last executing test programs:

1m18.591511673s ago: executing program 0 (id=599):
r0 = syz_usb_connect(0x0, 0x5a, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000060f94d100d05020027230102030109024840020000000009047d04031d5abf0009050400005539000009050b00000000000009050200000005000009047d01013481af0009a00e00230000690009047dbe"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000480)={0x2c, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0})

1m15.875061537s ago: executing program 0 (id=619):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e22, @multicast2}, 0x10)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000080)='batadv_slave_1\x00', 0x10)
syz_emit_ethernet(0x2a, &(0x7f0000000000)={@random="9b43a409aa81", @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x1, 0x0, @private, @broadcast}, @echo_reply={0xe0, 0x0, 0x0, 0xfffd}}}}}, 0x0)

1m15.73095526s ago: executing program 0 (id=621):
ioprio_set$uid(0x3, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5}, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x1458c2, 0x0)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
sendfile(r0, r1, 0x0, 0x15)

1m15.362986431s ago: executing program 0 (id=626):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x1018c0a, &(0x7f00000000c0)=ANY=[], 0x1, 0x551c, &(0x7f000000cf00)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzN7lpA3EcQP8GXOiXiqrue5Xu4Bg9QpddVhygUs/AAbogV8gFOANRNjlCBFE8DgHEIshjW4nek8wwlv1jBvBiZqQBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2nRTruZXf77/bZqz3TWTpzcAAADAOZtyNa/eTFP9Y33+c33qa10vImIQEefG7sN4d5Q5rHPK5+v/H15fnrThOqJKePyMcX18iIgf9XH/pe1vAQAAAN6u9WI5S6P19DLtu0F0KU3aDD79jBjlyCsiopze5YiqJpuKiG+Zwqr/9yh+Z0qrJrAmmcLSlFuWX+DFqsd9P2s3OSiKVAzO3rZvZLa+AwAAHRoeFd2OQgAAAOjSr74bQD+KeFrK3C8FjlNRL++9P6oBAAAAr1DRdwMAAACAy9xefks1/u9o/7/d6f5//w729LP/HwAAALQn7f8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAmzblar5eLGdNc7a7ZvL0BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAf25x0FQiAMwmDv+s5k7n9YadDU1KQKhI+/MRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODN7/7yf2JqnEnmXhtLzyPJ2qmxdWrsnRtHfxhfvwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNiflxQIgSCIgjnjfyd9/8NKgp5BhAhoeFRRiwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+KLf/fJ/YmqcSeZOG0vHI8naVWPrqrH3oHH0YLz9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNi5n9c4qjgA4N+Z2dnaVjFGySEiCh70YtNtbe1NPCjBg3+CENJtjd36ow1iSxFz8SY59yJ6FBGUeOv/0HMLvdRbD3uo4FmZ2ZnstA24/prZJp8PvHnfHYZ53zcLId95LwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDa+K1pnBWHhUmcVudu3b+2XvS3H+oLN7bvLBetiJM2k348vND8kCxFxNHukgEAAOBgyOr6PiLu5jurRZ8ulPV/Xl9T1PzfPjWJq3r+s7pkfbj+r2v/ov3y873ndgdamIxT3PTcxmh4/NFUev/XHOfd0395Ra988uW7l6z8QtJ3t54d5+XzTL6+efPtfhkeaiNbAOCfOFb3VVD/PlT0gy4TA+DA6DUK77r+zxa6zQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgDeOtOFrHSUQs96Zx4fb9a+t79Te27yzX7fT169vx5fSexS3yiDi3MRoeb3U28+3ylasX1kaj4aX2gxcjoqvR36ymf+H9GS6O6OT5CP6jIK2+7HnJ5/EIOvyhBADAvpRXrajr7+Y7q8W5ZDHij+8erP9facQxY/1/74PTt5pjNev/QWsznH8rmxc/Wbl85eprGxfXzg/PDz96/cTgjcHJM6dOnVkp35WseGMCAADAv9OvWrP+TxcfXf8/0ohjxvr/028GXzTHytT/e5ou+nWdCQAAwMH2zEu//5bscT7p9+Pztc3NS4PJcffzicmxg1T/tkNVa9b/2WLXWQEAAABtGG8lD6z/n23EMeP6/5PfP/9j855ZRByu1v+PrX88OtvedOZaG39O3PUcAQAA6NbhqjXX//Ny/3+6u+UhjYhXX57E1b8BnKn+z9756ofmWM39/yfbm+JcSpcmz6PslyJ6S11nBAAAwH72RNWKYv/XfGf1w5+OvNe3/x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgbX8GAAD//zvqPf0=")
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000380)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
lsetxattr(&(0x7f0000000080)='./file1\x00', &(0x7f00000001c0)=@known='trusted.overlay.impure\x00', 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000002240)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000440)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './file0'}}]})

1m13.984294222s ago: executing program 0 (id=633):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000700)={0x0, <r2=>0x0}, &(0x7f00000000c0)=0x6)
setresuid(0x0, r2, 0x0)
sendmsg$netlink(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000005740)=[{&(0x7f0000000140)={0x18, 0x14, 0x1, 0x70bd28, 0x0, "", [@typed={0x8, 0x11c, 0x0, 0x0, @uid=r2}]}, 0x18}], 0x1}, 0x20048840)

1m12.577126361s ago: executing program 0 (id=635):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020100000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a32000000001400000011001f"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x54}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)={0x38, 0x7, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x2}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x38}}, 0x0)

1m12.312361142s ago: executing program 32 (id=635):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020100000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a32000000001400000011001f"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)={{0x14}, [@NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x54}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETRULE(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)={0x38, 0x7, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_HANDLE={0xc, 0x3, 0x1, 0x0, 0x2}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x38}}, 0x0)

1m4.866609223s ago: executing program 5 (id=637):
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000280)='kfree\x00', r0}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x3}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x40, 0x3, 0xa, 0x3, 0x0, 0x0, {0x3}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz0\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_HOOK={0x14, 0x4, 0x0, 0x1, [@NFTA_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x6375fd82}, @NFTA_HOOK_HOOKNUM={0x8}]}]}, @NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x401, 0x0, 0x0, {0x3}}], {0x14}}, 0x9c}}, 0x0)

1m4.626995135s ago: executing program 5 (id=685):
r0 = socket$packet(0x11, 0x2, 0x300)
bpf$MAP_DELETE_ELEM(0x4, 0x0, 0x0)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000080)=0x1, 0x4)
setsockopt$packet_rx_ring(r0, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
syz_genetlink_get_family_id$nl802154(&(0x7f0000001e40), 0xffffffffffffffff)

1m4.183869107s ago: executing program 5 (id=689):
syz_mount_image$exfat(0x0, &(0x7f0000000180)='./bus\x00', 0x4800, 0x0, 0x2, 0x0, &(0x7f0000000000))
syz_mount_image$udf(&(0x7f0000000080), &(0x7f00000000c0)='./bus/file0\x00', 0x18418, &(0x7f0000000200)=ANY=[@ANYRES8=0x0, @ANYRES8], 0xfe, 0x4b1, &(0x7f0000001d00)="$eJzs201sVNUbx/HfM3c6TIf+/5YXCxgCTTSxgkBfsEBqYnix0YQXLVQj8SWVTrHSdkinKCUgLNWdC5Yu3bpwZdwaEpfGhcEYFibIxs2sxB3m3LlvM5TOjG1nKP1+CJx7zzx3OOc8c+ecM5kRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQjrx6uLfPWt0KAADQTCdPj/QOMP8DALCmnGH/DwAAsJaYPP0u054LJTvhn5dlj0/OXLo8emx44cvaTaaUPD/e/c329Q/sf2nwwMGwXPz65bZNp06fOdx9tDB9cTZfLObHu0dnJs8VxvN1P8NSr6+2yx+A7ukLl8YnJord/XsHKh6+3Hlv3fquzqHB945mwtjRY8PDpxMx6bb//L8/5FEr/Iw8vSDTx99/ayclpbT0sajx2llp7X4ndvmdGD027HdkanJsZs49aKkgKlU5JplwjJqQiyVJSa5dllmePVubPP0g05F9JTslyQvHYbf/wXBd7WmFtNu6SurRKsjZY2ydPH0g0619nXojGFc//xnpaqsbhxWXDu7/gpXsTf/9wN1P7m3z+Fvdr89MFBKxlgruqNU+PzTTY/7elJWnU/4dX7IR7Wx1c9Bk7fI0LVPmq0/8dYX8delTQwd27DyUXGFsqfE8LnZvcHPVMye3BUsHS7k/y98v1Cdrnv6U6f5vWf+8J5wDpBsPFrvwj6Y0DyvNPE3J9M+1klnVvtRL7O8jq33uX9n2t2ePFi7Oz06e/2huwcdz2cMfFudmx84t/HB57+ola2rtY6ulGtuS5ay84/v801J0XbAH+F/5LG7NN1fj10JPVRlKvn7qOa57F9vAOsq1yczTXZkm3t9anmeUa3hs1gKX/2GZiqWfLcx0kP90+SyR/5fj8ctaZRnxc/v/8uda4Vpi29nNj6pfify7Nrn8vyPTkb+3Bp9plPPvVcW6uC6Z3r25PYhLZVxcOuxO+RknJqfyvS72gUwbfwpj5cfmgthNcWyfiy3K9MWtytj1QezmOLbfxd6W6c6vC8c+HccOuNh5l6873WFszsXuCGK74ti95wpT47WG1eW/X6a3r79mYZ8fmf/E/X+jqow8lPPFj5cr/52JuhtBXs8G+U/XyP+XMs3/tT3stz/24ctqg/9vnH+3Vv7uZmVsuKHcGMf21dutVnP53yDTvVduR30O+hacxhlK5v+ZdGUZjWuL8r8hUdcZtCvT4FisRcX5KxfGpqbysxxwwAEH0UGr35nQDG7+H3Gz+qBn4TommP87ymfxiun+Z/H8P1RVRlo0/29M1A0Fq5a2tJSdm77YtkXKFuev7JmcHjufP5+fGdg/2Nt/aH/vwMG2TLi4i4/qHrsngcv/bpmu/fhLtI+pXP8tvP7PVZWRFuV/U7JPFeuauodiTXL575Bp8O7taL+52Po/3P/3PFtZRvdfi/K/OVHXGbSro8GxAAAAAAAAAAAAAAAAAIDVJGeenpPp8siLFv6GqJ7v/41XlZHl//5X+YfJNb7/1ZWoG2/S7xoaGmgAAAAAAAAAAIAmScnT1zI9r5JddxUd0olkiSfavwEAAP//G6xIAA==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0, 0x0)
getdents64(r0, 0x0, 0x1000000)

1m3.59364112s ago: executing program 5 (id=692):
syz_mount_image$hfsplus(&(0x7f0000000200), &(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x80000c, &(0x7f0000000000)=ANY=[], 0x1, 0x6f4, &(0x7f00000002c0)="$eJzs3c1r5OYZAPBH47E9dmHjTfajLYEMCaSlprv2Gqd1L92WUnwIJU0PPZtdb9bsrDfYTnFCqb1N/4AecuopPfi29FBS6HGhPTcESq4+Bgq55OTbFGmk+fB82hmvneT3M5Je6f3Qq0cjaTTCKIBvrNX5KNfr9b3V+dd30/nDg6XaxMHSdJ5di4ipiChFlBuTSDYjy72dD/GddGFePum3ng82Vt789IvDzxpz5XzIypcG1ethqnvRfj5ENSIm8mm3yT4tfnR89R3t3elsr18jAyTNLUwD9koRuPjLyZuCcap32W/mPflvNh5U/STHLXBBJY3rZpe5iNmIqEQ0rvr52aH0bHs3fvvn3QEAAAA4qZlhBbpv1587iqPYjUtn1SUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Osrf/5/kQ6lIVyMp3v8/lS+LPP2V9Ml0Y/r0vDsCAAAAAAAAAGPw0lEcxW5cKubrSfbM/+W2Z/zfindiO9ZjK27EbqzFTuzEVixGxFxbQ1O7azs7W4tZzYgrA2reio971LzVv4+3B2/CP399mg0HAAAAAAAAgIurMiT/wWT3sj/Gauv5PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXARJxERjkg1XivRclMoRUYmIqbTcfsTHRfrCeX+619Kk18KnZ94ZAAAAGK9K52xSGaHOc3txFLtxqZivJ9k9/7XsfrkS78Rm7MRG7EQt1uNufg+d3vWXDg+WaocHSw/Tobvdn31+oq5nLUbjt4fea/52VmIm7sVGtuRG3Ikk6plS0fm9xvTh4UHSo1+P0z4lP80N6M1EW/puOrr+UZb+c+evCOUTbeIplfrmzGW5k82ILDxu1bhc7Jnee2jo3ikPXNNilJq//FwZvKbeMX88eO2zx0r1/OXmXByPxK0oNffQtcGRiPjeP5789n5t88H9e9vzF2eTetobWuJ4JJbaInH9axSJ4RaySFxtzq/GL+M3MR+fT78RW7ERv4u12In1apG/ln+e0/Hc4Eh9Mts+98awnqTHZLV5/urVp2p09Cmq8YsstRYvRxJzcSk2IolHEZPr8Vr2dysWm2eD1h6+OsJRXxrhTNum8v1s0gxTzPQv+7fRmhyXNK6X2+Lads7NjoPLHUtaUXq+Z5SKa93o16M25e/mibSF9wdeH56145FYbIvEC/0+L42Q/rWejrdrmw+27q+9PeL6Xs2nxaezx4mk/mW25/TSPfx8VPKNu5yN096ln44074VmrzvjNZU/cWkodeVdbdZrHKm/ikdxN9qP1B/FcizHSlb6WlZ6suuKleZdb7bUeQ5P89JvWuXmg53271uPotb4PgTAxTb7g9mpmf/N/Gfmw5k/zdyfeb3y8+kfT784FZP/nvxJeWHi1dKLyd/jw/hD6/4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4ve1333uwVqutb/VOlHpnJYNrrdWKN/INKtORSPJX5YxQOBmpwcGJ6Xzzv2w7HYnqqRos3tY4vHB1fF3tSiT7+Q5rLqkM3xfZW572RtrLSVfA08qn7nPxfqkzisaYEtXxNVh8YAeVGXpUFm9W68iaiIhehYecOCbGdQYCzsvNnYdv39x+970fbjxce2v9rfXNyeXllYWV5deWbt7bqK0vNMZtFZ7Jy2+BZ6F10W9fWop4aXjdAS9qBQAAAAAAAAAAAM7Q8f/oOIv/hXhy3hsJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfKWtzkf5aSSxuHBjIZ0/PFiqpUORbpUsR0QpIpLfRyT/irgdjSHm2ppL+q3ng42VNz/94vCzVlvlonwpYr9vvdHs50NUI2Iin46rvTvD25tqJad7ZCfNyKQBe6UIHJy3/wcAAP//vGfxGQ==")
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, 0x0)
mmap(&(0x7f0000ff1000/0xf000)=nil, 0xf000, 0xc7d32c145b6e99af, 0x40010, 0xffffffffffffffff, 0x0)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
creat(&(0x7f0000000140)='./file2\x00', 0x1ad)

1m1.569240023s ago: executing program 5 (id=713):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x0, 0x0)
ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f00000000c0)={0x1005, r2})
ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000040)={0x2, r2, 0x1})

1m1.274494589s ago: executing program 33 (id=713):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = eventfd2(0x0, 0x0)
ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f00000000c0)={0x1005, r2})
ioctl$KVM_HYPERV_EVENTFD(r1, 0x4018aebd, &(0x7f0000000040)={0x2, r2, 0x1})

5.917558227s ago: executing program 3 (id=1182):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1})
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f00000001c0)={0x28, 0x0, 0xffffffff, @my=0x1}, 0x10)
listen(r1, 0x7)

4.891541383s ago: executing program 3 (id=1192):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x4, &(0x7f0000002180)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x41}]}, &(0x7f0000000040)='syzkaller\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r1, r2}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @private=0xa010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)

4.748651652s ago: executing program 3 (id=1195):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b00090000000009040002010035040009058dff86"], 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r0)
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000080)="5294", 0x2}], 0x1)

4.682260927s ago: executing program 2 (id=1196):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x5, 0x6576, 0x9})
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x0, 0x11, r0, 0x100000000)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f0000000280)={[{@dioread_lock}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}]}, 0xff, 0x756, &(0x7f0000001e40)="$eJzs3c2LW1UbAPDnpvP1tn2dKbiwIjjQhYXSjJ3WUkGkogspVoq6c9GmM+lQJmnKJFM6Q6VWFMGVSHHtx8qd/4Aogu5cCq5dSaFIqRtBiNzMzZg2SScznUyq+f3glnPuvek5z/04OZlzuDeAoTWd/pOL2B8RHycRk9n6JCJGG6mRiJNr+929c20uXZKo19/8PWnsk+aj5TOpPVnmiYj4/oOIQ7n2cqsrq4uFUqm4lOVnauXLM9WV1cMXy4WF4kLx0uzx54/Onph97sTstsX65/uvnz/19Stf3nzvp1/feOfU00mcjL3ZttY4tst0TGfHZDQ9hPd4ebsLG7Bk0BVgS9Jbc9faXR77YzJ2NVIAwH/Z9YioAwBDJvH9DwBDpvl3gObYXj/GwR5lt1+KiImIsZZjsLZlJBuzm2iMg+6+m9wzMpJExNQ2lD8dEVff/vCbdIk+jUMCdPLujYg4NzXd3v4nbXMWNuvZHvaZvi+v/YOd813a/znRqf+XW+//RIf+z3iHe3crNr7/c7e2oZiu0v7fCx37v+uT1qZ2Zbn/N/p8o8mFi6Vi2rY9FhEHY3Q8zR95QBnHPnnxx27bWvt/6ZKW3+wLZvW4NTJ+72fmC7XCw8Tc6vaNiCdHOsWfrJ//pEv/90yPZdR+eOqLbts2jr+/6p9HPNPx/P8zoy1pmZ84Hm3zE2ca18NM86pol/9ocl+38gcdf3r+dz84/qmkdb5mdfNl/PzpX69227bV638seauRHsvWXS3UaktHIsaS19rXt0whbeab+6fxHzzw4Pav0/Wf/iY812P8i599dX7r8fdXGv/8ps7/5hMHfvm2czz1bLbxhuf/WCN1MFvTS/vXawUf5tgBAAAAAAAAAAAAAAAAAAAAAAAAQK9yEbE3klx+PZ3L5fNr7/B+PHbnSpVq7dCFyvKl+Wi8K3sqRnPNJ11OtjwP9Uj2PPxmfva+/NGI2BcRN8f/18jn5yql+UEHDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACZPV3e/5/6bXzQtQMA+mbi+qBrAADstIlBVwAA2HG+/wFg+Pj+B4ChctocPwAYTn7/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0GdnTp9Ol/ofd67Npfn5KyvLi5Urh+eL1cV8eXkuP1dZupxfqFQWSsX8XKW80f9XqlQuzx6P5asztWK1NlNdWT1brixfqp29WC4sFM8WR3ckKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYnOrK6mKhVCouPWKJiax+j0p9JCSGKzHghgkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgX+LvAAAA///A4xmC")

