last executing test programs:

56.550006241s ago: executing program 1 (id=488):
r0 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x14)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x19)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)

55.913895482s ago: executing program 1 (id=497):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xe)
ioctl$FIONREAD(r0, 0x80047437, &(0x7f0000002300))

55.112635804s ago: executing program 1 (id=498):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="3400000011000100000000000000000007000000", @ANYRES32=r2, @ANYBLOB="000000002000000014001a80100004800c000180"], 0x34}}, 0x0)

54.962443716s ago: executing program 1 (id=507):
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x2014800, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x204)

54.834261238s ago: executing program 1 (id=500):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$vfat(&(0x7f0000000500), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="757466383d302c756d61736b3d30303030303030303030303030303030303134373537372c73686f72746e616d653d6d697865642c636865636b3d7374726963742c636f6465706167653d313235302c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d302c756e695f786c6174653d312c696f636861727365743d63703836332c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c6e6f6e756d7461696c3d302c756e695f786c6174653d302c73686f72746e616d653d6c6f7765722c726f6469722c0073e891503a0309d91d60a3f79fb445ef040adbfaebe458f48306d4472e78e0c79837a8ba4cdfcf2664aea65ded67e7618d999eb426ea4d6e3c245287de93a7671165d44c0692c1e44faa189afae462610344caaf8690af6f5b8092420bf6e652ec1dd96df4f7fa2122c8a1eb91332abb080a48cf8d995e2f518dc460183619759f02357d416969cde8685c58841fd65e9ae556ec5221ab219a826bb13cc6ebfb345749e676fa449156aaef0e2d00409ca2cf5ae7c47b594d6a41fab2"], 0x26, 0x34e, &(0x7f0000000a80)="$eJzs3UtoXNUbAPBvetMkDfSfLP4QdDW6E6Q0ERe6SigVilloZfC1cTCpj9yxkMGBdJHpbBSXihtBV+5c6LJrcSHizoVbK0hV3NhdocUrM/fOzJ1HNBWTWPr7LcLHd84355x7T5ib18kra7G9eTIu3bx5I+bnKzGzdm4tblViKU5EErmrMaYzngAA7iW3six+z3Kl9PL03h8s9KPZI5gbAHA4eu//r50eJuaOczYAwFHY5+v/cc9MzV4+tGkBAIdo4v3/4ZHmsW/zzwx+JwAAuHc99+JLT69vRFysVucjGu+2aq1aPDlsX78Ub0QaW3E2FuNORP6gkD8tdD8+dWHj/Nlq189LUetWtGoRjXarlj8prCe9+rlYicVYKuqzQX3SrV/p1Vcj4mq7N340Kq3ayVgoxv9hIbZiNRbj/xP1ERc2zq9WixeoNfr17YhOzPcX0Z3/mViM716Ny5HGZnRrh/PfW6lWz2Ubpfp67wchm8dxQwAAAAAAAAAAAAAAAAAAAAAAuC+cqfZ1YnD+TdZot965ON5hqXy+TquWNxfnA3Xy84Gyuf7pPO8l4+cDjZ7P06rNxIljXTkAAAAAAAAAAAAAAAAAAAD8dzR3Z6Oepls7zd0r2+WgXcq89c3nX52K8T5vJsNMzOQvN9KnyEWpKolBeTYoz5KRPkWQRAw7f3ZtMOM8k0xZy8Qq5noLLGcqxZzqaXr6oZ8+nhh098r2H8NMEhOXZTSoFCOXmhr/y1N/UbV/sPo3fa5nWbZf+d5Hk1VRiZiZuHH/RvD1jdcfeKy5/Hgv82Vx6MMjjy4+f/3DT3/drqdRXJo0nd1p3sn+8VhJaf9UiutciSmbbWrQGWY6O83devL9by88+P63I31OTWySIsjKmbf7wfzo7a6n6Rfjo8/mQXeaB1npySmbf3rw8u3B7r37i7n8yVr92t6Pvxy0qvSJ5aAOAAAAAAAAAAAAAAAAAAA4EqW/Fb8LTzx7eDMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKM3/P//paAzkTlIcLsdk01zWzvNfQc/daRLBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgPvZnAAAA//9GI3B4")
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x2, 0x0)

54.438994975s ago: executing program 1 (id=503):
r0 = shmget$private(0x0, 0x4000, 0x7800132c, &(0x7f0000ffc000/0x4000)=nil)
r1 = shmat(r0, &(0x7f0000ffd000/0x2000)=nil, 0x4000)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
shmdt(r1)

54.130125299s ago: executing program 32 (id=503):
r0 = shmget$private(0x0, 0x4000, 0x7800132c, &(0x7f0000ffc000/0x4000)=nil)
r1 = shmat(r0, &(0x7f0000ffd000/0x2000)=nil, 0x4000)
mlock(&(0x7f0000ffd000/0x3000)=nil, 0x3000)
shmdt(r1)

34.076396445s ago: executing program 2 (id=729):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/mdstat\x00', 0x0, 0x0)
r1 = epoll_create1(0x0)
epoll_wait(r1, &(0x7f000000affb)=[{}], 0x1, 0x7fff)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040)={0x20000007})

33.827632038s ago: executing program 2 (id=730):
r0 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCSETA(r0, 0x5406, &(0x7f0000000200)={0xff02, 0xfff0, 0xffff, 0xffff, 0x14, "5f730000a9003f00"})
ioctl$TCXONC(r0, 0x540a, 0x0)
ioctl$TIOCL_GETMOUSEREPORTING(r0, 0x5412, &(0x7f00000006c0)=0x5f)

33.640851271s ago: executing program 2 (id=731):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x1c, &(0x7f0000000280)=[@in6={0xa, 0x4e21, 0x7ff, @private2, 0xeb2}]}, &(0x7f0000000180)=0x10)
r1 = socket$netlink(0x10, 0x3, 0x4)
writev(r1, &(0x7f0000000080)=[{&(0x7f0000000340)="480000001400190d09034beafd0d36020a841a000000230f00000000a2bc5603ca00000f7f89004e00200000000101ff00c00e03000200000000000000000300005839c900910000", 0x48}], 0x1)

32.713015146s ago: executing program 2 (id=748):
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f00000006c0)='./file1\x00', 0x40, &(0x7f00000000c0)={[{@user_xattr}, {@nodioread_nolock}]}, 0x1, 0x576, &(0x7f0000000140)="$eJzs3T1sG2UfAPD/neO3X3nf9JXeVwLUoQKkIlV1kn5AYWpXRKVKHZBYIHLcqIoTV7EDTZQh3StEBwSoS9lgYAQxMCAWRlYWEDNSRSOQmg5g5K80TZzglDouud9POvuee87+P8+d/499pzs5gMw62nhII56OiItJxMi6uqFoVx5trbe6slS8v7JUTKJev/RLEklE3FtZKnbWT9rPhyJiOSKeiohv8hHH081xqwuL0xPlcmmuXR6tzVwdrS4snrgyMzFVmirNnnrp5TNnT58ZPzm+/mX36+tL+Z319caPN9+98d2rt29++tmR5eL7E0mci+F23fp+PE6tbZKPcxuWn+5HsAFKBt0AHkmuneeNVPp/jESunfXd1Ed2tWlAn9X3RdSBjErkP2RU53dA4/i3M+3m748751sHII24q+2pVTPUOjcR+5vHJgd/TR46Mmkcbx7ezYayJy1fj4ixoaHNn/+k/fl7dGOPo4H01dfnWztq8/5P18af6DL+DHfOnf5NnfFvddP49yB+bovx72KPMX5/46ePtox/PeKZrvGTtfhJl/hpRLzVY/xbr395dqu6+scRx6J7/I5k+/PDo5evlEtjrceuMb46duSV7fp/cIv4rXO2+5tfM922f5fT2l198e3nzy5vE/+F57bf/922/4GIeK/H+P+998lrW9XduZ7cbfwK2On+TyIft3uM/+K5oz/0uCoAAAAAAAAAALADafNatiQtrM2naaHQuof3f3EwLVeqteOXK/Ozk61r3g5HPu1caTXSKieN8nj7etxO+eSG8qlcO2DuQLNcKFbKkwPuOwAAAAAAAAAAAAAAAAAAADwpDm24//+3XPP+/41/Vw3sVVv/5Tew18l/yK6H8z8ZWDuA3ef7HzKrLv8hu+Q/ZJf8h+yS/5Bd8h+yS/5Ddsl/AAAAAAAAAAAAAAAAAAAAAAAAAADoi4sXLjSm+v2VpWKjPDm0MD9defvEZKk6XZiZLxaKlbmrhalKZapcKhQrM3/1fkmlcnUsZuevjdZK1dpodWHxzZnK/GznP0VL+b73CAAAAAAAAAAAAAAAAAAAAP55hptTkhYiIm3Op2mhEPHviDicRHL5Srk0FhH/iYjvc/l9jfL4oBsNAAAAAAAAAAAAAAAAAAAAe0x1YXF6olwuzWVkZmgnK0fE8uNtRuMdd/yqfHtfPSnb0EwWZgY8MAEAAAAAAAAAAAAAAAAAQAY9uOm311f80d8GAQAAAAAAAAAAAAAAAAAAQCalPycR0ZiOjTw/vLH2X8lqrvkcEe/cuvTBtYlabW68sfzu2vLah+3lJwfRfqBXnTzt5DEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwQHVhcXqiXC7N9XFm0H0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBR/BgAA///eANcP")
mount(&(0x7f0000000080)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000f80)='./file1\x00', 0x0, 0x1000, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x8442, 0x5c)
ioctl$FS_IOC_RESVSP(r0, 0x40305839, 0x0)

32.333429772s ago: executing program 2 (id=752):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_LIST(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)={0x1c, 0x7, 0x6, 0x801, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}]}, 0x1c}}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

31.104326582s ago: executing program 2 (id=767):
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f00000001c0)='./bus\x00', 0x1000000, &(0x7f00000005c0)=ANY=[], 0x1, 0x126f, &(0x7f0000000280)="$eJzs3U1rY1UcB+B/2vQtY5uq4+gMiAfdKEKcduHKTZEZEAtKtQMqCHdsqqFpU5pQiIhTV64EP4aoS3eC+AW6ceNaEES6cTkL8UqbjDNp0o522lSG59ncwznnd8+5veXCDedw9175cn1ttVlZzVoxUihEcXMsirdTpBiJ0ejYiRdu/PzL02+98+7rC4uL15ZSur7w9tzLKaWZZ35475Nvn/2xdeHGdzPfT8Tu7Pt7f8z/untp9/LeX99ErZlqzbTRaKUs3Ww0WtnNejWt1JprlZTerFezZjVNdse4275ab2xutlO2sTJd2tyqNpsp22intWo7tQqptdVO2YdZbSNVKpU0XQoexPLXt/M8j8jzsRiPPM/zqSjFhXgkpmMmyjEbj8Zj8XhcjCfiUjwZT8Xlg17nPW8AAAAAAAAAAAAAAAAAAAB4uNxn/3+hf///xHlPGQAAAAAAAAAAAAAAAAAAAB46h/f/FyN8/x8AAAAAAAAAAAAAAAAAAACG7D7f/z+0//9F+/8BAAAAAAAAAAAAAAAAAADgLEx2DkspTUasf769vL3cOXbqF1ajFvWoxtUox59xsPu/o1O+/tritavpwGy8tH6rm7+1vTzam58bK8dsYWB+rpNPvfmJKN2bn49yXBw8/vzA/GQ8/9x+/rNOvhLl+OmDaEQ9ViIK3as/yH86l9KrbyxO9eav7Pc70ugZ3xYAAAA4TZX0j/73951up4Htnabu+3nq9iwc8/vAoffzYlwpntdVc0ez/fFaVq9Xt05YGD/6POO9NVPdniceqxARWU98pvTb0v4pTzr5UyuMDnXQseP7PMA9jeL/4I95CoXfv7qnZjKGO/pI9x89q+8/P/9dKnby/EwnNj6oaeK41NHPjMIZP5MYnrs3/bxnAgAAAAAAAAAAwH8xcPXfVET0rQf8qK/mzvLw3nj/mY8e/YshXCEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//+E38bU")
r0 = inotify_init1(0x0)
inotify_add_watch(r0, &(0x7f0000000400)='.\x00', 0xa4000021)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)

30.784834656s ago: executing program 33 (id=767):
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f00000001c0)='./bus\x00', 0x1000000, &(0x7f00000005c0)=ANY=[], 0x1, 0x126f, &(0x7f0000000280)="$eJzs3U1rY1UcB+B/2vQtY5uq4+gMiAfdKEKcduHKTZEZEAtKtQMqCHdsqqFpU5pQiIhTV64EP4aoS3eC+AW6ceNaEES6cTkL8UqbjDNp0o522lSG59ncwznnd8+5veXCDedw9175cn1ttVlZzVoxUihEcXMsirdTpBiJ0ejYiRdu/PzL02+98+7rC4uL15ZSur7w9tzLKaWZZ35475Nvn/2xdeHGdzPfT8Tu7Pt7f8z/untp9/LeX99ErZlqzbTRaKUs3Ww0WtnNejWt1JprlZTerFezZjVNdse4275ab2xutlO2sTJd2tyqNpsp22intWo7tQqptdVO2YdZbSNVKpU0XQoexPLXt/M8j8jzsRiPPM/zqSjFhXgkpmMmyjEbj8Zj8XhcjCfiUjwZT8Xlg17nPW8AAAAAAAAAAAAAAAAAAAB4uNxn/3+hf///xHlPGQAAAAAAAAAAAAAAAAAAAB46h/f/FyN8/x8AAAAAAAAAAAAAAAAAAACG7D7f/z+0//9F+/8BAAAAAAAAAAAAAAAAAADgLEx2DkspTUasf769vL3cOXbqF1ajFvWoxtUox59xsPu/o1O+/tritavpwGy8tH6rm7+1vTzam58bK8dsYWB+rpNPvfmJKN2bn49yXBw8/vzA/GQ8/9x+/rNOvhLl+OmDaEQ9ViIK3as/yH86l9KrbyxO9eav7Pc70ugZ3xYAAAA4TZX0j/73951up4Htnabu+3nq9iwc8/vAoffzYlwpntdVc0ez/fFaVq9Xt05YGD/6POO9NVPdniceqxARWU98pvTb0v4pTzr5UyuMDnXQseP7PMA9jeL/4I95CoXfv7qnZjKGO/pI9x89q+8/P/9dKnby/EwnNj6oaeK41NHPjMIZP5MYnrs3/bxnAgAAAAAAAAAAwH8xcPXfVET0rQf8qK/mzvLw3nj/mY8e/YshXCEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA3O3AsAAAAACDM3zqNjg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4KgAA//+E38bU")
r0 = inotify_init1(0x0)
inotify_add_watch(r0, &(0x7f0000000400)='.\x00', 0xa4000021)
openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)

3.324360748s ago: executing program 3 (id=1057):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000000)={0x4800}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000240)={0x0, 0xffffffffffffff4a, &(0x7f0000000200)={&(0x7f0000000080)={0x18, 0x16, 0xa01}, 0x78}}, 0x0)
recvmmsg$unix(r0, &(0x7f0000006b40)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x2, 0x0)

3.156396581s ago: executing program 3 (id=1059):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x10, &(0x7f00000002c0)=[@in={0x2, 0x0, @local}]}, &(0x7f0000000440)=0x10)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r0, 0x84, 0x78, &(0x7f0000000040)=r1, 0x4)

3.054447272s ago: executing program 3 (id=1063):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MP_STATE(r2, 0x4004ae99, &(0x7f0000000000)=0x6)

2.882652595s ago: executing program 4 (id=1066):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
kexec_load(0x3e01, 0x1, &(0x7f00000002c0)=[{0x0, 0x0, 0x8ff600000, 0x1000000}], 0x0)

2.738909377s ago: executing program 3 (id=1068):
r0 = syz_usb_connect(0x3, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
close(0x3)
syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02)
syz_usb_disconnect(r0)

2.55119531s ago: executing program 0 (id=1071):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000240)=[@mss, @sack_perm, @timestamp, @mss={0x2, 0x1}, @window, @window={0x3, 0x0, 0xfffc}, @timestamp, @timestamp], 0x8)

2.451798042s ago: executing program 4 (id=1072):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000500)={0x1, &(0x7f00000004c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x5, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
faccessat(0xffffffffffffffff, 0x0, 0x16e)

2.257840485s ago: executing program 4 (id=1074):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000001c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xa, '\x00', 0x0, @fallback=0x1a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000180)='tlb_flush\x00', r0}, 0x10)
syz_clone(0x1802000, 0x0, 0x0, 0x0, 0x0, 0x0)

2.208982056s ago: executing program 5 (id=1075):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./bus\x00', 0x2008042, &(0x7f00000000c0), 0x1, 0x571, &(0x7f0000000780)="$eJzs3c+PG1cdAPDvzP5yk7SbQA9QAQlQCCiKnXXaqOql5QJCVSVExQFxSJddZ7XEjkPsLd0lUrd/A0ggcYI/gQMSB6SeOHDjiMQBEOWAVCACJUgcBs3Yu+ts7MSNvXaz/nykybyZN+Pve/bOvOdnxy+AmXUuInYjYjEi3oyI5e7+pLvEq50lP+7undtr9+7cXksiy974Z1Lk5/ui55zcye5jliLim1+L+G7yYNzW9s711Xq9dqu7XWk3blZa2zsXNxurG7WN2o1q9crKlUsvXX6xOra6nm388oOvbr72rd/8+tPv/373yz/Mi3Wqm9dbj3HqVH1hP05uPiJeO4pgUzDXXS9OuRw8njQiPhYRnyuu/+WYK/46AYDjLMuWI1vu3QYAjru0GANL0nJEpGm3E1DujOE9GyfSerPVvnCtuXVjvTNWdjoW0mub9dqlM0t//H5x8EKSb68UeUV+sV09tH05Is5ExI+Xniq2y2vN+vp0ujwAMPNO9rb/EfGfpTQtl4c6tc+negDAE6M07QIAABOn/QeA2aP9B4DZM0T73/2wf/fIywIATIb3/wAwe7T/ADB7tP8AMFO+8frr+ZLd6/7+9fpb21vXm29dXK+1rpcbW2vlteatm+WNZnOj+M2exqMer95s3lx5IbberrRrrXaltb1ztdHcutG+Wvyu99XawkRqBQA8zJmz7/0hiYjdl58qluiZy0FbDcdbOsajgCfL3Cgn6yDAE81sXzC7hmrCi07C7468LMB09P0x71Lf5P1++iGC+J4RfKSc/+Tw4//meIbjxcg+zK7HG/9/ZezlACbvscf//zzecgCTl2XJ4Tn/F/ezAIBjaYSv8GXvjKsTAkzVoybzHsvn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDMnIqI70WSlou5wNP837Rcjng6Ik7HQnJts167FBHPxNmIWFjKt1emXWgAYETp35Pu/F/nl58/dTh3MfnvUrGOiB/87I2fvL3abt9ayff/a3//0t70YdWD80aYVxAAGN5fhzmoaL+r3XXPG/m7d26v7S1HWMYHfPCV/clH1+7duV0snZz5yLIsiygVfYkT/05ivntOKSKei4i5McTffTciPtGv/kkxNnK6O/Npb/zoxn56ovHT++KnRV5nnT99Hx9DWWDWvJfff149fP3NFVfWueKI/td/qbhDja64/5Ui9u59B/e/veu9VJTmcPz8mj83bIwXfvv1B3Zmy528dyOem+8XP9mPnwyI//yQ8f/0qc/86JUBednPI85H//i9sSrtxs1Ka3vn4mZjdaO2UbtRrV5ZuXLppcsvVivFGHVlb6T6Qf94+cIzg8qW1//EgPidV/7kofov7p/7hSHr/4v/vfmdzx5sLh2O/6XP93/9ny3W/Z//vE384pDxV0/8auD03Xn89QH1f9Trf2HI+O//bWd9yEMBgAlobe9cX63Xa7dGSuTvQj/8WVmWvZOX4SHH5NnDPeBed3G06vwlisTB05JEEqM/P/cn8s7YMAcvjFyd+xJ7wyXjrk6fxPx+X3G8j/zth/+1DEosjhI0HXstHicRp7uJu5MKOpXbETBBBxf9tEsCAAAAAAAAAAAAAAAMMon/wzTtOgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB8/T8AAP//Z1e+LQ==")
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000d00)={{}, {}, [], {0x4, 0x5}, [], {}, {0x20, 0x1}}, 0x24, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000040)={0x0, 0xfffffffe, 0xfffffffe, 0x0, 0x1b8})

1.93662802s ago: executing program 4 (id=1076):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000002c0)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
chown(&(0x7f0000000240)='./file0\x00', 0xee00, 0x0)

1.876346451s ago: executing program 0 (id=1077):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x18, 0x3, &(0x7f0000000080)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffd}}, &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x3f8, 0x0, 0x940c, 0x3002, 0x0, 0x2c0, 0x328, 0x3d8, 0x3d8, 0x328, 0x3d8, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @private1, [0xffffff00, 0x0, 0xffffffff, 0xffffff00], [0xffffffff, 0xffffffff, 0xff000000, 0xff], 'geneve0\x00', 'veth1_to_bridge\x00', {0xff}, {0xff}, 0x11, 0x81, 0x6, 0x1d}, 0x0, 0x1d0, 0x1f0, 0x0, {}, [@common=@srh={{0x30}, {0x2b, 0x2, 0x5, 0x4, 0x6, 0x401, 0x1}}, @common=@inet=@recent0={{0xf8}, {0x0, 0x11, 0x2, 0x0, 'syz0\x00', 0x4}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xd0, 0x138, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x1, 0x2, 0xfffffffc, 0x0, '\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x458)

1.815127272s ago: executing program 4 (id=1078):
sendmsg$IEEE802154_LLSEC_LIST_SECLEVEL(0xffffffffffffffff, 0x0, 0x0)
unshare(0x2040400)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x5, 0x1ff003, 0x4, 0x7f, 0x1}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000300)={r0, &(0x7f0000000140), 0x0}, 0x20)

