last executing test programs:

8m4.081503444s ago: executing program 32 (id=101):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000000)={[{@nobarrier}]}, 0xff, 0x489, &(0x7f0000000a40)="$eJzs3M9vFFUcAPDvTFug/GpFREXRKhqJP1paUDl4UKM3DyZ64FrbgsgChtZESBOrMXg0Jt6NRxP/Am9eiHowJl418WhIiDYmFE9r5hfdbrelLW1Xup9Psux7M2/73ndm3u6becwE0LEGsn+SiN0R8VtE9BXZhQUGire52emxm7PTY0nU62/9leTlbsxOj1VFq8/tKjNH0oj00yReThbXO3np8tnRWm3iYpkfmjr3/tDkpcvPnTk3enri9MT5kRMnjh8bfvGFkefXJc4srhsH611FbuzkF+/8+G3WrAOHiiWNcdzWzRYBtTCQbbW/67nmdU+uuLK7w56GdNLdxoawKlmHyHZXT97/+6Ir5ndeX7z+SVsbB2yo7Ldp+9KrZ+rAFpZEu1sAtEf1Q5+d/1avTRp6/C9cfyViW5mem50em7sVf3ek5fKeDax/ICJOzvz7VfaK1V6HAABYg3xs82yr8V8aB/L3Yq5jbzmH0h8R90TEvoi4NyL2R8R9EXnZ+yPigazw1aj3rbD+gab84vFPeq1lm9dJNv57qWHsN9cQf/nW31Xm9uTx9ySnztQmjpbb5Ej0bM/yw8vU8f1rv36+1LrG8V/2yuqvxoJlA651N12gGx+dGl2vjXD944iD3a3iT27NBGRHwIMRcXB1f3pvlTjz9DcPL1Xo9vEvYx3mmepfRzxV7P+ZaIq/kiw/Pzm0I2oTR4eqo2Kxn3658uZS9d9R/Osg2/87Fx7/TSX6/kmK+dqeqNUmLk6uvo4rv3+25DnNWo//bcnb+Zz1z+8Wyz4cnZq6OByxLXkjz1fndPnykfnPVvmqfBb/kcOt+/++8jNZ/A9FRHYQH4qIRyLi0bLtj0XE4xFxeJn4f3j1ifeWiT+JJNq6/8dbfv/dOv77k8b5+jUkus5e/W6pGfOV7f/jMZN/1xby77/bWGkD73DzAQAAwF0hjYjdkaSDRXpgd6Tp4GDxf/j3x860dmFy6plTFz44P17cI9AfPWl1pauv4XrocDJT/sUiP1JeK67WHyuvG3/Z1ZvnB8cu1MbbHDt0ul0L+39U/T/zZ1e7WwdsOPdrQedq7v9pm9oBbL6V/P47F4CtqUX/721HO4DN5/wfOler/v9RU974H7amxf3/jxaPrAO2IuN/6Fz6P3Qu/R860p3c17/2RHWzwIJVvSu+af/S5bM7VlO4IxLVEy82sq7emF8SadtD7qBE1mM2o675Z33MP0MFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgbvZfAAAA//+dEeOQ")
mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

7m11.554355561s ago: executing program 33 (id=396):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x4}, 0x18)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)={0x30, 0x3e, 0x107, 0x70bd27, 0x0, {0x1, 0x7c}, [@nested={0x4, 0xfc}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x6, 0x0, 0x0, @pid}]}, @nested={0x9, 0x2, 0x0, 0x1, [@generic="725eb862ce"]}]}, 0x30}, 0x1, 0x0, 0x0, 0xc000}, 0x4040)