3.553237822s ago: executing program 2 (id=1203):
unshare(0x2000680)
r0 = fsopen(&(0x7f0000000100)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
fsmount(r0, 0x0, 0x0)
fsmount(r0, 0x0, 0x89)

3.357765042s ago: executing program 2 (id=1205):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r0, 0x6, 0xe, &(0x7f0000000200)={@in6={{0xa, 0x0, 0x0, @loopback}}, 0x0, 0x0, 0x35, 0x0, "317f83735b4bb1eadc74dde27798c831eec04c24eeec7ff3d3137a508003d2d5c89ab0220cefebd4687636457b9822766c1bfea4e01ff23c6a4caeaf049a572a9774d3b882eb3b4a66c5ec48c29f065d"}, 0xd8)
setsockopt$inet6_tcp_TLS_TX(0xffffffffffffffff, 0x6, 0x1, &(0x7f00000000c0)=@gcm_256={{0x303}, '\x00', "5171bb672965593497418688ac68cb126474cd3660dab9e2086e246728d7a040", "05e2e505", "12000700"}, 0x38)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000020, &(0x7f0000000040)=0xa, 0x1959cc36)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)

2.830654215s ago: executing program 6 (id=1211):
syz_clone(0x42882100, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)="bb")
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x13000, 0x3, &(0x7f00004ea000/0x13000)=nil)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
migrate_pages(0x0, 0x5, &(0x7f0000000000)=0x9, &(0x7f0000000040)=0x272)

2.438696522s ago: executing program 6 (id=1216):
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000080e0000002000000000000005b000000000000000000000000000000000000000100000000000000000a000000ff000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\b\x00\x00'], 0xb8}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b800000015"], 0xb8}}, 0x0)

2.358046544s ago: executing program 2 (id=1218):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x10008d0, &(0x7f0000000280)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c7072656665727265645f736c6f743d30303030303030303030303030303030303030312c6c6f63616c666c6f636b732c696e74722c6e6f61636c2c00b83578110c8182871d1a888ab910bda6ed5eb8d85850b69e5f00a4b2822944f8a40011442cbdd903ae8f5dbd229f91fe1093b9e1d8042b3023b0ec8f09897497044a104701d3013512e0487b6bd6650f232292d8b0155a94728bba1a8248fed123795bcc184683b33d0d5f4455ea61c1cb567c01edd33f14c229437ce876bf88798ec1e2f28b87b591031c3d50710d9cc51b760aff0105a5c3772f54bdf7395bb2bb7b4a0323ca"], 0x1, 0x4432, &(0x7f0000004480)="$eJzs3c9PG1ceAPA3A9lANtmFbA5ZaaW1tJF2tbtCkFNbIpUQEgIJTZU2UdWLY8BJaA2OwFQ95EBvkXqq1EPVQ9RKvXGKOPSa/gm99JieI7WHXlpVikplewyewRYuwtCkn8+B8bzf9nfm+fkwvDhRubuwkltYyRWWcuW52ytnc++VS6uLxRAfkJb9Hzm4/ulMN66Tw772/siuXbj0xs2zIXw1/83Tzc3NzVDVG1oaaXr94w/355qPDXGmTrXd1q3tl7dDCKd2jKuqJ4Tw1pchRCGE80naeHLsDyGcCPW8m/c/vJXbp9E8elI8l38282Bj9Mz0+sON9u89CuHT0t//f2fxu3/1jH77333qHgAAAAAAAAAAAAAAAACA59zk9Ws3Xh8eCY+j0Lse7XxedzI5tns+dnPf/LP7bxYAAAAAAAAAAAAAAAAAAAB+p7af/89FJ1s8/z+RHMfa1N98tftjpHumXrs2cXF4JNn/PdqR/1KS9P35njDYYt/37P7v5zP1W+//vrOfvWqMr9HvQIjiodR5HA8NhfB5svH76ehYXCqvVP53u7y6NL9vw3hupeNf370/FZ1kQ/9O4z+eab/7+///bcfVVD2/tX+X2AstHf+etuW++CDqKP4XMvUOIv7sXTr+vbW0/uYCY/UJoBr/j3p3j/9Epv3uxP/I1qv+kEvNANU1TC5qv14hLR3/+ueamjqTD7Ld/f9zJv4XM+0f1vy/lv0ioqV0/P9US+tLldi+/wfj3e//S5n2DyP+1fGv+f7vSDr+R+uJvakitU+y0/l/MtN+U/x/2s9x34iTcf4lSl0B61E9vd3/qyMtHf++Hfnbv//ijtZ/lzP1D+r3X6Pfxu+/xvT/n6j++4/W0vHvb1uu0/t/KlOv2/P/WG39x16l43+slpZeOw/U/nYa/+lM+92Kf21V0teI//Z88svRevpn1n8dScf/z/XEuLnEWu1vbf0X7b7+v5Jp/zDWf9Xxr8Xd7fVFkY7/8bblqvH/uoPv/6uZet2PfwjD1vp7lo7/ibblavd/3+7xn8nU63b8/93NxgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeA+PJcSBE8VDqPI6HhkK4kJyfDsei2cJ8frZUnnt3JYSJJD0XTkZ3SuXZQim/sFSeL+YLpVJ5LoSLSf6p0BetlMqV/GLh3qWttvqju8XCcmW2WKiEECaT9H+EE422Zhcqi4V7IYTLW3l/jcvL9+4WlvLzC8uvDA8PD4eprTEMRsX3K8WlSr33em4I01t1B6KmwdWyr2yN5Xj0Tnl1ealQqqVfbapTKs8VSk11ZpK8j8NgVFleXZorVIr5UvlOo7/DNJYcJ6auv3n96siO/FtR/Th+sMMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Dd6PPryJyGE3vpZHEIYa7yIWpV/9KR4Lv9s5sHG6Jnp9YcbT9uVAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBXduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrBL/ygRA1EcgN+MhX8qj2EVks42oogWRgRPoMfwMHoUL+EdLCxsLWRhd4ZdshtIs1t9X/NIfsy8B/MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADmuX0anh/bLiLFyf9xxOfr1/dmfl/q+9Xu80cHmJH9uXsYrm/arrx72sovy6+fPi/Tv9+3l1jXs/pdfYz2ZLxPK7XP6eRcU/s2NV/tex4pNxHRl/wi5dw08+4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYMEOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBYAAAAAECYv3UUfRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADArwAAAP//sfkf5w==")
symlink(&(0x7f0000000080)='.\x00', &(0x7f0000000000)='./file0\x00')
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x20)
link(&(0x7f0000001240)='./file0\x00', &(0x7f0000000bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
rename(&(0x7f00000001c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000400)='./file0\x00')

2.198961114s ago: executing program 1 (id=1220):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f00000000c0)=0x7e6, 0x9)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
recvmsg(r0, &(0x7f00000018c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001880)=""/17, 0x88}, 0x0)
syz_emit_ethernet(0x32, &(0x7f0000000100)={@local, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x24, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0x10, 0x0, @gue={{0x2}}}}}}}, 0x0)

2.196361906s ago: executing program 6 (id=1221):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$batadv(&(0x7f00000007c0), r1)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000800)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_SET_MESH(r1, &(0x7f0000000900)={0x0, 0x0, &(0x7f00000008c0)={&(0x7f0000000000)={0x2c, r2, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x401}, @BATADV_ATTR_NETWORK_CODING_ENABLED={0x5, 0x38, 0x1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x44801}, 0x40)

2.130556743s ago: executing program 4 (id=1222):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f00000015c0)=[@in6={0xa, 0x4e22, 0xe, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x6}], 0x1c)
setsockopt(r0, 0x84, 0x7f, &(0x7f0000000040)="020000000980ffff", 0x8)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000000), 0x4)
recvmsg(r0, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)

2.017452597s ago: executing program 6 (id=1223):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f00000000c0)='./file2\x00', 0x0, &(0x7f0000005700)=ANY=[@ANYBLOB="6e6f666c7573685f6d657267652c6e6f757365725f78617474722c6e6f71756f74612c6e6f71756f74612c6e6f646973636172642c6e6f696e6c696e655f64656e7472792c6a71666d743d76667376312c6a71666d743d7666737630000072706a71756f74613d272c6e6f62ba6172726965722c6e6f696e6c696e655f78617474722c00532ce9c75edc805c73af1e7e080908b718fd0828a937e3586554bcab7e1be7aa73459f8662170e991ca8c4b33e9be8c461e5cf93a3f06906d6fa59c7f8886f0b8367599af6dfca0f52ccf121a48c05cee074649107e6b6f3c1de6e4ecb13afd6d0b7a37e1ca7f2a73cfa86fec83ff91813514fc5dad59ef8a68267e2bc0900000000000000a3459a462407e6200beefe217570be55fa53ae668bc248f9910750fe29462516b37659f6d761b21b6ad0715f34", @ANYRES64, @ANYBLOB="3a4be99f9f727e8d0262285f8311dc64a122b0328932c72b2382283dcb1539cb6d4840c2d90f6bb77b5e93c4b5", @ANYRESOCT], 0x1, 0x5524, &(0x7f0000007200)="$eJzs3M1rI2UcB/Anfdnum2sRD946sAgtbELTl0VvVXfxBbuUVQ+eNE2mIbtJpjRpWnvy4FE8+J+IgieP/g0ePHsTD4o3oZJ5prtbtSA2bdzu5wOT78yTyW+eJywLv5mSADyzZpPffy2FG+FKCGEyhHA9hHy/VGy5tRgvhRDmQggTT2ylYvzRwKUQwtUQwo1h8VizVLz15a3BzdVf3vntux9mpq599e2P41s1MG4vhxA623F/rxMza8Z8UIzXBq08OyuDIuMbnYfFcRZzL93MK+zVjs6r5bncjOdn27u9YW61a/VhNltb+fh2N16wN2ge1ck/8KC2kx830s08W70sz+ZBnNf+Qfzf8aDXj3UaRb1P8vKh3z/KOJ7up3E92w/zrHcPJ+N4rJs10v1hDoosLhfqWbuRz2PzFF/0/9y7re7ufjJId3qtrJusVqqvVKq3y9WdrJH205VyrdO4vZLMN9vD08r9tNZZa2ZZs51W6llnIZlv1uvlajWZv5NutmrdpFqtLFcWy6sLxd6t5M17HyTtRjI/zNdb3d1+q91LtrKdJH5iIVmqLL+6kNysJu+tbyQb9+/eXd94P9z58N5r62+/UZz0t2kl80uLS0vl6mJ5qbpwYdY/92j9H52w/s+KSY9w/XAqpXFPAODpo/8HxuHs+v+d++HwMB8fXf8/k+fj/j/mf+//+8W4/n9U/e/hKPv/k/rfi93/j2X9cCr6fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAZ9ZP01+/le/MxuNrxfhzxdALxXEphDARQjj8B5Ph0rGak0Wd6RPOn/7LHL4vhbzC8BozxXY1hLBWbH88f9bfAgAAAFxc33w690Xs1uPL7LgnxHmKN20mrn88onqlEML07M8jqjYxfHlxRMXyf99TYX9E1fIbWJdHVCzecpsaVbV/ZfJYXH4iSjEmznU6AADAuTjeCZxvFwIAAMB5+nzcE2A8SuHoUebRs+D8L+8fPxC8cuwIAAAAeAqVxj0BAAAA4Mzl/b/f/wMAAICLLf7+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Cc793OjNhDFAfjZxoH8U1CUe1rhBmWkhBxzjCggTVACaSENUAO5pYQIVni8aFmxq5U8tndX3yfBMBb8mEH4MG+kAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD79rber3z+//uqaczh2k2c2AAAAwDX7ertqXsxT/317/WN76XPbLyKijIhra/cq3lxkVm1O/cD763tj+BPRJJy+Y9o+3kXEoopYRMT/T33/CgAAAPB67dabZVqtp6f52ANiSKloU374limviIh6/i9TWnnK+5IprPl/T+JHprSmgDXLFJZKbpNcaU/S3O7nqt3sTlOkpnz889nmDgAADKi6aIZdhQAAADCk72MPgHEUcbuVed4KnKam3d57e9EDAAAAXqBi7AEAAAAAvWvW/8/6/L9w/h8AAAB0lc7/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoE/7ervarTfLrjmHYzd5ZgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcMP+vKNACIRBGOxd35nM/Q8rDZqamlSB8PE3BgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw5nd/+T8xNc4kc6+NpeeRZO3U2Do19s6Noz+Mr18DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF/vzkgIhEARRMGf876Tvf1hJ0DOIEAENjypq0QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHzR7375PzE1ziRzp42l45Fk7aqxddXYe9A4ejDe/g0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFzv38xpHFQcA/M3MzsZWxTXKHiKi4EEvNt3W1t7EgxI8+CcIId3W2FWx5mBLEXLxJjn3InoUEZR46//Qcwu91FsPe6jgwdPKzM4kr23E9UdnNtnPB9687w7DvO+bhZDvvJcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALXx2/txVhx60zitzt26f22j6G8/1Bdu7NxZKVoRJ00mfTi8GH9I+u0lAgAAwOLI6vo+hHA3310r+rRX1v95fU1R83/79DSu6/mH6/66r2v/ov3y873n9wbqTccpbnphczQ8+Wgqncc3y/n2zN9e0SmffPnuJSu/kPS97efGefk8k69v3nynW4ZLTWQLAPwbJ+q+Curfh4p+0GZiACyMTlR41/V/1ms3JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAmjLfDk3WchBBWOvtx4fb9axsH9Td27qzU7ez16zvxPYtb5CGEC5uj4ckG5zLvPr9y9dL6aDS83HzwUgihrdHfqqZ/6YMZLg6hlecj+J+CtPqy5yWfwxG0+EMJAIAjKa9aUdffzXfXinPJcgiT7x6s/1+N4jBj/X/vw7O34rHi+n/Q2AxbtBTF6V9ftrr1x2QyuXL19c2P1y8OLw4/eePU4M3B6XNnzpxbLd+VrHpjAgAAwH/TrVpc/6fLj67/H4/iMGP9/9k3gy/jsbJFq/9ntL/o13YmAAAAi+3Zl3//LTngfNLthi/Wt7YuD6bHvc+npscWUv3HlqoW1//ZcttZAQAAAE0YbycPrP+fj+Iw4/r/U9+/8GN8zyyEcKxa/z+x8enofHPTmWtN/Dlx23MEAACgXceqFq//5+X+/3Rvy0MaQnjtlWlc/RvAmer/7N2vfojHivf/n25uinMp7U+fR9n3Q+j0284IAACAo+yJqhXF/q/57tpHPx1/v2v/PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDT/gwAAP//vE9Crw==")
mkdir(0x0, 0x0)
r0 = landlock_create_ruleset(&(0x7f00000000c0)={0x8118}, 0x10, 0x0)
landlock_restrict_self(r0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='freezer.parent_freezing\x00', 0x275a, 0x0)

2.012371872s ago: executing program 3 (id=1224):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x4206, r0)
tkill(r0, 0x12)
ptrace(0x4208, r0)
ptrace(0x4207, r0)

1.867758717s ago: executing program 1 (id=1225):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000140)={0x26, 'rng\x00', 0x0, 0x0, 'drbg_nopr_sha256\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f0000000d40)=[{{0x0, 0x0, 0x0}, 0xe48}, {{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000940)=""/66, 0x42}, {0x0}], 0x2}, 0xc6}], 0x2, 0x2001, 0x0)

1.662798406s ago: executing program 1 (id=1226):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000009000000010001000900000001"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x4, 0xc, 0x1000, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f00000001c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='mm_page_alloc\x00', r2}, 0x10)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)

1.573493866s ago: executing program 3 (id=1227):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000140), 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000300), 0x4)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GINFO(r0, 0x40045402, &(0x7f0000000040)={{}, 0x0, 0x0, 'id1\x00', 'timer0\x00'})

1.461275673s ago: executing program 3 (id=1228):
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000007c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r1, 0xc0105b08, 0x0)

1.431716714s ago: executing program 1 (id=1229):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x8, &(0x7f0000001200)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7020000f8ff00008500000086000000850000002300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sys_exit\x00', r1}, 0x10)
io_setup(0xfb, &(0x7f0000000140)=<r2=>0x0)
io_pgetevents(r2, 0x7, 0x7, &(0x7f0000000240)=[{}, {}, {}, {}, {}, {}, {}], &(0x7f0000000180), 0x0)

1.273202739s ago: executing program 1 (id=1230):
unshare(0x68040200)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
r0 = socket$inet6(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000001500)="5500000020007fafb72d13b2a4a2719302000000030b43026c26236925000400fe7f0000bd2dca8a9848a3c728f1c46b7b31afdc1338d509000000000100005ae583de0dd7d8319f98af84fda542e718f94b929ade", 0x55}], 0x1}, 0x0)

1.070000081s ago: executing program 4 (id=1231):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000040)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)={0x1c, r1, 0x101, 0x0, 0x0, {{0x4c}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}}, 0x0)

936.082771ms ago: executing program 2 (id=1232):
r0 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000040)=[<r2=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000540)={0x0, 0x2b, r2, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000240)={0x0, 0x0, r2, r3, 0x0, 0x0, 0x0, 0xffffffff, {0x125, 0x7f, 0x80, 0x5, 0xfdfc, 0x0, 0x4, 0x4, 0x3e3d, 0x0, 0x0, 0x1, 0x0, 0x0, "12d56163d7287bd287881d942450c7153a3243937ca9a58f1c702a0bcc476b15"}})