1.672577874s ago: executing program 0 (id=1079):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x3)
syz_emit_ethernet(0x4a, &(0x7f0000000500)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x3c, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0xa, 0x10, 0x0, 0x0, 0x1000, {[@md5sig={0x13, 0x12, "e0caef5d35e59d5336e5d74ba67ce3d1"}]}}}}}}}, 0x0)

1.671945104s ago: executing program 5 (id=1080):
syz_mount_image$btrfs(&(0x7f00000001c0), &(0x7f0000005140)='./file0\x00', 0x1000884, &(0x7f0000000240)={[{@clear_cache}, {@nodatacow}, {@acl}, {@acl}, {@nobarrier}, {@autodefrag}, {@discard_sync}, {@usebackuproot}, {@ssd_spread}, {@enospc_debug}]}, 0x1, 0x5100, &(0x7f000000f3c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTsT3573JENYvrOR3E/wmHm5XUpgfKxQ6WkmPbbFHXpgfLxQ65pIemydDeHBhZX9S+H8stJPClbV54UhSOB0L+fnQLRxLCifimfb52ny6aeH7WMgvsJiPV1Cs6V4SkfS42q/HQuGGPc52Dw4AAHBPieE5z7Jjvc2QRtn52qAdVg/aYWTQDvVBO4wmO6Q79tseZnsLcXv7zMalPf//yHD5P74Vq7JFv+v/Q7z+P3+uYff6/9lYaCSF+VhopXcMaMVjZGH343iMRivvcWV9twAAAAB3tfi9QH2F5wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP+zda4xcV30A8LPP2ZfXm0BFSBEsUMe44PXaDg+1qVinqYpCKeuSElWIYmOvw+INNrZTcATIsYNSFCVNSyT40CiOEKrzIalFggJNoriRMIqaB0rViCRKRFoniCg0DaCkEAlXs/ee2Tvn7jxs7zre9PeTvHNm/ud55+E59945FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/4cjX/3C3zaLP/Dbi554+tKJz+7fcOkLX77o7EdCmJx9vCMLdwxcc9PEL2678Pb9d6+7+c5jF7+7Ny+Xx8Ng9U9nfufqWOuxZSHc1RFCdxpYPZQFevL7Q7G+twyFcFaYC9RKTA1kJdKGww/6QzgY5gK1qr7fH8JQIXDJo/ffd101cWN/CCtCCJW0jacqWRv9aeC83iwwkAZ2dGeBV45naoHvdWYBOGXxzVB70R+erM8wMn+5Bq+/ngXr2GsrHV5XTIw0zvfzDYvcqYLe9IHJU3raStWxKEpvjyPebUvg3Vbazjd42opfpPJvKMfnQpXQuXVq2+YrZvbERzrD2FhXo5oW6Xl+/KUvbTmR9JJ5HcYOjCzI6/D6h1fc1rXqIw/duXrFc4fec+D5U+3mjwubtJhebJWQv+aWzPMYTfg8WQJvv9K3pFFfukII2z7zex9tFi/N/0eaz//jyznedtbljrW+OpzNzeMjQzHx4nA2NwcAAIAlYynsNd0xdu8HmtVXmv+Ptnf8Px7yzyfz2WiPhDAxmziwPIRzZh/PArfG5j69PIS3z6Ym6wMbksCREN48m1hVqyop0RdLjCaBnw7ngYkkcDQGJpPAt2PghiRwdQwcTgJbYuBIErgwBsJ0/Th+fzgfR9uB/hjYlG3Ew/EshF8Ox9aSbfVkrSoAAIAFks8Oe+rvFs51ONUMcXp5uL9VhngGdsMMlaSGdAZbm1Y1rKG7VQ2drWqojXtf8+GXau5oVXPpNIyO+gw3/epvPhaaKM3/x5vP/yvzdKSjdPw/hI2zf2PuzjwyU4tvmqzLAAAAAJyCwf995lvN4qX5/0R75//HfSJdhczhwbgbYvvyEMbrA1m1f1gOZEe9B/MAAAAALAW14/G1Y+HT+W12inY6ny7nnzzB/PHA/8S8+XuP3LOpWX9L8//J9s7/H6i/zTpxNPbi68tD6CsEfhh7WQ3MGo2Bn3ywPpCP/2jcANfGqvITE2pVXRtLbIqB8SRwsFGJH9VKnFMfyJ+sWuMHauOYzksUAgAAAHDaxd0B8bh8PP//Hb9Z94Vm5Urz/00ndv7/7Dy4dHr/zGAIa7pD6Ep/GPDgQLYwYAwMdeSJeweyurrSqq4aCOGC6sDSqp7J1//vTtcYfLQ/qyoGznnHoZfOqya+1R/CmmLgsU/c8t5qYk8SqDX+l/0hvK062rTx7/ZljfekjX+jL4S3FgK1qj7dF0K1sd60qvsr+XUM0qr+uRLCGwqBWlXvq4SwNwCwRMX/SrcWH9y998rtm2dmpnYtYiLuw+8P26Znpsa27JjZWmnQp61Jn+uWMbqqPKZ2r3zzZL5E0cfv2DjUTrr2O8HxYlv5fvzSiYP5/fhdqGd2nOt66u6uT4f8rneWmwiFb1KNhty5yEMeKFYy9ySW6o/5e8Ng6Lti99SusS9u3rNn19rsb7vZ12V/42GmbFutTbfVwHx9a+Pl0XC1rMTJbquVxUrW7Ll855rde69cPX355sumLpv63Nr3rRs/f3z9+PvPX1Md1Xj2t8VQV85XdTLU47e0Oa4FHOq53YVKTsenhoSExFJL7Bhc2fT/5NL8f2fz+X/81Imf/Pn6DI2O/4/Ew/zZ43OH+TfFwMF2j/+PNDqaXzsxYDQJ7IuBfQ7zAwAA8PoQJ/lxb2bcK/2zVd99rlm50vx/X3u//1+g9f9rS9df3GiZ/1WxxHij9f/TZf5r6//va7T+f7rMf239/4Ovwfr/V9QCySb5pfX/AQCA14MFXP+/+lCT9f9bLu+fXiCglKHl8v7pBQJKGVou49/uBQJOeP3/p/7zr/47NFGa/9/Q3vzfwv0AAABw5vjKn33hd5rFS/P/g+3N/0//+n+h0fn/o40Ck40WBrT+HwAAAEtUo/X/Rq4Z+FSzcqX5/+H25v+vHM901uWOtb46nK1pF9I17V4crv1kAAAAAJaGzjA21tNm3rqVUTecfJuP50uBNksXPfMnx07s/P8j7c3/636Xcf3DK27rWvWRh169c/WK5w6958Dzc8f/AQAAgMXT7n4JAAAAAAAAAAAAAADgtffMf+xf3yxe+v1/2Dj7eKPf/8fr/sXfF7yxLnestfX6f/n9Sz58+97ZJQsfHA7hncXA9v3bzwr5tflXFgP3fXLVm6qJ/WmJe56+8Nlq4lNp4EOrz365mrggCWyKiyS+OQ3Eqyq+vCwJxOUV/z0NxO1xOA305oGvLcvG0ZFuq58NZduqI91WTwyFsLwQqG2ru4ayNjrSAd6YBGoD/HwaiAP88zzQmfbq9sGsVzEwFIvePJj1CgCAM1b8FtgTtk3PTI3Hr/Dx9tzu+tuobsmyq8rVdrTZ/JP50mQfv2PjUDvprvS76Ny1xntCpTqEtaWvq8UsHbOjXJhaWmy6NzYYcqvV3joblEud6KbrbTyi/mxEY1t2zGztaTnw9a2zrOtumWVtabJTzNI5u0nbqKWNvrQxoja3TRtdjvc7w9hYV5LrD2JwJNRp9Ypo9/f6xXX+Gr0Kink+d+zAK83qK83/R9qb/1eK43o5vxjAvnhlvb9bbpl/AAAAWFxf2/Drb8Z/H7vmgcea5S3N/0fbm//HPVj5oeBsb8eReP3/A8tDmL20/kgWuDU29+nlIbx9NjUZS2QX1L84lhjPArfGHSarYolNk/VV9cXA4STw0+E8cCQJHI2BfC/FoZDvyvn74RDeO5vaWF9iZywxkgQ+GgOjSWAsBsaTwLIYmEgCLyzLA5NJ4N9iIEzXb6s7luXbCgAA4ETk86ye+rshnecd7m6VoaNVhoFWGTpbZai0ytBoFPH+d2KGnuTklY5Cpp601v6kllKGeDH8E+5XKUP4UX3OtGCp6Xj+Qe18g476DHd/oLsSmijN/8fbm/8P1N9mrR+N8/+56/9lgR/G7n09njo+GgM/+WB9IN8xcDROdq+tVTWZl8gn7dfGEhMxMJoEdsbARBLYtDEPHHxTfSCfadcaP1BrfDovUQgAAADAaRd3EMTdNHH+f/Purw42K1ea/0+0N/+P7Q0WG7s61npsWQh3dcz1phZYPZQF4n6Mofjz+LcMhXBWYQdHrcTUQFaiN2k4/KA/+4V6b1rV9/uzHx/E+5c8ev9911UTN/aHsKKw96XWxlOVrI3+NHBebxYYSAM7urNA3PNTC3yvMwvAKavtFYwvqPxUl5qR+cs1eP29Xq4Jmg6vtA90nnzz/eZqsZR2uOb7VGtO7Glruv+WBVN6exzxbluK77YR77biF6n8G8rxuVAldG6d2rb5ipk98ZHiL1lLFul5Lv5KtZ30ArwO9518b1urpB0YTz4+xucvN//rsCNWd/3DK27rWvWRh+5cvaL6lD7fdjcaiD8Uvv/L/zr048LmXWyVkL/mltznyaTPk6X438Copy2EsPGFb1zbLF6a/0+2N//vTm5n/TpuzN3LQ3hXYeM+GDf/Hy/PPgcLgexT8g3lQHbI/b+GG35yAgAAwEKr7e6o7S+Yzm+zE8LTeXI5/+QJ5o/7Kybmzd9uvwf++pMrmsVL8/9Nzef/fUk3Hf93/J+F0ld/1/H/eZ3pu6L70gf2ndKu6FJ1LArH/+d1pr/bHP+fl+P/r7vj/88des8Bx/8Xm+P/8zrTn7bSt6SdvnSFEJ77o3ufaBYvzf93tjf/t/7f/Iv21db/29Ro/b+djdb/22f9PwAAYFE1WGguneeVVu8rZUhX7ytlaLlAYMslBq3/d8Lr/z177lO/CU2U5v/72pv/x5fDYLH1pbL+3+jGBlXdEAM7LQwIAADAmajRDgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABeW3f/w/9sbRZ/4LcXPfH0pROf3b/h0he+fNHZj4QwPft4RxbuGLjmpolf3Hbh7fvvXnfznccufnclL9eT3/5uXe5Y66vDIRwsPDIUEy8OV+/MBS758O17u6uJB4dDeGcxsH3/9rNCOF759nAIK4uB+z656k3VxP60xD1PX/hsNfGpNPCh1We/XE1ckAc60u7+47Ksux1pd69bFsLyQqDW3c8uq6+q1saf5oHOtI1/GsraiIGhWPSbQ1kbMTATS0z3hbCmO4SutKoHKllVXWlV/1LJqupKq/pKJYQLQgjdaVVP92ZVdacjf6Q3qyoGznnHoZfOqyYO9oawphh47BO3vLea+HwSqDX+F70hvK36kkkb/05P1nhP2viNPSG8NYTQm5b4VXdWojct8Ux3CG8oBGqNf6Y7hL2B14X44VP3ibZ775XbN8/MTO1axERv3lZ/2DY9MzW2ZcfM1krSp0Y6CunjV5382J986Utbqrcfv2PjUDvp7rxcz2yX1/XU3V1/pvc+9mugWMnc81Gqv1Lr7mDou2L31K6xL27es2fX2uxvo+yhtz77uuxvVx7NttXapbKtVhYrWbPn8p1rdu+9cvX05Zsvm7ps6nNr37du/Pzx9ePvP39NdVTj2d+FGOotp3+o53YXKjkdHwASEhJLLdFZ9+k2fqZ/kJe+6M91tCdUZj+gS9OKYpaO2VEuxKA3nOSIT+Z7SssRrS1NHEpZ1rXOsr40mZjL0p9lmf1eV5ocFmvqnN2k8X5nGBvrarQdRurvFjfvz09h8z6eb7p20wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8H/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuBQAA//+4TB3h")
symlink(&(0x7f000000a900)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000cc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x100)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

1.590310315s ago: executing program 4 (id=1081):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x41e, 0x3100, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x200}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)={0x0, 0x4, 0x4, {0x4, 0x1, "a7ea"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\b'], 0x0, 0x0, 0x0, 0x0}, 0x0)

1.577183046s ago: executing program 0 (id=1082):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000140)={[{@acl}, {@heartbeat_none}, {@inode64}, {@localalloc={'localalloc', 0x3d, 0x6b2}}, {@acl}, {@localflocks}, {@coherency_full}, {@noacl}]}, 0x1, 0x4450, &(0x7f0000008900)="$eJzs3c9vHGcZAOB3Jia1Qxvs0EORkFiJSiBAlt0T4Eo4jhPXbkxQIBXislnb28Sw9kb2GnGohLlV4oTEAXGoQOLmU+UD1yLxD3DhWK5UggMXJKSIRbs7a++Md/ESdus6eh4pHs/3a971uzPzzWHypZnG4+390vZ+qbJbqm++vf9a6cf12sFONdKPyUUfn+GMPk9JyP3FuXfrznffei3iD1t//qjZbDajZSL6mu/5/Z//eGezd9uVFvq0xu0/2qj8ICJePhNXy5WI+P7vI5KIuJmVLWXbqYi4Hp26t975+cPSiKJ5/8Pq6+Wn6+8eL7y6dvTe8eDPnkT8uva5rz3a+dsXryz85SsjOjwAAAAAAAAAAAAAAAAAAJfcyv17D74zNx8fJDFxlJx9X3cl2w56P7Y5Ml8Y/4cFAAAAAAAAAAAAAAAAAACAT6jT9/9LyY1kIiLy7/8vZ9vFAf2b3xp/jIzP6rfvLd+em8/Wf0/O1H89K/r7zSsx02fd9+L67zcL/fuv//7CyOLvxtc97nQk6WxuP01nZyN+my38/kpyLa3V9xtffbt+sLs1sjAurXz+O6v3574F2YL+w+Z/qTD++Nf//2wUv7Wt/Ydnv8r0kc//lYHtfvezZKj83yr0+zjyz7PL53+iXTbV22CxcwFo5f8XE+fnf7kw/rjyfz0iSkkr1lLubnIj6ZQPmq+Ql8//p9pluUtn9occdP7/q5D/24XxL+r6f1i8EdFXPv9X22WTuRan5/9Mev75f6cw/kXkvxX/ofv/UPL5z66kE7km7b/ksNf/lcL448r/g7Qd51/jepL7BhwlnfgH/X915OXzP3mm/vT5Lx1q/vdGoX///I/u5OzG1z1u+/mv2Wz+NNv/ctJ5/qO/fP6nBrYb9vxfLfQb9/V/MUpDPwFcHWcgl1Q+/9faZfm583T757D5X+vdeTq+/LdnJZPd/J9eT/79Qqf8Nz3zvwfjCOA5kc//pzuFaW+Lw/bP9vwvOX/+/2Zh/P+S/+RwJJ/g7PyvFf9hOpLBn3v5/L84sF0r/38a4v5/t9Bv/PP/iDlz/WeWz/9LA9u1z//J8/O/Xug37vx/aZyDAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFwCS9l2OpJ0NrefprOzEbey/VfiWrJR2Spv1OqbP9qPWM7KS3EjeVSrb1Rq5e3d+la1XKnV6psRt7P6l2My2a/VG+WdypM7J2NNJY+rlb3GRrXSiIiVrPzz8VJ3rI3txk7lSUS8cVL3mbS+9+RxZbe8tb33zbm5ublYPYlhJqn+pFHdbXSO3qmNWDvpO530BNeufvMklheTH9YP9nYrtXb53Z4+tfpmpdbTZz2r+2XMJI29g93NSqNartUfdY83yB+vPmNy/geL2XZ59f737t+dP1P/MOlsl8YfCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/hw8WvvGriJjo7KURUUqyX5LsX877H1ZfLz9df/d44dW1o/eOP+rXBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7ADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFXfpHaSCI4gD8Ziy09BhWy25nu6KIFq4InkCP4WH0KF7CO1ikSJsiBJJZCPsHtkmq72sezI+Z92AeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMByj2/d+2vdRKS42l5G/H7+/R/nz6V+303fvzjDjJzO00t3/1A35d/TKL8tR6s279PN+usjJmrvZ7Anw306GPcZmtu3ufn6vteRchURbclvUs5VtewtAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAHTtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgWMBAAAAAGH+1lH0bQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/AoAAP//YvMk6w==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x2042, 0x50)
write$FUSE_NOTIFY_INVAL_ENTRY(r0, &(0x7f0000000100)=ANY=[], 0x2c)
fallocate(r0, 0x0, 0x0, 0x8000c62)

935.482306ms ago: executing program 0 (id=1083):
timer_create(0x2, 0x0, &(0x7f0000bbdffc)=<r0=>0x0)
timer_settime(r0, 0x0, &(0x7f00000000c0)={{}, {0x77359400}}, 0x0)
clock_nanosleep(0x2, 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

846.088867ms ago: executing program 3 (id=1084):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file3\x00', 0xcc0, &(0x7f00000001c0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6865617274626561743d6e6f6e652c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c636f686572656e63793d62756666657265642c6572726f72733d636f6e74696e75652c757365725f78617474722c626172726965723d30303030303030303030303030303032363131352c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030362c696e74722c6a6f75726e616c5f6173796e635f636f6d6d69742c00535d4e036013ec9e6e7ecdee3849b40884b95e94f35cec9600cd19beb0"], 0x1, 0x442a, &(0x7f0000004480)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZM3cRObaNQQ6EmliZTSUmixptrGeNkusG3RhW1gMR56wFsTTyYejIdGE2+cGg5e65/gxWM9N9GDFxOTRszuzgIz7IaVsGDr53NgmOc3+5159pnD8MSJyp25pdzcUq6wkCvP3Fo6k/u4XFqeL4Z4nzTt/9D+9U97OnGdHPS190929fzFd2+cCeH72R+frK+vr4eq7tDU0Jbff/v13szWY0OcqVNtt3lre+WDEMLJbeOq6gohvP9dCFEI4VySNpoce0MIx0I978a9z27m9mg0Dx8Xz+afTt1fGz49ufpgrfXfHoXwVel/r92e//nFruGfXtmj7gEAAAAAAAAAAAAAAAAAeMaNX7t6/Z3BofAoCt2r0fb3dceTY6v3Y9f3zAud/2MBAAAAAAAAAAAAAAAAAADgb2rz/f9cdKLJ+/9jyXGkRf31tzo/Rjpn4u2rYxcGh5L936Nt+a8nSb+c6wr9TfZ9z+7/fi5Tv/n+79v72a3G+Br99oUoHkidx/HAQAjfJBu/n4qOxKXyUuXVW+Xlhdk9G8YzKx3/+u79qegkG/q3G//RTPud3///v9uupur5zb27xJ5r6fh3tSz37adRW/E/n6m3H/Fn99Lx766l9W4tMFKfAKrx/7x75/iPZdrvVPyPhxByUXWsudQMUF3DVNNbrVdIS8f/UC0tNXUmH2Sr+//3TPwvZNo/qPl/JftFRFPp+P+rltaTKrF5//fHO9//FzPtH0T8q+Nf8f3flnT8D9cTu1NFap9ku/P/eKb9TsX/epyM83iUugJWo3p6q/9XR1o6/j3b8jef/+K21n+XMvX36/mv0W/j+a8x/b8c1Z//aC4d/96W5dq9/ycy9To9/4/U1n/sVjr+R2pp6bVzX+1nu/GfzLTfqfjXViU9jfhvzid/HK6nf23915Z0/P9dT4y3llip/ayt/6Kd1/+XM+0fxPqvOv6VuLO9Pi/S8T/aslw1/j+08f1/JVOv8/EPYdBaf9fS8T/Wslzt/u/ZOf5TmXqdjv9LnWwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Bkwmhz7QhQPpM7jeGAghPPJ+alwJJouzOanS+WZj5ZCGEvSc+FEdLtUni6U8nML5dlivlAqlWdCuJDknww90VKpXMnPF+5e3GirN7pTLCxWpouFSghhPEn/fzjWaGt6rjJfuBtCuLSR95+4vHj3TmEhPzu3+Obg4OBgmNgYQ39U/KRSXKjUe6/nhjC5Ubcv2jK4WvbljbEcjT4sLy8uFEq19Ctb6pTKM4XSljpTSd4XoT+qLC4vzBQqxXypfLvR30EaSY5jE9feu3ZlaFv+zah+HN3fYQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFz0afuPLEEJ3/SwOIYw0fomalX/4uHg2/3Tq/trw6cnVB2tPWpUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+JMdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7NIxSgNBFAbgN2Ohdh7DatntbFcU0cIVwRPoMTyMHsVLeIcUKdKmCIFkFsJmF7ZJqu9rHszPzHswDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHme3ruPt7qJSHG1uYz4+/pfHOYvpf7cj9+/OMOMnM7za/fwWDfl39NRfleOlm3epevV92eM1N7vYE+G+7TX97menGtq36bm6/veRMpVRLQlv005V9W8twAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgyw4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRR9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD///4CHxA=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
fallocate(r0, 0x0, 0x7351, 0x8001)
ioctl$FITRIM(r0, 0x40406f06, &(0x7f00000000c0)={0x86, 0x7e4000, 0x20})