5m45.466150393s ago: executing program 34 (id=1096):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0xc, 0xe, &(0x7f0000000640)=ANY=[@ANYBLOB="b702000003000000bfa30000000000000703000000feffff7a0af0ff0100000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00000000850000000d000000b70000000000000095000000000000005ecefab8f2e85c6c1ca711fcd020f4c0c8c56147d66527da307bf731fef97861750379585e5a076d839240d29c034055b67dafe6c8dc3d5d78c07fa1f7e655ce34e4d5b3185fec0e07004e60c08dc8b8dbf11e6e94d75938321a3aa502cd2424a66e6d2ef831ab7ea0c34f17e3946ef3bb622003b538dfd8e012e79578e51bc53099e90f4580d760551b5b341a29f31e3106d1ddd6152f7cbdb9cd38bdb2209c67deca8eeb9c15ab3a14817ac61e4dd11183a13477bf7e860e3665f1328d6704902cbe7bc04b82d2789cb132b8667c2147661df28d9961b63e1a9cf6c2a660a1fe3c184b751c51160fb20b1c581e7be6ba0dc001c4110555850915148ba532e6ea09c346dfebd38608b3280080005d9a9500000000000000334d83239dd27080851dcac3c12233f9a1fb9c2aec61ce63a38d2fd50117b89a9ab359b4eea0c6e95767d42b4e54861d0227dbfd2e6d7f715a7f3deadd7130856f756436303767d2e24f29e5dad9796edb697aeea0182babd18cac1bd4f4390af9a9ceafd0002cab154ad029a1090000002780870014f51c3c975d5aec84222fff0d7216fdb0d3a0ec4be3e563112f0b39501aafe234870072858dc06e7c337642d3e5a815232f5e16c1b30c3a6a71bc85018e5ff2c91018afc9ffc2cc788bee1b47683db01a469398685211dfbbae3e2ed0a50e7313bff5d4c391ddece00fc772dd6b4d4de2a41990f05ca3bdfc92c88c5b8dcd36e7487afa447c2edfae4f390a8337841cef386e22cc22ee17476d738952229682e24b92533ac2a9f5a699593f084419cae0b4532bcc97d3ae486aca54183fb01c73f979ca9857399537f5dc2acb72e7ead0509d380578673f8b6e74ce23877a6b24db0000000000000003629fbef2461c96a088a22e8b15c3e233db7ab22e30d46a9d24d37cef099ece729aa218f9f44a3210223fdae7ed04935c3c90d3add8eebc8619d7b90dfae158b94f50adab988dd8e12b1b56073d0d10f7067c881434af5cc9398fff00404d5d99f82e20ee6a8c88e18c2977aab37d9ac4cfc1c7b400000000000007ff57c39495c826b956ba859ac8e3c177b91bd7d5e41ff868f7ca1664fe2f3ced846891180604b6dd2499d16d7d9158ffffffff00000000ef069dc42749a89f854797f29d0000002d8c38a967c1bbe09315c29877a331bcc87dc3addb08141bdee5d27874b2f663ddeef0005b3d96c7aabf77bfc95769a9294df517d90bdc01e73835efd98ad5a3e1a90800c66ee2b1ad76dff9f9000071414c99d4894ee7f8249dc1e3428d2129369ee1b85af6eb2eea0d0df414b31592479ecf2392548f11e1036a8debd64cbe359454a3f2239cfe35f81b7a490f167e6d5c1109000000000000000042b8ff8c21ad702ccacad5b39eef213d1ca296d2a27798c8ce2a305c0c7d35cf4b22549a4bd92052188bd1f285f653b621491dc6aaee0200e2ff08644fb94c06006eff1be2f633c1d987591ec3db58a7bb3042ec3f771f7a1338a5c3dd35e926049fe86e09c58e273cd905deb28c13c1ed1c0d9cae846bcbfa8cce7b893e578af7dc7d5e87d44ff828de453f34c2b18660b080efc707e676e1fb4d5825c0ca177a4c7fbb4e62b445c00f576b2b5cc7f819abd0f885cc4806f40300966fcf1e54f5a2d38708194cd6f496e5dee734fe7da3770845cf442d488afdc0e17000000000000000000000000000000000000000000000000000005205000000dc1c56d59f35d367632952a93466ae595c6a8cda690d192a070886df42b27098773b45198b4a34ac977ebd4450e121d01342703f5bf030e935878a6d169c80aa4252d4ea6b8f6216ff202b5b5a182cb5e838