935.429006ms ago: executing program 6 (id=1233):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000040)={@val={0x0, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@tcp={{0x5, 0x4, 0x0, 0x0, 0x44, 0xffff, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x3f00, 0x4e23, 0x41424344, 0x41424344, 0x0, 0x2, 0xc, 0x0, 0x4, 0x0, 0x1c, {[@window={0xa, 0x3}, @timestamp={0x5, 0xa, 0x0, 0x9}, @generic={0x2, 0xe, "d5883806416b41fd40697b53"}]}}}}}}, 0x52)

808.210456ms ago: executing program 4 (id=1234):
r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x8801, 0x0)
r1 = syz_io_uring_setup(0x231, &(0x7f0000000180)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0})
io_uring_enter(r1, 0x7a98, 0x0, 0x0, 0x0, 0x0)

575.218068ms ago: executing program 4 (id=1235):
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7907009875f37538e486dd6317ce6203c23c00fe80000000000000875a65"], 0xfdef)
r0 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15)
bind$xdp(0xffffffffffffffff, &(0x7f0000000000)={0x2}, 0x10)
ioctl$TCFLSH(r0, 0x404c4701, 0x20000000)

411.116866ms ago: executing program 4 (id=1236):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x2, &(0x7f0000000080)=[{}, {0x24}]})
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x5, 0xe, 0x40, 0x3, 0x41, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000180), 0x1003, r0}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000380)={r0, &(0x7f0000000300), 0x0}, 0x20)

359.055455ms ago: executing program 2 (id=1237):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x1000}, 0x4)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0x73220c8b}], 0x1}, 0x0)
recvmmsg(r0, &(0x7f0000000400)=[{{0x0, 0x0, 0x0}, 0x7}, {{0x0, 0x0, 0x0}, 0x8}], 0x2, 0x0, 0x0)

241.358614ms ago: executing program 1 (id=1238):
r0 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6}]})
add_key(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
creat(&(0x7f0000000080)='./cgroup/file0\x00', 0x0)

188.879204ms ago: executing program 4 (id=1239):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000340)={[{@nogrpid}, {@resuid}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@jqfmt_vfsv0}, {@nombcache}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000040)=ANY=[], 0xfe37, 0x0)
truncate(&(0x7f0000000180)='./file1\x00', 0x3b)
creat(&(0x7f0000000140)='./file2\x00', 0x1ad)
unlink(&(0x7f0000000180)='./file1\x00')

0s ago: executing program 6 (id=1240):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file1\x00', 0x101880a, &(0x7f0000000400)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c61636c2c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474722c6673796e635f6d6f64653d706f7369782c646973636172645f756e69743d7365676d656e742c6261636b67726f756e645f67633d6f6e2c6e6f696e6c696e655f78617474722c646973636172645f756e69743d626c6f636b2c6673796e635f6d6f64653d7374726963742c617467632c657874656e745f63616368652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303031343033302c00271d57a599b8b169a579679e220c689eaaec4fa6229021e75c68a687d319b615573b0b0ceefba8e2e2419434463974ef8174b66469344931de0ccad650792761"], 0x1, 0x550b, &(0x7f00000079c0)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x1a37c1, 0x42)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(r0, 0xf501, 0x0)
r1 = open(&(0x7f0000000080)='./file1\x00', 0x64842, 0x22)
pwritev2(r1, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x140000}], 0x1, 0x7800, 0x0, 0x3)

kernel console output (not intermixed with test programs):