626.836231ms ago: executing program 5 (id=1085):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@delchain={0x204, 0x65, 0x20, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0xe}, {0x0, 0xb}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_RATE={0x6, 0x5, {0x8, 0x81}}, @filter_kind_options=@f_bpf={{0x8}, {0x1c8, 0x2, [@TCA_BPF_FD={0x8}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0x1a8, 0x1, [@m_simple={0xa4, 0x1f, 0x0, 0x0, {{0xb}, {0x78, 0x2, 0x0, 0x1, [@TCA_DEF_DATA={0x7, 0x3, '-{\x00'}, @TCA_DEF_DATA={0x9, 0x3, '/-@@\x00'}, @TCA_DEF_DATA={0x3d, 0x3, '\x00\x94\xe4\xe2X\xce\xbar\x069\xf3\xff\x8d\x94\x1ao\xa1,\xa4\xc1\xcc\x1e\x9aS>\a\xd2R\x85\v\x80\xea\x1e\xc8W\xea\x99\xacos\x80\x1d\x8b\xd9`Ewb\xa5&iu@\xfd\x8c\xde\x00'}, @TCA_DEF_DATA={0x1e, 0x3, 'cpuacct.usage_percpu_user\x00'}]}, {0x4}, {0xc}, {0xc, 0x8, {0x1}}}}, @m_mpls={0x100, 0xa, 0x0, 0x0, {{0x9}, {0x58, 0x2, 0x0, 0x1, [@TCA_MPLS_TC={0x5, 0x6, 0x7}, @TCA_MPLS_BOS={0x5, 0x8, 0x1}, @TCA_MPLS_LABEL={0x8, 0x5, 0x5d5ff}, @TCA_MPLS_PROTO={0x6, 0x4, 0x8914}, @TCA_MPLS_PARMS={0x1c, 0x2, {{0x7ff, 0x1, 0x10000000, 0x2, 0x9}, 0x2}}, @TCA_MPLS_TTL={0x5, 0x7, 0x5}, @TCA_MPLS_LABEL={0x8, 0x5, 0x4b395}, @TCA_MPLS_TTL={0x5}]}, {0x7d, 0x6, "e86a5d083c3fdf2cfcdfc24786db832a29e93f00ad312bcd01e33c382496f6bea198b7d05f8607deb3246b6040b1fba42b946725528ca75db4267003375155c7c5eb7003183cb699040b5ecb43ca8269296800f3dbf66b360589ee36027f6ae99fe88bc8113180528701f766bfd16036640ad335fe131baadb"}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x2, 0x1}}}}]}, @TCA_BPF_FLAGS_GEN={0x8}]}}]}, 0x204}, 0x1, 0x0, 0x0, 0x80}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

156.668318ms ago: executing program 5 (id=1086):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000e80)={{r0}, &(0x7f0000000e00), &(0x7f0000000e40)='%-010d \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r0}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x18, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000000000018230000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70500000000000085000000a5000000180100002020640500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000a50000000800000095"], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

133.129368ms ago: executing program 5 (id=1087):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="80000000", @ANYRES16=r2, @ANYBLOB="010026bd7001000000003b00000008000300", @ANYRES32=r1, @ANYBLOB="1200cd00070007000104630087090600740000004f0033"], 0x80}, 0x1, 0x0, 0x0, 0xc0}, 0x0)

103.253279ms ago: executing program 0 (id=1088):
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="180100002100000000000000000000008500000075000000a50000002300000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000001c0)='ext4_discard_blocks\x00', r0}, 0x18)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000000)={[{@errors_remount}, {@nobh}]}, 0x3, 0x519, &(0x7f0000001300)="$eJzs3c9vI1cdAPDvTOJtsptiFxAqlSgVLcpWsHbS0DZCCMoFTpWAcl9C4kRR7DiKnbKJKkjFf4CQQOLEiQsSfwBS1QN/AKpUCS6IAwIEQrCFA+JHB9ke041jJ6k2yezGn4/04vdmxvN9byy/+eGXmQAm1lMR8VJETEXEsxFRzqeneYrDfuou987d11a7KYkse+WvSST5tMG6uuXpiLiRv20mIr725YhvJsfjtvcPtlYajfpuXq51mju19v7Brc3mykZ9o769tLT4wvKLy88vL2S5+2pnZZD5yZc+/8anv/W723+++e1utT73kSjFUDvOU7/ppd62GOhuo92LCFaAqbw9paIrAgDAmXSP8T8YEZ/oHf+XY6p3NDdkqoiaAQAAAOcl+8Jc/CeJyAAAAIArK42IuUjSaj4WYC7S9Fp+beDDcT1ttNqdT6239rbXuvMiKlFK1zcb9YV8rHAlSkm3vJiPsR2UnxsqL0XEYxHx/fJsr1xdbTXWCr72AQAAAJPixtD5/z/KaS9/uhH/JwAAAAA8uCpjCwAAAMBV4ZQfAAAArr7h8/83CqoHAAAAcCG+8vLL3ZQNnn+99ur+3lbr1Vtr9fZWtbm3Wl1t7e5UN1qtjd49+5qnra/Rau18Jrb37tQ69Xan1t4/uN1s7W13bm8eeQQ2AAAAcIke+/ibv04i4vCzs70U+X0AAY74Q9EVAM7TVNEVAArjLt4wuUpFVwAoXHLKfIN3AADg4Tf/0eO//w+e/+/aAFxtxvoAwOSZjtmiqwAUpGQEIEy0NCI+0M8+Mm6Zsb////KsUbIs4q3yvVNcXwQAgMs110tJWs3PA+YiTavViEcj0kqUkvXNRn0hPz/4Vbn0SLe82HtncuqYYQAAAAAAAAAAAAAAAAAAAAAAAACgL8uSyAAAAIArLSL9U9K7m3/EfPmZueHrA9eSf5bjj3nhR6/84M5Kp7O72J3+t96zvK5FROeH+fTnxj4+DAAAADhvyeHYWf3z9Px18VJrBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAEeOfua6uDdJlx//LFiKiMij8dM73XmShFxPW/JzF9z/uSiJg6h/iHr0fE46PiJ/FulmWVvBbD8dOImL3g+JXephkf/8Y5xIdJ9ma3/3lp1Pcvjad6r6O/f9N5ul/j+780j/x4r58b1f89emxtzZExnnj7Z7Wx8V+PeGJ6dP8z6H+TMfGfPra2f2dZdjzGN75+cDAufvbjiPmR+5/kSKxap7lTa+8f3NpsrmzUN+rbS0uLLyy/uPz88kJtfbNRz/+OjPG9j/383ZPaf31E/N/+pt//ntT+Z8atdMh/375z90P9bGlU/JtPj9z/zsSY+Gm+7/tknu/Onx/kD/v5ez3507eePKn9a2O2/2mf/80ztv/Zr37392dcFAC4BO39g62VRqO+e0Jm5gzLPIyZX8w8ENV4n5nsO/1P7oRlysXV8F9nXrh7tPrelEGrCt+8RzLZpcWaigekyf/PFNotAQAAF+C9g/6iawIAAAAAAAAAAAAAAAAAAACT6zJuJzYc87CYpgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnOh/AQAA///uxuBB")

508.72µs ago: executing program 3 (id=1089):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000002c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000400)=ANY=[@ANYBLOB="bf16000000000000b70700000100f0ff48700000020000005c0000000000000095000000000000002ba728041598d6fbd307ce99e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f071326bd9174842fa9ea4318123341cf9d90a0e168c1884d005d94f204e345c652fbc1626e3a2a2ad35806150ae0209e62f51ee988e6e0dc84e974a22a550d6f97181980400003e05df3ceb9f1feae5737ecaa81d666967c474c2a19eed87b277be335c75e04ad6ee1cbf9b0a4def23d410f6296b32ae343881dcc7b1b85f3c3d44aeaced3641110bec4e90a634196508000000000000f0f4ab3e89cf6c662ed4048d3b3e22278d00031e5388ee5c867ddd58211d4dcecb0c005d2a1bcf9436e101040000f73902ebcf0200822775985b231f000000ccb0ecf31b715f5888b2a858ab3f11afc9bd08c676d2b89432fb465b3dad9d2aa7f1521bc9901de2eb879a15943b6dc8ea15aab9dd6968698e3095c4c5c7a156cec33a7bb727667d81ff2757cf81e65998b9091957d1d11a5730baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba165d876defd3541772f26e27c44cfd7bb5097379cf1756869cebc7b0b2d85d6d29983e830a9cdd1d0a017c100344c52a6f387a1340a1c8889464f90c284a4db539621fbb70f01a2c02dec4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae610afd01409d9a3412181b724feaa09fa7a75ee7a38da7a37ac5d58bcb5e5fc231514952c5255f22bd8b325d9b76e57f041b665ab0249886c0a65cc99d5893521372c8d8b7bacac24000020a4a24d8dbd75062e1daef9dead619cc6e7baa72706287793c3d2a2661edcd3545236c204682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b993508000000e480cd9d4850a049ee19b67d17ef0477aeb12b1d2502000000d9051f22614d1f62734d678039a97d2b74f9e8e97f4e8e7025123e783df8b8a17e3aa9fe9c502f9acee4f1b56e1f23128d743792cead3c058a5b700d64d160abe33df726608510136ce8bf239414a1d98ea93e3d35dbb6c23b90cf36e83b8a4309b402d264b09f2779a0bcd7cd6dfc06b02e69d384146056d125cf4aadd80800000000000000e88d10acd06864eac44c42fbe334bdc3e9768fc360b130dc6111fe3293e8e02f819a2aa34dba1c25be27945507a3477b437525b81aef2f0b4c4f63483026b5e34d44705b76979516abf004a5c95eae975e02069f6f24e1e1bc976d965ddabb01085f16bff63a06578d6d184f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8eae87691fae365a70c3f15871565bba8dd8a8ca049f798abe646f738bebdfc9d8a5edd7a19ca6a42bc3f1db37c17f22a287c6d31a13db5dfef409eb1d3c91c6e6f80d215c9e16e0c4736c81936315418f26770cca4e2f89800d18c89d7f46f679df6c9e2005f209dda94302a30003b952ae1ebfd0ca88368ee6ce139e8b5822422cf4c9dde943d34c432e1001171792c65986146666a549092398af45ba38c41df7e0fffeac41824ca1fd0eb68aa243c9035c788d5480e5aee9c9e5f2e5a3628995b1531bd20360d33d8f9ffffff5f4bf6ea8a1850c4f83306dbca02ee3686da707b6d85db491ba0cc33f6be92c55969a2b52a25419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9bc31f09834b4788be2a442aa81b259e9eb1bf5314844051f3a642aca9ff98c9036471ccff0522903e7bcf62e18f7796bbc280b95e8e0d6fd5644b0ebde3885b06548862de809d3dae3cccf109f7c78e8479a345e805e47dfa82cafc6b64b1f4659834aecbeded44b11a443c5ba92a326dd10921aa79c62800844c7a59f55ee205a11ab50fb402e7da6ada561ec1117cc186b01fd5c2061d22156b1b7d5f80c580dc31b0963ff953ce09148e8dfea9d03a61bbd2bb173518507a3cd0e37c4da0a71eee31071d5d642498181c69cee3b2e414ddd6a12ff4bdf6e96c247b6025d4376067e25357d3b521a5b927d3392a7503718aea24179528f6a0c6de4e61b49cad1e4d6b000000000000005b2d16877299acefc0655bc1422c3d425d988eedebcf242b780a687c9acae2a5a71c2a16a32ceb377f5d54f9b2fa90b2905925e611be56e9ebe20cab20c290a1f6c09272dbc3b2c0ab2b5baa1b07b16e81f278e54a479f1a06bc06e3656cfa196d6c050000000000000000814955c62a7d72b317399e572a7f6a4657b741eb66c9179ffd097d61fcfd0fa1d46cfb110e3e8cff5579e83f2820f95eaa0c609f666950c24311740e36de8f65708cfffce788c99ef8f62fd2398e999b220125da8eb07947512365abbc5b84ef524bdf184727c67910051f204662264607d548dbdffe14b41dd0843cf3d85bb820656a88a9e52a4cd7b3eeadfe00007267f226019ef0a25bc15da71e893856a2182c3167d8ba73f709294b159a426ce44cd73f000000a66fc501eae0c3504c1400697ba69fd9b7eaf49aff6a6aea529610db8dfef86c3cc698e9fddf1b132876159972281a90c3a4cf415df25fbcdd35cf8368f068c4481844bdd0dda553e1cb0966d5686013d382956d50055dce0d1bc225c1d77612b1ec52e743dbc51f25cc07a202b704577316913cf067fa65e476f688de2d6c54ea192a569eed05d0d7536b3205c68d4ee0fe318ed3112c76dcf128a1d5595b09000000a7ba4e10381de8808ff02dd0a7b996ecf1c65e6d9db90c87123d9cb3945330f7a2701ca8fec0b2f39f505140751b60f29a83e4bc0ef2ffea443e4aa221cc38a503add16a2c98cb589e1dac1912b4142a0d0c0ce0598700130000000000000000000000554361e1628ee0017ad19ca787f2c078aa260701ce0800000080623902000000000000000000003d118a04fa6a80c4928c01ccab57b5f4eb265ad15004f967543fe6e6ddc2a12165fe3a08bf9475ee0eee3539369b0e566fedbd215a6ddd4fe03dcc7a922e16410d820747b7e806c0f3b6f14c884d150a0ff07f2e0000bfb083c56d3bed0a61fab880f8885c612ebff8523d14cfb12aca274c000000005e5155611969f6e67dd83b20206207cb8b2cd2fab6fa6d7fdaed6a27a2e4db1d5adc80014ff11d9dbceba41d8dfce410333a054e82b1d050331ce0aeacb843b94d67f69f49eb4dd3b1b85b018359c32df01db8ebce0dbc36cade09c6b44f6bb956fac1ae4db5624d8a02f7be91bec65e4b3373059587dd6528bbc48e3379d477d482faff738c39c61cac1195043bd5b70cea5fc1083a169a8263e9aec56b9f7795fa27634a7f06359e3058d2dd69c4e5cc11b36d9ed9c4b2867f583de6fc582f789722bd1500e64c495abdb72de2c739d38c72f6f4fb1946081dcc825d5b5b747e9fa1b5226cd31e131263f1fcd7d45a630b46d04af906f0be464d829dd2dfcf7400002b7827f6d957e51bb1f1b44a50200c9dfadfaff2e32baa9c0edaac7144e174dba582a951d2b03c27219cec4fbc7b6e99c3f00188941e3fbf008cbace177ae250fd757a22e21ec05aa45c91e1345ca936184c3fc28153283e13654123cfaf4e661f4b6d430adad1e2116bc385f888405d48f0d386da0cc6747b33395772a68f2ea3fb7e7207000000b24088014c8e64f03d053c4e02ddd08b262e422eff1c9f124b892b0a9462b07d4f88c0693bd9c54ad2ab5227aa59ef2b53ac528c0800000000000000ebfde0c4a37c2d55c176680c4207000000e4aa467f995c9bc99e60441d4dbebead3b436427762618810bac7308c6d3298ea932b66572825e62d18462d3b2342ba48c145ff4674a94fa078cc552d064da2bb69a0d269076f8955076578f44ffb8895f11bd5e06840f8848df72230a28e0304569bfa0350b6dde9e96273de1758505aa1baa9dfb12be7a7c6dd18f6148354df7e60a489dc543ccdee1fff9d8f8d78844de27a77ef1181d5055c2a193a5763ed7749a17296c76818b6042f9ea306d5d5d36ebc741b04a73346082c86619dacc8a884c4de8572a044faf0c8e4377776c8703ecf2e3f1c3d64100cc000000008369f062639e3ddcf725be54f626448fb7bfc74c183b26e31b71a390ccea4be0fffffffffa16848797397b76908fa03613cd961b98b26a0879ccba4a78c82958764bce07a7f70df1cef6d4db1ddbda1db18e4f41c390fd3cb862216ece39a9ec60bd3be5f9329dcaf33bf2c87cc510557460d14421e1d26322ab64388f2ceae70922989f66827fe9acd2ec3ece39f3b4ffdc4dfea3da6ddb002512e2313253801044e751168e32d7bd6800000000a21008b8d26dabe977c503c30ef7c489e5ea1fff041e54de54cfeb258f2387dad096b72a78d91134927492cfc773c731cca9b13b3f6e7760ab0929c46f51ea5643f3df4f4044f3ad0a6ba739e72d8b8b2935d81534bea8372bc590c111d573e04280659a096eaa495a4154daae7d1800c130d920964845c50c8ba4763b19b6008f6d7a5091895c7a4b7816ab706503be879b18b778b0f61ecfde2f8bbb32cfeb766ec4430ee0ad45a0a263ddc4b2f47680c8d53439f8d388dab87112c83997c83e178be287eb6e8c95badaf8ed85cd5b03a7352a0fb83398566d1bc133582ce2d9f601cd23eba4432180b2d5c3019879cd949a5be1b241b3d0d0d52a3529cc9e704a9d8d54f4f7b776a969a4505e18fe5284985ca7d112c397d776e3baba918b7df456bd970e761e00f3b0efa5ce4246d9f08ba60da3be556c518a1f19504c7cea1491a9eadd27d747ca9cc5f92e30b2ca3cf0b142a8554c87e8026d4e586cf5f7c9d412e6eb4f66a076c8bca6b294305969dabb6c932b57a5dd4234bf1ed3bd095229ee3cbb86883d574c5af4bb78370561de3fbf55bfcd2db3979eb1be120b5795443324023353c959fd965702f1cd5bcb3c16d4b8bdd9fc87c862c247e140379ef098c7b3fa79a6638a245b6a74f14dde9bd4ee48e62cdc70f486ce38641e4e4309aa9f4bd097fa1530db966d9919544ab40e3240ed890301e51f9525436f5d9591460340f5093161a78a249783945407f2576d6f35a99e3521d7991e3fdfde5ee7f6a8ff8181a68ef15a2ebfe9e22d7c745949ab5cc15b9f5659799b5e00debbf9f623f75bfd4d83c4859ca9b652cea33daeeef07b60c78a21965bcf91919071c7ded19317dc0b7587d9322f8cec9e32675a187465bdfa101bcd9ac680839b375af12c160247dd960e70eb7ee60c52a900440aa9bd9a6b15a4a34dc73c3c4936d8986300fdc264b28537df387e6442c3355fa2a31d24c1ed888a57fcc50400a084a38a3630ffc465f36a4b770fab0946148161184be39134542e934f3a538b011cb3928b4306301855c800000000881d4361e7fbd1fc2331b4e34733480bc497662a8234a7eeab3e65d6b0f5d92edff04416eedcd15b9ddbcb3cf9228afda6b17d44a276b205eabd0069f7e26aea50f537dc77b683ed83d2f9110e00a705f48e9d13378cf09bca22e8f45c4f360d5fff8ba35f21c4513bcc0800000000000000dc5cc7ad7290c60bc609bff9be7cd922f474c3faa78fd42cba7c78d6d912656b6313497625e2f9afaba03de0dd52536d995b17ca242b7ca8d6556175aee38142a8aac5f677c2f8a6967f2cb5e97aae97a5e5579a706243688ac4d38a4601b4aadb2d319fe7d6bf1272fa3fa701338d7bce390e8bf959081ed39e63a431901d615a26ff95e1620a6c26eda4f92d83499a173e7217001f58ed5406bdb59acbc997e8fd3d53b4c2c2a1b314bfe611e5958458af7b3c5319fdb4c40b8d01365fdee93af6fad7c7a8da86460f45c9e99d43264c921b090000000000000000000000000000000000007cf90000008f8a9da7a8a167815c6ffcd1b6863cde9ab45ecd8f06423198bb00cdf76877f407be46b000000000afbb4cb3a8de259a8beb2223f28b855e2bdf4b31b91e5062a42a55bd95e93f77f2499391cf0000000000000000000000000000195007ad27d1d61dc4d5512f117f0ed554c2c88c1713000000000000bb1ff447d6e12da22ee9f0422a84f361684861169f498909c4841f4d5a0f5807a3b7d833075fdcd9c1d169b03d7df7f4150fad8b9e92eaf86992adbda360dd91de51c6df335445492608162fb0804dabdeac6fb71042f906eefd37f1d190a1c8a0d9de7f34dcc8cbd7b565fc675f3bf7aac559411808ee703ec3ad461c6ddc571994cb504c46eabbc2ff4b97df394bc75b5e7f45b4450753b5d2b8b8414a7fe6a17661bdb5b1d080cfd974811e1d60763d8d9509c75aa729a334b55ee76b0c2d5027e81ceec1a6d7441d0b538d7a4d048d156ebcff102e45c15d2a73b40d74807f5182a319d50edbf430f00b1c29a9e4bd92111caacbb1d4541545c2d262646070da42f76e3f3c6d139eed89cc9300000000000000000000000000000000000072d7e605eb8e978d76796d9d3a728c51a3145da8e1ca4973aa8fed855328e9d2509335c5386cac74e862eac50e9ba95b6a2a29e8ef08a9ae29792e77fb9952b1ac5c816db5c23a656d9a28f81f6a9465d2c94d701ee8646b30650c84b9510a337e82702baf368d29281d3d54b39014756ca5a1be184d4ebb942f99581a6fbac0b9c9f97c920dfac7e2379ef6bb076118aa9bbb4ee12e64aa530f852bf4f970a08a55531934e39fbae483129949a918115571d76740ca6a1cea59df290f2e63675ca30a289775825fe3e5d6f206f3f395346c0738035dc74368bb035fc65a40f8124369b8950ded31af64855c5c95ef5c83b18b23517ca935a0fa1b630d70c4ca9acbaf0f08910f327fba506d834029a90d47701102045fff90675adb3c83983d125ae730b9497c681a912a6bb70300a2d7fba051f82b9d6f710426b5bd0d0bc0b08a0f801276789613da406905011bd6ebbac91ff17a21d1ed0882e73394025772f31dc8a3048789c703f920c55746f6fc955046f9332d72150be23c26cbb08d1b438e84b83fefc6a16958fd46dc7b8cbea1da2d541324e373e9157696d698a0b4bc84d7cc2fdb069db8a5a491a9d2bbc0a61b73f75d81d07d778a1577db3b06d20a21b19ea17ecd996d7dea947ee8ce55fa2dea5a00000000000000005dddcca532113bccaca627821fd107562aac1fa0fdec2e66d2c322822733d29b7535b313a67482e9f5c856a7f48beedec8362ee06d"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89}, 0x48)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000200)=r2, 0x4)
sendmsg$inet(r1, &(0x7f0000001b80)={0x0, 0x0, &(0x7f0000002c00)=[{&(0x7f0000001940)="08193fa210", 0xbdef}], 0x1}, 0x0)