b307632d03a7ca6f6d0339f9953c3093c3690d10ecb65dc5b47481edbe1f000000000000004d16d29c28eb5167e9936ed327fb237a56224e49d9ea955a5f0dec1b3ccd35364600000000000000000000000000000000000000000000000000000000000026ded4dd6fe1518cc7802043ecfe69f743f1213bf8179ecd9e5a225d67521dc728eac7d80a5646ac2cbde21d3ebfbf69ff861f4394836ddf128d6d19079e64336e7c676505c78ad67548f4b192be1827fcd95cf107753cb0a6a979d3db0c407081c6281e2d8429a863903ca75f4c7df3ea8fc2018d07af1491ef060cd4403a099f32468f65bd06b4082d43e121861b5cc03f1a1561f0589e0d12969bc982ff5d8e9b986c0c6c747d9a1cc500bb892c3a16ff10feea20bdac0000000000000000ca06f256c8028e0f9b65f037b21f3289f86a6826c69fa35ba5cbc3f2db1516ffc5c6e3fa618b24a6ce16d6c7010bb37b61fa0a2d8974e69115d33394e86e4b838297ba20f96936b7e4766e92dea6c5d1d33d84d96b50fb000000ae07c65b71088dd7d5d1e1bab9000000000000000000000000b5ace293bec859c13e3229432ad71d646218b5229dd88137fc7c59aa242af3bb4efb82055a3b61227ad40f52c9f250057931d828ec78e116ae46c4897e2795b6ff92e9a1f63a6ed8fb4f8f3a6ec4e76f8621e24b0b855c02f2b7add58ffb25f339297729a7a51810134d3dfbf71f6516737be55c06d9cdcfb1e2bb10b50000eb4acff90756dba1ecf9f58afd3c19b5c4558ba9af6b7333c894a1fb29ade9ad75c9c022e8d03fe28bc358684492aa771dbfe80745fe89ad349ffaad76ff9dd643796caffdf67af5dd476c37e7e9a84e2e5da2696e285a59b53f2fb0e16d8262c080c159ce40c14089c82759106f422582b42e3e8484ea5a6ad9aa52106eafe0e0caea1ad4cb23f3c2b8a0f455ba69ea284c268d54b43158a8b1d128d02af263b3dc1cab794c9ac57a2a7332f4d8764c302ccd5aac114482b619fc575aa0dd2777e881e29a854380e2f1e49db5a1517ec40bb3fa44f9959bad67ccaba76408da35c9f1534c8bd48bbd61627a2e0a74b5e6aefb7eee403f02734137ff47257f164391c673b6071b6ad0f05eed164ca63e4ea26dce0fb3ce0f6591d80dfb8f386bb79f5589829b6b0679b5d65a81826fc9b38f791c8f1892b51ad65a89bc84646ebf78f5d5d4804d9abb071fd711b5e7cc163b42a6510b8f5ee6747df0b560eabe0499bf1fef7c18bb9f55effa018679845c6598fb78bf1b8d9d9f04a5f6062c2bbb91952755b3f7c948268cb647d0a0bb1286480615941154a01d23734bcafe3b164474e2f2efa77850686ee4541f3e79efa63545a7ae53d5f0c40cc86473f7eb093980bd0d97bb4750128d9c519984c5f731ea259e71b2f12d67ce12e52c283e74594dfc933e625737ed231d61263721d46daf093f770357cd78fe1431aef52b4a0a933f1a5334ad03f3876fc8a8e187f80318427b4c922075cf829e3cc49d71d52137b48e1fb6b05dd1c7b251a7059f0a4b4f3431f67fc65b75c202e43816e34ff41db85bacd77b25242830b788ae1e00"/2566], &(0x7f0000000340)='syzkaller\x00'}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={r1, 0x18000000000002a0, 0xe40, 0x0, &(0x7f0000000100)="b9ff03076844268cb89e14f005dd1be0ffff00fe3a21632f77fbac14141de007031762079f4b4d2f87e5feca6aab845013f2325f1a3901050b038da1880b25181aa59d943be3f4aed50ea5a6b8686731cb89ef77123c899b699eeaa8eaa0073461119663906400f30c0600000000000059b6d3296e8ca31bce1d8392078b72f24996ae17dffc2e43c8174b54b620636894aaacf28ff62616363c70a440aec4014caf28c0adc043084617d7ecf41e9d134589d46e5dfc4ca5780d38cae870b9a1df48b238190da450296b0ac01496ace23eefc9d4246dd14afbf79a2283a0bb7e1d235f3df126c3acc240d75a058f6efa6d1f5f7ff4000000000000000000", 0x0, 0x8, 0x60000000}, 0x1e)