ecksum algorithm
[  119.257619][ T7286] BTRFS info (device loop2): using free-space-tree
[  119.472060][ T7282] XFS (loop4): Ending clean mount
[  119.491659][ T7282] XFS (loop4): Quotacheck needed: Please wait.
[  119.626351][ T7282] XFS (loop4): Quotacheck: Done.
[  119.773124][ T5841] XFS (loop4): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  119.831674][ T5826] BTRFS info (device loop2): last unmount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9
[  119.842078][ T5955] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  120.042819][ T5955] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  120.070646][ T5955] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  120.090891][ T5955] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  120.134169][ T5955] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  120.157336][ T7321] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  120.177807][ T5955] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  120.452357][ T5829] usb 4-1: USB disconnect, device number 7
[  121.568209][ T7363] loop1: detected capacity change from 0 to 1024
[  121.611958][ T7363] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  121.640594][ T7361] loop0: detected capacity change from 0 to 128
[  121.665688][ T7335] loop2: detected capacity change from 0 to 32768
[  121.690816][ T7365] loop3: detected capacity change from 0 to 128
[  121.917202][ T7359] loop4: detected capacity change from 0 to 32768
[  121.989072][ T7335] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  121.994140][ T5824] UDF-fs: warning (device loop1): udf_evict_inode: Inode 861 (mode 100000) has inode size 33554465 different from extent length 33554944. Filesystem need not be standards compliant.
[  122.005697][ T7359] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  122.327375][ T7335] XFS (loop2): Ending clean mount
[  122.335274][ T7335] XFS (loop2): Quotacheck needed: Please wait.
[  122.380454][ T7392] loop0: detected capacity change from 0 to 2048
[  122.620123][ T7359] XFS (loop4): Ending clean mount
[  122.641716][ T7359] XFS (loop4): Quotacheck needed: Please wait.
[  122.721407][ T7405] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  122.733339][ T7405] overlayfs: The uuid=off requires a single fs for lower and upper, falling back to uuid=null.
[  122.812935][ T7359] XFS (loop4): Quotacheck: Done.
[  122.838789][ T7335] XFS (loop2): Quotacheck: Done.
[  123.141303][ T7403] loop3: detected capacity change from 0 to 32768
[  123.158156][ T5841] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  123.166934][ T5826] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  123.213481][ T7403] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  123.481387][ T7403] XFS (loop3): Ending clean mount
[  123.803894][ T7431] loop2: detected capacity change from 0 to 256
[  123.810445][ T5825] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  124.224014][ T7442] netlink: 36 bytes leftover after parsing attributes in process `syz.4.474'.
[  124.251170][ T7442] netlink: 36 bytes leftover after parsing attributes in process `syz.4.474'.
[  124.272216][ T7444] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  124.531826][ T7417] loop1: detected capacity change from 0 to 32768
[  124.554821][ T7417] XFS: noikeep mount option is deprecated.
[  124.565443][ T7453] netlink: 4 bytes leftover after parsing attributes in process `syz.0.478'.
[  124.609493][ T7453] ipvlan2: entered allmulticast mode
[  124.615318][ T7453] veth0_vlan: entered allmulticast mode
[  124.647354][ T7417] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  125.033078][ T7417] XFS (loop1): Ending clean mount
[  125.034166][ T5829] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  125.044365][ T7417] XFS (loop1): Quotacheck needed: Please wait.
[  125.124116][ T7417] XFS (loop1): Quotacheck: Done.
[  125.253763][ T5829] usb 1-1: Using ep0 maxpacket: 8
[  125.268402][ T5824] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  125.269940][ T5829] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  125.292375][ T5829] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  125.324111][ T5829] usb 1-1: Product: syz
[  125.328478][ T5829] usb 1-1: Manufacturer: syz
[  125.333100][ T5829] usb 1-1: SerialNumber: syz
[  125.363872][ T5829] usb 1-1: config 0 descriptor??
[  125.419648][ T7474] loop4: detected capacity change from 0 to 32768
[  125.507961][ T5878] kernel read not supported for file /video37 (pid: 5878 comm: kworker/0:4)
[  125.553609][ T7474] JBD2: Ignoring recovery information on journal
[  125.592104][ T5829] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  125.611778][ T7474] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  125.838823][ T7475] loop3: detected capacity change from 0 to 32768
[  125.872513][ T7475] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.485 (7475)
[  125.920881][ T7475] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  125.986594][ T7475] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  126.026741][ T5841] ocfs2: Unmounting device (7,4) on (node local)
[  126.041512][ T7475] BTRFS info (device loop3): using free-space-tree
[  126.209672][ T5829] dvb_usb_rtl28xxu 1-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  126.218619][ T7508] loop2: detected capacity change from 0 to 64
[  126.256110][ T5829] usb 1-1: USB disconnect, device number 6
[  126.555073][ T5825] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  126.894366][ T5829] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  127.048473][ T5829] usb 5-1: Using ep0 maxpacket: 32
[  127.055525][ T5829] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  127.070244][ T5829] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  127.094070][ T5829] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  127.118790][ T5829] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.154987][ T5829] usb 5-1: config 0 descriptor??
[  127.266616][ T7540] loop1: detected capacity change from 0 to 256
[  127.311682][ T7540] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d)
[  127.524579][ T7544] capability: warning: `syz.1.507' uses deprecated v2 capabilities in a way that may be insecure
[  127.536721][ T7544] program syz.1.507 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  127.608185][ T5829] savu 0003:1E7D:2D5A.000B: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.4-1/input0
[  127.715481][ T7534] loop3: detected capacity change from 0 to 32768
[  127.722690][ T7534] XFS: attr2 mount option is deprecated.
[  127.773433][ T7534] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  127.886500][   T25] usb 5-1: USB disconnect, device number 5
[  127.979258][ T7542] loop0: detected capacity change from 0 to 32768
[  128.013903][ T7542] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.506 (7542)
[  128.067669][ T7542] BTRFS info (device loop0): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  128.078038][ T7542] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  128.086852][ T7542] BTRFS info (device loop0): disk space caching is enabled
[  128.094612][ T7542] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  128.112757][ T7534] XFS (loop3): Ending clean mount
[  128.142930][ T7534] XFS (loop3): Quotacheck needed: Please wait.
[  128.201936][ T7561] loop1: detected capacity change from 0 to 256
[  128.245694][ T7534] XFS (loop3): Quotacheck: Done.
[  128.280636][ T7542] BTRFS info (device loop0): rebuilding free space tree
[  128.306966][ T7561] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  128.340973][ T7534] XFS (loop3): User initiated shutdown received.
[  128.370330][ T7542] BTRFS info (device loop0): disabling free space tree
[  128.373883][ T7561] exFAT-fs (loop1): start_clu is invalid cluster(0xffffffff)
[  128.383383][ T7534] XFS (loop3): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0xe2/0x160 (fs/xfs/xfs_fsops.c:449).  Shutting down filesystem.
[  128.411639][ T7542] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  128.423242][ T7534] XFS (loop3): Please unmount the filesystem and rectify the problem(s)
[  128.431783][ T7542] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  128.478027][ T5825] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  128.565521][ T1202] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  128.621605][ T7582] loop4: detected capacity change from 0 to 128
[  128.697874][ T7582] VFS: Found a Xenix FS (block size = 512) on device loop4
[  128.736529][ T1202] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  128.745739][ T1202] usb 3-1: config 1 has no interface number 0
[  128.789954][ T1202] usb 3-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  128.845000][ T1202] usb 3-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  128.853112][ T7586] syz.4.515: attempt to access beyond end of device
[  128.853112][ T7586] loop4: rw=0, sector=8767744, nr_sectors = 1 limit=128
[  128.869770][ T1202] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  128.928337][ T1202] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 99
[  128.943916][ T7586] Buffer I/O error on dev loop4, logical block 8767744, async page read
[  128.944430][ T5828] BTRFS info (device loop0): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  128.952380][ T7586] syz.4.515: attempt to access beyond end of device
[  128.952380][ T7586] loop4: rw=0, sector=13269809, nr_sectors = 1 limit=128
[  128.986644][ T1202] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  128.997390][ T1202] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  129.017548][ T1202] usb 3-1: Product: syz
[  129.021922][ T1202] usb 3-1: Manufacturer: syz
[  129.041704][ T7586] Buffer I/O error on dev loop4, logical block 13269809, async page read
[  129.056285][ T7586] syz.4.515: attempt to access beyond end of device
[  129.056285][ T7586] loop4: rw=0, sector=1157, nr_sectors = 1 limit=128
[  129.070914][ T7586] Buffer I/O error on dev loop4, logical block 1157, async page read
[  129.074848][ T1202] usb 3-1: SerialNumber: syz
[  129.080265][ T7586] syz.4.515: attempt to access beyond end of device
[  129.080265][ T7586] loop4: rw=0, sector=3211264, nr_sectors = 1 limit=128
[  129.100056][ T7586] Buffer I/O error on dev loop4, logical block 3211264, async page read
[  129.113165][ T7593] netlink: 172 bytes leftover after parsing attributes in process `syz.1.518'.
[  129.125686][ T7586] syz.4.515: attempt to access beyond end of device
[  129.125686][ T7586] loop4: rw=0, sector=8768635, nr_sectors = 1 limit=128
[  129.149041][ T7586] Buffer I/O error on dev loop4, logical block 8768635, async page read
[  129.158218][ T7586] syz.4.515: attempt to access beyond end of device
[  129.158218][ T7586] loop4: rw=0, sector=13466417, nr_sectors = 1 limit=128
[  129.172456][ T7586] Buffer I/O error on dev loop4, logical block 13466417, async page read
[  129.182471][ T7586] syz.4.515: attempt to access beyond end of device
[  129.182471][ T7586] loop4: rw=0, sector=209285, nr_sectors = 1 limit=128
[  129.201431][ T7586] Buffer I/O error on dev loop4, logical block 209285, async page read
[  129.210301][ T7586] syz.4.515: attempt to access beyond end of device
[  129.210301][ T7586] loop4: rw=0, sector=8767744, nr_sectors = 1 limit=128
[  129.225902][ T7586] Buffer I/O error on dev loop4, logical block 8767744, async page read
[  129.235441][ T7586] syz.4.515: attempt to access beyond end of device
[  129.235441][ T7586] loop4: rw=0, sector=13269809, nr_sectors = 1 limit=128
[  129.260045][ T7586] Buffer I/O error on dev loop4, logical block 13269809, async page read
[  129.292423][ T7586] syz.4.515: attempt to access beyond end of device
[  129.292423][ T7586] loop4: rw=0, sector=1157, nr_sectors = 1 limit=128
[  129.308913][ T7586] Buffer I/O error on dev loop4, logical block 1157, async page read
[  129.323244][ T7578] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  129.334449][   T29] audit: type=1800 audit(1732604373.827:20): pid=7586 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.515" name="/" dev="loop4" ino=2 res=0 errno=0
[  129.497855][ T5841] sysv_free_block: trying to free block not in datazone
[  129.525738][ T5841] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  129.662595][ T7600] loop3: detected capacity change from 0 to 64
[  129.982348][ T7578] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  130.036892][ T1202] cdc_ncm 3-1:1.1: bind() failure
[  130.271780][ T5911] usb 3-1: USB disconnect, device number 10
[  130.486879][ T7624] loop3: detected capacity change from 0 to 512
[  130.544366][ T7624] EXT4-fs: Ignoring removed oldalloc option
[  130.562622][ T7620] loop1: detected capacity change from 0 to 4096
[  130.571118][ T7624] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  130.652063][ T7624] EXT4-fs (loop3): 1 truncate cleaned up
[  130.676090][ T7624] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  130.763251][   T29] audit: type=1800 audit(1732604375.237:21): pid=7624 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.531" name="file1" dev="loop3" ino=15 res=0 errno=0
[  131.316335][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.333380][ T7622] loop4: detected capacity change from 0 to 32768
[  131.341505][ T7622] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.530 (7622)
[  131.358891][ T7637] loop2: detected capacity change from 0 to 2048
[  131.398844][ T7622] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  131.443137][ T7622] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  131.464006][ T7622] BTRFS info (device loop4): disk space caching is enabled
[  131.500187][ T7622] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  131.617456][ T7650] loop1: detected capacity change from 0 to 128
[  131.649080][ T7626] loop0: detected capacity change from 0 to 32768
[  131.677881][ T7650] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  131.760275][ T7650] ext4 filesystem being mounted at /129/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  131.792897][ T7626] XFS (loop0): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  131.806875][ T7658] loop3: detected capacity change from 0 to 2048
[  131.838151][ T7658] udf: Bad value for 'volume'
[  131.857411][ T7622] BTRFS info (device loop4): rebuilding free space tree
[  131.909792][ T7622] BTRFS info (device loop4): disabling free space tree
[  131.923825][ T7622] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  131.949682][ T7626] XFS (loop0): Ending clean mount
[  131.975512][ T7622] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  132.112736][ T5824] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  132.302722][ T5828] XFS (loop0): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  132.534851][ T5841] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  132.636238][ T7685] loop1: detected capacity change from 0 to 512
[  132.744914][ T7685] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  132.816573][ T7685] EXT4-fs (loop1): 1 truncate cleaned up
[  132.823142][ T7685] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.954500][ T7685] syz.1.547 (pid 7685) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  132.994326][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  133.000475][ T7676] loop3: detected capacity change from 0 to 40427
[  133.000643][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  133.067315][ T7676] F2FS-fs (loop3): Wrong SIT boundary, start(1536) end(50334208) blocks(1024)
[  133.083793][ T7676] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  133.137913][ T7676] F2FS-fs (loop3): invalid crc value
[  133.159854][ T7676] F2FS-fs (loop3): Found nat_bits in checkpoint
[  133.199826][ T5824] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.323024][ T7676] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  133.349961][ T7676] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  133.376569][ T7700] loop1: detected capacity change from 0 to 256
[  133.420609][ T7700] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  133.467614][ T1202] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  133.637296][ T1202] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  133.709004][ T1202] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  133.744490][ T1202] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  133.752675][ T7690] loop2: detected capacity change from 0 to 32768
[  133.777149][ T2120] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  133.797005][ T7705] netlink: 56 bytes leftover after parsing attributes in process `syz.4.552'.
[  133.809471][ T7690] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.548 (7690)
[  133.822854][ T1202] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  133.914231][ T7690] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  133.933237][ T1202] usb 1-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  133.944004][ T7690] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  133.945225][ T1202] usb 1-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  133.960798][ T1202] usb 1-1: Manufacturer: syz
[  133.967479][ T7690] BTRFS info (device loop2): using free-space-tree
[  133.977821][ T1202] usb 1-1: config 0 descriptor??
[  134.384931][ T5826] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  134.447743][ T1202] appleir 0003:05AC:8243.000C: unknown main item tag 0x0
[  134.455698][ T1202] appleir 0003:05AC:8243.000C: No inputs registered, leaving
[  134.639490][ T1202] appleir 0003:05AC:8243.000C: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.0-1/input0
[  134.831017][ T1202] usb 1-1: USB disconnect, device number 7
[  134.866555][ T7738] loop3: detected capacity change from 0 to 8
[  135.126802][ T5829] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  135.294174][ T5829] usb 2-1: Using ep0 maxpacket: 16
[  135.311495][ T5829] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  135.333826][ T5829] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  135.349457][ T5829] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  135.362518][ T5829] usb 2-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice= 0.00
[  135.371629][ T5829] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.385023][ T5829] usb 2-1: config 0 descriptor??
[  135.832637][ T5829] input: HID 0955:7214 Haptics as /devices/virtual/input/input15
[  135.903255][ T5829] shield 0003:0955:7214.000D: Registered Thunderstrike controller
[  135.926588][ T5829] shield 0003:0955:7214.000D: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.1-1/input0
[  136.043972][ T5955] shield 0003:0955:7214.000D: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  136.066332][ T5955] shield 0003:0955:7214.000D: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  136.079060][ T5829] usb 2-1: USB disconnect, device number 3
[  136.095471][ T5955] shield 0003:0955:7214.000D: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  136.106851][ T5955] shield 0003:0955:7214.000D: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  136.424606][ T7770] loop3: detected capacity change from 0 to 1024
[  136.452026][ T7770] EXT4-fs: Ignoring removed mblk_io_submit option
[  136.506084][ T7761] loop0: detected capacity change from 0 to 32768
[  136.525519][ T7761] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.570 (7761)
[  136.542548][ T7770] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  136.588359][ T7761] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  136.616675][ T7761] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  136.674655][ T7761] BTRFS info (device loop0): disk space caching is enabled
[  136.702371][ T7761] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  136.862938][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.909880][ T7796] loop4: detected capacity change from 0 to 1024
[  136.939536][ T7761] BTRFS info (device loop0): rebuilding free space tree
[  136.942790][ T7796] EXT4-fs: Ignoring removed orlov option
[  136.981659][ T7796] EXT4-fs (loop4): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  137.022020][ T7761] BTRFS info (device loop0): disabling free space tree
[  137.042963][ T7761] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  137.052981][ T7761] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  137.235181][ T7796] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.437127][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.487410][ T5828] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  138.386935][ T7842] loop2: detected capacity change from 0 to 2048
[  138.600601][ T7849] loop0: detected capacity change from 0 to 64
[  138.607085][ T5955] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  138.723043][ T7842] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.763833][ T5955] usb 2-1: Using ep0 maxpacket: 8
[  138.784744][ T5955] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  138.809547][ T5955] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  138.821960][ T7842] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  138.877751][ T7854] loop3: detected capacity change from 0 to 128
[  138.885915][ T5955] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  138.896651][ T7842] EXT4-fs (loop2): Remounting filesystem read-only
[  138.913655][ T7842] EXT4-fs (loop2): error restoring inline_data for inode -- potential data loss! (inode 15, error -5)
[  138.914940][ T5955] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  138.926030][ T5955] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  138.926060][ T5955] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.981904][ T7854] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  139.002241][ T7854] ext4 filesystem being mounted at /107/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  139.036304][ T5826] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.153221][ T5825] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  139.184090][ T5910] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  139.194575][ T5955] usb 2-1: GET_CAPABILITIES returned 0
[  139.200093][ T5955] usbtmc 2-1:16.0: can't read capabilities
[  139.353852][ T5910] usb 1-1: Using ep0 maxpacket: 16
[  139.363501][ T5910] usb 1-1: config index 0 descriptor too short (expected 16456, got 72)
[  139.391751][ T5910] usb 1-1: config 0 has an invalid interface number: 125 but max is 1
[  139.412148][ T5910] usb 1-1: config 0 has an invalid interface number: 125 but max is 1
[  139.422264][ T5910] usb 1-1: config 0 has an invalid interface number: 125 but max is 1
[  139.447123][    C0] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  139.453742][ T5910] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2
[  139.456583][    C0] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  139.474625][    C0] vkms_vblank_simulate: vblank timer overrun
[  139.484294][ T5910] usb 1-1: config 0 has no interface number 0
[  139.496886][    C0] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  139.506010][    C0] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  139.510832][ T5910] usb 1-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  139.515087][    C0] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  139.535566][    C0] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  139.545080][    C0] vkms_vblank_simulate: vblank timer overrun
[  139.551080][ T5910] usb 1-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  139.575737][    C0] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  139.584855][    C0] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  139.593927][    C0] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  139.602981][    C0] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  139.612113][    C0] vkms_vblank_simulate: vblank timer overrun