0s ago: executing program 5 (id=1090):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={0x94, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x1}]}, 0x94}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)={0x98, 0x0, 0x1, 0x505, 0x0, 0x0, {0xa}, [@CTA_TUPLE_ORIG={0x3c, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast1}, {0x14, 0x4, @mcast2}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_ORIG={0x3c, 0x1, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @mcast2}, {0x14, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}}}]}, @CTA_TIMEOUT={0x8}, @CTA_NAT_DST={0x4}]}, 0x98}}, 0x0)

kernel console output (not intermixed with test programs):

op1): using free space tree
[   95.218200][ T5775] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   95.374759][ T6392] loop2: detected capacity change from 0 to 32768
[   95.397073][ T6392] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 10
[   95.474482][ T5962] I/O error, dev loop2, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   95.493165][ T6420] loop0: detected capacity change from 0 to 128
[   95.627933][   T27] audit: type=1800 audit(1751312053.570:10): pid=6420 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.215" name="file2" dev="loop0" ino=1048593 res=0 errno=0
[   95.653991][ T6420] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[   95.681661][ T6420] FAT-fs (loop0): Filesystem has been set read-only
[   95.698880][ T6420] syz.0.215: attempt to access beyond end of device
[   95.698880][ T6420] loop0: rw=524288, sector=2065, nr_sectors = 8 limit=128
[   95.753815][ T6420] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[   95.784627][ T6420] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000100)
[   95.802183][ T5770] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[   95.816352][ T6420] syz.0.215: attempt to access beyond end of device
[   95.816352][ T6420] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[   95.841100][ T6420] syz.0.215: attempt to access beyond end of device
[   95.841100][ T6420] loop0: rw=0, sector=2065, nr_sectors = 8 limit=128
[   95.868222][ T6420] syz.0.215: attempt to access beyond end of device
[   95.868222][ T6420] loop0: rw=0, sector=2072, nr_sectors = 1 limit=128
[   96.081807][ T6426] usb usb8: usbfs: process 6426 (syz.2.217) did not claim interface 0 before use
[   96.388808][ T6430] loop0: detected capacity change from 0 to 4096
[   96.425243][ T6430] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512).
[   96.615429][ T6430] ntfs3: loop0: ino=1e, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" failed to parse mft record
[   96.811327][  T133] ntfs3: loop0: ino=1e, failed to parse mft record
[   97.093319][ T6444] loop2: detected capacity change from 0 to 512
[   97.127840][ T6444] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   97.199178][ T6444] EXT4-fs (loop2): 1 truncate cleaned up
[   97.245263][ T6444] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.436601][ T6459] loop3: detected capacity change from 0 to 2048
[   97.500685][ T6459] EXT4-fs (loop3): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.516664][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.739030][ T5775] EXT4-fs (loop3): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[   97.987491][   T43] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   98.194603][   T43] usb 3-1: Using ep0 maxpacket: 8
[   98.206094][   T43] usb 3-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[   98.224581][   T43] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.267009][   T43] pvrusb2: Hardware description: Terratec Grabster AV400
[   98.287381][   T43] pvrusb2: **********
[   98.293740][   T43] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[   98.304741][   T43] pvrusb2: Important functionality might not be entirely working.
[   98.312643][   T43] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[   98.326121][   T43] pvrusb2: **********
[   98.404588][   T23] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   98.437883][ T6470] loop3: detected capacity change from 0 to 32768
[   98.445495][ T6470] XFS: noikeep mount option is deprecated.
[   98.481939][ T2314] pvrusb2: Invalid write control endpoint
[   98.507998][ T6470] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   98.598631][ T2314] pvrusb2: Invalid write control endpoint
[   98.607766][   T23] usb 2-1: Using ep0 maxpacket: 16
[   98.615790][ T2314] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[   98.627575][ T2314] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[   98.637564][   T23] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   98.647897][ T6470] XFS (loop3): Ending clean mount
[   98.655849][   T23] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   98.660855][ T6470] XFS (loop3): Quotacheck needed: Please wait.
[   98.673832][ T2314] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[   98.685140][   T23] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[   98.703709][ T2314] pvrusb2: Device being rendered inoperable
[   98.714172][   T23] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[   98.736451][ T2314] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[   98.739642][ T6470] XFS (loop3): Quotacheck: Done.
[   98.743880][ T2314] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[   98.755702][ T6494] netlink: 8 bytes leftover after parsing attributes in process `syz.0.241'.
[   98.767728][  T967] usb 3-1: USB disconnect, device number 6
[   98.776998][ T2314] pvrusb2: Attached sub-driver cx25840
[   98.777983][   T23] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   98.800677][ T2314] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[   98.828956][ T2314] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[   98.839621][   T23] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[   98.854409][   T23] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[   98.872866][   T23] usb 2-1: Manufacturer: syz
[   98.921121][   T23] usb 2-1: config 0 descriptor??
[   99.029914][ T5775] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   99.103993][ T6499] loop0: detected capacity change from 0 to 64
[   99.260807][ T6499] hfs: walked past end of dir
[   99.314492][   T23] rc_core: IR keymap rc-hauppauge not found
[   99.320453][   T23] Registered IR keymap rc-empty
[   99.351194][   T23] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[   99.414425][   T23] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[   99.486654][   T23] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[   99.523513][   T23] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input6
[   99.553749][   T23] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[   99.614471][   T23] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[   99.644670][   T23] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[   99.684636][   T23] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[   99.719349][   T23] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[   99.765997][   T23] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[   99.794772][   T23] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[   99.844536][   T23] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[   99.893585][   T23] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[   99.954227][   T23] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  100.005029][   T23] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  100.054341][   T23] mceusb 2-1:0.0: Registered  with mce emulator interface version 1
[  100.062389][   T23] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  100.132084][   T23] usb 2-1: USB disconnect, device number 3
[  100.243082][ T6506] loop2: detected capacity change from 0 to 32768
[  100.316267][ T6502] loop3: detected capacity change from 0 to 40427
[  100.337661][ T6502] F2FS-fs (loop3): build fault injection attr: rate: 4, type: 0x7ffff
[  100.343381][ T6506] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  100.355958][ T6502] F2FS-fs (loop3): Image doesn't support compression
[  100.362724][ T6502] F2FS-fs (loop3): Image doesn't support compression
[  100.370523][ T6502] F2FS-fs (loop3): build fault injection attr: rate: 0, type: 0x4
[  100.384873][ T6502] F2FS-fs (loop3): invalid crc value
[  100.415107][ T6502] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_page of __get_meta_page+0x156/0x580
[  100.459391][ T6502] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x644/0x920
[  100.474639][  T967] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  100.508128][ T6506] XFS (loop2): Ending clean mount
[  100.517551][ T6502] F2FS-fs (loop3): Found nat_bits in checkpoint
[  100.531867][ T6506] XFS (loop2): Quotacheck needed: Please wait.
[  100.628871][ T6506] XFS (loop2): Quotacheck: Done.
[  100.651377][ T6502] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x644/0x920
[  100.684934][ T6502] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x644/0x920
[  100.704440][  T967] usb 1-1: Using ep0 maxpacket: 8
[  100.711643][ T6502] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_page of __get_meta_page+0x156/0x580
[  100.732726][  T967] usb 1-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  100.770937][  T967] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  100.787912][ T5771] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  100.791848][  T967] usb 1-1: Product: syz
[  100.801648][ T6502] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  100.808781][  T967] usb 1-1: Manufacturer: syz
[  100.844453][  T967] usb 1-1: SerialNumber: syz
[  100.862050][  T967] usb 1-1: config 0 descriptor??
[  100.905555][ T6502] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_page of __get_node_page+0x17b/0xf40
[  100.907201][  T967] gspca_main: sq930x-2.14.0 probing 2770:930c
[  100.950528][ T6502] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_page of f2fs_new_node_page+0x13a/0x910
[  101.136210][ T5775] syz-executor: attempt to access beyond end of device
[  101.136210][ T5775] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  101.180481][ T5775] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  101.225387][ T5775] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  101.251679][ T6534] loop1: detected capacity change from 0 to 512
[  101.310736][ T6534] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  101.353235][ T6534] EXT4-fs (loop1): 1 truncate cleaned up
[  101.360558][ T6534] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.567591][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.707304][ T6542] loop2: detected capacity change from 0 to 2048
[  101.766758][ T6542] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  101.791700][  T967] gspca_sq930x: ucbus_write failed -71
[  101.849257][ T6547] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  102.034514][  T967] gspca_sq930x: Sensor ov9630 not yet treated
[  102.051206][  T967] sq930x: probe of 1-1:0.0 failed with error -22
[  102.089607][  T967] usb 1-1: USB disconnect, device number 3
[  102.343298][ T6562] capability: warning: `syz.1.265' uses deprecated v2 capabilities in a way that may be insecure
[  102.506346][ T6568] netlink: 48 bytes leftover after parsing attributes in process `syz.1.268'.
[  102.752470][ T6577] syz.2.271 uses obsolete (PF_INET,SOCK_PACKET)
[  103.039389][ T6588] netlink: 12 bytes leftover after parsing attributes in process `syz.1.276'.
[  103.330266][ T6600] binder: 6597:6600 ioctl c018620c 200000000000 returned -22
[  103.836742][ T6612] netlink: 8 bytes leftover after parsing attributes in process `syz.3.285'.
[  103.846172][ T6612] netlink: 8 bytes leftover after parsing attributes in process `syz.3.285'.
[  104.124200][  T967] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  104.334228][  T967] usb 1-1: Using ep0 maxpacket: 16
[  104.343641][  T967] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  104.362486][  T967] usb 1-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  104.363935][ T6630] loop3: detected capacity change from 0 to 1024
[  104.382376][  T967] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.417553][  T967] usb 1-1: config 0 descriptor??
[  104.561787][ T6620] loop2: detected capacity change from 0 to 32768
[  104.849795][  T967] steelseries 0003:1038:1410.0003: not enough fields in HID_OUTPUT_REPORT 0
[  105.109676][  T967] usb 1-1: USB disconnect, device number 4
[  105.207844][ T6645] netlink: 24 bytes leftover after parsing attributes in process `syz.3.301'.
[  105.344231][ T6650] netem: change failed
[  105.534493][ T6652] syzkaller1: tun_chr_ioctl cmd 2148553947
[  105.985963][ T6669] loop0: detected capacity change from 0 to 1024
[  106.266345][ T6669] hfsplus: xattr search failed
[  106.398407][ T6681] loop3: detected capacity change from 0 to 2048
[  106.495873][ T6681] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  106.619444][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.708631][ T6690] loop1: detected capacity change from 0 to 4096
[  106.764176][ T6690] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512).
[  106.847939][ T6690] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  107.016132][ T6700] netlink: 156 bytes leftover after parsing attributes in process `syz.2.324'.
[  107.043372][ T6700] netlink: 24 bytes leftover after parsing attributes in process `syz.2.324'.
[  107.184874][ T6704] netlink: 316 bytes leftover after parsing attributes in process `syz.0.327'.
[  107.699547][ T6722] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  107.713126][ T6720] loop1: detected capacity change from 0 to 16
[  107.730675][ T6720] erofs: (device loop1): mounted with root inode @ nid 36.
[  107.950717][ T6724] loop3: detected capacity change from 0 to 1024
[  108.442656][ T6733] +}[@ calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  108.653319][ T6726] loop1: detected capacity change from 0 to 32768
[  108.684206][ T6726] BTRFS error: device /dev/loop1 already registered with a higher generation, found 8 expect 10
[  108.754543][ T5809] IPVS: starting estimator thread 0...
[  108.783857][ T5759] I/O error, dev loop1, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  108.864706][ T6742] IPVS: using max 22 ests per chain, 52800 per kthread
[  110.674097][    C1] sched: RT throttling activated
[  111.383828][ T6772] loop0: detected capacity change from 0 to 40427
[  111.437277][ T6772] F2FS-fs (loop0): build fault injection attr: rate: 691, type: 0x7ffff
[  111.477048][ T6772] F2FS-fs (loop0): Image doesn't support compression
[  111.537112][ T6772] F2FS-fs (loop0): invalid crc value
[  111.573784][ T6772] F2FS-fs (loop0): Found nat_bits in checkpoint
[  111.876541][ T6770] loop1: detected capacity change from 0 to 262144
[  111.900547][ T6772] F2FS-fs (loop0): Start checkpoint disabled!
[  111.929923][ T6770] F2FS-fs (loop1): Found nat_bits in checkpoint
[  111.965807][ T6772] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  112.004745][ T6770] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  112.035006][ T6769] loop2: detected capacity change from 0 to 32768
[  112.228647][ T6769] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  112.554323][ T6769] XFS (loop2): Ending clean mount
[  112.751464][ T5771] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  112.809290][  T967] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  113.029676][  T967] usb 4-1: config 0 has an invalid interface number: 255 but max is 0
[  113.044439][  T967] usb 4-1: config 0 has no interface number 0
[  113.060829][  T967] usb 4-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30
[  113.104224][  T967] usb 4-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  113.144159][  T967] usb 4-1: config 0 interface 255 has no altsetting 0
[  113.161231][  T967] usb 4-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b
[  113.184536][  T967] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  113.214774][  T967] usb 4-1: config 0 descriptor??
[  113.252602][  T967] ums-realtek 4-1:0.255: USB Mass Storage device detected
[  113.359251][ T6816] loop2: detected capacity change from 0 to 2048
[  113.445794][ T6816] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  113.541351][  T967] usb 4-1: USB disconnect, device number 3
[  113.908145][ T6823] netlink: 4 bytes leftover after parsing attributes in process `syz.0.375'.
[  114.070195][ T6826] loop0: detected capacity change from 0 to 512
[  114.165758][ T6826] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.194364][ T6826] ext4 filesystem being mounted at /114/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  114.348741][ T6833] loop2: detected capacity change from 0 to 1024
[  114.487203][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.700178][ T3435] hfsplus: b-tree write err: -5, ino 4
[  114.890500][ T6843] loop2: detected capacity change from 0 to 1024
[  114.937378][ T6843] hfsplus: bad catalog entry type
[  115.075757][   T12] hfsplus: b-tree write err: -5, ino 4
[  115.838738][ T6858] loop1: detected capacity change from 0 to 1024
[  115.857645][ T6859] program syz.2.387 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  115.919004][ T6858] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  117.194473][ T6882] loop1: detected capacity change from 0 to 256
[  117.277693][ T6845] loop0: detected capacity change from 0 to 262144
[  117.316447][ T6845] F2FS-fs (loop0): invalid crc value
[  117.340001][ T6845] F2FS-fs (loop0): Found nat_bits in checkpoint
[  117.394787][ T6845] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  117.731596][ T6892] loop3: detected capacity change from 0 to 4096
[  117.794584][ T6892] NILFS (loop3): invalid segment: Checksum error in segment payload
[  117.802631][ T6892] NILFS (loop3): trying rollback from an earlier position
[  117.881238][ T6892] NILFS (loop3): recovery complete
[  117.906792][ T6899] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  118.196668][ T6903] Driver unsupported XDP return value 0 on prog  (id 51) dev N/A, expect packet loss!
[  118.664052][ T6894] loop1: detected capacity change from 0 to 40427
[  118.688200][ T6894] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  118.700700][ T6894] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  118.742720][ T6894] F2FS-fs (loop1): invalid crc value
[  118.811765][ T6894] F2FS-fs (loop1): Found nat_bits in checkpoint
[  118.953474][ T6894] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  118.963439][ T6894] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  119.801812][ T6935] loop1: detected capacity change from 0 to 512
[  119.820068][ T6935] EXT4-fs: Ignoring removed mblk_io_submit option
[  119.849482][ T6935] EXT4-fs error (device loop1): ext4_xattr_ibody_find:2244: inode #15: comm syz.1.420: corrupted in-inode xattr: overlapping e_value 
[  119.904318][ T6935] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.420: couldn't read orphan inode 15 (err -117)
[  119.940978][ T6935] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  120.172407][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.209262][ T6932] loop2: detected capacity change from 0 to 32768
[  120.309574][ T6932] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  120.571496][ T6958] input: syz1 as /devices/virtual/input/input7
[  120.598064][ T6932] XFS (loop2): Ending clean mount
[  120.632346][ T6932] XFS (loop2): Quotacheck needed: Please wait.
[  120.788617][ T6932] XFS (loop2): Quotacheck: Done.
[  120.815850][ T6960] netlink: 88 bytes leftover after parsing attributes in process `syz.1.427'.
[  121.166949][ T5771] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  122.246057][ T6978] loop3: detected capacity change from 0 to 32768
[  122.264298][ T5793] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  122.296203][ T6978] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  122.298449][ T6976] loop1: detected capacity change from 0 to 32768
[  122.409504][ T6976] read_mapping_page failed!
[  122.425789][ T7006] loop0: detected capacity change from 0 to 512
[  122.433855][ T6978] XFS (loop3): Ending clean mount
[  122.439193][ T6976] ERROR: (device loop1): txCommit: 
[  122.439193][ T6976] 
[  122.447848][ T5793] usb 3-1: Using ep0 maxpacket: 16
[  122.449124][ T7006] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  122.485198][ T5793] usb 3-1: config 0 has an invalid interface number: 49 but max is 0
[  122.493334][ T5793] usb 3-1: config 0 has no interface number 0
[  122.505659][ T6978] XFS (loop3): Quotacheck needed: Please wait.
[  122.510691][ T7007] find_entry called with index = 0
[  122.519399][ T7006] EXT4-fs (loop0): 1 truncate cleaned up
[  122.530185][ T7006] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  122.563546][ T5793] usb 3-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[  122.574317][ T7007] read_mapping_page failed!
[  122.579130][ T7007] ERROR: (device loop1): txCommit: 
[  122.579130][ T7007] 
[  122.626480][ T5793] usb 3-1: config 0 interface 49 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  122.646672][ T6978] XFS (loop3): Quotacheck: Done.
[  122.647036][ T5793] usb 3-1: config 0 interface 49 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  122.705722][ T5793] usb 3-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[  122.719017][ T5793] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  122.728821][ T5793] usb 3-1: Product: syz
[  122.733049][ T5793] usb 3-1: Manufacturer: syz
[  122.738292][ T5793] usb 3-1: SerialNumber: syz
[  122.754604][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.786351][ T5793] usb 3-1: config 0 descriptor??
[  122.792081][ T6990] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  122.954271][ T5775] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  122.996937][ T7011] input: syz1 as /devices/virtual/input/input8
[  123.097802][ T5793] usb 3-1: USB disconnect, device number 7
[  123.221040][ T7016] loop1: detected capacity change from 0 to 64
[  123.278646][ T7016] hfs: walked past end of dir
[  123.483290][ T7022] loop0: detected capacity change from 0 to 512
[  123.499545][ T7022] EXT4-fs (loop0): orphan cleanup on readonly fs
[  123.546651][ T7022] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.451: bg 0: block 248: padding at end of block bitmap is not set
[  123.596933][ T7022] Quota error (device loop0): write_blk: dquota write failed
[  123.611519][ T7022] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  123.626184][ T7029] netlink: 16 bytes leftover after parsing attributes in process `syz.1.453'.
[  123.631671][ T7022] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.451: Failed to acquire dquot type 1
[  123.664893][ T7022] EXT4-fs (loop0): 1 truncate cleaned up
[  123.696058][ T7022] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  123.837764][ T7022] EXT4-fs (loop0): warning: mounting fs with errors, running e2fsck is recommended
[  123.920433][ T7038] loop3: detected capacity change from 0 to 512
[  123.949827][ T7022] EXT4-fs (loop0): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  124.000466][ T7041] loop2: detected capacity change from 0 to 1024
[  124.013323][ T7038] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  124.030366][ T7038] ext4 filesystem being mounted at /120/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  124.031750][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.054789][ T7041] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  124.062179][ T7045] loop1: detected capacity change from 0 to 512
[  124.224506][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.253945][ T7045] EXT4-fs (loop1): 1 orphan inode deleted
[  124.311816][   T58] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  124.312742][ T7045] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  124.337992][   T58] EXT4-fs error (device loop1): ext4_release_dquot:6974: comm kworker/u4:4: Failed to release dquot type 1
[  124.340783][ T7045] ext4 filesystem being mounted at /108/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  124.397498][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.475195][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  124.492536][   T12] Quota error (device loop1): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  124.513701][   T12] EXT4-fs error (device loop1): ext4_release_dquot:6974: comm kworker/u4:1: Failed to release dquot type 1
[  124.821222][ T7065] loop0: detected capacity change from 0 to 16
[  124.832420][ T7065] erofs: (device loop0): mounted with root inode @ nid 36.
[  125.185520][ T7070] loop2: detected capacity change from 0 to 4096