5m40.559967312s ago: executing program 35 (id=1122):
r0 = socket$inet6(0xa, 0x80002, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000008c00)=[{{0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f0000000180)="50558c", 0x3}], 0x1}}, {{0x0, 0x0, &(0x7f0000000c80)=[{&(0x7f0000000a80)="fb24ba96", 0xc3fd}, {0x0, 0x11}], 0x2}}], 0x2, 0x20004810)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}, 0x400}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000)

5m32.739972612s ago: executing program 36 (id=1155):
r0 = socket$netlink(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_CHANNELS_GET(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000800)={&(0x7f00000001c0)=ANY=[@ANYRES32=r1, @ANYRES16=r1, @ANYBLOB="010326bd6000000000002d"], 0x20}, 0x1, 0x0, 0x0, 0x40904}, 0x20040814)

5m13.757924272s ago: executing program 37 (id=1255):
r0 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x0, 0x3010}, &(0x7f0000000040)=<r1=>0x0, &(0x7f0000000340)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000240)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x1, 0x6, &(0x7f0000000640)=[{&(0x7f0000000500)='t', 0x1}], 0x1, 0xa, 0x1})
io_uring_enter(r0, 0x47ba, 0x3e80, 0x0, 0x0, 0x0)

3m40.721028798s ago: executing program 38 (id=2100):
r0 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000fee000)=0x1, 0x4)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @empty}}, 0x1c)
fchown(r0, 0xee01, 0x0)
listen(r0, 0x50)

2m23.197927198s ago: executing program 8 (id=2883):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x1e7d, 0x2c2e, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x10}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB='\x00\"\a'], 0x0}, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
userfaultfd(0x801)

2m20.065909336s ago: executing program 8 (id=2902):
r0 = socket$netlink(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r2 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_NEW(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r2, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0)

2m18.74013697s ago: executing program 8 (id=2914):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
r0 = syz_open_dev$swradio(&(0x7f00000046c0), 0x1, 0x2)
preadv(r0, &(0x7f0000000c00)=[{&(0x7f0000000740)=""/121, 0x79}], 0x1, 0x80000000, 0x4)

2m17.656360272s ago: executing program 8 (id=2924):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x1400c, &(0x7f0000000080)={[{@test_dummy_encryption}, {@init_itable}, {@journal_dev={'journal_dev', 0x3d, 0x2}}]}, 0x3, 0x47a, &(0x7f00000006c0)="$eJzs3M1vG0UbAPBn13H65k1pTClfLR+BgqgQJE1boAcOgEDiUCQkOMDRSkJVmhbUBIlWkUg5lBNCSNwRR/4FTnBBiBMSV7ijShXqhZaT0dq7sZ3YTpPaccG/n+T2mf3IzOPd2czu2AlgZE1n/yQReyPit4iYahTbN5hu/Hfj+ur8zeur80nUam/9mdS3++v66nyxabHfZGshkjjUod7li5fOVpeWFi/k5dmVcx/OLl+89OyZc9XTi6cXzx87efLE8bkXnj/2XF/ynIw0j15/98s3Tn3elv+GPPpkutfKJ2u1Plc3XHe1xGNDbAfbU8qPV7ne/6ei1HL0puK1T9cLnwypgcDA1Gq12mT31Ws14D8sifayLg+jovhFX9z/droPfmlgo4/hu/Zy4wYoy/tG/mqsGVt/YlDecH/bT9MR8c7a319nrxjMcwgAgDbfZ+OfZ7LRzup8NvZojj/SuK9lu3353FAlIu6OiP0RcU+cjwMRcW9Efdv7I+KBbdbfMklSH2ZuHv+kV3ec3C3Ixn8v5nNb7eO/YvQXlVK9dLFRiHLy3pmlxaP5e3Ikynuy8lyPOn549dcvuq1rHf9lr6z+YiyYt+Pq2J72fRaqK9WdZ9zu2uWIg2Od8k/WZwKSiHgwIg52+gHp1nWcefrbh7qt2zr/Hvow0VT7JuKpxvFfiw35F5Le85Oz/4ulxaOzxVmx2c+/XHmzW/23lX8fZMf//x3P//X8K0nrfO3yNiuoRFz5/bOu9zTT5TzYxvm/Vl2pjidv1+PxfNnH1ZWVC3MR48mpotrm8mPNfYtysX2W/5HDnfv//mi+E4ciIjuJH46IRyLi0fzYPRYRj0fE4R5vwU+vPPH+xmUTRf53wPFf2Nbxbwbj0b4k7bBNFpTO/vhdW6WVZpjnf7P39e9EPTqSL7mV69/mVnQObvf9AwAAgH+DNCL2RpLOrMdpOjPT+Az/gcbUd+aj8wuN7whUopwWT7qmWp6HzuW39Y3y5YhofLSgWH880vpz469KE/XyzPwHSwtDzRyY7NL/M3+Uht06YOB8YQtGl/4Po6tn/y/vXjuA3bep//fs83sG2hZgd3X4/T8xjHYAu6/T+N/f+4HRsKH/m/aDEeL5P4wu/R9Gl/4PI2l5Irb+knzPoPhJO9x9q2Aq4nZbOJwgyndEMwYWRDrwKsYHe2ptHUzEjnZPhtnmfgVtl4l9u31dAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6Jd/AgAA///miM2S")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000000), 0x8, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
chdir(&(0x7f0000000300)='./bus\x00')
symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000380)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