[  139.623840][ T5910] usb 1-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  139.636659][    C0] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  139.645782][    C0] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  139.654874][    C0] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  139.663782][ T5910] usb 1-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  139.663933][    C0] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  139.686406][    C0] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  139.695504][    C0] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  139.704991][    C0] vkms_vblank_simulate: vblank timer overrun
[  139.722525][ T5910] usb 1-1: config 0 interface 125 has no altsetting 0
[  139.729487][ T5910] usb 1-1: config 0 interface 125 has no altsetting 2
[  139.774252][ T5911] usb 2-1: USB disconnect, device number 4
[  139.789079][ T5910] usb 1-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  139.799029][ T5910] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.807261][ T5910] usb 1-1: Product: syz
[  139.811486][ T5910] usb 1-1: Manufacturer: syz
[  139.816163][ T5910] usb 1-1: SerialNumber: syz
[  139.826735][ T5910] usb 1-1: config 0 descriptor??
[  139.836811][ T5910] usb 1-1: selecting invalid altsetting 2
[  140.172087][ T7879] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.610'.
[  140.202970][ T7878] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.610'.
[  140.219557][ T7862] loop2: detected capacity change from 0 to 40427
[  140.237716][ T7862] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x1fffff
[  140.262991][ T7862] F2FS-fs (loop2): Image doesn't support compression
[  140.306519][ T7862] F2FS-fs (loop2): Image doesn't support compression
[  140.313294][ T7862] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x4
[  140.334070][ T7862] F2FS-fs (loop2): invalid crc value
[  140.354984][ T7862] F2FS-fs (loop2): Found nat_bits in checkpoint
[  140.407398][ T7882] syzkaller1: entered promiscuous mode
[  140.412955][ T7882] syzkaller1: entered allmulticast mode
[  140.482370][ T7862] F2FS-fs (loop2): Start checkpoint disabled!
[  140.498770][ T7862] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  140.730815][   T12] bio_check_eod: 5 callbacks suppressed
[  140.730835][   T12] kworker/u8:1: attempt to access beyond end of device
[  140.730835][   T12] loop2: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  140.772009][   T12] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  140.801921][ T7876] loop3: detected capacity change from 0 to 32768
[  140.823219][   T12] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  140.847666][   T12] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  140.870403][ T5955] usb 1-1: USB disconnect, device number 8
[  140.902926][ T7876] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  141.065177][ T7884] loop1: detected capacity change from 0 to 32768
[  141.113123][ T7876] XFS (loop3): Ending clean mount
[  141.306713][ T7884] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=gzip,erasure_code,norecovery,nojournal_transaction_names,reconstruct_alloc
[  141.325491][    C0] vkms_vblank_simulate: vblank timer overrun
[  141.343627][ T7884] bcachefs (loop1): recovering from clean shutdown, journal seq 10
[  141.363030][ T5825] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  141.382997][ T7884] bcachefs (loop1): Version upgrade required:
[  141.382997][ T7884] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  141.382997][ T7884] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots
[  141.382997][ T7884]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance
[  141.389535][ T7910] batadv_slave_1: entered promiscuous mode
[  141.453963][    C0] vkms_vblank_simulate: vblank timer overrun
[  141.454604][ T7884] bcachefs (loop1): dropping and reconstructing all alloc info
[  141.530079][ T7884] bcachefs (loop1): accounting_read...
[  141.534812][ T7909] batadv_slave_1: left promiscuous mode
[  141.547672][ T7884]  done
[  141.550485][ T7884] bcachefs (loop1): alloc_read... done
[  141.568696][ T7884] bcachefs (loop1): stripes_read... done
[  141.574666][ T7884] bcachefs (loop1): snapshots_read... done
[  141.581852][ T7884] bcachefs (loop1): done starting filesystem
[  142.126345][ T5824] bcachefs (loop1): shutting down
[  142.190739][ T5824] bcachefs (loop1): shutdown complete
[  142.272719][ T7902] loop4: detected capacity change from 0 to 40427
[  142.319906][ T7902] F2FS-fs (loop4): build fault injection attr: rate: 694, type: 0x1fffff
[  142.514132][ T7902] F2FS-fs (loop4): invalid crc value
[  142.603385][ T7902] F2FS-fs (loop4): Found nat_bits in checkpoint
[  142.636966][ T7926] loop0: detected capacity change from 0 to 40427
[  142.893983][ T7902] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  142.989216][ T7944] loop2: detected capacity change from 0 to 32768
[  142.997392][ T7944] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.630 (7944)
[  143.008763][ T7902] F2FS-fs (loop4): inject dquot initialize in f2fs_dquot_initialize of f2fs_setattr+0x64a/0x12f0
[  143.038524][ T7944] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  143.038601][ T7926] F2FS-fs (loop0): invalid crc value
[  143.056664][ T7944] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  143.069470][ T7944] BTRFS info (device loop2): using free-space-tree
[  143.071356][ T7926] F2FS-fs (loop0): Found nat_bits in checkpoint
[  143.184713][ T7926] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  143.229549][ T5841] syz-executor: attempt to access beyond end of device
[  143.229549][ T5841] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  143.244932][ T5841] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  143.257256][ T5841] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  143.325070][ T7944] BTRFS info (device loop2): rebuilding free space tree
[  143.452371][ T5828] F2FS-fs (loop0): access invalid blkaddr:2816
[  143.484870][ T5828] CPU: 1 UID: 0 PID: 5828 Comm: syz-executor Not tainted 6.12.0-next-20241126-syzkaller #0
[  143.494902][ T5828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  143.504961][ T5828] Call Trace:
[  143.508233][ T5828]  <TASK>
[  143.511165][ T5828]  dump_stack_lvl+0x241/0x360
[  143.515849][ T5828]  ? __pfx_dump_stack_lvl+0x10/0x10
[  143.521045][ T5828]  ? __pfx_f2fs_get_dnode_of_data+0x10/0x10
[  143.526980][ T5828]  ? validate_chain+0x11e/0x5920
[  143.531950][ T5828]  __f2fs_is_valid_blkaddr+0xe16/0x1460
[  143.537514][ T5828]  f2fs_map_blocks+0xdbc/0x4fa0
[  143.542365][ T5828]  ? mark_lock+0x9a/0x360
[  143.546739][ T5828]  ? __pfx_f2fs_map_blocks+0x10/0x10
[  143.552035][ T5828]  ? xa_load+0x2dd/0x350
[  143.556283][ T5828]  ? __pfx_xa_load+0x10/0x10
[  143.560872][ T5828]  ? cgroup_rstat_updated+0x13b/0xc60
[  143.566257][ T5828]  ? folio_index+0xab/0x350
[  143.571201][ T5828]  f2fs_mpage_readpages+0xc43/0x2090
[  143.576490][ T5828]  ? __lock_acquire+0x1397/0x2100
[  143.581538][ T5828]  ? __pfx_f2fs_mpage_readpages+0x10/0x10
[  143.587262][ T5828]  ? __folio_batch_add_and_move+0x81a/0xf00
[  143.593155][ T5828]  ? __pfx_lock_release+0x10/0x10
[  143.598178][ T5828]  ? rcu_is_watching+0x15/0xb0
[  143.602956][ T5828]  ? f2fs_readahead+0x184/0x340
[  143.607809][ T5828]  read_pages+0x176/0x830
[  143.612146][ T5828]  ? percpu_ref_put+0x19/0x180
[  143.616917][ T5828]  ? __pfx_read_pages+0x10/0x10
[  143.621768][ T5828]  ? filemap_add_folio+0x26d/0x650
[  143.626891][ T5828]  page_cache_ra_unbounded+0x797/0x8c0
[  143.632365][ T5828]  f2fs_readdir+0x5b9/0xbf0
[  143.636868][ T5828]  ? __pfx___might_resched+0x10/0x10
[  143.642597][ T5828]  ? __pfx_f2fs_readdir+0x10/0x10
[  143.647625][ T5828]  ? iterate_dir+0x20c/0x800
[  143.652245][ T5828]  ? fdget_pos+0x254/0x320
[  143.656678][ T5828]  ? __pfx___mutex_lock+0x10/0x10
[  143.661732][ T5828]  ? end_current_label_crit_section+0x151/0x180
[  143.668010][ T5828]  ? common_file_perm+0x1a6/0x210
[  143.673045][ T5828]  iterate_dir+0x571/0x800
[  143.677471][ T5828]  __se_sys_getdents64+0x1e2/0x4b0
[  143.682593][ T5828]  ? __pfx___se_sys_getdents64+0x10/0x10
[  143.688226][ T5828]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  143.694207][ T5828]  ? __pfx_filldir64+0x10/0x10
[  143.698970][ T5828]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  143.705643][ T5828]  ? exc_page_fault+0x590/0x8c0
[  143.710495][ T5828]  ? do_syscall_64+0xb6/0x230
[  143.715169][ T5828]  do_syscall_64+0xf3/0x230
[  143.719671][ T5828]  ? clear_bhb_loop+0x35/0x90
[  143.724352][ T5828]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  143.730244][ T5828] RIP: 0033:0x7f3ab0db09b3
[  143.734666][ T5828] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 72 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  143.754275][ T5828] RSP: 002b:00007ffd63b17018 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  143.762697][ T5828] RAX: ffffffffffffffda RBX: 00005555898e6600 RCX: 00007f3ab0db09b3
[  143.770665][ T5828] RDX: 0000000000008000 RSI: 00005555898e6600 RDI: 0000000000000005
[  143.778638][ T5828] RBP: 00005555898e65d4 R08: 0000000000000000 R09: 0000000000000000
[  143.786612][ T5828] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  143.794582][ T5828] R13: 0000000000000010 R14: 00005555898e65d0 R15: 00007ffd63b192c0
[  143.802561][ T5828]  </TASK>
[  143.869516][ T5828] F2FS-fs (loop0): access invalid blkaddr:2816
[  143.880356][ T5828] CPU: 1 UID: 0 PID: 5828 Comm: syz-executor Not tainted 6.12.0-next-20241126-syzkaller #0
[  143.890376][ T5828] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  143.900452][ T5828] Call Trace:
[  143.904096][ T5828]  <TASK>
[  143.907046][ T5828]  dump_stack_lvl+0x241/0x360
[  143.911753][ T5828]  ? __pfx_dump_stack_lvl+0x10/0x10
[  143.916981][ T5828]  ? __pfx_f2fs_get_dnode_of_data+0x10/0x10
[  143.922902][ T5828]  __f2fs_is_valid_blkaddr+0xe16/0x1460
[  143.928460][ T5828]  f2fs_map_blocks+0xdbc/0x4fa0
[  143.933309][ T5828]  ? mark_lock+0x9a/0x360
[  143.937690][ T5828]  ? __pfx_f2fs_map_blocks+0x10/0x10
[  143.942975][ T5828]  ? xa_load+0x2dd/0x350
[  143.947215][ T5828]  ? __pfx_xa_load+0x10/0x10
[  143.951799][ T5828]  ? cgroup_rstat_updated+0x13b/0xc60
[  143.957181][ T5828]  ? folio_index+0xab/0x350
[  143.961689][ T5828]  f2fs_mpage_readpages+0xc43/0x2090
[  143.966975][ T5828]  ? __lock_acquire+0x1397/0x2100
[  143.972014][ T5828]  ? __pfx_f2fs_mpage_readpages+0x10/0x10
[  143.977734][ T5828]  ? __folio_batch_add_and_move+0x81a/0xf00
[  143.983623][ T5828]  ? __pfx_lock_release+0x10/0x10
[  143.988642][ T5828]  ? rcu_is_watching+0x15/0xb0
[  143.993427][ T5828]  ? f2fs_readahead+0x184/0x340
[  143.998371][ T5828]  read_pages+0x176/0x830
[  144.002701][ T5828]  ? percpu_ref_put+0x19/0x180
[  144.007469][ T5828]  ? __pfx_read_pages+0x10/0x10
[  144.012316][ T5828]  ? filemap_add_folio+0x26d/0x650
[  144.017440][ T5828]  page_cache_ra_unbounded+0x797/0x8c0
[  144.022909][ T5828]  f2fs_readdir+0x5b9/0xbf0
[  144.027413][ T5828]  ? __pfx___might_resched+0x10/0x10
[  144.032708][ T5828]  ? __pfx_f2fs_readdir+0x10/0x10
[  144.037823][ T5828]  ? iterate_dir+0x20c/0x800
[  144.042412][ T5828]  ? fdget_pos+0x254/0x320
[  144.046824][ T5828]  ? __pfx___mutex_lock+0x10/0x10
[  144.051841][ T5828]  ? end_current_label_crit_section+0x151/0x180
[  144.058082][ T5828]  ? common_file_perm+0x1a6/0x210
[  144.063107][ T5828]  iterate_dir+0x571/0x800
[  144.067526][ T5828]  __se_sys_getdents64+0x1e2/0x4b0
[  144.072645][ T5828]  ? __pfx___se_sys_getdents64+0x10/0x10
[  144.078285][ T5828]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  144.084258][ T5828]  ? __pfx_filldir64+0x10/0x10
[  144.089016][ T5828]  ? __pfx_lockdep_hardirqs_on_prepare+0x10/0x10
[  144.095335][ T5828]  ? exc_page_fault+0x590/0x8c0
[  144.100186][ T5828]  ? do_syscall_64+0xb6/0x230
[  144.104858][ T5828]  do_syscall_64+0xf3/0x230
[  144.109352][ T5828]  ? clear_bhb_loop+0x35/0x90
[  144.114026][ T5828]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  144.119912][ T5828] RIP: 0033:0x7f3ab0db09b3
[  144.124322][ T5828] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 72 43 f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  144.143921][ T5828] RSP: 002b:00007ffd63b17018 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  144.152334][ T5828] RAX: ffffffffffffffda RBX: 00005555898e6600 RCX: 00007f3ab0db09b3
[  144.160298][ T5828] RDX: 0000000000008000 RSI: 00005555898e6600 RDI: 0000000000000005
[  144.168262][ T5828] RBP: 00005555898e65d4 R08: 0000000000000000 R09: 0000000000000000
[  144.176226][ T5828] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  144.184191][ T5828] R13: 0000000000000010 R14: 00005555898e65d0 R15: 00007ffd63b192c0
[  144.192167][ T5828]  </TASK>
[  144.197108][ T5828] syz-executor: attempt to access beyond end of device
[  144.197108][ T5828] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  144.254117][ T7944] BTRFS info (device loop2): balance: start -s
[  144.274055][ T7944] BTRFS info (device loop2): left=0, need=98304, flags=2
[  144.281780][ T7944] BTRFS info (device loop2): space_info SYSTEM has 0 free, is not full
[  144.287155][   T11] kworker/u8:0: attempt to access beyond end of device
[  144.287155][   T11] loop0: rw=2049, sector=40960, nr_sectors = 24 limit=40427
[  144.290545][ T7944] BTRFS info (device loop2): space_info total=4194304, used=4096, pinned=0, reserved=0, may_use=0, readonly=4190208 zone_unusable=0
[  144.304240][   T11] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  144.304491][   T11] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  144.318172][ T7944] BTRFS info (device loop2): global_block_rsv: size 1441792 reserved 1441792
[  144.324945][   T11] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  144.347995][ T7944] BTRFS info (device loop2): trans_block_rsv: size 0 reserved 0
[  144.355774][ T7944] BTRFS info (device loop2): chunk_block_rsv: size 0 reserved 0
[  144.363455][ T7944] BTRFS info (device loop2): delayed_block_rsv: size 0 reserved 0
[  144.371366][ T7944] BTRFS info (device loop2): delayed_refs_rsv: size 0 reserved 0
[  144.384865][ T7944] BTRFS info (device loop2): relocating block group 1048576 flags system
[  144.470575][ T7970] loop3: detected capacity change from 0 to 512
[  144.514507][ T7970] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  144.559502][ T7944] BTRFS info (device loop2): balance: ended with status: 0
[  144.572367][ T7970] EXT4-fs (loop3): 1 truncate cleaned up
[  144.605772][ T7970] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  144.740635][ T7977] EXT4-fs error (device loop3): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.3.634: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  144.838123][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.219750][ T5826] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  145.550582][ T7984] loop3: detected capacity change from 0 to 8192
[  145.786758][ T5836] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  145.800601][ T5836] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  145.813863][ T5836] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  145.833955][ T5836] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  145.846930][ T5836] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  145.856154][ T5836] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  145.976512][ T7997] loop3: detected capacity change from 0 to 64
[  146.016955][   T53] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  146.033348][   T53] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  146.046803][   T53] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  146.068562][ T7999] loop2: detected capacity change from 0 to 2048
[  146.106494][   T53] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  146.153125][   T53] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  146.161561][   T53] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  146.274661][ T7999] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.372563][ T7988] loop1: detected capacity change from 0 to 32768
[  146.432482][ T5826] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.435831][ T7994] chnl_net:caif_netlink_parms(): no params data found
[  146.581182][ T7988] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  146.640712][ T7988] XFS (loop1): Starting recovery (logdev: internal)
[  146.684499][ T7988] XFS (loop1): Ending recovery (logdev: internal)
[  146.809760][ T7994] bridge0: port 1(bridge_slave_0) entered blocking state
[  146.830162][ T7994] bridge0: port 1(bridge_slave_0) entered disabled state
[  146.866080][ T7994] bridge_slave_0: entered allmulticast mode
[  146.884388][ T7994] bridge_slave_0: entered promiscuous mode
[  146.892962][ T5824] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  146.905118][ T7994] bridge0: port 2(bridge_slave_1) entered blocking state
[  146.912235][ T7994] bridge0: port 2(bridge_slave_1) entered disabled state
[  146.945763][ T7994] bridge_slave_1: entered allmulticast mode
[  146.959347][ T7994] bridge_slave_1: entered promiscuous mode
[  147.268770][ T7994] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  147.301751][ T7994] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  147.437583][ T8046] loop3: detected capacity change from 0 to 256
[  147.486617][ T7994] team0: Port device team_slave_0 added
[  147.531871][ T7994] team0: Port device team_slave_1 added
[  147.685320][ T7994] batman_adv: batadv0: Adding interface: batadv_slave_0
[  147.692313][ T7994] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  147.753988][ T7994] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  148.264657][ T5836] Bluetooth: hci2: command tx timeout
[  148.284582][ T7994] batman_adv: batadv0: Adding interface: batadv_slave_1
[  148.291566][ T7994] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  148.320268][ T7994] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  148.360229][ T8066] loop2: detected capacity change from 0 to 256
[  148.424340][ T8066] Process accounting resumed
[  148.426945][ T7994] hsr_slave_0: entered promiscuous mode
[  148.430372][ T8066] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  148.474302][ T7994] hsr_slave_1: entered promiscuous mode
[  148.491020][ T7994] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  148.494499][ T8066] FAT-fs (loop2): Filesystem has been set read-only
[  148.528554][ T8066] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  148.541576][ T7994] Cannot create hsr debugfs directory
[  148.653268][ T8058] loop4: detected capacity change from 0 to 32768
[  148.696886][ T8058] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.663 (8058)
[  148.769312][ T8058] BTRFS info (device loop4): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  148.819515][ T8058] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  148.839383][ T8058] BTRFS info (device loop4): using free-space-tree
[  149.047962][ T7994] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  149.294305][ T8086] loop3: detected capacity change from 0 to 32768
[  149.360261][ T7994] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  149.376356][ T8086] JBD2: Ignoring recovery information on journal
[  149.430030][ T7994] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  149.502639][ T7994] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  149.534097][ T8086] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  149.646764][ T7994] 8021q: adding VLAN 0 to HW filter on device bond0
[  149.674324][ T7994] 8021q: adding VLAN 0 to HW filter on device team0
[  149.678313][   T29] audit: type=1800 audit(1732604394.137:22): pid=8086 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.672" name="file1" dev="loop3" ino=16946 res=0 errno=0
[  149.702629][ T7994] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  149.713483][ T7994] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  149.731029][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.738195][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  149.772308][   T29] audit: type=1800 audit(1732604394.147:23): pid=8086 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.672" name="file1" dev="loop3" ino=16946 res=0 errno=0
[  149.796231][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  149.803384][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  149.900907][ T5825] ocfs2: Unmounting device (7,3) on (node local)
[  150.035711][ T5841] BTRFS info (device loop4): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  150.107490][ T7994] 8021q: adding VLAN 0 to HW filter on device batadv0
[  150.277047][ T8106] loop1: detected capacity change from 0 to 32768
[  150.301840][ T8106] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.675 (8106)
[  150.363864][ T5836] Bluetooth: hci2: command tx timeout
[  150.427335][ T8106] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  150.467611][ T8106] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[  150.484521][ T8106] BTRFS info (device loop1): disk space caching is enabled
[  150.502084][ T8106] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  150.887627][ T8117] loop3: detected capacity change from 0 to 32768
[  151.101959][ T8113] loop2: detected capacity change from 0 to 32768
[  151.115729][ T7994] veth0_vlan: entered promiscuous mode
[  151.115812][ T8106] BTRFS info (device loop1): rebuilding free space tree
[  151.128700][ T7994] veth1_vlan: entered promiscuous mode
[  151.151227][ T7994] veth0_macvtap: entered promiscuous mode
[  151.160988][ T7994] veth1_macvtap: entered promiscuous mode
[  151.179027][ T7994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  151.185188][ T8106] BTRFS info (device loop1): disabling free space tree
[  151.189628][ T7994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  151.207143][ T7994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  151.224212][ T8106] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  151.232238][ T7994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  151.264713][ T8106] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  151.275899][ T8117] XFS (loop3): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  151.284800][ T8113] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  151.307210][ T7994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  151.318104][ T7994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  151.328941][ T7994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  151.339719][ T7994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  151.350597][ T7994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  151.361968][ T7994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  151.383867][ T7994] batman_adv: batadv0: Interface activated: batadv_slave_0
[  151.415976][ T7994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  151.426519][ T7994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  151.436439][ T7994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  151.446958][ T7994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  151.456965][ T7994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  151.467518][ T7994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  151.477395][ T7994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  151.487942][ T7994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  151.497887][ T7994] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  151.508408][ T7994] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  151.519344][ T7994] batman_adv: batadv0: Interface activated: batadv_slave_1
[  151.529243][ T7994] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  151.535107][ T8113] XFS (loop2): Starting recovery (logdev: internal)
[  151.538087][ T7994] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  151.547806][ T8117] XFS (loop3): Ending clean mount
[  151.553476][ T7994] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  151.567469][ T7994] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  151.619792][ T8113] XFS (loop2): Ending recovery (logdev: internal)