[  125.219456][ T7060] loop1: detected capacity change from 0 to 40427
[  125.269799][ T7060] F2FS-fs (loop1): build fault injection attr: rate: 4, type: 0x7ffff
[  125.303497][ T7060] F2FS-fs (loop1): Image doesn't support compression
[  125.347471][ T7060] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x2ac
[  125.377067][ T7060] F2FS-fs (loop1): invalid crc value
[  125.398196][ T7060] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_page of __get_meta_page+0x156/0x580
[  125.442593][ T7060] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x644/0x920
[  125.491442][ T7060] F2FS-fs (loop1): Found nat_bits in checkpoint
[  125.497800][ T7070] ntfs3: loop2: failed to convert "0080" to koi8-ru
[  125.563113][ T7070] ntfs3: loop2: failed to convert name for inode 1e.
[  125.590742][ T7070] ntfs3: loop2: failed to convert "256c" to koi8-ru
[  125.627295][ T7060] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x644/0x920
[  125.674652][ T7060] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x644/0x920
[  125.701758][ T7060] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_page of __get_meta_page+0x156/0x580
[  125.776357][ T7060] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  125.913405][ T7082] netdevsim netdevsim2 netdevsim2: entered allmulticast mode
[  125.943213][ T7082] pimreg: entered allmulticast mode
[  125.944310][ T7060] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_page of f2fs_get_read_data_page+0xc0/0x5c0
[  125.985801][ T7086] netlink: 'syz.3.475': attribute type 13 has an invalid length.
[  126.002342][ T7086] netlink: 24859 bytes leftover after parsing attributes in process `syz.3.475'.
[  126.028220][ T7060] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_page of f2fs_new_node_page+0x13a/0x910
[  126.087891][ T7060] F2FS-fs (loop1): inject alloc nid in f2fs_alloc_nid of f2fs_new_inode+0xff/0x1020
[  126.187613][ T5770] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_page of f2fs_grab_meta_page+0x67/0x210
[  126.216343][   T27] audit: type=1326 audit(1751312090.155:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7091 comm="syz.3.478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f689e58e929 code=0x7ffc0000
[  126.270258][   T27] audit: type=1326 audit(1751312090.155:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7091 comm="syz.3.478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f689e58e929 code=0x7ffc0000
[  126.376632][   T27] audit: type=1326 audit(1751312090.205:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7091 comm="syz.3.478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f689e58e929 code=0x7ffc0000
[  126.438750][   T27] audit: type=1326 audit(1751312090.205:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7091 comm="syz.3.478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f689e58e929 code=0x7ffc0000
[  126.488390][   T27] audit: type=1326 audit(1751312090.205:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7091 comm="syz.3.478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f689e58e929 code=0x7ffc0000
[  126.547067][   T27] audit: type=1326 audit(1751312090.205:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7091 comm="syz.3.478" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f689e58e929 code=0x7ffc0000
[  126.569176][    C1] vkms_vblank_simulate: vblank timer overrun
[  126.793296][ T7106] loop3: detected capacity change from 0 to 2048
[  126.837456][ T7112] netlink: 20 bytes leftover after parsing attributes in process `syz.2.486'.
[  126.852920][ T7106] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  126.865117][ T7112] netem: invalid attributes len -18
[  126.870349][ T7112] netem: change failed
[  127.119101][ T7122] overlayfs: conflicting options: userxattr,metacopy=on
[  127.166437][ T7124] loop3: detected capacity change from 0 to 1024
[  127.581466][ T7133] loop3: detected capacity change from 0 to 4096
[  127.649653][ T7133] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  127.773679][ T7135] netlink: 8 bytes leftover after parsing attributes in process `syz.1.498'.
[  127.872320][ T7126] loop2: detected capacity change from 0 to 32768
[  127.923640][ T7128] loop0: detected capacity change from 0 to 40427
[  127.942183][ T7128] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x7ffff
[  127.958525][ T7128] F2FS-fs (loop0): build fault injection attr: rate: 0, type: 0x2
[  127.971901][ T7128] F2FS-fs (loop0): Image doesn't support compression
[  127.988136][ T7128] F2FS-fs (loop0): Image doesn't support compression
[  128.000851][ T7128] F2FS-fs (loop0): invalid crc value
[  128.008396][ T7126] JBD2: Ignoring recovery information on journal
[  128.030695][ T7128] F2FS-fs (loop0): Found nat_bits in checkpoint
[  128.113625][ T7128] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  128.174533][ T7126] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  128.301212][ T5767] syz-executor: attempt to access beyond end of device
[  128.301212][ T5767] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  128.330212][ T5767] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  128.490785][ T5771] ocfs2: Unmounting device (7,2) on (node local)
[  129.164661][ T5776] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  129.189099][ T5776] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  129.201891][ T5776] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  129.213711][ T5776] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  129.234399][ T5776] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  129.241819][ T5776] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  129.643165][ T7158] chnl_net:caif_netlink_parms(): no params data found
[  129.788717][ T7158] bridge0: port 1(bridge_slave_0) entered blocking state
[  129.804298][ T7158] bridge0: port 1(bridge_slave_0) entered disabled state
[  129.830572][ T7158] bridge_slave_0: entered allmulticast mode
[  129.852154][ T7158] bridge_slave_0: entered promiscuous mode
[  129.878863][ T7158] bridge0: port 2(bridge_slave_1) entered blocking state
[  129.893278][ T7158] bridge0: port 2(bridge_slave_1) entered disabled state
[  129.901817][ T7158] bridge_slave_1: entered allmulticast mode
[  129.925637][ T7158] bridge_slave_1: entered promiscuous mode
[  129.972593][ T7158] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  129.985860][ T7158] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  130.029213][ T7181] loop3: detected capacity change from 0 to 512
[  130.045411][ T7158] team0: Port device team_slave_0 added
[  130.053201][ T7181] EXT4-fs: Ignoring removed orlov option
[  130.061766][ T7158] team0: Port device team_slave_1 added
[  130.085875][ T7181] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.103049][ T7181] ext4 filesystem being mounted at /136/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  130.120019][ T7158] batman_adv: batadv0: Adding interface: batadv_slave_0
[  130.131854][ T7158] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  130.160034][ T7158] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  130.173391][ T7158] batman_adv: batadv0: Adding interface: batadv_slave_1
[  130.178376][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.181506][ T7158] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  130.224562][ T5758] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  130.225376][ T7158] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  130.302479][ T7158] hsr_slave_0: entered promiscuous mode
[  130.316289][ T7158] hsr_slave_1: entered promiscuous mode
[  130.324051][ T7158] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  130.333547][ T7158] Cannot create hsr debugfs directory
[  130.428294][ T5758] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  130.441227][ T5758] usb 3-1: config 0 has no interface number 0
[  130.457979][ T5758] usb 3-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  130.476905][ T5758] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  130.494920][ T5758] usb 3-1: Product: syz
[  130.503622][ T5758] usb 3-1: Manufacturer: syz
[  130.513950][ T5758] usb 3-1: SerialNumber: syz
[  130.527657][ T5758] usb 3-1: config 0 descriptor??
[  130.621282][ T7198] program syz.3.522 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  130.732701][ T7158] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  130.746447][ T5758] usb 3-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  130.760781][ T5758] usb 3-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  130.775140][ T7158] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  130.788743][ T5758] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  130.799155][ T7158] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  130.816509][ T5758] usb 3-1: media controller created
[  130.838780][ T7158] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  130.841046][ T5758] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  130.891892][ T7204] loop3: detected capacity change from 0 to 2048
[  130.945800][ T7204] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.990050][ T7204] EXT4-fs error (device loop3): ext4_find_extent:936: inode #2: comm syz.3.525: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  131.007761][ T7158] 8021q: adding VLAN 0 to HW filter on device bond0
[  131.020745][ T7204] EXT4-fs (loop3): Remounting filesystem read-only
[  131.041837][ T7158] 8021q: adding VLAN 0 to HW filter on device team0
[  131.060282][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.067529][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[  131.087875][  T133] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.095083][  T133] bridge0: port 2(bridge_slave_1) entered forwarding state
[  131.118517][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.286277][   T50] Bluetooth: hci1: command tx timeout
[  131.366864][ T7221] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  131.678898][ T7158] 8021q: adding VLAN 0 to HW filter on device batadv0
[  131.797161][ T7239] tipc: Started in network mode
[  131.816736][ T7239] tipc: Node identity , cluster identity 4711
[  131.822909][ T7239] tipc: Failed to set node id, please configure manually
[  131.832937][ T7239] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  131.929130][ T5758] i2c i2c-1: ec100: i2c rd failed=-110 reg=33
[  132.025845][ T5758] usb 3-1: USB disconnect, device number 8
[  132.234550][ T7158] veth0_vlan: entered promiscuous mode
[  132.251146][ T7158] veth1_vlan: entered promiscuous mode
[  132.320006][ T7158] veth0_macvtap: entered promiscuous mode
[  132.330929][ T7158] veth1_macvtap: entered promiscuous mode
[  132.363231][ T7158] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  132.384035][ T7158] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  132.395908][ T7158] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  132.416371][ T7158] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  132.426398][ T7158] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  132.437573][ T7158] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  132.447799][ T7158] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  132.458375][ T7158] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  132.472604][ T7158] batman_adv: batadv0: Interface activated: batadv_slave_0
[  132.508597][ T7158] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  132.541326][ T7158] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  132.564510][ T7158] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  132.580685][ T7158] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  132.604619][ T7158] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  132.619807][ T7266] sctp: [Deprecated]: syz.0.546 (pid 7266) Use of int in max_burst socket option deprecated.
[  132.619807][ T7266] Use struct sctp_assoc_value instead
[  132.628198][ T7158] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  132.666982][ T7158] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  132.694191][ T7158] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  132.712700][ T7158] batman_adv: batadv0: Interface activated: batadv_slave_1
[  132.732026][ T7158] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  132.747056][ T7158] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  132.760345][ T7158] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  132.769146][ T7158] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  132.793626][ T7270] (unnamed net_device) (uninitialized): option active_slave: mode dependency failed, not supported in mode balance-rr(0)
[  132.807540][ T7274] loop2: detected capacity change from 0 to 1024
[  132.939369][ T1131] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  132.970290][ T1131] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  133.033052][   T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  133.040149][ T7279] loop0: detected capacity change from 0 to 2048
[  133.059962][   T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  133.067644][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  133.088282][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  133.123501][ T7279] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  133.153642][ T7279] ext4 filesystem being mounted at /158/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  133.264308][  T967] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[  133.276841][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.365118][   T50] Bluetooth: hci1: command tx timeout
[  133.486233][  T967] usb 4-1: config 0 has an invalid interface number: 120 but max is 0
[  133.498697][  T967] usb 4-1: config 0 has no interface number 0
[  133.512671][  T967] usb 4-1: config 0 interface 120 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 10
[  133.539076][  T967] usb 4-1: config 0 interface 120 altsetting 0 endpoint 0x8A has invalid maxpacket 255, setting to 64
[  133.574356][  T967] usb 4-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58
[  133.602325][  T967] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.627145][  T967] usb 4-1: config 0 descriptor??
[  133.643133][ T7278] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  133.655583][  T967] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.120/input/input9
[  133.687138][ T7308] netlink: 'syz.0.565': attribute type 12 has an invalid length.
[  133.705684][ T7308] netlink: 'syz.0.565': attribute type 29 has an invalid length.
[  133.715054][ T7308] netlink: 'syz.0.565': attribute type 2 has an invalid length.
[  133.722817][ T7308] netlink: 'syz.0.565': attribute type 2 has an invalid length.
[  133.730958][ T7308] netlink: 'syz.0.565': attribute type 1 has an invalid length.
[  133.738974][ T7308] netlink: 'syz.0.565': attribute type 37 has an invalid length.
[  133.747363][ T7308] netlink: 'syz.0.565': attribute type 2 has an invalid length.
[  133.775634][ T7308] bridge0: port 1(bridge_slave_0) entered disabled state
[  133.813563][ T7310] loop2: detected capacity change from 0 to 4096
[  133.825875][ T7310] ntfs3: loop2: Different NTFS sector size (1024) and media sector size (512).
[  133.933273][  T967] usb 4-1: USB disconnect, device number 4
[  133.953356][ T7310] ntfs3: loop2: ino=1e, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" failed to parse mft record
[  134.012423][ T7312] loop0: detected capacity change from 0 to 2048
[  134.023002][   T41] ntfs3: loop2: ino=1e, failed to parse mft record
[  134.083595][ T7312] EXT4-fs (loop0): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.136335][ T7306] loop4: detected capacity change from 0 to 32768
[  134.144012][ T7306] XFS: ikeep mount option is deprecated.
[  134.167376][ T5767] EXT4-fs (loop0): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  134.188814][ T7306] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  134.294229][ T7306] XFS (loop4): Ending clean mount
[  134.300953][ T7306] XFS (loop4): Quotacheck needed: Please wait.
[  134.333467][ T7306] XFS (loop4): Quotacheck: Done.
[  134.436969][ T7158] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  134.493964][ T7331] loop2: detected capacity change from 0 to 4096
[  134.624718][ T7331] overlayfs: upper fs does not support tmpfile.
[  134.640109][ T7331] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  135.057202][ T7355] loop2: detected capacity change from 0 to 512
[  135.071546][ T7355] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  135.080186][ T7355] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  135.092419][ T7355] EXT4-fs (loop2): 1 truncate cleaned up
[  135.100291][ T7355] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  135.143203][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.253349][ T7364] tipc: Started in network mode
[  135.258524][ T7364] tipc: Node identity 7365725f69643d3, cluster identity 4711
[  135.266607][ T7364] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  135.444496][   T50] Bluetooth: hci1: command tx timeout
[  136.252113][ T7382] loop4: detected capacity change from 0 to 512
[  136.296276][ T7382] EXT4-fs (loop4): orphan cleanup on readonly fs
[  136.317606][ T7382] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm syz.4.569: bg 0: block 248: padding at end of block bitmap is not set
[  136.358219][ T7382] __quota_error: 79 callbacks suppressed
[  136.358231][ T7382] Quota error (device loop4): write_blk: dquota write failed
[  136.380572][ T7382] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  136.393713][ T7382] EXT4-fs error (device loop4): ext4_acquire_dquot:6938: comm syz.4.569: Failed to acquire dquot type 1
[  136.436319][ T7382] EXT4-fs (loop4): 1 truncate cleaned up
[  137.339540][ T7382] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  137.381288][ T7382] EXT4-fs (loop4): warning: mounting fs with errors, running e2fsck is recommended
[  137.420146][ T7382] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  137.534673][ T7370] loop2: detected capacity change from 0 to 262144
[  137.544054][   T50] Bluetooth: hci1: command tx timeout
[  137.551183][ T7370] F2FS-fs (loop2): invalid crc value
[  137.559106][ T7158] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.585297][ T7370] F2FS-fs (loop2): Found nat_bits in checkpoint
[  137.635260][ T7370] F2FS-fs (loop2): Start checkpoint disabled!
[  137.654213][ T7370] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  137.788977][ T7407] loop4: detected capacity change from 0 to 1024
[  137.981469][ T7413] netlink: 8 bytes leftover after parsing attributes in process `syz.4.605'.
[  138.401429][ T7404] loop3: detected capacity change from 0 to 32768
[  138.482400][ T7404] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  138.726176][ T7404] XFS (loop3): Ending clean mount
[  138.753532][ T7404] XFS (loop3): Quotacheck needed: Please wait.
[  138.864208][ T7404] XFS (loop3): Quotacheck: Done.
[  139.061442][ T5775] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  139.141356][ T7437] loop4: detected capacity change from 0 to 4096
[  139.233871][ T7437] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  139.275568][ T7437] ntfs3: loop4: Failed to load $Extend (-22).
[  139.281705][ T7437] ntfs3: loop4: Failed to initialize $Extend.
[  139.529057][ T7442] mkiss: ax0: crc mode is auto.
[  139.605359][   T50] Bluetooth: hci1: command tx timeout
[  139.883628][ T7448] loop0: detected capacity change from 0 to 4096
[  139.923934][ T7448] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  139.984017][   T27] audit: type=1800 audit(1751312103.915:96): pid=7448 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.615" name="file1" dev="loop0" ino=30 res=0 errno=0
[  140.064006][ T7454] input: syz1 as /devices/virtual/input/input10
[  140.074266][ T7454] input: failed to attach handler leds to device input10, error: -6
[  140.528627][ T7466] loop4: detected capacity change from 0 to 256
[  140.554308][ T7466] exfat: Deprecated parameter 'namecase'
[  140.576174][ T7466] exfat: Deprecated parameter 'utf8'
[  140.619775][ T7466] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001ff53, chksum : 0xd72bb7d8, utbl_chksum : 0xe619d30d)
[  140.698291][ T7466] autofs4:pid:7466:autofs_fill_super: could not open pipe file descriptor
[  141.031779][ T7468] loop2: detected capacity change from 0 to 40427
[  141.057020][ T7468] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  141.066122][ T7468] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  141.081848][ T7468] F2FS-fs (loop2): invalid crc value
[  141.100355][ T7468] F2FS-fs (loop2): Found nat_bits in checkpoint
[  141.205367][ T7468] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  141.212457][ T7468] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  141.412493][ T7493] loop0: detected capacity change from 0 to 2048
[  141.464561][ T7494] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  142.811201][ T7539] netlink: 'syz.3.653': attribute type 4 has an invalid length.
[  142.869826][ T7520] loop0: detected capacity change from 0 to 40427
[  142.878083][ T7520] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  142.885944][ T7520] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  142.896896][ T7520] F2FS-fs (loop0): invalid crc value
[  142.915804][ T7520] F2FS-fs (loop0): Found nat_bits in checkpoint
[  142.939101][ T7547] loop3: detected capacity change from 0 to 512
[  142.965490][ T7520] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  142.974624][ T7520] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  142.987693][ T7547] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[  143.009340][ T7547] EXT4-fs (loop3): Remounting filesystem read-only
[  143.022172][ T7547] EXT4-fs (loop3): 1 truncate cleaned up
[  143.037013][ T7547] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.096625][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.504544][ T7564] netlink: 8 bytes leftover after parsing attributes in process `syz.2.663'.
[  144.223258][ T7572] loop3: detected capacity change from 0 to 32768
[  144.279655][ T7572] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  144.339967][ T7572] XFS (loop3): Ending clean mount
[  144.354434][ T5758] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  144.410902][ T7577] loop4: detected capacity change from 0 to 40427
[  144.424479][ T7577] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  144.437975][ T7577] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  144.460380][ T7577] F2FS-fs (loop4): invalid crc value
[  144.490037][ T7577] F2FS-fs (loop4): Found nat_bits in checkpoint
[  144.539645][ T5775] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  144.559306][ T5758] usb 3-1: config 0 has an invalid interface number: 255 but max is 0
[  144.569081][ T5758] usb 3-1: config 0 has no interface number 0
[  144.583788][ T5758] usb 3-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30
[  144.611223][ T7577] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  144.618771][ T5758] usb 3-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  144.632346][ T7577] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  144.641320][ T5758] usb 3-1: config 0 interface 255 has no altsetting 0
[  144.649078][ T5758] usb 3-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b
[  144.659531][ T5758] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.671219][ T5758] usb 3-1: config 0 descriptor??
[  144.680625][ T5758] ums-realtek 3-1:0.255: USB Mass Storage device detected
[  144.858571][ T7604] netlink: 8 bytes leftover after parsing attributes in process `syz.0.675'.
[  144.928647][ T5758] usb 3-1: USB disconnect, device number 9
[  145.060922][ T7608] loop0: detected capacity change from 0 to 128
[  145.260915][ T7612] loop4: detected capacity change from 0 to 1024
[  145.350587][ T7611] hfsplus: invalid extended attribute record
[  145.427380][   T58] hfsplus: b-tree write err: -5, ino 4
[  145.491880][ T7603] loop3: detected capacity change from 0 to 40427
[  145.519550][ T7603] F2FS-fs (loop3): build fault injection attr: rate: 4, type: 0x7ffff
[  145.543001][ T7603] F2FS-fs (loop3): Image doesn't support compression
[  145.550196][ T7603] F2FS-fs (loop3): build fault injection attr: rate: 0, type: 0x2ac
[  145.578100][ T7603] F2FS-fs (loop3): invalid crc value
[  145.606011][ T7603] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_page of __get_meta_page+0x156/0x580
[  145.610576][ T7622] netlink: 36 bytes leftover after parsing attributes in process `syz.0.684'.
[  145.632639][ T7603] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x644/0x920
[  145.674198][ T7603] F2FS-fs (loop3): Found nat_bits in checkpoint
