0_svc+0x54/0x168
[   93.769329][ T9261]        el0t_64_sync_handler+0x84/0x108
[   93.770861][ T9261]        el0t_64_sync+0x198/0x19c
[   93.772192][ T9261] 
[   93.772192][ T9261] other info that might help us debug this:
[   93.772192][ T9261] 
[   93.774878][ T9261] Chain exists of:
[   93.774878][ T9261]   rtnl_mutex --> sk_lock-AF_INET --> &smc->clcsock_release_lock
[   93.774878][ T9261] 
[   93.778711][ T9261]  Possible unsafe locking scenario:
[   93.778711][ T9261] 
[   93.780726][ T9261]        CPU0                    CPU1
[   93.782168][ T9261]        ----                    ----
[   93.783547][ T9261]   lock(&smc->clcsock_release_lock);
[   93.785043][ T9261]                                lock(sk_lock-AF_INET);
[   93.786970][ T9261]                                lock(&smc->clcsock_release_lock);
[   93.789102][ T9261]   lock(rtnl_mutex);
[   93.790253][ T9261] 
[   93.790253][ T9261]  *** DEADLOCK ***
[   93.790253][ T9261] 
[   93.792453][ T9261] 1 lock held by syz.2.778/9261:
[   93.793858][ T9261]  #0: ffff0000d0bd9628 (&smc->clcsock_release_lock){+.+.}-{4:4}, at: smc_setsockopt+0x170/0xd0c
[   93.796766][ T9261] 
[   93.796766][ T9261] stack backtrace:
[   93.798306][ T9261] CPU: 1 UID: 0 PID: 9261 Comm: syz.2.778 Not tainted 6.15.0-rc2-syzkaller-gc72692105976 #0 PREEMPT 
[   93.801307][ T9261] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[   93.804025][ T9261] Call trace:
[   93.804975][ T9261]  show_stack+0x2c/0x3c (C)
[   93.806198][ T9261]  dump_stack_lvl+0xe4/0x150
[   93.807445][ T9261]  dump_stack+0x1c/0x1028
[   93.808588][ T9261]  print_circular_bug+0x32c/0x334
[   93.809959][ T9261]  check_noncircular+0x15c/0x178
[   93.811284][ T9261]  __lock_acquire+0x17b8/0x32c4
[   93.812569][ T9261]  lock_acquire+0x150/0x2e8
[   93.813904][ T9261]  __mutex_lock_common+0x1f0/0x2604
[   93.815322][ T9261]  mutex_lock_nested+0x2c/0x38
[   93.816618][ T9261]  rtnl_lock+0x20/0x2c
[   93.817718][ T9261]  start_sync_thread+0xe0/0x24bc
[   93.819130][ T9261]  do_ip_vs_set_ctl+0x558/0xd84
[   93.820476][ T9261]  nf_setsockopt+0x270/0x290
[   93.821705][ T9261]  ip_setsockopt+0x118/0x128
[   93.822950][ T9261]  tcp_setsockopt+0xcc/0xe8
[   93.824157][ T9261]  sock_common_setsockopt+0xb0/0xcc
[   93.825601][ T9261]  smc_setsockopt+0x1f8/0xd0c
[   93.826885][ T9261]  do_sock_setsockopt+0x2a0/0x4e0
[   93.828286][ T9261]  __arm64_sys_setsockopt+0x170/0x1e0
[   93.829750][ T9261]  invoke_syscall+0x98/0x2b8
[   93.830947][ T9261]  el0_svc_common+0x130/0x23c
[   93.832277][ T9261]  do_el0_svc+0x48/0x58
[   93.833389][ T9261]  el0_svc+0x54/0x168
[   93.834473][ T9261]  el0t_64_sync_handler+0x84/0x108
[   93.835891][ T9261]  el0t_64_sync+0x198/0x19c
[   93.853770][ T9226] loop4: detected capacity change from 0 to 32768
[   93.854686][ T9226] btrfs: Deprecated parameter 'usebackuproot'
[   93.854988][ T9226] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[   93.874729][ T9226] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.770 (9226)
[   93.881235][ T9226] BTRFS info (device loop4): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[   93.881315][ T9226] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[   93.881354][ T9226] BTRFS info (device loop4): disk space caching is enabled
[   93.881371][ T9226] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[   93.900037][ T9268] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   93.900179][ T9268] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   93.905968][ T9266] IPVS: sync thread started: state = MASTER, mcast_ifn = geneve0, syncid = 0, id = 0
[   93.930114][   T63] BTRFS warning (device loop4): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xab36da95f7d629ca8cc302fd0fd3c25f2e0c358a27b6cae5b3699304a6c15a5c level 0
[   93.930380][ T9226] BTRFS error (device loop4): failed to load root extent
[   93.930408][ T9226] BTRFS warning (device loop4): try to load backup roots slot 1
[   93.947936][ T9226] BTRFS info (device loop4): rebuilding free space tree
[   93.950182][ T9226] BTRFS info (device loop4): disabling free space tree
[   93.950240][ T9226] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[   93.950266][ T9226] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[   93.951440][ T9226] BTRFS info (device loop4): checking UUID tree
[   94.020837][ T8918] veth0_vlan: entered promiscuous mode
[   94.026605][ T8918] veth1_vlan: entered promiscuous mode
[   94.047774][ T6472] BTRFS info (device loop4): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[   94.066590][ T8918] veth0_macvtap: entered promiscuous mode
[   94.068112][ T8918] veth1_macvtap: entered promiscuous mode
[   94.072031][ T8918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   94.072207][ T8918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   94.072223][ T8918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   94.072238][ T8918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   94.072253][ T8918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   94.072268][ T8918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   94.072281][ T8918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   94.072296][ T8918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   94.072786][ T8918] batman_adv: batadv0: Interface activated: batadv_slave_0
[   94.096745][ T8918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   94.096777][ T8918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   94.096793][ T8918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   94.096809][ T8918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   94.096824][ T8918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   94.096840][ T8918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   94.096854][ T8918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   94.096870][ T8918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   94.097705][ T8918] batman_adv: batadv0: Interface activated: batadv_slave_1
[   94.098565][ T8918] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   94.098598][ T8918] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   94.098623][ T8918] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   94.098666][ T8918] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   94.142100][ T8918] ieee80211 phy13: Selected rate control algorithm 'minstrel_ht'
[   94.169875][   T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.169926][   T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   94.175521][ T8918] ieee80211 phy14: Selected rate control algorithm 'minstrel_ht'
[   94.186584][   T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   94.186633][   T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.393040][  T623] unregister_netdevice: waiting for batadv0 to become free. Usage count = 3