[  151.734451][ T8113] XFS (loop2): User initiated shutdown received.
[  151.757924][ T8113] XFS (loop2): Log I/O Error (0x6) detected at xfs_fs_goingdown+0xe2/0x160 (fs/xfs/xfs_fsops.c:453).  Shutting down filesystem.
[  151.811001][ T5825] XFS (loop3): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  151.819745][ T8113] XFS (loop2): Please unmount the filesystem and rectify the problem(s)
[  151.855469][ T5824] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  151.861516][ T8119] loop4: detected capacity change from 0 to 40427
[  151.894481][ T8119] F2FS-fs (loop4): build fault injection attr: rate: 694, type: 0x1fffff
[  151.910032][ T8119] F2FS-fs (loop4): invalid crc value
[  151.965649][ T6057] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  151.973504][ T6057] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  151.978551][ T5891] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  151.989126][ T5891] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  152.000745][ T5826] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  152.015428][ T8119] F2FS-fs (loop4): Found nat_bits in checkpoint
[  152.255294][ T8119] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  152.433982][ T5836] Bluetooth: hci2: command tx timeout
[  152.496406][ T8119] F2FS-fs (loop4): inject dquot initialize in f2fs_dquot_initialize of f2fs_setxattr+0x148/0x390
[  152.707664][ T5841] syz-executor: attempt to access beyond end of device
[  152.707664][ T5841] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  152.742719][ T5841] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  152.819731][ T8163] loop1: detected capacity change from 0 to 32768
[  152.881256][ T8163] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.679 (8163)
[  152.966599][ T8163] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  152.977212][ T8163] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  152.986080][ T8163] BTRFS info (device loop1): using free-space-tree
[  153.465830][ T8202] loop5: detected capacity change from 0 to 128
[  153.538992][ T8202] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  153.681884][   T29] audit: type=1800 audit(1732604398.167:24): pid=8163 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.679" name="bus" dev="loop1" ino=263 res=0 errno=0
[  153.760112][   T29] audit: type=1800 audit(1732604398.197:25): pid=8163 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.679" name="bus" dev="loop1" ino=263 res=0 errno=0
[  153.875961][ T2151] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  153.944812][ T7994] UDF-fs: error (device loop5): udf_read_inode: (ino 114) failed !bh
[  153.967993][ T7994] UDF-fs: error (device loop5): udf_read_inode: (ino 114) failed !bh
[  154.003308][ T5824] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  154.058578][ T2151] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  154.085870][ T2151] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  154.095875][ T2151] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  154.109716][ T2151] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  154.119321][ T2151] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.131193][ T2151] usb 5-1: config 0 descriptor??
[  154.201204][ T8187] loop2: detected capacity change from 0 to 32768
[  154.222865][ T8187] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.687 (8187)
[  154.282945][ T8187] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  154.308023][ T8187] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  154.348744][ T8187] BTRFS info (device loop2): using free-space-tree
[  154.576425][ T2151] plantronics 0003:047F:FFFF.000E: No inputs registered, leaving
[  154.589811][ T2151] plantronics 0003:047F:FFFF.000E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  154.760958][ T5826] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  154.895541][ T2151] usb 5-1: USB disconnect, device number 6
[  154.996685][ T8241] loop1: detected capacity change from 0 to 64
[  155.153848][ T8241] hfs: request for non-existent node 1573 in B*Tree
[  155.171758][ T8241] hfs: request for non-existent node 1573 in B*Tree
[  155.313587][ T6057] hfs: request for non-existent node 1573 in B*Tree
[  155.322050][ T6057] hfs: request for non-existent node 1573 in B*Tree
[  155.386706][ T8248] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  155.913886][   T25] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  155.926928][ T6057] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  155.972791][ T8266] netlink: 20 bytes leftover after parsing attributes in process `syz.3.712'.
[  155.994409][ T8268] netlink: 'syz.4.711': attribute type 10 has an invalid length.
[  156.077855][   T25] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  156.088993][ T6057] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.111387][   T25] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  156.132804][   T25] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  156.150349][   T25] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  156.168663][   T25] usb 3-1: SerialNumber: syz
[  156.236000][ T6057] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.293303][ T8275] loop3: detected capacity change from 0 to 128
[  156.422827][   T25] usb 3-1: 0:2 : does not exist
[  156.439523][ T6057] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  156.804536][ T6057] bridge_slave_1: left allmulticast mode
[  156.826855][ T6057] bridge_slave_1: left promiscuous mode
[  156.860554][ T5910] usb 3-1: USB disconnect, device number 11
[  156.871149][ T6057] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.915586][   T53] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  156.928997][   T53] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  156.943271][   T53] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  156.956920][   T53] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  156.968059][   T53] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  156.978195][   T53] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  157.051440][ T8294] netlink: 8 bytes leftover after parsing attributes in process `syz.1.723'.
[  157.069179][ T6057] bridge_slave_0: left allmulticast mode
[  157.077529][ T6057] bridge_slave_0: left promiscuous mode
[  157.086362][ T6057] bridge0: port 1(bridge_slave_0) entered disabled state
[  157.175945][ T7183] udevd[7183]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  157.902254][ T5910] kernel write not supported for file bpf-prog (pid: 5910 comm: kworker/1:5)
[  157.912611][ T6057] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  157.940102][ T6057] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  157.951378][ T6057] bond0 (unregistering): Released all slaves
[  159.065370][ T5836] Bluetooth: hci2: command tx timeout
[  159.148597][ T6057] hsr_slave_0: left promiscuous mode
[  159.178891][ T6057] hsr_slave_1: left promiscuous mode
[  159.186872][ T8318] loop2: detected capacity change from 0 to 32768
[  159.187226][ T8350] loop1: detected capacity change from 0 to 256
[  159.205165][ T6057] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  159.213196][ T6057] batman_adv: batadv0: Removing interface: batadv_slave_0
[  159.253416][ T6057] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  159.261874][ T8350] exFAT-fs (loop1): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d)
[  159.262620][ T8318] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  159.299414][ T6057] batman_adv: batadv0: Removing interface: batadv_slave_1
[  159.352073][ T6057] veth1_macvtap: left promiscuous mode
[  159.374769][ T6057] veth0_macvtap: left promiscuous mode
[  159.380391][ T6057] veth1_vlan: left promiscuous mode
[  159.421705][ T6057] veth0_vlan: left promiscuous mode
[  159.456841][ T5826] ocfs2: Unmounting device (7,2) on (node local)
[  160.126908][ T8371] loop2: detected capacity change from 0 to 4096
[  160.533090][ T8373] loop2: detected capacity change from 0 to 4096
[  160.559109][ T8373] NILFS (loop2): invalid segment: Checksum error in segment payload
[  160.587839][ T8373] NILFS (loop2): trying rollback from an earlier position
[  160.619244][ T8373] NILFS (loop2): recovery complete
[  160.653949][ T8374] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  160.696662][ T6057] team0 (unregistering): Port device team_slave_1 removed
[  160.792173][ T8369] loop1: detected capacity change from 0 to 40427
[  160.808009][ T6057] team0 (unregistering): Port device team_slave_0 removed
[  160.838953][ T8369] F2FS-fs (loop1): invalid crc value
[  160.853667][ T8369] F2FS-fs (loop1): Found nat_bits in checkpoint
[  160.986861][ T8369] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  161.151529][ T5836] Bluetooth: hci2: command tx timeout
[  161.536562][ T8379] loop2: detected capacity change from 0 to 32768
[  161.560024][ T8379] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.750 (8379)
[  161.608206][ T8379] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  161.633097][ T8379] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  161.655676][ T8379] BTRFS info (device loop2): using free-space-tree
[  161.684776][ T8383] netlink: 'syz.1.752': attribute type 41 has an invalid length.
[  161.714104][ T8383] netlink: 8 bytes leftover after parsing attributes in process `syz.1.752'.
[  161.994488][ T5826] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  162.376595][ T8290] chnl_net:caif_netlink_parms(): no params data found
[  162.814333][ T8290] bridge0: port 1(bridge_slave_0) entered blocking state
[  162.834389][ T8290] bridge0: port 1(bridge_slave_0) entered disabled state
[  162.870366][ T8290] bridge_slave_0: entered allmulticast mode
[  162.870519][ T8428] [U] 
[  162.893629][ T8290] bridge_slave_0: entered promiscuous mode
[  162.904001][ T8428] [U] 
[  162.906739][ T8428] [U] 
[  162.909444][ T8428] [U] 
[  162.919605][ T8290] bridge0: port 2(bridge_slave_1) entered blocking state
[  162.932376][ T8290] bridge0: port 2(bridge_slave_1) entered disabled state
[  162.948254][ T8290] bridge_slave_1: entered allmulticast mode
[  162.955866][ T8428] [U] 
[  162.958613][ T8428] [U] 
[  162.961326][ T8428] [U] 
[  162.964026][ T8428] [U] 
[  163.000637][ T8290] bridge_slave_1: entered promiscuous mode
[  163.022030][ T8425] loop4: detected capacity change from 0 to 4096
[  163.031528][ T8428] [U] 
[  163.034277][ T8428] [U] 
[  163.036976][ T8428] [U] 
[  163.072130][ T8425] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512).
[  163.118511][ T8427] [U] 
[  163.131334][ T8431] loop3: detected capacity change from 0 to 1024
[  163.210213][ T8290] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  163.223877][ T5836] Bluetooth: hci2: command tx timeout
[  163.238170][ T8290] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  163.261945][ T8425] ntfs3(loop4): Failed to initialize $Extend/$ObjId.
[  163.362539][ T8290] team0: Port device team_slave_0 added
[  163.393345][ T8290] team0: Port device team_slave_1 added
[  163.632494][ T8290] batman_adv: batadv0: Adding interface: batadv_slave_0
[  163.656876][ T8290] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  163.722538][ T8290] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  163.761443][ T8290] batman_adv: batadv0: Adding interface: batadv_slave_1
[  163.791058][ T8290] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  163.830863][ T8290] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  164.048127][ T8290] hsr_slave_0: entered promiscuous mode
[  164.062657][ T8290] hsr_slave_1: entered promiscuous mode
[  164.112679][ T8290] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  164.143931][ T8290] Cannot create hsr debugfs directory
[  164.808993][ T8290] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  164.860327][ T8290] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  164.918939][ T8290] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  164.954973][ T8290] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  164.977592][ T8488] loop2: detected capacity change from 0 to 128
[  165.019376][ T8488] EXT4-fs: Ignoring removed nobh option
[  165.112160][ T8488] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  165.239115][ T8488] ext4 filesystem being mounted at /168/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  165.304924][ T5836] Bluetooth: hci2: command tx timeout
[  165.338253][ T8290] 8021q: adding VLAN 0 to HW filter on device bond0
[  165.400615][ T8458] loop3: detected capacity change from 0 to 32768
[  165.432482][ T8290] 8021q: adding VLAN 0 to HW filter on device team0
[  165.458514][ T5891] bridge0: port 1(bridge_slave_0) entered blocking state
[  165.465695][ T5891] bridge0: port 1(bridge_slave_0) entered forwarding state
[  165.497836][ T8458] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  165.544245][ T5891] bridge0: port 2(bridge_slave_1) entered blocking state
[  165.551424][ T5891] bridge0: port 2(bridge_slave_1) entered forwarding state
[  165.555103][ T5826] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  165.601538][ T8461] loop1: detected capacity change from 0 to 32768
[  165.810924][ T8461] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  165.886661][ T8524] loop2: detected capacity change from 0 to 1024
[  165.898781][ T8524] EXT4-fs: Ignoring removed oldalloc option
[  165.913328][ T8524] EXT4-fs: inline encryption not supported
[  165.949667][ T8524] EXT4-fs (loop2): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  165.985986][ T8461] XFS (loop1): Ending clean mount
[  166.014458][ T5825] ocfs2: Unmounting device (7,3) on (node local)
[  166.056272][ T8524] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.112717][ T8535] loop4: detected capacity change from 0 to 128
[  166.119495][ T8290] 8021q: adding VLAN 0 to HW filter on device batadv0
[  166.197722][ T8524] EXT4-fs: Ignoring removed orlov option
[  166.246733][ T8524] EXT4-fs (loop2): can't enable nombcache during remount
[  166.252652][ T8535] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  166.295927][ T5824] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  166.298293][ T8535] ext4 filesystem being mounted at /146/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  166.430713][ T5826] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.625023][ T5841] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  166.719955][ T8552] syz.2.785: attempt to access beyond end of device
[  166.719955][ T8552] nbd2: rw=4096, sector=0, nr_sectors = 1 limit=0
[  166.733032][ T8552] XFS (nbd2): SB validate failed with error -5.
[  166.919568][ T8571] loop2: detected capacity change from 0 to 1024
[  167.028479][ T8571] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.100156][ T8290] veth0_vlan: entered promiscuous mode
[  167.110544][ T8571] overlayfs: failed to clone upperpath
[  167.111857][ T8290] veth1_vlan: entered promiscuous mode
[  167.142020][ T8290] veth0_macvtap: entered promiscuous mode
[  167.150926][ T8290] veth1_macvtap: entered promiscuous mode
[  167.164798][ T8290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  167.175330][ T8290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.185189][ T8290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  167.195683][ T8290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.205548][ T8290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  167.216051][ T8290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.226069][ T8290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  167.236552][ T8290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.246461][ T8290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  167.257035][ T8290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.268549][ T8290] batman_adv: batadv0: Interface activated: batadv_slave_0
[  167.278155][ T8290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  167.288752][ T8290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.298651][ T8290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  167.309440][ T8290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.319336][ T8290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  167.330041][ T8290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.339988][ T8290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  167.350497][ T8290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.360489][ T8290] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  167.370980][ T8290] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  167.381885][ T8290] batman_adv: batadv0: Interface activated: batadv_slave_1
[  167.455972][ T8290] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  167.465567][ T8290] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  167.482505][ T8290] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  167.535812][ T5878] kernel read not supported for file /rfkill (pid: 5878 comm: kworker/0:4)
[  167.549347][ T8290] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  167.635535][ T5826] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.842253][ T8595] loop3: detected capacity change from 0 to 1024
[  167.865638][ T8595] EXT4-fs: Ignoring removed orlov option
[  167.907156][   T69] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  167.927479][ T8595] EXT4-fs (loop3): Test dummy encryption mode enabled
[  167.951351][   T69] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  168.034481][ T8595] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  168.071587][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  168.095684][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  168.240421][ T8609] loop2: detected capacity change from 0 to 764
[  168.337995][ T8613] netlink: 68 bytes leftover after parsing attributes in process `syz.1.800'.
[  168.396661][ T8595] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[  168.576282][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.249197][ T8620] loop6: detected capacity change from 0 to 40427
[  169.265181][ T8620] F2FS-fs (loop6): Insane cp_payload (553648128 >= 504)
[  169.272382][ T8620] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  169.283096][ T8620] F2FS-fs (loop6): build fault injection attr: rate: 17008, type: 0x1fffff
[  169.288343][ T8647] 9pnet: p9_errstr2errno: server reported unknown error á~zxª
[  169.292816][ T8620] F2FS-fs (loop6): build fault injection attr: rate: 0, type: 0x6
[  169.309940][ T8620] F2FS-fs (loop6): invalid crc value
[  169.360461][ T8620] F2FS-fs (loop6): Found nat_bits in checkpoint
[  169.516582][ T8620] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  169.533787][ T8620] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  169.687897][ T8663] ksmbd: Unknown IPC event: 3, ignore.
[  169.729270][ T8666] loop3: detected capacity change from 0 to 128
[  169.748061][ T8666] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  169.798964][ T8666] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  169.828653][ T8290] syz-executor: attempt to access beyond end of device
[  169.828653][ T8290] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  169.910530][ T8290] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  170.075641][ T2120] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  170.249744][   T53] Bluetooth: hci5: sending frame failed (-49)
[  170.266113][ T5836] Bluetooth: hci5: Opcode 0x1003 failed: -49
[  170.970751][ T8702] loop6: detected capacity change from 0 to 512
[  170.988075][ T8702] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  171.040845][ T8702] EXT4-fs (loop6): 1 truncate cleaned up
[  171.054459][ T8702] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.208275][ T8650] loop2: detected capacity change from 0 to 65536
[  171.275715][ T8650] XFS (loop2): Mounting V5 Filesystem 6653b971-41ab-480a-bd7b-5ff79b9409b5
[  171.313033][ T8290] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.566074][ T8738] loop1: detected capacity change from 0 to 64
[  171.582802][ T8650] XFS (loop2): Ending clean mount
[  172.547705][ T2151] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  172.646759][ T8747] loop6: detected capacity change from 0 to 32768
[  172.710407][ T8747] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  172.719543][ T2151] usb 4-1: Using ep0 maxpacket: 8
[  172.727354][ T2151] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  172.737151][ T2151] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  172.750744][ T2151] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  172.763225][ T2151] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  172.781943][ T2151] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  172.795850][ T2151] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  172.805812][ T2151] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.823579][ T8747] XFS (loop6): Ending clean mount
[  172.855743][ T8747] XFS (loop6): Quotacheck needed: Please wait.
[  172.902345][ T5826] XFS (loop2): Unmounting Filesystem 6653b971-41ab-480a-bd7b-5ff79b9409b5
[  172.921523][ T8747] XFS (loop6): Quotacheck: Done.
[  173.053896][ T2151] usb 4-1: GET_CAPABILITIES returned 0
[  173.059482][ T2151] usbtmc 4-1:16.0: can't read capabilities
[  173.125868][ T8290] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  173.271438][ T2151] usb 4-1: USB disconnect, device number 8
[  173.554784][ T8798] loop2: detected capacity change from 0 to 256
[  173.652670][ T8798] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x72684843, utbl_chksum : 0xe619d30d)
[  173.709975][ T8806] loop6: detected capacity change from 0 to 2048
[  173.765573][ T8806] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.820485][ T8806] EXT4-fs (loop6): shut down requested (2)
[  173.892988][ T8290] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.263861][ T5836] Bluetooth: hci2: command tx timeout
[  175.262795][ T8835] loop3: detected capacity change from 0 to 32768
[  175.319239][ T8835] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  175.498786][   T29] audit: type=1800 audit(1732604419.977:26): pid=8835 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.859" name="file1" dev="loop3" ino=17058 res=0 errno=0
[  175.537093][ T8842] loop4: detected capacity change from 0 to 40427
[  175.566561][   T29] audit: type=1800 audit(1732604420.007:27): pid=8835 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.859" name="file1" dev="loop3" ino=17058 res=0 errno=0
[  175.593791][ T8842] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[  175.602059][ T8853] proc: Unknown parameter 'gi0xffffffffffffffff'
[  175.609399][ T8842] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  175.626047][ T8842] F2FS-fs (loop4): build fault injection attr: rate: 17008, type: 0x1fffff
[  175.630142][ T5825] ocfs2: Unmounting device (7,3) on (node local)
[  175.704455][ T8842] F2FS-fs (loop4): build fault injection attr: rate: 0, type: 0x6
[  175.747727][ T8842] F2FS-fs (loop4): invalid crc value
[  175.786026][ T8842] F2FS-fs (loop4): Found nat_bits in checkpoint
[  175.998072][ T8865] loop6: detected capacity change from 0 to 128
[  176.008790][ T8848] loop2: detected capacity change from 0 to 40427
[  176.018612][ T8848] F2FS-fs (loop2): invalid crc value
[  176.025998][ T8842] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  176.033139][ T8842] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  176.042733][ T8848] F2FS-fs (loop2): Found nat_bits in checkpoint
[  176.142934][ T8842] syz.4.863: attempt to access beyond end of device
[  176.142934][ T8842] loop4: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  176.165488][ T8842] syz.4.863: attempt to access beyond end of device
[  176.165488][ T8842] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  176.174075][ T8865] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  176.182614][ T8842] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  176.213989][ T8848] F2FS-fs (loop2): Start checkpoint disabled!