[  145.778115][ T7603] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x644/0x920
[  145.810265][ T7603] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x644/0x920
[  145.828283][ T7603] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_page of __get_meta_page+0x156/0x580
[  145.907905][ T7603] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  146.012683][ T7603] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_page of f2fs_get_read_data_page+0xc0/0x5c0
[  146.045392][ T7603] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_page of f2fs_new_node_page+0x13a/0x910
[  146.071787][ T7603] F2FS-fs (loop3): inject alloc nid in f2fs_alloc_nid of f2fs_new_inode+0xff/0x1020
[  146.112343][ T7647] tap0: tun_chr_ioctl cmd 1074025677
[  146.123920][ T7647] tap0: linktype set to 0
[  146.132879][ T5775] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_page of f2fs_grab_meta_page+0x67/0x210
[  146.185322][ T7650] loop4: detected capacity change from 0 to 512
[  146.271871][ T7650] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  146.294827][ T7650] ext4 filesystem being mounted at /32/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  146.418272][ T7659] TCP: TCP_TX_DELAY enabled
[  146.504977][ T7158] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.596311][ T7661] loop0: detected capacity change from 0 to 4096
[  146.778385][ T7661] overlayfs: upper fs does not support tmpfile.
[  146.801691][ T7661] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  147.300169][ T7685] raw_sendmsg: syz.4.711 forgot to set AF_INET. Fix it!
[  147.548953][ T7691] loop4: detected capacity change from 0 to 4096
[  147.565299][ T7672] loop3: detected capacity change from 0 to 32768
[  147.579740][ T7672] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.705 (7672)
[  147.626167][ T7672] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  147.654281][ T7672] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  147.682440][ T7691] overlayfs: upper fs does not support tmpfile.
[  147.682919][ T7672] BTRFS info (device loop3): enabling auto defrag
[  147.700325][ T7691] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  147.714224][ T7672] BTRFS info (device loop3): doing ref verification
[  147.720877][ T7672] BTRFS info (device loop3): use no compression
[  147.734320][ T7672] BTRFS info (device loop3): force clearing of disk cache
[  147.741499][ T7672] BTRFS info (device loop3): setting nodatacow, compression disabled
[  147.774480][ T7672] BTRFS info (device loop3): disabling free space tree
[  147.953857][ T7672] BTRFS info (device loop3): enabling ssd optimizations
[  147.981314][ T7672] BTRFS info (device loop3): auto enabling async discard
[  147.999638][ T7697] loop0: detected capacity change from 0 to 32768
[  148.009002][ T7697] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop0 scanned by syz.0.717 (7697)
[  148.009684][ T7672] BTRFS info (device loop3): rebuilding free space tree
[  148.047225][ T7697] BTRFS info (device loop0): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  148.056004][ T7672] BTRFS info (device loop3): disabling free space tree
[  148.063612][ T7697] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  148.072990][ T7697] BTRFS info (device loop0): setting nodatacow, compression disabled
[  148.074070][ T7672] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  148.092232][ T7697] BTRFS info (device loop0): turning on flush-on-commit
[  148.099341][ T7697] BTRFS info (device loop0): using free space tree
[  148.100373][ T7672] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  148.189182][ T7697] BTRFS info (device loop0): enabling ssd optimizations
[  148.204584][ T7697] BTRFS info (device loop0): auto enabling async discard
[  148.286823][ T5793] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[  148.293867][ T5775] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  148.322529][ T5767] BTRFS info (device loop0): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  148.486998][ T5793] usb 5-1: config 0 has an invalid interface number: 227 but max is 0
[  148.502910][ T5793] usb 5-1: config 0 has no interface number 0
[  148.521306][ T5793] usb 5-1: config 0 interface 227 altsetting 7 endpoint 0x6 has invalid maxpacket 512, setting to 64
[  148.542679][ T5793] usb 5-1: config 0 interface 227 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  148.574207][ T5793] usb 5-1: config 0 interface 227 altsetting 7 endpoint 0x82 has invalid wMaxPacketSize 0
[  148.594200][ T5793] usb 5-1: config 0 interface 227 has no altsetting 0
[  148.613849][ T5793] usb 5-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=58.dd
[  148.625573][ T5793] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.633604][ T5793] usb 5-1: Product: syz
[  148.652323][ T5793] usb 5-1: Manufacturer: syz
[  148.681180][ T5793] usb 5-1: SerialNumber: syz
[  148.698851][ T5793] usb 5-1: config 0 descriptor??
[  148.704737][ T7720] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  148.725200][ T5793] usbtouchscreen: probe of 5-1:0.227 failed with error -90
[  148.747395][ T7746] loop3: detected capacity change from 0 to 4096
[  148.778348][ T7746] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  148.807781][ T7746] ntfs3: loop3: Failed to load $Extend (-22).
[  148.821247][ T7746] ntfs3: loop3: Failed to initialize $Extend.
[  148.873455][ T7752] loop0: detected capacity change from 0 to 1024
[  148.890326][ T7752] EXT4-fs: Ignoring removed i_version option
[  148.939324][ T7752] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  148.950046][  T967] usb 5-1: USB disconnect, device number 2
[  149.008128][ T7752] EXT4-fs error (device loop0): ext4_map_blocks:718: inode #3: block 1: comm syz.0.726: lblock 1 mapped to illegal pblock 1 (length 1)
[  149.038127][ T7752] Quota error (device loop0): write_blk: dquota write failed
[  149.038201][ T7752] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  149.038269][ T7752] EXT4-fs error (device loop0): ext4_acquire_dquot:6938: comm syz.0.726: Failed to acquire dquot type 0
[  149.041092][ T7752] EXT4-fs error (device loop0): ext4_free_blocks:6681: comm syz.0.726: Freeing blocks not in datazone - block = 0, count = 4096
[  149.042202][ T7752] EXT4-fs error (device loop0): ext4_read_inode_bitmap:140: comm syz.0.726: Invalid inode bitmap blk 0 in block_group 0
[  149.044064][ T7752] EXT4-fs error (device loop0) in ext4_free_inode:363: Corrupt filesystem
[  149.054324][ T7752] EXT4-fs (loop0): 1 orphan inode deleted
[  149.125829][ T7752] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  149.130401][  T133] EXT4-fs error (device loop0): ext4_map_blocks:608: inode #3: block 1: comm kworker/u4:5: lblock 1 mapped to illegal pblock 1 (length 1)
[  149.167744][ T7752] EXT4-fs error (device loop0): ext4_nfs_get_inode:1551: inode #12: comm syz.0.726: iget: bad extra_isize 65535 (inode size 256)
[  149.201973][  T133] Quota error (device loop0): remove_tree: Can't read quota data block 1
[  149.234482][  T133] EXT4-fs error (device loop0): ext4_release_dquot:6974: comm kworker/u4:5: Failed to release dquot type 0
[  149.264244][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.763898][ T7787] netlink: 56 bytes leftover after parsing attributes in process `syz.4.743'.
[  149.895563][ T7793] loop3: detected capacity change from 0 to 512
[  149.903512][ T7793] EXT4-fs (loop3): Test dummy encryption mode enabled
[  149.910558][ T7793] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  149.923752][ T7793] EXT4-fs error (device loop3): ext4_find_inline_data_nolock:164: inode #17: comm syz.3.746: inline data xattr refers to an external xattr inode
[  149.940631][ T7793] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.746: couldn't read orphan inode 17 (err -117)
[  149.959122][ T7793] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  150.158419][ T7785] loop0: detected capacity change from 0 to 32768
[  150.203779][ T7785] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  150.284428][ T7793] fscrypt: AES-256-XTS using implementation "xts-aes-aesni"
[  150.296726][ T7806] loop2: detected capacity change from 0 to 1024
[  150.357477][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.376155][ T7806] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  150.409596][ T7806] ext4 filesystem being mounted at /165/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  150.488547][ T5771] EXT4-fs error (device loop2): ext4_readdir:263: inode #2: block 16: comm syz-executor: path /165/file1: bad entry in directory: rec_len is smaller than minimal - offset=876, inode=0, rec_len=0, size=1024 fake=0
[  150.541069][ T5771] EXT4-fs error (device loop2): ext4_readdir:263: inode #11: block 37: comm syz-executor: path /165/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0
[  150.571695][ T5771] EXT4-fs error (device loop2): ext4_empty_dir:3177: inode #11: block 37: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=5120, inode=0, rec_len=1279, size=1024 fake=0
[  150.607434][ T5771] EXT4-fs error (device loop2): ext4_readdir:263: inode #11: block 37: comm syz-executor: path /165/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0
[  150.643284][ T5771] EXT4-fs error (device loop2): ext4_empty_dir:3177: inode #11: block 37: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=5120, inode=0, rec_len=1279, size=1024 fake=0
[  150.644442][ T5767] ocfs2: Unmounting device (7,0) on (node local)
[  150.676916][ T5771] EXT4-fs error (device loop2): ext4_readdir:263: inode #11: block 37: comm syz-executor: path /165/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0
[  150.735789][ T5771] EXT4-fs error (device loop2): ext4_empty_dir:3177: inode #11: block 37: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=5120, inode=0, rec_len=1279, size=1024 fake=0
[  150.770029][ T5771] EXT4-fs error (device loop2): ext4_readdir:263: inode #11: block 37: comm syz-executor: path /165/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0
[  150.799253][ T5771] EXT4-fs error (device loop2): ext4_empty_dir:3177: inode #11: block 37: comm syz-executor: bad entry in directory: rec_len % 4 != 0 - offset=5120, inode=0, rec_len=1279, size=1024 fake=0
[  150.830019][ T5771] EXT4-fs error (device loop2): ext4_readdir:263: inode #11: block 37: comm syz-executor: path /165/file1/lost+found: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=0, rec_len=1279, size=1024 fake=0
[  151.253104][ T7833] loop0: detected capacity change from 0 to 512
[  151.292788][ T7833] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  151.328126][ T7833] ext4 filesystem being mounted at /230/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  151.396214][ T7839] netlink: 20 bytes leftover after parsing attributes in process `syz.3.760'.
[  151.410968][ T7683] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.484281][ T7839] netlink: 20 bytes leftover after parsing attributes in process `syz.3.760'.
[  151.547146][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.910499][ T3435] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.028298][ T3435] netdevsim netdevsim2 netdevsim2 (unregistering): left allmulticast mode
[  152.055929][ T3435] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.238642][ T3435] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.311653][ T7847] loop4: detected capacity change from 0 to 32768
[  152.388411][ T3435] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.426712][ T7847] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  152.636086][ T7864] loop3: detected capacity change from 0 to 16
[  152.681184][ T7158] ocfs2: Unmounting device (7,4) on (node local)
[  152.687626][ T7864] erofs: (device loop3): mounted with root inode @ nid 36.
[  152.780506][ T5776] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  152.793387][ T5776] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  152.803189][ T5776] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  152.855162][ T5776] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  152.866326][ T5776] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  152.890917][ T5776] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  153.036402][ T7870] ALSA: mixer_oss: invalid OSS volume '·'
[  153.391313][ T7888] loop0: detected capacity change from 0 to 1024
[  153.538302][   T41] hfsplus: b-tree write err: -5, ino 8
[  153.680223][ T7865] chnl_net:caif_netlink_parms(): no params data found
[  153.854688][ T7901] can0: slcan on ttyS3.
[  153.936517][ T7905] can0 (unregistered): slcan off ttyS3.
[  154.001651][ T7906] can0: slcan on ttyS3.
[  154.250123][ T7899] can0 (unregistered): slcan off ttyS3.
[  154.306141][ T7865] bridge0: port 1(bridge_slave_0) entered blocking state
[  154.333524][ T7865] bridge0: port 1(bridge_slave_0) entered disabled state
[  154.352734][ T7865] bridge_slave_0: entered allmulticast mode
[  154.365741][ T7865] bridge_slave_0: entered promiscuous mode
[  154.447013][ T7865] bridge0: port 2(bridge_slave_1) entered blocking state
[  154.454916][ T7865] bridge0: port 2(bridge_slave_1) entered disabled state
[  154.462154][ T7865] bridge_slave_1: entered allmulticast mode
[  154.470258][ T7865] bridge_slave_1: entered promiscuous mode
[  154.497945][ T7927] netlink: 'syz.4.796': attribute type 15 has an invalid length.
[  154.553322][ T7865] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  154.586930][ T7865] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  154.621672][ T3435] hsr_slave_0: left promiscuous mode
[  154.629144][ T3435] hsr_slave_1: left promiscuous mode
[  154.658671][ T3435] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  154.666611][ T3435] batman_adv: batadv0: Removing interface: batadv_slave_0
[  154.685645][ T3435] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  154.693294][ T3435] batman_adv: batadv0: Removing interface: batadv_slave_1
[  154.701768][ T3435] bridge_slave_1: left allmulticast mode
[  154.707776][ T3435] bridge_slave_1: left promiscuous mode
[  154.719647][ T3435] bridge0: port 2(bridge_slave_1) entered disabled state
[  154.749752][ T3435] bridge_slave_0: left allmulticast mode
[  154.756278][ T3435] bridge_slave_0: left promiscuous mode
[  154.762193][ T3435] bridge0: port 1(bridge_slave_0) entered disabled state
[  154.827465][ T3435] veth1_to_batadv: left promiscuous mode
[  154.842639][ T3435] veth1_macvtap: left promiscuous mode
[  154.860438][ T3435] veth0_macvtap: left promiscuous mode
[  154.866356][ T3435] veth1_vlan: left promiscuous mode
[  154.879912][ T3435] veth0_vlan: left promiscuous mode
[  154.964508][   T50] Bluetooth: hci2: command tx timeout
[  155.147317][ T3435] pimreg (unregistering): left allmulticast mode
[  155.650133][ T3435] team0 (unregistering): Port device team_slave_1 removed
[  155.700634][ T3435] team0 (unregistering): Port device team_slave_0 removed
[  155.752111][ T3435] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  155.796005][ T3435] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  156.144308][ T5809] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  156.376291][ T5809] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  156.387454][ T5809] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  156.397356][ T5809] usb 1-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  156.407546][ T5809] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.417822][ T5809] usb 1-1: config 0 descriptor??
[  156.426229][ T3435] bond0 (unregistering): Released all slaves
[  156.572091][ T7865] team0: Port device team_slave_0 added
[  156.592819][ T7865] team0: Port device team_slave_1 added
[  156.641391][ T7865] batman_adv: batadv0: Adding interface: batadv_slave_0
[  156.653962][ T7865] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.681677][ T7865] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  156.698798][ T7865] batman_adv: batadv0: Adding interface: batadv_slave_1
[  156.706093][ T7865] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.732447][ T7865] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  156.762440][ T7955] netlink: 15999 bytes leftover after parsing attributes in process `syz.3.810'.
[  156.840071][ T5809] isku 0003:1E7D:319C.0004: unknown main item tag 0x0
[  156.848613][ T5809] isku 0003:1E7D:319C.0004: unknown main item tag 0x0
[  156.895387][ T5809] isku 0003:1E7D:319C.0004: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.0-1/input0
[  156.958853][ T7865] hsr_slave_0: entered promiscuous mode
[  156.978874][ T7865] hsr_slave_1: entered promiscuous mode
[  156.994625][ T7865] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  157.002233][ T7865] Cannot create hsr debugfs directory
[  157.044404][   T50] Bluetooth: hci2: command tx timeout
[  157.244837][ T3435] IPVS: stop unused estimator thread 0...
[  157.263189][  T787] usb 1-1: USB disconnect, device number 5
[  157.482247][ T7865] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  157.497439][ T7865] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  157.509595][ T7865] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  157.524845][ T7865] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  157.578733][ T7960] loop4: detected capacity change from 0 to 32768
[  157.590880][ T7960] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.812 (7960)
[  157.631108][ T7960] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  157.641830][ T7960] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  157.650850][ T7960] BTRFS info (device loop4): force clearing of disk cache
[  157.658142][ T7960] BTRFS info (device loop4): setting nodatacow, compression disabled
[  157.666896][ T7960] BTRFS info (device loop4): turning off barriers
[  157.673453][ T7960] BTRFS info (device loop4): enabling auto defrag
[  157.680133][ T7960] BTRFS info (device loop4): turning on sync discard
[  157.690668][ T7865] 8021q: adding VLAN 0 to HW filter on device bond0
[  157.710180][ T7960] BTRFS warning (device loop4): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  157.719821][ T7865] 8021q: adding VLAN 0 to HW filter on device team0
[  157.730140][ T7960] BTRFS info (device loop4): trying to use backup root at mount time
[  157.740174][ T7960] BTRFS info (device loop4): enabling ssd optimizations
[  157.749029][ T4273] bridge0: port 1(bridge_slave_0) entered blocking state
[  157.757485][ T4273] bridge0: port 1(bridge_slave_0) entered forwarding state
[  157.773451][ T7960] BTRFS info (device loop4): using spread ssd allocation scheme
[  157.791015][ T7960] BTRFS info (device loop4): using free space tree
[  157.825310][ T4273] bridge0: port 2(bridge_slave_1) entered blocking state
[  157.832513][ T4273] bridge0: port 2(bridge_slave_1) entered forwarding state
[  157.908720][   T12] BTRFS warning (device loop4): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0xb6fb6650 level 0
[  157.919895][ T7992] loop3: detected capacity change from 0 to 256
[  157.931498][ T7865] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  157.943467][ T7865] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  157.963939][ T7960] BTRFS warning (device loop4): couldn't read tree root
[  157.983153][   T27] audit: type=1800 audit(1751312121.915:97): pid=7992 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.819" name="file1" dev="loop3" ino=1048614 res=0 errno=0
[  158.015186][ T7960] BTRFS warning (device loop4): try to load backup roots slot 1
[  158.030549][   T41] BTRFS warning (device loop4): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x7a216cc0 level 0
[  158.056703][ T7996] FAT-fs (loop3): error, corrupted file size (i_pos 196, 2097152)
[  158.066893][   T27] audit: type=1800 audit(1751312121.915:98): pid=7992 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.819" name="file1" dev="loop3" ino=1048614 res=0 errno=0
[  158.093297][ T7960] BTRFS warning (device loop4): couldn't read tree root
[  158.103815][ T7996] FAT-fs (loop3): error, corrupted file size (i_pos 196, 2097152)
[  158.111889][ T7960] BTRFS warning (device loop4): try to load backup roots slot 2
[  158.131907][   T41] BTRFS error (device loop4): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  158.150131][ T7960] BTRFS warning (device loop4): couldn't read tree root
[  158.158588][ T7995] loop0: detected capacity change from 0 to 4096
[  158.160774][ T7960] BTRFS warning (device loop4): try to load backup roots slot 3
[  158.177130][ T7995] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512).
[  158.216062][ T7960] BTRFS info (device loop4): rebuilding free space tree
[  158.254787][ T7960] BTRFS info (device loop4): checking UUID tree
[  158.334246][ T7995] ntfs3: loop0: ino=1e, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" failed to parse mft record
[  158.390365][ T7865] 8021q: adding VLAN 0 to HW filter on device batadv0
[  158.414453][ T7995] ntfs3: loop0: ino=1e, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" failed to parse mft record
[  158.463705][ T7158] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  158.544819][ T1131] ntfs3: loop0: ino=1e, failed to parse mft record
[  158.970775][ T8014] loop3: detected capacity change from 0 to 1024
[  159.020274][ T8014] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  159.122904][ T7865] veth0_vlan: entered promiscuous mode
[  159.129100][   T50] Bluetooth: hci2: command tx timeout
[  159.148391][ T7865] veth1_vlan: entered promiscuous mode
[  159.271765][ T7865] veth0_macvtap: entered promiscuous mode
[  159.318946][ T7865] veth1_macvtap: entered promiscuous mode
[  159.320054][ T8023] loop3: detected capacity change from 0 to 2048
[  159.370095][ T8023] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  159.391718][ T7865] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  159.435897][ T7865] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.475378][ T7865] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  159.516267][ T7865] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.551730][ T7865] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  159.580651][ T7865] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.604277][ T7865] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  159.624234][ T7865] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.636943][ T8018] loop0: detected capacity change from 0 to 40427
[  159.654355][ T7865] batman_adv: batadv0: Interface activated: batadv_slave_0
[  159.657198][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.671349][ T8018] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  159.704040][ T8018] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  159.722869][ T8018] F2FS-fs (loop0): invalid crc value
[  159.742919][ T7865] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  159.762820][ T8021] loop4: detected capacity change from 0 to 32768
[  159.772380][ T7865] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.782625][ T7865] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  159.793494][ T8018] F2FS-fs (loop0): Found nat_bits in checkpoint
[  159.800214][ T7865] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.824409][ T7865] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  159.843863][ T7865] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.863964][ T7865] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  159.898948][   T27] audit: type=1800 audit(1751312123.825:99): pid=8021 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.826" name="file1" dev="loop4" ino=7 res=0 errno=0
[  159.922701][ T7865] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.941328][ T7865] batman_adv: batadv0: Interface activated: batadv_slave_1
[  159.954804][ T8018] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  159.962342][ T8018] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  159.973454][ T7865] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  159.987029][ T7865] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  159.995838][ T7865] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  160.014497][ T7865] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  160.125642][ T8038] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[  160.141302][   T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  160.149235][ T8038] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[  160.160270][   T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  160.164142][ T8038] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[  160.175410][ T8038] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[  160.182985][ T8038] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[  160.203967][ T8038] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[  160.219175][ T4273] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  160.219372][ T8038] F2FS-fs (loop0): invalid namelen(0), ino:0, run fsck to fix.
[  160.237127][ T4273] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  161.099508][ T8059] netlink: 428 bytes leftover after parsing attributes in process `syz.0.839'.
[  161.128733][ T8059] netlink: 104 bytes leftover after parsing attributes in process `syz.0.839'.
[  161.204273][ T5776] Bluetooth: hci2: command tx timeout
[  161.243711][ T8060] loop4: detected capacity change from 0 to 4096
[  161.256347][ T8060] ntfs: (device loop4): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  161.394508][ T8060] ntfs: volume version 3.1.
[  161.430376][ T8054] loop3: detected capacity change from 0 to 40427
[  161.466830][ T8054] F2FS-fs (loop3): invalid crc value
[  161.500517][ T8054] F2FS-fs (loop3): Found nat_bits in checkpoint
[  161.583970][ T8074] loop0: detected capacity change from 0 to 1024
[  161.618899][ T8074] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  161.638505][ T8074] ext4 filesystem being mounted at /254/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  161.681435][ T8054] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  161.753232][   T27] audit: type=1800 audit(1751312125.685:100): pid=8074 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.844" name="file1" dev="loop0" ino=15 res=0 errno=0
[  161.797421][ T5775] syz-executor: attempt to access beyond end of device
[  161.797421][ T5775] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  161.829462][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.843174][ T5775] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  162.110004][ T8090] loop5: detected capacity change from 0 to 512
[  162.128738][ T8090] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  162.147677][ T8090] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec018, mo2=0002]
[  162.160824][ T8090] System zones: 1-12
[  162.167437][ T8090] EXT4-fs (loop5): orphan cleanup on readonly fs
[  162.180113][ T8090] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2867: Unable to expand inode 11. Delete some EAs or run e2fsck.
[  162.196441][ T8090] EXT4-fs (loop5): 1 truncate cleaned up
[  162.203515][ T8090] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  162.277229][ T7865] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.391592][ T8098] PKCS8: Unsupported PKCS#8 version
[  162.625795][ T8103] block nbd0: server does not support multiple connections per device.
[  162.637083][ T8103] block nbd0: shutting down sockets
[  162.810447][ T8119] loop4: detected capacity change from 0 to 1024
[  162.819837][ T8119] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  162.864789][ T8119] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.871085][ T8123] loop0: detected capacity change from 0 to 64
[  162.939222][ T8119] EXT4-fs error (device loop4): ext4_xattr_block_find:1886: inode #15: comm syz.4.862: corrupted xattr block 161: invalid header
[  162.953844][ T8119] EXT4-fs (loop4): Remounting filesystem read-only
[  162.992206][ T7158] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.035134][   T43] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  163.063455][ T8127] netlink: 20 bytes leftover after parsing attributes in process `syz.0.868'.
[  163.093501][ T8129] wireguard0: entered promiscuous mode
[  163.103441][ T8129] wireguard0: entered allmulticast mode
[  163.224269][   T43] usb 6-1: Using ep0 maxpacket: 16
[  163.237578][   T43] usb 6-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00
[  163.247285][   T43] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.265168][   T43] usb 6-1: config 0 descriptor??
[  163.272507][   T43] ftdi_sio 6-1:0.0: FTDI USB Serial Device converter detected
[  163.284786][   T50] Bluetooth: hci2: command tx timeout
[  163.457319][ T5866] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  163.475791][   T43] usb 6-1: Detected FT232B
[  163.584383][ T5758] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  163.644221][ T5866] usb 4-1: Using ep0 maxpacket: 16
[  163.652005][ T5866] usb 4-1: config 0 has an invalid interface number: 8 but max is 0
[  163.660572][ T5866] usb 4-1: config 0 has no interface number 0
[  163.666778][ T5866] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  163.677836][  T787] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[  163.682443][   T43] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  163.686418][ T5866] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  163.688548][ T5866] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  163.714459][ T5866] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  163.722751][ T5866] usb 4-1: Product: syz
[  163.723129][   T43] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  163.727321][ T5866] usb 4-1: SerialNumber: syz
[  163.742342][ T5866] usb 4-1: config 0 descriptor??
[  163.749806][ T5866] cm109 4-1:0.8: invalid payload size 0, expected 4
[  163.757897][ T5866] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.8/input/input12
[  163.788062][ T5758] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  163.799307][ T5758] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  163.809813][ T5758] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  163.818912][ T5758] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.829222][ T8140] raw-gadget.2 gadget.4: fail, usb_ep_enable returned -22
[  163.840291][ T5758] usb 5-1: Quirk or no altest; falling back to MIDI 1.0
[  163.886031][  T787] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  163.895988][  T787] usb 1-1: New USB device found, idVendor=057e, idProduct=200e, bcdDevice= 0.00
[  163.905196][  T787] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.916918][  T787] usb 1-1: config 0 descriptor??
[  163.922771][ T5793] usb 6-1: USB disconnect, device number 2
[  163.933880][ T5793] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  163.944233][ T5793] ftdi_sio 6-1:0.0: device disconnected
[  164.010032][    C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  164.010533][  T967] usb 4-1: USB disconnect, device number 5
[  164.017145][    C0] cm109 4-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  164.039098][  T967] cm109 4-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  164.059908][ T5809] usb 5-1: USB disconnect, device number 3
[  164.338191][  T787] nintendo 0003:057E:200E.0005: unbalanced delimiter at end of report description
[  164.347917][  T787] nintendo 0003:057E:200E.0005: HID parse failed
[  164.369183][  T787] nintendo 0003:057E:200E.0005: probe - fail = -22
[  164.377828][  T787] nintendo: probe of 0003:057E:200E.0005 failed with error -22
[  164.579499][ T5809] usb 1-1: USB disconnect, device number 6
[  164.605512][ T8151] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  164.631546][ T8151] iommufd_mock iommufd_mock2: Adding to iommu group 1
[  164.752025][ T8153] loop5: detected capacity change from 0 to 2048
[  164.781822][ T8153] hpfs: filesystem error: invalid number of hotfixes: 266, used: 2; already mounted read-only
[  164.802929][ T8153] hpfs: filesystem error: improperly stopped
[  164.823489][ T8153] hpfs: filesystem error: sector(s) 'dir_band' badly placed at 7b318cc2
[  165.048910][ T8166] loop4: detected capacity change from 0 to 64
[  165.074206][ T8166] BFS-fs: bfs_fill_super(): loop4 is unclean, continuing
[  165.107243][ T8169] loop5: detected capacity change from 0 to 2048
[  165.141453][ T8170] loop3: detected capacity change from 0 to 2048
[  165.163662][ T8169] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  165.218742][ T8170] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  165.266695][ T8170] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  165.287290][ T7865] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.308552][ T8170] UDF-fs: Scanning with blocksize 512 failed
[  165.329419][ T8170] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  165.555569][ T8188] loop3: detected capacity change from 0 to 1764
[  165.614471][ T5809] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  165.820600][ T5809] usb 5-1: Using ep0 maxpacket: 16
[  165.826091][ T8199] netlink: 'syz.5.899': attribute type 2 has an invalid length.
[  165.838448][ T5809] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  165.854280][ T8199] netlink: 28 bytes leftover after parsing attributes in process `syz.5.899'.
[  165.874202][ T5809] usb 5-1: config 0 has no interface number 0
[  165.881652][ T5809] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  165.913191][ T5809] usb 5-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  165.936410][ T5809] usb 5-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[  165.969260][ T5809] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  166.013167][ T5809] usb 5-1: config 0 descriptor??
[  166.435969][ T5809] hid (null): invalid report_count 1405183649
[  166.645652][ T5809] input: HID 28bd:0071 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.1/0003:28BD:0071.0006/input/input13
[  166.741564][ T8231] 9p: Unknown uid 00000000004294967295
[  166.767202][ T5809] input: HID 28bd:0071 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.1/0003:28BD:0071.0006/input/input14
[  166.807026][   T27] audit: type=1326 audit(1751312130.745:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8232 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef1718e929 code=0x7ffc0000
[  166.831222][ T5809] uclogic 0003:28BD:0071.0006: input,hidraw0: USB HID v0.02 Keypad [HID 28bd:0071] on usb-dummy_hcd.4-1/input1
[  166.860399][ T5809] usb 5-1: USB disconnect, device number 4
[  166.866618][   T27] audit: type=1326 audit(1751312130.765:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8232 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=40 compat=0 ip=0x7fef1718e929 code=0x7ffc0000
[  166.886924][ T8235] 9pnet: p9_errstr2errno: server reported unknown error 
[  166.899611][   T27] audit: type=1326 audit(1751312130.765:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8232 comm="syz.0.914" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fef1718e929 code=0x7ffc0000
[  167.311969][ T8253] loop3: detected capacity change from 0 to 4096
[  167.322236][ T8253] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512).
[  167.550126][ T8252] loop0: detected capacity change from 0 to 32768
[  167.591550][ T8252] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  167.614786][ T8259] loop4: detected capacity change from 0 to 256
[  167.659739][   T27] audit: type=1800 audit(1751312131.585:104): pid=8259 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.925" name="file1" dev="loop4" ino=1048618 res=0 errno=0
[  167.700989][   T27] audit: type=1800 audit(1751312131.595:105): pid=8259 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.925" name="file1" dev="loop4" ino=1048618 res=0 errno=0
[  167.707058][ T5767] (syz-executor,5767,0):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 72
[  167.750464][ T8259] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152)
[  167.762637][ T8259] FAT-fs (loop4): error, corrupted file size (i_pos 196, 2097152)
[  167.773980][ T5767] ocfs2: Unmounting device (7,0) on (node local)
[  167.990615][ T8266] loop4: detected capacity change from 0 to 2048
[  168.023693][ T8266] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  168.255585][ T8263] loop3: detected capacity change from 0 to 32768
[  168.275016][ T8276] loop4: detected capacity change from 0 to 128
[  168.286809][ T8263] JBD2: Ignoring recovery information on journal
[  168.294420][ T8276] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  168.317987][ T8276] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  168.338822][ T8263] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  168.403623][ T8280] cifs: Unknown parameter 'f,'
[  168.472603][ T5775] ocfs2: Unmounting device (7,3) on (node local)
[  168.622237][ T8284] netdevsim netdevsim4: Direct firmware load for ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§ failed with error -2
[  168.641911][ T8284] netdevsim netdevsim4: Falling back to sysfs fallback for: ö×0”©ÛPq•ä…õD"€2ðNÿktT·Wj«³%¼Nµ§
[  168.852803][ T8294] loop5: detected capacity change from 0 to 256
[  168.874543][   T27] audit: type=1800 audit(1751312132.805:106): pid=8294 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.938" name="file1" dev="loop5" ino=1048619 res=0 errno=0
[  168.904474][   T27] audit: type=1800 audit(1751312132.815:107): pid=8294 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.938" name="file1" dev="loop5" ino=1048619 res=0 errno=0
[  168.968937][ T8294] FAT-fs (loop5): error, corrupted file size (i_pos 196, 2097152)
[  168.983879][ T8294] FAT-fs (loop5): error, corrupted file size (i_pos 196, 2097152)
[  169.057693][ T8298] process 'syz.0.941' launched './file2' with NULL argv: empty string added
[  169.124674][ T5809] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  169.233074][ T8305] loop5: detected capacity change from 0 to 2048
[  169.262126][ T8305] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found
[  169.270023][ T8305] UDF-fs: Scanning with blocksize 512 failed
[  169.307867][ T8305] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  169.326238][ T5809] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  169.354141][ T5809] usb 4-1: config 0 has no interface number 0
[  169.362642][ T5809] usb 4-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  169.371897][ T5809] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  169.384132][ T5809] usb 4-1: Product: syz
[  169.388330][ T5809] usb 4-1: Manufacturer: syz
[  169.404156][ T5809] usb 4-1: SerialNumber: syz
[  169.415260][ T5809] usb 4-1: config 0 descriptor??
[  169.441996][ T8309] loop0: detected capacity change from 0 to 4096
[  169.449625][ T8309] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  169.495935][ T8309] ntfs: volume version 3.1.
[  169.670408][ T5809] usb 4-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  169.689001][ T5809] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  169.705887][ T5809] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  169.714043][ T5809] usb 4-1: media controller created
[  169.743943][ T5809] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  169.865241][ T8318] loop0: detected capacity change from 0 to 4096
[  169.874793][ T8318] ntfs3: loop0: Different NTFS sector size (2048) and media sector size (512).
[  170.192441][ T8330] input: syz1 as /devices/virtual/input/input15
[  170.207369][ T8328] syz.0.956 (8328) used greatest stack depth: 19048 bytes left
[  170.626715][ T8341] loop5: detected capacity change from 0 to 4096
[  170.634449][ T8341] ntfs: (device loop5): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  170.680124][ T8345] loop0: detected capacity change from 0 to 256
[  170.699129][ T8341] ntfs: volume version 3.1.
[  170.884517][ T5809] i2c i2c-1: ec100: i2c rd failed=-110 reg=33
[  170.965281][ T5809] usb 4-1: USB disconnect, device number 6
[  171.494251][   T43] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  171.668192][ T8373] loop3: detected capacity change from 0 to 4096
[  171.676420][ T8373] ntfs: (device loop3): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  171.704775][   T43] usb 6-1: Using ep0 maxpacket: 32
[  171.718919][   T43] usb 6-1: config 0 has an invalid interface number: 85 but max is 0
[  171.728470][   T43] usb 6-1: config 0 has no interface number 0
[  171.735753][ T8373] ntfs: volume version 3.1.
[  171.740755][   T43] usb 6-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  171.758173][   T43] usb 6-1: config 0 interface 85 has no altsetting 0
[  171.768190][   T43] usb 6-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  171.778308][   T43] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  171.786682][   T43] usb 6-1: Product: syz
[  171.790891][   T43] usb 6-1: Manufacturer: syz
[  171.796098][   T43] usb 6-1: SerialNumber: syz
[  171.803019][   T43] usb 6-1: config 0 descriptor??
[  172.104281][ T5793] usb 5-1: new full-speed USB device number 5 using dummy_hcd
[  172.117560][ T8381] loop0: detected capacity change from 0 to 4096
[  172.131280][ T8381] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  172.182465][ T8381] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  172.196110][ T8385] loop3: detected capacity change from 0 to 4096
[  172.206108][ T8381] ntfs3: loop0: Failed to initialize $Extend/$ObjId.
[  172.219131][ T8385] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  172.267226][ T8384] EXT4-fs error (device loop3): ext4_do_update_inode:5230: inode #15: comm syz.3.982: corrupted inode contents
[  172.291230][ T8384] EXT4-fs error (device loop3): ext4_dirty_inode:6106: inode #15: comm syz.3.982: mark_inode_dirty error
[  172.303598][ T8384] EXT4-fs error (device loop3): ext4_do_update_inode:5230: inode #15: comm syz.3.982: corrupted inode contents
[  172.317669][ T8384] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #15: comm syz.3.982: mark_inode_dirty error
[  172.329559][ T8384] EXT4-fs error (device loop3): ext4_do_update_inode:5230: inode #15: comm syz.3.982: corrupted inode contents
[  172.342262][ T5793] usb 5-1: unable to get BOS descriptor or descriptor too short
[  172.362752][ T8384] EXT4-fs error (device loop3): __ext4_ext_dirty:202: inode #15: comm syz.3.982: mark_inode_dirty error
[  172.375103][ T5793] usb 5-1: no configurations
[  172.379778][ T5793] usb 5-1: can't read configurations, error -22
[  172.388095][ T8384] EXT4-fs error (device loop3): ext4_do_update_inode:5230: inode #15: comm syz.3.982: corrupted inode contents
[  172.415803][ T8384] EXT4-fs error (device loop3): ext4_truncate:4288: inode #15: comm syz.3.982: mark_inode_dirty error
[  172.432841][   T43] appletouch 6-1:0.85: Geyser mode initialized.
[  172.433118][ T8384] EXT4-fs error (device loop3): ext4_evict_inode:263: comm syz.3.982: couldn't truncate inode 15 (err -117)
[  172.442132][   T43] input: appletouch as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.85/input/input16
[  172.487421][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.648654][ T5809] usb 6-1: USB disconnect, device number 3
[  172.676314][ T5809] appletouch 6-1:0.85: input: appletouch disconnected
[  173.083046][   T27] audit: type=1326 audit(1751312137.015:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8400 comm="syz.4.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39b8b8e929 code=0x7ffc0000
[  173.111442][ T8403] netem: unknown loss type 0
[  173.116937][ T8403] netem: change failed
[  173.121410][   T27] audit: type=1326 audit(1751312137.015:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8400 comm="syz.4.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39b8b8e929 code=0x7ffc0000
[  173.153904][   T27] audit: type=1326 audit(1751312137.015:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8400 comm="syz.4.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7f39b8b8e929 code=0x7ffc0000
[  173.204329][   T27] audit: type=1326 audit(1751312137.015:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8400 comm="syz.4.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39b8b8e929 code=0x7ffc0000
[  173.235341][   T27] audit: type=1326 audit(1751312137.015:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8400 comm="syz.4.989" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39b8b8e929 code=0x7ffc0000
[  173.488518][ T8417] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[  173.534669][ T5793] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  173.744311][ T5793] usb 5-1: Using ep0 maxpacket: 16
[  173.752630][ T5793] usb 5-1: config 0 interface 0 has no altsetting 0
[  173.765313][ T5793] usb 5-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  173.787478][ T5793] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.798515][ T5793] usb 5-1: config 0 descriptor??
[  173.964485][   T43] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  174.172008][   T43] usb 4-1: config 220 has an invalid interface number: 76 but max is 2
[  174.184327][   T43] usb 4-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  174.191073][ T8433] loop5: detected capacity change from 0 to 40427
[  174.199464][   T43] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  174.201920][ T8433] F2FS-fs (loop5): Insane cp_payload (553648128 >= 504)
[  174.217033][ T8433] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  174.224142][ T5793] hid (null): global environment stack overflow
[  174.225608][ T8433] F2FS-fs (loop5): heap/no_heap options were deprecated
[  174.231671][   T43] usb 4-1: config 220 has no interface number 2
[  174.245325][ T5793] hid (null): invalid report_size 18151
[  174.250925][ T5793] hid (null): global environment stack overflow
[  174.257799][   T43] usb 4-1: config 220 interface 1 altsetting 5 bulk endpoint 0x1 has invalid maxpacket 16
[  174.260610][ T8433] F2FS-fs (loop5): invalid crc value
[  174.273968][   T43] usb 4-1: config 220 interface 1 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 12
[  174.281631][ T8433] F2FS-fs (loop5): Found nat_bits in checkpoint
[  174.300795][   T43] usb 4-1: config 220 interface 0 has no altsetting 0
[  174.308736][   T43] usb 4-1: config 220 interface 76 has no altsetting 0
[  174.314268][ T5866] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  174.322938][   T43] usb 4-1: config 220 interface 1 has no altsetting 0
[  174.333549][   T43] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  174.343042][   T43] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.351189][   T43] usb 4-1: Product: syz
[  174.351744][ T8433] F2FS-fs (loop5): Start checkpoint disabled!
[  174.363813][   T43] usb 4-1: Manufacturer: syz
[  174.368497][   T43] usb 4-1: SerialNumber: syz
[  174.371102][ T8433] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  174.380287][ T8433] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  174.430379][ T5809] usb 5-1: USB disconnect, device number 6
[  174.480564][ T3435] kworker/u4:7: attempt to access beyond end of device
[  174.480564][ T3435] loop5: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  174.499050][ T3435] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  174.508108][ T3435] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  174.515438][ T3435] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  174.516192][ T5866] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  174.533630][ T5866] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  174.543674][ T5866] usb 1-1: New USB device found, idVendor=05ac, idProduct=0262, bcdDevice= 0.00
[  174.553678][ T5866] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.564945][ T5866] usb 1-1: config 0 descriptor??
[  174.582124][   T43] uvcvideo 4-1:220.1: Unknown video format 00000000-0000-0000-0000-000000000000
[  174.598660][   T43] usb 4-1: Found UVC 7.01 device syz (8086:0b07)
[  174.608871][   T43] usb 4-1: No valid video chain found.
[  174.619712][   T43] usb 4-1: selecting invalid altsetting 0
[  174.651877][   T43] usb 4-1: selecting invalid altsetting 0
[  174.669022][   T43] usbtest: probe of 4-1:220.1 failed with error -22
[  174.681137][   T43] usb 4-1: USB disconnect, device number 7
[  174.987288][ T5866] apple 0003:05AC:0262.0008: unbalanced delimiter at end of report description
[  174.987777][ T8446] loop4: detected capacity change from 0 to 64
[  175.005288][ T5866] apple 0003:05AC:0262.0008: parse failed
[  175.012024][ T5866] apple: probe of 0003:05AC:0262.0008 failed with error -22
[  175.074259][ T5809] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  175.207886][ T5866] usb 1-1: USB disconnect, device number 7
[  175.224955][ T8450] loop3: detected capacity change from 0 to 512
[  175.232058][ T8450] EXT4-fs: Ignoring removed bh option
[  175.255234][ T8450] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  175.269104][ T8450] EXT4-fs (loop3): invalid journal inode
[  175.276459][ T5809] usb 6-1: Using ep0 maxpacket: 32
[  175.279136][ T8450] EXT4-fs (loop3): can't get journal size
[  175.283527][ T5809] usb 6-1: config 0 interface 0 altsetting 74 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  175.299528][ T5809] usb 6-1: config 0 interface 0 altsetting 74 endpoint 0x81 has invalid wMaxPacketSize 0
[  175.309690][ T5809] usb 6-1: config 0 interface 0 has no altsetting 0
[  175.316404][ T5809] usb 6-1: New USB device found, idVendor=18b1, idProduct=0037, bcdDevice= 0.00
[  175.326429][ T5809] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  175.338101][ T8450] EXT4-fs (loop3): 1 truncate cleaned up