[  176.244570][ T8865] ext4 filesystem being mounted at /11/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  176.284879][ T8848] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  176.441583][ T8290] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  176.638799][ T6057] kworker/u8:8: attempt to access beyond end of device
[  176.638799][ T6057] loop2: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  176.673807][ T6057] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  176.680742][ T6057] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  176.853159][ T8880] loop6: detected capacity change from 0 to 2048
[  176.867903][ T8880] UDF-fs: error (device loop6): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  176.882152][ T8870] loop3: detected capacity change from 0 to 32768
[  176.883421][ T8880] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  177.010109][ T8870] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  177.100344][   T29] audit: type=1800 audit(1732604421.587:28): pid=8870 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.872" name="bus" dev="loop3" ino=17058 res=0 errno=0
[  177.469772][ T5825] ocfs2: Unmounting device (7,3) on (node local)
[  177.739831][ T8901] loop3: detected capacity change from 0 to 2048
[  177.747405][ T8901] EXT4-fs: Ignoring removed i_version option
[  177.792927][ T8901] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  177.808995][ T8888] loop6: detected capacity change from 0 to 32768
[  177.860516][   T29] audit: type=1800 audit(1732604422.347:29): pid=8888 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.879" name="file2" dev="loop6" ino=5 res=0 errno=0
[  177.954453][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.154099][    T8] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  178.308869][    T8] usb 5-1: Using ep0 maxpacket: 32
[  178.333009][    T8] usb 5-1: config index 0 descriptor too short (expected 156, got 27)
[  178.342393][    T8] usb 5-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  178.378708][    T8] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  178.413806][    T8] usb 5-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 59391, setting to 1024
[  178.433744][    T8] usb 5-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  178.472300][ T8919] loop2: detected capacity change from 0 to 64
[  178.479988][    T8] usb 5-1: config 0 interface 0 has no altsetting 0
[  178.509543][    T8] usb 5-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  178.523736][    T8] usb 5-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  178.542399][    T8] usb 5-1: Product: syz
[  178.552525][    T8] usb 5-1: Manufacturer: syz
[  178.566481][    T8] usb 5-1: SerialNumber: syz
[  178.587902][    T8] usb 5-1: config 0 descriptor??
[  178.594089][ T8903] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  178.607429][    T8] ldusb 5-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  178.684035][    T8] ldusb 5-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  178.692705][ T8923] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  179.237141][ T5829] usb 5-1: USB disconnect, device number 7
[  179.255197][ T5829] ldusb 5-1:0.0: LD USB Device #0 now disconnected
[  179.966431][ T8967] loop6: detected capacity change from 0 to 64
[  180.024117][ T8967] hfs: request for non-existent node 131072 in B*Tree
[  180.031492][ T8967] hfs: request for non-existent node 131072 in B*Tree
[  180.615699][ T8954] loop3: detected capacity change from 0 to 32768
[  180.636672][ T8954] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.899 (8954)
[  180.661066][ T8954] BTRFS info (device loop3 state S): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  180.672598][ T8954] BTRFS info (device loop3 state S): using crc32c (crc32c-intel) checksum algorithm
[  180.682293][ T8954] BTRFS info (device loop3 state S): using free-space-tree
[  180.823492][ T8971] loop6: detected capacity change from 0 to 40427
[  180.842428][ T8984] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6gre0, syncid = 1, id = 0
[  180.870407][ T8979] IPVS: stopping master sync thread 8984 ...
[  180.873957][ T8971] F2FS-fs (loop6): Insane cp_payload (553648128 >= 504)
[  180.904072][ T8971] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  180.920692][ T8971] F2FS-fs (loop6): build fault injection attr: rate: 17008, type: 0x1fffff
[  180.938366][ T8971] F2FS-fs (loop6): build fault injection attr: rate: 0, type: 0x6
[  180.957342][ T8971] F2FS-fs (loop6): invalid crc value
[  180.969339][ T8353] BTRFS warning (device loop3 state S): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0xbeadaddc level 0, ignored
[  180.989936][   T12] BTRFS warning (device loop3 state S): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0x32c165c1 level 0, ignored
[  181.004567][ T8983] loop4: detected capacity change from 0 to 1024
[  181.046231][ T8971] F2FS-fs (loop6): Found nat_bits in checkpoint
[  181.049555][ T8983] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  181.164007][ T8971] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  181.179747][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.193871][ T8971] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  181.227290][ T5825] BTRFS info (device loop3 state S): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  181.390472][ T8971] F2FS-fs (loop6): Unexpected flush for atomic writes: ino=10, npages=1
[  181.420741][ T8971] syz.6.907: attempt to access beyond end of device
[  181.420741][ T8971] loop6: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  181.576397][ T8290] syz-executor: attempt to access beyond end of device
[  181.576397][ T8290] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  181.591453][ T8290] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  181.849816][ T9020] netlink: 24 bytes leftover after parsing attributes in process `syz.4.918'.
[  182.220554][ T9032] Process accounting resumed
[  182.546307][ T9051] block nbd3: NBD_DISCONNECT
[  182.568253][ T9051] block nbd3: Send disconnect failed -22
[  182.583017][ T9054] loop6: detected capacity change from 0 to 512
[  182.610982][ T9045] block nbd3: Disconnected due to user request.
[  182.633878][ T9045] block nbd3: shutting down sockets
[  182.644894][ T9054] EXT4-fs: Ignoring removed bh option
[  182.726162][ T9054] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  182.815600][ T9054] EXT4-fs (loop6): 1 truncate cleaned up
[  182.840979][ T9054] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  183.175986][ T8290] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.342566][   T29] audit: type=1326 audit(1732604427.827:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9086 comm="syz.3.935" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f32a897e819 code=0x0
[  183.758061][ T9100] loop2: detected capacity change from 0 to 256
[  183.785000][ T9100] vfat: Bad value for 'fmask'
[  184.061524][ T9084] loop4: detected capacity change from 0 to 32768
[  184.145501][ T9084] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  184.263862][    T8] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  184.349128][ T9084] XFS (loop4): Ending clean mount
[  184.434947][ T9084] XFS (loop4): Quotacheck needed: Please wait.
[  184.553593][    T8] usb 2-1: config index 0 descriptor too short (expected 45, got 36)
[  184.562041][    T8] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  184.573831][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  184.585224][    T8] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  184.596609][    T8] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  184.609744][    T8] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  184.619103][    T8] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.645149][    T8] usb 2-1: config 0 descriptor??
[  184.651208][ T9111] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  184.709012][ T9084] XFS (loop4): Quotacheck: Done.
[  184.793932][ T9084] XFS (loop4): User initiated shutdown received.
[  184.800380][ T9084] XFS (loop4): Log I/O Error (0x6) detected at xfs_fs_goingdown+0xe2/0x160 (fs/xfs/xfs_fsops.c:453).  Shutting down filesystem.
[  184.836269][ T9084] XFS (loop4): Please unmount the filesystem and rectify the problem(s)
[  184.967005][ T5841] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  185.057456][ T9160] loop2: detected capacity change from 0 to 1024
[  185.069981][    T8] plantronics 0003:047F:FFFF.000F: unknown main item tag 0xd
[  185.079462][    T8] plantronics 0003:047F:FFFF.000F: No inputs registered, leaving
[  185.183831][ T1202] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  185.224190][    T8] plantronics 0003:047F:FFFF.000F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  185.355621][ T1202] usb 4-1: Using ep0 maxpacket: 32
[  185.361095][    T8] usb 2-1: USB disconnect, device number 5
[  185.394730][ T1202] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  185.443863][ T1202] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  185.499237][ T1202] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  185.530344][ T9170] input: syz0 as /devices/virtual/input/input17
[  185.561692][ T1202] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.600720][ T1202] usb 4-1: config 0 descriptor??
[  185.625578][ T1202] hub 4-1:0.0: USB hub found
[  185.829239][ T1202] hub 4-1:0.0: 1 port detected
[  186.044243][ T1202] hub 4-1:0.0: hub_hub_status failed (err = -71)
[  186.077350][ T1202] hub 4-1:0.0: config failed, can't get hub status (err -71)
[  186.112614][ T1202] usbhid 4-1:0.0: can't add hid device: -71
[  186.131399][ T1202] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  186.196262][ T1202] usb 4-1: USB disconnect, device number 9
[  186.253549][ T9153] loop6: detected capacity change from 0 to 32768
[  186.358984][   T29] audit: type=1800 audit(1732604430.847:31): pid=9153 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.948" name="file1" dev="loop6" ino=4 res=0 errno=0
[  186.381368][ T9198] loop2: detected capacity change from 0 to 4096
[  186.523906][   T29] audit: type=1800 audit(1732604431.007:32): pid=9198 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.954" name="file1" dev="loop2" ino=33 res=0 errno=0
[  186.763887][ T5910] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  187.007207][ T5910] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  187.057721][ T5910] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  187.110763][ T5910] usb 2-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  187.157782][ T5910] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.188617][ T5910] usb 2-1: config 0 descriptor??
[  187.391449][ T9241] syzkaller1: entered promiscuous mode
[  187.433862][ T9241] syzkaller1: entered allmulticast mode
[  187.630368][ T5910] cm6533_jd 0003:0D8C:0022.0010: unknown main item tag 0x0
[  187.658284][ T5910] cm6533_jd 0003:0D8C:0022.0010: unknown main item tag 0x0
[  187.677703][ T5910] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0D8C:0022.0010/input/input18
[  187.761286][ T5910] cm6533_jd 0003:0D8C:0022.0010: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.1-1/input0
[  187.864293][ T5910] usb 2-1: USB disconnect, device number 6
[  188.233144][ T9268] loop4: detected capacity change from 0 to 8192
[  188.661973][ T9279] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  188.747654][ T9247] loop3: detected capacity change from 0 to 32768
[  188.787394][ T9247] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.968 (9247)
[  188.864465][ T9247] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  188.914056][ T9247] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  188.922746][ T9247] BTRFS info (device loop3): using free-space-tree
[  189.273806][ T9270] loop2: detected capacity change from 0 to 32768
[  189.366905][ T9270] (syz.2.973,9270,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  189.461542][ T9270] (syz.2.973,9270,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  189.624216][ T5825] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  189.700727][ T9270] JBD2: Ignoring recovery information on journal
[  189.767423][ T9294] loop4: detected capacity change from 0 to 32768
[  189.839330][ T9294] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  189.851963][ T9270] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  189.973803][ T1202] usb 2-1: new low-speed USB device number 7 using dummy_hcd
[  190.075502][ T9294] XFS (loop4): Ending clean mount
[  190.083610][ T9296] loop6: detected capacity change from 0 to 32768
[  190.114248][ T9296] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.979 (9296)
[  190.138544][ T1202] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  190.161437][ T1202] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[  190.179453][ T9294] XFS (loop4): Quotacheck needed: Please wait.
[  190.191772][ T9270] syz.2.973 (9270) used greatest stack depth: 17144 bytes left
[  190.204366][ T1202] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  190.236338][ T9296] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  190.252165][ T9296] BTRFS info (device loop6): using sha256 (sha256-avx2) checksum algorithm
[  190.281727][ T1202] usb 2-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  190.303877][ T9296] BTRFS info (device loop6): using free-space-tree
[  190.322666][ T1202] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.356544][ T9294] XFS (loop4): Quotacheck: Done.
[  190.398963][ T1202] hub 2-1:1.0: bad descriptor, ignoring hub
[  190.463927][ T1202] hub 2-1:1.0: probe with driver hub failed with error -5
[  190.471358][ T1202] cdc_wdm 2-1:1.0: skipping garbage
[  190.514405][ T1202] cdc_wdm 2-1:1.0: probe with driver cdc_wdm failed with error -22
[  190.574401][ T5826] ocfs2: Unmounting device (7,2) on (node local)
[  190.672239][ T5841] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  190.720854][ T9320] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  190.754248][ T9320] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  190.780044][ T8290] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  190.874225][   T25] usb 2-1: USB disconnect, device number 7
[  191.216974][ T9359] mkiss: ax0: crc mode is auto.
[  191.238000][ T2151] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  191.401609][ T9360] loop2: detected capacity change from 0 to 4096
[  191.450810][ T9360] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  191.464782][ T2151] usb 2-1: Using ep0 maxpacket: 16
[  191.532960][ T2151] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  191.542838][ T2151] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x24, changing to 0x4
[  191.554350][ T2151] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x4 has an invalid bInterval 0, changing to 7
[  191.556496][ T9360] ntfs3(loop2): Failed to initialize $Extend/$Reparse.
[  191.565529][ T2151] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[  191.608967][ T2151] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice=4f.32
[  191.619745][ T2151] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.628014][ T2151] usb 2-1: Product: syz
[  191.639469][ T2151] usb 2-1: Manufacturer: syz
[  191.644404][ T2151] usb 2-1: SerialNumber: syz
[  191.651793][ T2151] usb 2-1: config 0 descriptor??
[  191.732867][   T29] audit: type=1800 audit(1732604436.217:33): pid=9360 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.985" name="file1" dev="loop2" ino=24 res=0 errno=0
[  191.913935][ T5826] ntfs3(loop2): ino=1a, ntfs_sync_fs failed, -22.
[  191.941355][ T5881] usb 2-1: USB disconnect, device number 8
[  192.115312][ T9387] loop2: detected capacity change from 0 to 128
[  192.152541][ T9390] loop6: detected capacity change from 0 to 512
[  192.152913][ T9387] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  192.173352][ T9390] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  192.183452][ T2151] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  192.189539][ T9387] ext4 filesystem being mounted at /210/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  192.227266][ T9390] EXT4-fs (loop6): 1 truncate cleaned up
[  192.233974][ T9390] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.253304][ T9387] EXT4-fs warning (device loop2): __ext4_ioctl:1258: Setting inode version is not supported with metadata_csum enabled.
[  192.296710][ T5826] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  192.319528][ T8290] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.380244][ T2151] usb 5-1: Using ep0 maxpacket: 8
[  192.422337][ T2151] usb 5-1: New USB device found, idVendor=0c45, idProduct=613a, bcdDevice=c4.6d
[  192.449709][ T2151] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.463823][ T2151] usb 5-1: Product: syz
[  192.468028][ T2151] usb 5-1: Manufacturer: syz
[  192.472634][ T2151] usb 5-1: SerialNumber: syz
[  192.512398][ T9394] loop3: detected capacity change from 0 to 512
[  192.522956][ T2151] usb 5-1: config 0 descriptor??
[  192.530548][ T9394] EXT4-fs: Ignoring removed orlov option
[  192.540792][ T9394] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  192.558529][ T9394] EXT4-fs (loop3): orphan cleanup on readonly fs
[  192.598376][ T2151] gspca_main: sonixj-2.14.0 probing 0c45:613a
[  192.637623][ T9394] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1002: bg 0: block 248: padding at end of block bitmap is not set
[  192.724694][ T9394] Quota error (device loop3): write_blk: dquota write failed
[  192.732651][ T9394] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  192.763860][    T8] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  192.785356][ T9394] EXT4-fs error (device loop3): ext4_acquire_dquot:6938: comm syz.3.1002: Failed to acquire dquot type 1
[  192.830306][ T9394] EXT4-fs (loop3): 1 truncate cleaned up
[  192.843209][ T9394] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  192.886745][ T9394] EXT4-fs: Ignoring removed orlov option
[  192.892617][ T9394] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  192.921313][ T9394] EXT4-fs error (device loop3): __ext4_remount:6749: comm syz.3.1002: Abort forced by user
[  192.927416][    T8] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  192.951758][    T8] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  192.984561][    T8] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  192.994178][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  193.002482][    T8] usb 3-1: SerialNumber: syz
[  193.033978][ T9394] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback.
[  193.131706][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.253420][    T8] usb 3-1: 0:2 : does not exist
[  193.260623][    T8] usb 3-1: usbmixer: too many channels (61) in unit 5
[  193.326264][    T8] usb 3-1: USB disconnect, device number 12
[  193.566499][ T7183] udevd[7183]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  193.656058][ T9416] loop3: detected capacity change from 0 to 4096
[  193.671215][ T2151] usb 5-1: USB disconnect, device number 8
[  193.714232][ T9416] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[  193.775989][ T9416] ntfs3(loop3): Failed to load $Extend (-22).
[  193.782236][ T9416] ntfs3(loop3): Failed to initialize $Extend.
[  194.326996][ T9432] loop2: detected capacity change from 0 to 4096
[  194.334381][ T9432] EXT4-fs: Ignoring removed nomblk_io_submit option
[  194.376132][ T9432] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.433517][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  194.440190][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  194.519265][ T9432] EXT4-fs error (device loop2): ext4_do_update_inode:5153: inode #15: comm syz.2.1016: corrupted inode contents
[  194.552712][ T9432] EXT4-fs error (device loop2): ext4_dirty_inode:6041: inode #15: comm syz.2.1016: mark_inode_dirty error
[  194.569564][ T9432] EXT4-fs error (device loop2): ext4_do_update_inode:5153: inode #15: comm syz.2.1016: corrupted inode contents
[  194.582529][ T9432] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #15: comm syz.2.1016: mark_inode_dirty error
[  194.600584][ T9432] EXT4-fs error (device loop2): ext4_do_update_inode:5153: inode #15: comm syz.2.1016: corrupted inode contents
[  194.616191][ T9432] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #15: comm syz.2.1016: mark_inode_dirty error
[  194.646308][ T9432] EXT4-fs error (device loop2): ext4_do_update_inode:5153: inode #15: comm syz.2.1016: corrupted inode contents
[  194.682544][ T9432] EXT4-fs error (device loop2): ext4_truncate:4240: inode #15: comm syz.2.1016: mark_inode_dirty error
[  194.732542][ T9432] EXT4-fs error (device loop2) in ext4_setattr:5568: Corrupt filesystem
[  194.815944][ T9441] EXT4-fs error (device loop2): ext4_do_update_inode:5153: inode #15: comm syz.2.1016: corrupted inode contents
[  194.837652][ T9449] loop3: detected capacity change from 0 to 256
[  195.119931][ T5826] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.355709][ T5878] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  195.499734][ T9464] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  195.530250][ T9453] loop6: detected capacity change from 0 to 32768
[  195.533195][ T9464] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  195.558210][ T5878] usb 4-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  195.567513][ T9453] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1023 (9453)
[  195.584767][ T5878] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  195.599165][ T5878] usb 4-1: Product: syz
[  195.613808][ T5878] usb 4-1: Manufacturer: syz
[  195.623138][ T5878] usb 4-1: SerialNumber: syz
[  195.651169][ T9453] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  195.672892][ T5878] usb 4-1: config 0 descriptor??
[  195.678880][ T9453] BTRFS info (device loop6): using crc32c (crc32c-intel) checksum algorithm
[  195.730577][ T9453] BTRFS info (device loop6): using free-space-tree
[  195.951204][ T5881] usb 4-1: USB disconnect, device number 10
[  196.170468][ T9498] TCP: request_sock_TCP: Possible SYN flooding on port [::]:20002. Sending cookies.
[  196.170677][ T8290] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  196.591333][ T9506] mkiss: ax0: crc mode is auto.
[  196.940102][ T9519] loop6: detected capacity change from 0 to 2048
[  197.036490][ T9519] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  197.088754][ T9525] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1046'.
[  197.288608][ T9532] C: renamed from team_slave_0 (while UP)
[  197.320871][ T9532] netlink: 'syz.3.1049': attribute type 1 has an invalid length.
[  197.338919][ T9532] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  197.935702][ T2151] hid-generic 0000:0000:FFFFFFFE.0011: unknown main item tag 0x0
[  197.968538][ T2151] hid-generic 0000:0000:FFFFFFFE.0011: unknown main item tag 0x0
[  198.000979][ T2151] hid-generic 0000:0000:FFFFFFFE.0011: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz1
[  199.142864][ T9564] loop6: detected capacity change from 0 to 32768
[  199.210722][ T9564] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  199.342382][ T9564] ocfs2: Unmounting device (7,6) on (node local)
[  200.185339][ T9590] netlink: 'syz.2.1070': attribute type 1 has an invalid length.
[  201.293297][ T9614] vlan2: entered promiscuous mode
[  201.761104][ T9626] netlink: 176 bytes leftover after parsing attributes in process `syz.1.1087'.
[  201.804401][ T9626] netlink: 176 bytes leftover after parsing attributes in process `syz.1.1087'.
[  202.085371][ T9635] syzkaller1: entered promiscuous mode
[  202.090885][ T9635] syzkaller1: entered allmulticast mode
[  202.389185][   T29] audit: type=1326 audit(1732604446.857:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9642 comm="syz.1.1093" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc51477e819 code=0x0
[  202.618217][ T9631] loop4: detected capacity change from 0 to 32768
[  202.643354][ T9631] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1089 (9631)
[  202.706299][ T9631] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  202.738034][ T9631] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  202.986100][ T9631] BTRFS info (device loop4): rebuilding free space tree
[  203.091420][ T9631] BTRFS info (device loop4): disabling free space tree
[  203.098639][ T9631] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  203.108577][ T9631] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  203.293868][ T5841] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  203.683863][ T5910] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  203.948880][ T5910] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  203.983661][ T5910] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  204.002543][ T5910] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  204.058060][ T5910] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  204.078990][ T9695] loop6: detected capacity change from 0 to 2048
[  204.133768][ T5910] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  204.142858][ T5910] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  204.169267][ T9695] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024)
[  204.188076][ T7183] udevd[7183]: incorrect nilfs2 checksum on /dev/loop6
[  204.205465][ T5910] usb 3-1: config 0 descriptor??
[  204.255286][ T9702] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  204.480894][ T9695] NILFS error (device loop6): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  204.544403][ T9695] Remounting filesystem read-only
[  204.681037][ T8290] NILFS (loop6): disposed unprocessed dirty file(s) when detaching log writer
[  204.715838][ T5910] plantronics 0003:047F:FFFF.0012: ignoring exceeding usage max
[  204.725884][ T5910] plantronics 0003:047F:FFFF.0012: No inputs registered, leaving
[  204.761392][ T9719] loop3: detected capacity change from 0 to 2048
[  204.781604][ T5910] plantronics 0003:047F:FFFF.0012: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  204.864639][ T9719] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  204.968004][ T9721] loop6: detected capacity change from 0 to 1024
[  205.034925][ T9721] EXT4-fs: inline encryption not supported
[  205.055184][ T9721] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  205.120575][ T9721] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  205.396602][ T8290] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.091367][ T9758] loop6: detected capacity change from 0 to 256
[  206.100750][ T9758] MINIX-fs: mounting file system with errors, running fsck is recommended
[  206.146805][ T9758] MINIX-fs warning: remounting fs with errors, running fsck is recommended
[  206.223635][ T9761] loop6: detected capacity change from 0 to 256
[  206.243975][ T5878] usb 2-1: new full-speed USB device number 9 using dummy_hcd
[  206.395814][ T5878] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  206.413840][ T5878] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[  206.434662][ T5878] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 10
[  206.453191][ T5878] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  206.524236][ T5878] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  206.643939][ T5878] usb 2-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  206.653036][ T5878] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  206.662462][ T5878] usb 2-1: Product: syz
[  206.666799][ T5878] usb 2-1: Manufacturer: syz
[  206.671417][ T5878] usb 2-1: SerialNumber: syz
[  206.702224][ T5878] usb 2-1: config 0 descriptor??
[  206.799170][ T2151] usb 3-1: USB disconnect, device number 13
[  206.942510][ T5878] radio-si470x 2-1:0.0: DeviceID=0x0000 ChipID=0x0000
[  206.950083][ T5878] radio-si470x 2-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0.
[  206.982290][ T9776] loop4: detected capacity change from 0 to 2048
[  207.030312][ T9776] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  207.143099][ T5878] radio-si470x 2-1:0.0: software version 0, hardware version 0
[  207.151056][    T8] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  207.193865][ T5878] radio-si470x 2-1:0.0: This driver is known to work with hardware version 1, but the device has hardware version 0.
[  207.206357][ T5878] radio-si470x 2-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org
[  207.260126][ T9786] tipc: Started in network mode
[  207.309943][ T9786] tipc: Node identity 7f000001, cluster identity 4711
[  207.339194][ T9786] tipc: Enabled bearer <udp:syz2>, priority 10
[  207.350503][ T5878] radio-si470x 2-1:0.0: submitting int urb failed (-90)
[  207.393914][    T8] usb 7-1: Using ep0 maxpacket: 8
[  207.417058][    T8] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  207.432421][    T8] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  207.443428][    T8] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  207.468053][    T8] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  207.522914][    T8] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  207.552972][    T8] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  207.611245][    T8] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.765757][ T5878] radio-si470x 2-1:0.0: si470x_set_report: usb_control_msg returned -71
[  207.776533][ T5878] radio-si470x 2-1:0.0: probe with driver radio-si470x failed with error -22
[  207.781141][ T9801] loop3: detected capacity change from 0 to 512
[  207.808268][ T9801] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  207.824512][ T5878] usb 2-1: USB disconnect, device number 9
[  207.838720][    T8] usb 7-1: usb_control_msg returned -32
[  207.848928][    T8] usbtmc 7-1:16.0: can't read capabilities
[  207.907271][ T9801] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  207.953324][ T9801] ext4 filesystem being mounted at /237/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  207.967145][ T9806] netlink: 'syz.4.1151': attribute type 11 has an invalid length.
[  208.030773][ T9801] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #2: comm syz.3.1150: corrupted inode contents
[  208.116578][ T9801] EXT4-fs error (device loop3): ext4_dirty_inode:6041: inode #2: comm syz.3.1150: mark_inode_dirty error
[  208.173416][ T9801] EXT4-fs error (device loop3): ext4_do_update_inode:5153: inode #2: comm syz.3.1150: corrupted inode contents
[  208.212391][ T9801] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #2: comm syz.3.1150: mark_inode_dirty error
[  208.213974][ T9810] usbtmc 7-1:16.0: INITIATE_ABORT_BULK_IN returned 0
[  208.370741][   T29] audit: type=1326 audit(1732604452.857:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9813 comm="syz.1.1154" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc51477e819 code=0x0
[  208.454670][    T8] usb 7-1: USB disconnect, device number 2
[  208.481671][ T5878] tipc: Node number set to 2130706433
[  208.536382][ T5825] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.227671][ T9851] loop6: detected capacity change from 0 to 256
[  210.632778][ T9847] loop4: detected capacity change from 0 to 40427
[  210.694252][ T9847] F2FS-fs (loop4): invalid crc value
[  210.732081][ T9847] F2FS-fs (loop4): Found nat_bits in checkpoint
[  210.802885][ T9863] loop3: detected capacity change from 0 to 4096
[  210.862838][ T9847] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  210.906803][ T9872] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  210.933644][ T9847] syz.4.1166: attempt to access beyond end of device
[  210.933644][ T9847] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  210.994768][ T9847] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  211.089777][ T9875] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1175'.
[  211.377381][ T9881] netlink: 'syz.3.1176': attribute type 4 has an invalid length.
[  211.547280][ T9858] loop6: detected capacity change from 0 to 32768
[  211.674047][ T9858] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  211.885993][ T9903] loop4: detected capacity change from 0 to 1024
[  211.983963][ T9903] hfsplus: xattr searching failed
[  211.998524][ T9903] hfsplus: b-tree write err: -5, ino 3
[  212.176109][ T9899] loop2: detected capacity change from 0 to 40427
[  212.191270][ T2120] hfsplus: b-tree write err: -5, ino 3
[  212.201755][ T9858] XFS (loop6): Ending clean mount
[  212.225290][ T9858] XFS (loop6): Quotacheck needed: Please wait.
[  212.274583][ T9899] F2FS-fs (loop2): Found nat_bits in checkpoint
[  212.299898][ T9858] XFS (loop6): Quotacheck: Done.
[  212.393410][ T9899] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  212.401782][ T8290] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  212.499748][ T9899] F2FS-fs (loop2): sanity_check_inode: corrupted inode i_blocks i_ino=b iblocks=0, run fsck to fix.
[  212.723143][ T5826] syz-executor: attempt to access beyond end of device
[  212.723143][ T5826] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  212.790352][ T5826] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  212.829247][ T5826] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  212.937171][ T5829] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  213.095357][ T5829] usb 4-1: too many configurations: 9, using maximum allowed: 8
[  213.136174][ T5829] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  213.145454][ T5829] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  213.201439][ T5829] usb 4-1: config 0 interface 0 has no altsetting 0
[  213.236560][ T5829] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  213.255830][ T5829] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  213.305849][ T5829] usb 4-1: config 0 interface 0 has no altsetting 0
[  213.314179][ T5829] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  213.323095][ T5829] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  213.379496][ T5829] usb 4-1: config 0 interface 0 has no altsetting 0
[  213.394816][ T5829] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  213.424150][ T5829] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  213.459548][ T5829] usb 4-1: config 0 interface 0 has no altsetting 0
[  213.485190][ T5829] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  213.513939][ T5829] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  213.553772][ T5829] usb 4-1: config 0 interface 0 has no altsetting 0
[  213.565526][ T5829] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  213.579141][ T5829] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  213.612786][ T5829] usb 4-1: config 0 interface 0 has no altsetting 0
[  213.635610][ T5829] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  213.663875][ T5829] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  213.689855][ T5829] usb 4-1: config 0 interface 0 has no altsetting 0
[  213.724341][ T5829] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  213.733279][ T5829] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  213.792424][ T5829] usb 4-1: config 0 interface 0 has no altsetting 0
[  213.809335][ T5829] usb 4-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  213.826964][ T5829] usb 4-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  213.850909][ T5829] usb 4-1: Product: syz
[  213.874395][ T5829] usb 4-1: Manufacturer: syz
[  213.879043][ T5829] usb 4-1: SerialNumber: syz
[  213.914527][ T5829] usb 4-1: config 0 descriptor??
[  213.940953][ T5829] yurex 4-1:0.0: USB YUREX device now attached to Yurex #0
[  214.769992][    C0] usb 4-1: yurex_control_callback - control failed: -71
[  214.796094][ T5878] usb 4-1: USB disconnect, device number 11
[  214.804288][ T5878] yurex 4-1:0.0: USB YUREX #0 now disconnected
[  215.092820][ T9989] netlink: 104 bytes leftover after parsing attributes in process `syz.6.1216'.
[  215.992062][ T9992] loop2: detected capacity change from 0 to 32768
[  216.061933][ T9992] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  216.155892][T10003] loop6: detected capacity change from 0 to 40427
[  216.200554][T10003] F2FS-fs (loop6): invalid crc value
[  216.215584][T10003] F2FS-fs (loop6): Found nat_bits in checkpoint
[  216.314204][T10003] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  216.323791][ T5878] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  216.333616][ T9992] syz.2.1218 (9992) used greatest stack depth: 15864 bytes left
[  216.446338][ T5826] ocfs2: Unmounting device (7,2) on (node local)
[  216.493844][ T5878] usb 4-1: Using ep0 maxpacket: 8
[  216.500523][ T5878] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  216.520861][ T5878] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  216.540664][ T5878] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  216.560903][ T5878] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  216.584192][ T5878] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  216.594873][ T5878] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  216.820442][ T5878] usb 4-1: usb_control_msg returned -32
[  216.845384][ T5878] usbtmc 4-1:16.0: can't read capabilities
[  216.914806][T10021] netlink: 'syz.1.1230': attribute type 4 has an invalid length.
[  216.934115][T10021] netlink: 17 bytes leftover after parsing attributes in process `syz.1.1230'.
[  217.258220][T10047] loop4: detected capacity change from 0 to 512
[  217.275842][T10047] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  217.298435][   T29] audit: type=1326 audit(1732604461.787:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10046 comm="syz.1.1238" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc51477e819 code=0x0
[  217.353907][T10047] EXT4-fs (loop4): 1 truncate cleaned up
[  217.360150][T10047] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  217.443637][T10047] 
[  217.445998][T10047] ======================================================
[  217.453013][T10047] WARNING: possible circular locking dependency detected
[  217.460037][T10047] 6.12.0-next-20241126-syzkaller #0 Not tainted
[  217.466266][T10047] ------------------------------------------------------
[  217.473266][T10047] syz.4.1239/10047 is trying to acquire lock:
[  217.479318][T10047] ffff88805b7e8de0 (&sb->s_type->i_mutex_key#8/1){+.+.}-{4:4}, at: ext4_xattr_inode_lookup_create+0x1af1/0x2030
[  217.491251][T10047] 
[  217.491251][T10047] but task is already holding lock:
[  217.498620][T10047] ffff88807ae3aa28 (&ei->i_data_sem/3){++++}-{4:4}, at: ext4_setattr+0x16e1/0x1da0
[  217.507946][T10047] 
[  217.507946][T10047] which lock already depends on the new lock.
[  217.507946][T10047] 
[  217.518352][T10047] 
[  217.518352][T10047] the existing dependency chain (in reverse order) is:
[  217.527355][T10047] 
[  217.527355][T10047] -> #1 (&ei->i_data_sem/3){++++}-{4:4}:
[  217.535180][T10047]        lock_acquire+0x1ed/0x550
[  217.540197][T10047]        down_write+0x99/0x220
[  217.544954][T10047]        ext4_xattr_inode_lookup_create+0x1798/0x2030
[  217.551729][T10047]        ext4_xattr_ibody_set+0x214/0x730
[  217.557450][T10047]        ext4_xattr_set_handle+0xba6/0x1580
[  217.563336][T10047]        ext4_xattr_set+0x280/0x3e0
[  217.568526][T10047]        __vfs_setxattr+0x468/0x4a0
[  217.573719][T10047]        __vfs_setxattr_noperm+0x12e/0x660
[  217.579525][T10047]        vfs_setxattr+0x221/0x430
[  217.584541][T10047]        filename_setxattr+0x2af/0x430
[  217.589995][T10047]        path_setxattrat+0x440/0x510
[  217.595272][T10047]        __x64_sys_lsetxattr+0xbf/0xe0
[  217.600729][T10047]        do_syscall_64+0xf3/0x230
[  217.605747][T10047]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.612148][T10047] 
[  217.612148][T10047] -> #0 (&sb->s_type->i_mutex_key#8/1){+.+.}-{4:4}:
[  217.620928][T10047]        validate_chain+0x18ef/0x5920
[  217.626313][T10047]        __lock_acquire+0x1397/0x2100
[  217.631707][T10047]        lock_acquire+0x1ed/0x550
[  217.636796][T10047]        down_write+0x99/0x220
[  217.641572][T10047]        ext4_xattr_inode_lookup_create+0x1af1/0x2030
[  217.648350][T10047]        ext4_xattr_block_set+0x274/0x3980
[  217.654160][T10047]        ext4_expand_extra_isize_ea+0x12d7/0x1cf0
[  217.660568][T10047]        __ext4_expand_extra_isize+0x2fb/0x3e0
[  217.666719][T10047]        __ext4_mark_inode_dirty+0x524/0x880
[  217.672700][T10047]        ext4_setattr+0x1780/0x1da0
[  217.677888][T10047]        notify_change+0xbca/0xe90
[  217.682996][T10047]        do_truncate+0x220/0x310
[  217.687928][T10047]        vfs_truncate+0x2e1/0x3b0
[  217.692952][T10047]        do_sys_truncate+0xdb/0x190
[  217.698145][T10047]        do_syscall_64+0xf3/0x230
[  217.703161][T10047]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.709571][T10047] 
[  217.709571][T10047] other info that might help us debug this:
[  217.709571][T10047] 
[  217.719787][T10047]  Possible unsafe locking scenario:
[  217.719787][T10047] 
[  217.727221][T10047]        CPU0                    CPU1
[  217.732574][T10047]        ----                    ----
[  217.737925][T10047]   lock(&ei->i_data_sem/3);
[  217.742523][T10047]                                lock(&sb->s_type->i_mutex_key#8/1);
[  217.750594][T10047]                                lock(&ei->i_data_sem/3);
[  217.757709][T10047]   lock(&sb->s_type->i_mutex_key#8/1);
[  217.763266][T10047] 
[  217.763266][T10047]  *** DEADLOCK ***
[  217.763266][T10047] 
[  217.771407][T10047] 5 locks held by syz.4.1239/10047:
[  217.776591][T10047]  #0: ffff88802cedc420 (sb_writers#4){.+.+}-{0:0}, at: mnt_want_write+0x3f/0x90
[  217.785733][T10047]  #1: ffff88807ae3ab98 (&sb->s_type->i_mutex_key#8){++++}-{4:4}, at: do_truncate+0x20c/0x310
[  217.796007][T10047]  #2: ffff88807ae3ad38 (mapping.invalidate_lock){++++}-{4:4}, at: ext4_setattr+0xf94/0x1da0
[  217.806180][T10047]  #3: ffff88807ae3aa28 (&ei->i_data_sem/3){++++}-{4:4}, at: ext4_setattr+0x16e1/0x1da0
[  217.815929][T10047]  #4: ffff88807ae3a868 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x491/0x880
[  217.826197][T10047] 
[  217.826197][T10047] stack backtrace:
[  217.832165][T10047] CPU: 1 UID: 0 PID: 10047 Comm: syz.4.1239 Not tainted 6.12.0-next-20241126-syzkaller #0
[  217.842045][T10047] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[  217.852089][T10047] Call Trace:
[  217.855359][T10047]  <TASK>
[  217.858280][T10047]  dump_stack_lvl+0x241/0x360
[  217.862954][T10047]  ? __pfx_dump_stack_lvl+0x10/0x10
[  217.868148][T10047]  ? __pfx__printk+0x10/0x10
[  217.872749][T10047]  print_circular_bug+0x13a/0x1b0
[  217.877792][T10047]  check_noncircular+0x36a/0x4a0
[  217.882812][T10047]  ? __pfx_check_noncircular+0x10/0x10
[  217.888270][T10047]  ? lockdep_lock+0x123/0x2b0
[  217.892941][T10047]  ? folio_mark_accessed+0x374/0x1ca0
[  217.898306][T10047]  ? lockdep_hardirqs_on_prepare+0x43d/0x780
[  217.904277][T10047]  validate_chain+0x18ef/0x5920
[  217.909126][T10047]  ? __pfx_validate_chain+0x10/0x10
[  217.914314][T10047]  ? __lock_acquire+0x1397/0x2100
[  217.919338][T10047]  ? __pfx_from_kprojid+0x10/0x10
[  217.924357][T10047]  ? ext4_mark_iloc_dirty+0x4f4/0x1e20
[  217.929805][T10047]  ? mark_lock+0x9a/0x360
[  217.934126][T10047]  __lock_acquire+0x1397/0x2100
[  217.938975][T10047]  lock_acquire+0x1ed/0x550
[  217.943469][T10047]  ? ext4_xattr_inode_lookup_create+0x1af1/0x2030
[  217.949883][T10047]  ? __pfx_lock_acquire+0x10/0x10
[  217.954916][T10047]  ? __pfx___might_resched+0x10/0x10
[  217.960190][T10047]  ? __ext4_mark_inode_dirty+0x5b2/0x880
[  217.965821][T10047]  ? __pfx___ext4_mark_inode_dirty+0x10/0x10
[  217.971794][T10047]  ? __pfx_dquot_free_inode+0x10/0x10
[  217.977161][T10047]  down_write+0x99/0x220
[  217.981397][T10047]  ? ext4_xattr_inode_lookup_create+0x1af1/0x2030
[  217.987808][T10047]  ? __pfx_down_write+0x10/0x10
[  217.992651][T10047]  ? ext4_get_dquots+0xd/0x20
[  217.997334][T10047]  ext4_xattr_inode_lookup_create+0x1af1/0x2030
[  218.003572][T10047]  ? __lock_acquire+0x1397/0x2100
[  218.008655][T10047]  ? __pfx_ext4_xattr_inode_lookup_create+0x10/0x10
[  218.015265][T10047]  ? ext4_xattr_block_set+0xf8/0x3980
[  218.020635][T10047]  ext4_xattr_block_set+0x274/0x3980
[  218.025931][T10047]  ? __pfx_ext4_xattr_block_set+0x10/0x10
[  218.031648][T10047]  ? ext4_xattr_block_find+0x479/0x520
[  218.037107][T10047]  ext4_expand_extra_isize_ea+0x12d7/0x1cf0
[  218.043000][T10047]  ? __pfx_ext4_expand_extra_isize_ea+0x10/0x10
[  218.049230][T10047]  ? down_write_trylock+0x209/0x3b0
[  218.054425][T10047]  ? __ext4_mark_inode_dirty+0x491/0x880
[  218.060058][T10047]  ? dquot_initialize_needed+0x130/0x320
[  218.065683][T10047]  __ext4_expand_extra_isize+0x2fb/0x3e0
[  218.071310][T10047]  __ext4_mark_inode_dirty+0x524/0x880
[  218.076769][T10047]  ? __pfx___ext4_mark_inode_dirty+0x10/0x10
[  218.082741][T10047]  ? _raw_spin_unlock+0x28/0x50
[  218.087592][T10047]  ? create_empty_buffers+0x53e/0x740
[  218.092962][T10047]  ? __pfx_down_write+0x10/0x10
[  218.097807][T10047]  ? ext4_fc_track_range+0xf6/0xb70
[  218.102999][T10047]  ext4_setattr+0x1780/0x1da0
[  218.107672][T10047]  ? __pfx_ext4_setattr+0x10/0x10
[  218.112688][T10047]  notify_change+0xbca/0xe90
[  218.117274][T10047]  do_truncate+0x220/0x310
[  218.121693][T10047]  ? __pfx_do_truncate+0x10/0x10
[  218.126632][T10047]  ? bpf_lsm_path_truncate+0x9/0x10
[  218.131826][T10047]  vfs_truncate+0x2e1/0x3b0
[  218.136332][T10047]  do_sys_truncate+0xdb/0x190
[  218.141004][T10047]  ? __pfx_do_sys_truncate+0x10/0x10
[  218.146296][T10047]  ? do_syscall_64+0x100/0x230
[  218.151049][T10047]  ? do_syscall_64+0xb6/0x230
[  218.155717][T10047]  do_syscall_64+0xf3/0x230
[  218.160212][T10047]  ? clear_bhb_loop+0x35/0x90
[  218.164886][T10047]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  218.170769][T10047] RIP: 0033:0x7fb82237e819
[  218.175177][T10047] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  218.194777][T10047] RSP: 002b:00007fb8231b7038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[  218.203191][T10047] RAX: ffffffffffffffda RBX: 00007fb822535fa0 RCX: 00007fb82237e819
[  218.211150][T10047] RDX: 0000000000000000 RSI: 000000000000003b RDI: 0000000020000180
[  218.219110][T10047] RBP: 00007fb8223f175e R08: 0000000000000000 R09: 0000000000000000
[  218.227072][T10047] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  218.235031][T10047] R13: 0000000000000000 R14: 00007fb822535fa0 R15: 00007ffd346c21a8
[  218.242996][T10047]  </TASK>
[  218.246086][    C1] vkms_vblank_simulate: vblank timer overrun
[  218.332704][T10047] EXT4-fs error (device loop4): mb_free_blocks:1948: group 0, inode 15: block 33:freeing already freed block (bit 32); block bitmap corrupt.
[  218.370668][ T5841] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.481970][T10054] loop6: detected capacity change from 0 to 40427
[  218.493205][T10054] F2FS-fs (loop6): build fault injection attr: rate: 771, type: 0x1fffff
[  218.503206][T10054] F2FS-fs (loop6): invalid crc value
[  218.523103][T10054] F2FS-fs (loop6): Found nat_bits in checkpoint
[  218.549273][T10054] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  218.575871][   T29] audit: type=1800 audit(1732604463.067:37): pid=10054 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1240" name="file1" dev="loop6" ino=10 res=0 errno=0
[  218.588919][T10054] F2FS-fs (loop6): inject no more block in inc_valid_block_count of f2fs_reserve_new_blocks+0x195/0xb90
[  218.612082][T10054] syz.6.1240: attempt to access beyond end of device
[  218.612082][T10054] loop6: rw=2049, sector=77824, nr_sectors = 744 limit=40427
[  218.653065][ T8290] syz-executor: attempt to access beyond end of device
[  218.653065][ T8290] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  218.667448][ T8290] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  219.031957][ T5829] usb 4-1: USB disconnect, device number 12