[  175.351701][ T5809] usb 6-1: config 0 descriptor??
[  175.351917][ T8450] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  175.391036][ T8450] ERROR: device name not specified.
[  175.452364][ T5775] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.561558][ T8448] loop4: detected capacity change from 0 to 40427
[  175.569679][ T8448] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  175.577636][ T8448] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  175.592222][ T8448] F2FS-fs (loop4): invalid crc value
[  175.602299][ T8448] F2FS-fs (loop4): Found nat_bits in checkpoint
[  175.643779][ T8448] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  175.651139][ T8448] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  175.691972][ T8448] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  175.700139][ T8448] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  175.707736][ T8448] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  175.715349][ T8448] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  175.722901][ T8448] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  175.731445][ T8448] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  175.739174][ T8448] F2FS-fs (loop4): invalid namelen(0), ino:0, run fsck to fix.
[  175.780367][ T5809] petalynx 0003:18B1:0037.0009: unknown main item tag 0x0
[  175.789118][ T5809] petalynx 0003:18B1:0037.0009: unknown main item tag 0x0
[  175.797216][ T5809] petalynx 0003:18B1:0037.0009: item fetching failed at offset 2/3
[  175.806588][ T5866] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  175.815454][ T5809] petalynx 0003:18B1:0037.0009: parse failed
[  175.821748][ T5809] petalynx: probe of 0003:18B1:0037.0009 failed with error -22
[  175.863337][ T8460] loop0: detected capacity change from 0 to 512
[  175.872276][ T8460] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  175.896633][ T8460] EXT4-fs (loop0): 1 truncate cleaned up
[  175.903705][ T8460] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  175.962019][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.000411][ T5758] usb 6-1: USB disconnect, device number 4
[  176.006500][ T5866] usb 4-1: Using ep0 maxpacket: 16
[  176.051952][ T5866] usb 4-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  176.074196][ T5866] usb 4-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid wMaxPacketSize 0
[  176.084046][ T5866] usb 4-1: config 0 interface 0 has no altsetting 0
[  176.092035][ T5866] usb 4-1: New USB device found, idVendor=17ef, idProduct=6009, bcdDevice= 0.00
[  176.102911][ T5866] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.120332][ T5866] usb 4-1: config 0 descriptor??
[  176.564346][ T5866] lenovo 0003:17EF:6009.000A: unknown main item tag 0x0
[  176.571371][ T5866] lenovo 0003:17EF:6009.000A: unknown main item tag 0x0
[  176.579034][ T5866] lenovo 0003:17EF:6009.000A: unknown main item tag 0x0
[  176.586299][ T5866] lenovo 0003:17EF:6009.000A: unknown main item tag 0x0
[  176.600351][ T5866] lenovo 0003:17EF:6009.000A: hidraw0: USB HID v0.00 Device [HID 17ef:6009] on usb-dummy_hcd.3-1/input0
[  176.796631][   T43] usb 4-1: USB disconnect, device number 8
[  176.929267][ T8494] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1028'.
[  177.124057][ T8500] kvm: kvm [8499]: vcpu2, guest rIP: 0xfff0 Unhandled RDMSR(0x40000061)
[  177.215548][ T8482] loop5: detected capacity change from 0 to 40427
[  177.238783][ T8482] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  177.250004][ T8482] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  177.271835][ T8482] F2FS-fs (loop5): invalid crc value
[  177.287557][   T50] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  177.296775][   T50] Bluetooth: hci2: Injecting HCI hardware error event
[  177.307980][ T5776] Bluetooth: hci2: hardware error 0x00
[  177.333996][ T8482] F2FS-fs (loop5): Found nat_bits in checkpoint
[  177.504534][ T8482] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  177.521074][ T8482] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  177.554183][ T8509] bridge0: entered promiscuous mode
[  177.626820][ T8482] F2FS-fs (loop5): invalid namelen(0), ino:0, run fsck to fix.
[  177.643922][ T8482] F2FS-fs (loop5): invalid namelen(0), ino:0, run fsck to fix.
[  177.661639][ T8482] F2FS-fs (loop5): invalid namelen(0), ino:0, run fsck to fix.
[  178.414509][   T43] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  178.604520][   T43] usb 5-1: Using ep0 maxpacket: 8
[  178.630324][   T43] usb 5-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2
[  178.640244][   T43] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  178.651755][   T43] usb 5-1: Product: syz
[  178.657774][   T43] usb 5-1: Manufacturer: syz
[  178.662405][   T43] usb 5-1: SerialNumber: syz
[  178.685718][   T43] usb 5-1: config 0 descriptor??
[  178.852716][ T8540] netlink: 'syz.0.1046': attribute type 12 has an invalid length.
[  178.861736][ T8540] netlink: 'syz.0.1046': attribute type 29 has an invalid length.
[  178.870345][ T8540] netlink: 148 bytes leftover after parsing attributes in process `syz.0.1046'.
[  178.904260][   T43] gspca_main: sunplus-2.14.0 probing 04a5:3003
[  178.924926][   T43] gspca_sunplus: reg_w_riv err -71
[  178.930158][   T43] sunplus: probe of 5-1:0.0 failed with error -71
[  178.938598][   T43] usb 5-1: USB disconnect, device number 7
[  178.991136][ T8546] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1049'.
[  179.318653][ T8556] syz.5.1053 (8556) used greatest stack depth: 19016 bytes left
[  179.364649][ T5776] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  179.479345][ T8563] vivid-007: =================  START STATUS  =================
[  179.489410][ T8563] vivid-007: Enable Output Cropping: true
[  179.497457][ T8563] vivid-007: Enable Output Composing: true
[  179.503803][ T8563] vivid-007: Enable Output Scaler: true
[  179.509754][ T8563] vivid-007: Tx RGB Quantization Range: Automatic
[  179.516920][ T8563] vivid-007: Transmit Mode: HDMI
[  179.529390][ T8563] vivid-007: Display Present: true inactive
[  179.539508][ T8563] vivid-007: Hotplug Present: 0x00000001
[  179.547543][ T8563] vivid-007: RxSense Present: 0x00000001
[  179.564232][ T8563] vivid-007: EDID Present: 0x00000001
[  179.569843][ T8563] vivid-007: ==================  END STATUS  ==================
[  179.595575][ T8549] loop0: detected capacity change from 0 to 32768
[  179.609115][ T8549] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.1050 (8549)
[  179.635237][ T8549] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  179.664334][ T8549] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  179.673093][ T8549] BTRFS info (device loop0): force clearing of disk cache
[  179.689661][ T8549] BTRFS info (device loop0): setting nodatacow, compression disabled
[  179.698235][ T8549] BTRFS info (device loop0): turning off barriers
[  179.715158][ T8549] BTRFS info (device loop0): enabling auto defrag
[  179.726934][ T8549] BTRFS info (device loop0): turning on sync discard
[  179.747474][ T8549] BTRFS warning (device loop0): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  179.774308][ T8549] BTRFS info (device loop0): trying to use backup root at mount time
[  179.801057][ T8549] BTRFS info (device loop0): enabling ssd optimizations
[  179.814385][ T8549] BTRFS info (device loop0): using spread ssd allocation scheme
[  179.822082][ T8549] BTRFS info (device loop0): using free space tree
[  179.847566][ T5776] Bluetooth: hci1: command 0x0405 tx timeout
[  179.900226][   T12] BTRFS warning (device loop0): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0xb6fb6650 level 0
[  179.918330][ T8549] BTRFS warning (device loop0): couldn't read tree root
[  179.941045][ T8549] BTRFS warning (device loop0): try to load backup roots slot 1
[  179.975672][ T8594] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1065'.
[  179.984984][ T3435] BTRFS warning (device loop0): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x7a216cc0 level 0
[  179.985153][ T8549] BTRFS warning (device loop0): couldn't read tree root
[  179.999290][ T8594] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1065'.
[  180.044495][ T8549] BTRFS warning (device loop0): try to load backup roots slot 2
[  180.052720][ T3435] BTRFS error (device loop0): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  180.066601][ T8549] BTRFS warning (device loop0): couldn't read tree root
[  180.093753][ T8549] BTRFS warning (device loop0): try to load backup roots slot 3
[  180.129945][ T8549] BTRFS info (device loop0): rebuilding free space tree
[  180.182630][ T8549] BTRFS info (device loop0): checking UUID tree
[  180.314562][ T5767] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  180.401598][   T27] audit: type=1326 audit(1751312144.335:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8609 comm="syz.4.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39b8b8e929 code=0x7ffc0000
[  180.424958][   T27] audit: type=1326 audit(1751312144.335:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8609 comm="syz.4.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39b8b8e929 code=0x7ffc0000
[  180.426247][   T23] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  180.447615][   T27] audit: type=1326 audit(1751312144.335:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8609 comm="syz.4.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f39b8b8e929 code=0x7ffc0000
[  180.447659][   T27] audit: type=1326 audit(1751312144.335:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8609 comm="syz.4.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39b8b8e929 code=0x7ffc0000
[  180.447693][   T27] audit: type=1326 audit(1751312144.335:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8609 comm="syz.4.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39b8b8e929 code=0x7ffc0000
[  180.447730][   T27] audit: type=1326 audit(1751312144.335:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8609 comm="syz.4.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f39b8b8e929 code=0x7ffc0000
[  180.448045][   T27] audit: type=1326 audit(1751312144.365:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8609 comm="syz.4.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39b8b8e929 code=0x7ffc0000
[  180.461645][   T27] audit: type=1326 audit(1751312144.385:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8609 comm="syz.4.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=269 compat=0 ip=0x7f39b8b8e929 code=0x7ffc0000
[  180.593645][   T27] audit: type=1326 audit(1751312144.385:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8609 comm="syz.4.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f39b8b858e7 code=0x7ffc0000
[  180.616806][   T27] audit: type=1326 audit(1751312144.385:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8609 comm="syz.4.1072" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f39b8b2ab19 code=0x7ffc0000
[  180.723538][ T8615] loop5: detected capacity change from 0 to 512
[  180.756846][   T23] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  180.779988][   T23] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  180.788290][ T8615] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  180.790335][   T23] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  180.812273][   T23] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.825560][ T8602] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  180.836052][   T23] usb 4-1: Quirk or no altest; falling back to MIDI 1.0
[  180.882469][ T8615] ext4 filesystem being mounted at /55/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  180.958965][ T8615] EXT4-fs error (device loop5): ext4_do_update_inode:5230: inode #2: comm syz.5.1075: corrupted inode contents
[  181.001250][ T8615] EXT4-fs error (device loop5): ext4_dirty_inode:6106: inode #2: comm syz.5.1075: mark_inode_dirty error
[  181.044008][ T8615] EXT4-fs error (device loop5): ext4_do_update_inode:5230: inode #2: comm syz.5.1075: corrupted inode contents
[  181.082203][ T8626] EXT4-fs error (device loop5): ext4_do_update_inode:5230: inode #2: comm syz.5.1075: corrupted inode contents
[  181.160460][ T7865] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.171059][   T23] usb 4-1: USB disconnect, device number 9
[  181.584350][ T5758] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  181.658327][ T8636] loop5: detected capacity change from 0 to 32768
[  181.668288][ T8636] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by syz.5.1080 (8636)
[  181.689850][ T8636] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  181.698779][ T8632] loop0: detected capacity change from 0 to 32768
[  181.700494][ T8636] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm
[  181.715531][ T8636] BTRFS info (device loop5): force clearing of disk cache
[  181.720527][ T8632] JBD2: Ignoring recovery information on journal
[  181.722671][ T8636] BTRFS info (device loop5): setting nodatacow, compression disabled
[  181.738396][ T8636] BTRFS info (device loop5): turning off barriers
[  181.745347][ T8636] BTRFS info (device loop5): enabling auto defrag
[  181.751804][ T8636] BTRFS info (device loop5): turning on sync discard
[  181.758940][ T8636] BTRFS warning (device loop5): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  181.769348][ T8632] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  181.770329][ T8636] BTRFS info (device loop5): trying to use backup root at mount time
[  181.778745][ T5758] usb 5-1: Using ep0 maxpacket: 16
[  181.787119][ T8636] BTRFS info (device loop5): enabling ssd optimizations
[  181.799212][ T8636] BTRFS info (device loop5): using spread ssd allocation scheme
[  181.806932][ T8636] BTRFS info (device loop5): using free space tree
[  181.816148][ T5758] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  181.827580][ T5758] usb 5-1: New USB device found, idVendor=041e, idProduct=3100, bcdDevice= 0.00
[  181.839209][ T5758] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  181.861936][ T5758] usb 5-1: config 0 descriptor??
[  181.875237][ T1131] BTRFS warning (device loop5): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0xb6fb6650 level 0
[  181.892717][ T8636] BTRFS warning (device loop5): couldn't read tree root
[  181.900104][ T8636] BTRFS warning (device loop5): try to load backup roots slot 1
[  181.917038][ T3435] BTRFS warning (device loop5): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x7a216cc0 level 0
[  181.924022][ T5767] ocfs2: Unmounting device (7,0) on (node local)
[  181.930480][ T8636] BTRFS warning (device loop5): couldn't read tree root
[  181.945086][ T8636] BTRFS warning (device loop5): try to load backup roots slot 2
[  181.953368][ T3435] BTRFS error (device loop5): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  181.976058][ T8636] BTRFS warning (device loop5): couldn't read tree root
[  181.984013][ T8636] BTRFS warning (device loop5): try to load backup roots slot 3
[  182.055243][ T8636] BTRFS info (device loop5): rebuilding free space tree
[  182.104831][ T8636] BTRFS info (device loop5): checking UUID tree
[  182.237687][ T7865] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  182.291242][ T5758] creative-sb0540 0003:041E:3100.000B: unknown main item tag 0x0
[  182.309192][ T5758] creative-sb0540 0003:041E:3100.000B: item fetching failed at offset 3/5
[  182.331757][ T5758] creative-sb0540 0003:041E:3100.000B: parse failed
[  182.348941][ T5758] creative-sb0540: probe of 0003:041E:3100.000B failed with error -22
[  182.510760][   T43] usb 5-1: USB disconnect, device number 8
[  182.569018][ T8654] loop3: detected capacity change from 0 to 32768
[  182.653908][ T8654] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  182.799086][ T8669] loop0: detected capacity change from 0 to 512
[  182.806647][ T8669] EXT4-fs: Ignoring removed nobh option
[  182.846873][ T5775] 
[  182.849262][ T5775] ======================================================
[  182.856287][ T5775] WARNING: possible circular locking dependency detected
[  182.863322][ T5775] 6.6.95-syzkaller #0 Not tainted
[  182.868607][ T5775] ------------------------------------------------------
[  182.875628][ T5775] syz-executor/5775 is trying to acquire lock:
[  182.881782][ T5775] ffff888059502658 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6){+.+.}-{3:3}, at: __ocfs2_flush_truncate_log+0x351/0x10b0
[  182.887294][ T8669] EXT4-fs error (device loop0): ext4_do_update_inode:5230: inode #16: comm syz.0.1088: corrupted inode contents
[  182.894932][ T5775] 
[  182.894932][ T5775] but task is already holding lock:
[  182.894939][ T5775] ffff8880595ec2d8 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{3:3}, at: ocfs2_flush_truncate_log+0x47/0x60
[  182.894990][ T5775] 
[  182.894990][ T5775] which lock already depends on the new lock.
[  182.894990][ T5775] 
[  182.894995][ T5775] 
[  182.894995][ T5775] the existing dependency chain (in reverse order) is:
[  182.895000][ T5775] 
[  182.895000][ T5775] -> #1 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{3:3}:
[  182.895035][ T5775]        down_write+0x97/0x1f0
[  182.895056][ T5775]        __ocfs2_move_extents_range+0x1a65/0x3360
[  182.895076][ T5775]        ocfs2_move_extents+0x379/0x940
[  182.895114][ T5775]        ocfs2_ioctl_move_extents+0x4e1/0x6c0
[  182.895134][ T5775]        ocfs2_ioctl+0x195/0x750
[  182.895148][ T5775]        __se_sys_ioctl+0xfd/0x170
[  182.895165][ T5775]        do_syscall_64+0x55/0xb0
[  182.895184][ T5775]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  182.895212][ T5775] 
[  182.895212][ T5775] -> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6){+.+.}-{3:3}:
[  182.895240][ T5775]        __lock_acquire+0x2ddb/0x7c80
[  182.895256][ T5775]        lock_acquire+0x197/0x410
[  182.895275][ T5775]        down_write+0x97/0x1f0
[  182.895291][ T5775]        __ocfs2_flush_truncate_log+0x351/0x10b0
[  182.909607][ T8669] EXT4-fs (loop0): Remounting filesystem read-only
[  182.914425][ T5775]        ocfs2_flush_truncate_log+0x4f/0x60
[  182.914452][ T5775]        ocfs2_sync_fs+0x117/0x310
[  182.914467][ T5775]        sync_filesystem+0x1c2/0x220
[  182.914481][ T5775]        generic_shutdown_super+0x6f/0x2b0
[  182.929232][ T8669] EXT4-fs (loop0): 1 truncate cleaned up
[  182.937505][ T5775]        kill_block_super+0x44/0x90
[  182.937526][ T5775]        deactivate_locked_super+0x97/0x100
[  182.937540][ T5775]        cleanup_mnt+0x429/0x4c0
[  182.937563][ T5775]        task_work_run+0x1ce/0x250
[  182.937580][ T5775]        exit_to_user_mode_loop+0xe6/0x110
[  182.937599][ T5775]        exit_to_user_mode_prepare+0xb1/0x140
[  182.937617][ T5775]        syscall_exit_to_user_mode+0x1a/0x50
[  182.937633][ T5775]        do_syscall_64+0x61/0xb0
[  182.937652][ T5775]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  182.937674][ T5775] 
[  182.937674][ T5775] other info that might help us debug this:
[  182.937674][ T5775] 
[  182.937679][ T5775]  Possible unsafe locking scenario:
[  182.937679][ T5775] 
[  182.937683][ T5775]        CPU0                    CPU1
[  182.937687][ T5775]        ----                    ----
[  182.964434][ T1131] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  182.968321][ T5775]   lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5);
[  182.968341][ T5775]                                lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6);
[  182.968355][ T5775]                                lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5);
[  182.968370][ T5775]   lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6);
[  182.968385][ T5775] 
[  182.968385][ T5775]  *** DEADLOCK ***
[  182.968385][ T5775] 
[  182.968389][ T5775] 2 locks held by syz-executor/5775:
[  182.968397][ T5775]  #0: ffff88805a1de0e0 (&type->s_umount_key#88
[  182.977944][ T1131] EXT4-fs (loop0): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  182.979986][ T5775] ){+.+.}-{3:3}, at: deactivate_super+0xa4/0xe0
[  182.985834][ T1131] EXT4-fs (loop0): Quota write (off=8, len=24) cancelled because transaction is not started
[  182.990007][ T5775]  #1: ffff8880595ec2d8 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{3:3}, at: ocfs2_flush_truncate_log+0x47/0x60
[  182.998176][ T8669] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  183.001345][ T5775] 
[  183.001345][ T5775] stack backtrace:
[  183.001364][ T5775] CPU: 1 PID: 5775 Comm: syz-executor Not tainted 6.6.95-syzkaller #0
[  183.012256][ T8669] ext4 filesystem being mounted at /332/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  183.017182][ T5775] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  183.017206][ T5775] Call Trace:
[  183.017213][ T5775]  <TASK>
[  183.017223][ T5775]  dump_stack_lvl+0x16c/0x230
[  183.017248][ T5775]  ? load_image+0x3b0/0x3b0
[  183.017267][ T5775]  ? show_regs_print_info+0x20/0x20
[  183.017291][ T5775]  ? print_circular_bug+0x12b/0x1a0
[  183.017311][ T5775]  check_noncircular+0x2bd/0x3c0
[  183.017332][ T5775]  ? print_deadlock_bug+0x5d0/0x5d0
[  183.017348][ T5775]  ? lockdep_lock+0xe0/0x220
[  183.017367][ T5775]  ? _find_first_zero_bit+0xd3/0x100
[  183.017385][ T5775]  __lock_acquire+0x2ddb/0x7c80
[  183.017411][ T5775]  ? ocfs2_get_system_file_inode+0x1e3/0x7b0
[  183.017431][ T5775]  ? __lock_acquire+0x7c80/0x7c80
[  183.357880][ T5775]  ? verify_lock_unused+0x140/0x140
[  183.363075][ T5775]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[  183.368699][ T5775]  ? do_raw_spin_lock+0x121/0x2c0
[  183.373715][ T5775]  ? mutex_unlock+0x10/0x10
[  183.378212][ T5775]  lock_acquire+0x197/0x410
[  183.382704][ T5775]  ? __ocfs2_flush_truncate_log+0x351/0x10b0
[  183.388692][ T5775]  ? ocfs2_get_system_file_inode+0x1f1/0x7b0
[  183.394672][ T5775]  ? __might_sleep+0xe0/0xe0
[  183.399261][ T5775]  ? read_lock_is_recursive+0x20/0x20
[  183.404634][ T5775]  ? ocfs2_fast_symlink_read_folio+0x530/0x530
[  183.410780][ T5775]  ? __wake_up+0x11f/0x190
[  183.415188][ T5775]  down_write+0x97/0x1f0
[  183.419419][ T5775]  ? __ocfs2_flush_truncate_log+0x351/0x10b0
[  183.425392][ T5775]  ? down_read_killable+0x340/0x340
[  183.430579][ T5775]  ? _raw_write_unlock+0x28/0x40
[  183.435531][ T5775]  ? jbd2_journal_unlock_updates+0x84/0xe0
[  183.441329][ T5775]  __ocfs2_flush_truncate_log+0x351/0x10b0
[  183.447134][ T5775]  ? ocfs2_truncate_log_needs_flush+0x2e0/0x2e0
[  183.453373][ T5775]  ? read_lock_is_recursive+0x20/0x20
[  183.458738][ T5775]  ? down_write+0x162/0x1f0
[  183.463232][ T5775]  ? down_read_killable+0x340/0x340
[  183.468420][ T5775]  ? __rwlock_init+0x150/0x150
[  183.473181][ T5775]  ocfs2_flush_truncate_log+0x4f/0x60
[  183.478549][ T5775]  ocfs2_sync_fs+0x117/0x310
[  183.483194][ T5775]  ? ocfs2_put_super+0x1c0/0x1c0
[  183.488119][ T5775]  ? writeback_inodes_sb_nr+0x30/0x30
[  183.493484][ T5775]  ? get_nr_dirty_inodes+0x1d4/0x220
[  183.498762][ T5775]  sync_filesystem+0x1c2/0x220
[  183.503514][ T5775]  generic_shutdown_super+0x6f/0x2b0
[  183.508796][ T5775]  kill_block_super+0x44/0x90
[  183.513469][ T5775]  deactivate_locked_super+0x97/0x100
[  183.518833][ T5775]  cleanup_mnt+0x429/0x4c0
[  183.523238][ T5775]  task_work_run+0x1ce/0x250
[  183.527820][ T5775]  ? task_work_cancel+0x240/0x240
[  183.532835][ T5775]  ? exit_to_user_mode_loop+0x3b/0x110
[  183.538287][ T5775]  exit_to_user_mode_loop+0xe6/0x110
[  183.543563][ T5775]  exit_to_user_mode_prepare+0xb1/0x140
[  183.549100][ T5775]  syscall_exit_to_user_mode+0x1a/0x50
[  183.554547][ T5775]  do_syscall_64+0x61/0xb0
[  183.558957][ T5775]  ? clear_bhb_loop+0x40/0x90
[  183.563710][ T5775]  ? clear_bhb_loop+0x40/0x90
[  183.568380][ T5775]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  183.574273][ T5775] RIP: 0033:0x7f689e58fc57
[  183.578697][ T5775] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  183.598295][ T5775] RSP: 002b:00007fff07036a08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  183.606735][ T5775] RAX: 0000000000000000 RBX: 00007f689e610925 RCX: 00007f689e58fc57
[  183.614696][ T5775] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff07036ac0
[  183.622653][ T5775] RBP: 00007fff07036ac0 R08: 0000000000000000 R09: 0000000000000000
[  183.630609][ T5775] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff07037b50
[  183.638569][ T5775] R13: 00007f689e610925 R14: 000000000002c9d4 R15: 00007fff07037b90
[  183.646540][ T5775]  </TASK>
[  183.669292][ T5775] ocfs2: Unmounting device (7,3) on (node local)
[  183.703290][ T5767] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.454305][ T5776] Bluetooth: hci0: command 0x0406 tx timeout