2m16.877143347s ago: executing program 8 (id=2935):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r2=>0x0})
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r3, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)={0x28, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x2}]}, 0x28}}, 0x0)

2m14.17522792s ago: executing program 8 (id=2963):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=@newlink={0x54, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x4, 0x0, 0x300}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_BR_STP_STATE={0x8, 0x5, 0x1}, @IFLA_BR_NF_CALL_IP6TABLES={0x5, 0x25, 0x1}, @IFLA_BR_VLAN_STATS_ENABLED={0x5}]}}}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x54}, 0x1, 0x0, 0x0, 0x4}, 0x8044)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCBRDELBR(r2, 0x89a2, &(0x7f0000000200)='bridge0\x00')

2m13.803512051s ago: executing program 39 (id=2963):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000040)={'team0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=@newlink={0x54, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x4, 0x0, 0x300}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x1c, 0x2, 0x0, 0x1, [@IFLA_BR_STP_STATE={0x8, 0x5, 0x1}, @IFLA_BR_NF_CALL_IP6TABLES={0x5, 0x25, 0x1}, @IFLA_BR_VLAN_STATS_ENABLED={0x5}]}}}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x54}, 0x1, 0x0, 0x0, 0x4}, 0x8044)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCBRDELBR(r2, 0x89a2, &(0x7f0000000200)='bridge0\x00')

2m1.706206885s ago: executing program 1 (id=3048):
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
execveat(0xffffffffffffff9c, &(0x7f0000000280)='./file2\x00', 0x0, 0x0, 0x0)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x6000, 0x1)
unlink(&(0x7f0000000040)='./file0\x00')
mknod$loop(&(0x7f0000000200)='./file0\x00', 0x6000, 0x1)

2m1.514462418s ago: executing program 1 (id=3052):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000380), 0xfe, 0x571, &(0x7f0000001180)="$eJzs3c1rHOUfAPDvbF76kvbXFEr56UECPVip3TSJLxU81KNosaD3uiTTULLplOymNLFge7AXL1IEEQviH+DdY/Ef8K8oaKFoCXrwEpnNbLpNdvO6Nan7+cBunmdmdp95dub75Pvs7LIB9KyR/K4U8VJEfJVEHGtZ1x/FypGV7Zae3JrMb0ksL3/8exJJsay5fVL8HSoq/4+In7+IOFNa325tYXGmUq2mc0V9tD57fbS2sHj26mxlOp1Or41PTJx/c2L8nbff6lpfX7v017cfPXj//Jenlr758dHxe0lciCPFutZ+7MLt1spIjBSvyUBcWLPhWBca20+Svd4BdqSviPOByMeAY9FXRD3w3/d5RCwDPSoR/9CjmnlAc27fpXnwC+PxeysToPX97195byQONuZGh5eSZ2ZG+Xx3uAvt52389Nv9e/ktuvc+BMCmbt+JiHP9/evHv6QY/3bu3Ba2WdvGNse/5W3uEtDiQZ7/vN4u/8mKLQ427tfmP0NtYncnNo//0qMuNNNRnv+92zb/Xb1oNdxX1I42cr6B5MrVapqPbf+LiNMxcCCvb3Q95/zSw47j1NP8b7CRA+btN3PBYj8e9R949jFTlXplN31u9fhOxMtt899kNf9N2hz//PW4tMU2Tqb3X+m0rjX/bd//52v5h4hXi+N/+5k50dMrWsnG1ydHG+fDaPOsWO/Puyd/6dR+5/4ffQ69XS8//ofbnv+r/R9OWq/X1rbfxvcH/047rdv8+Lc//weTTxrlwWLZzUq9PjcWMZh8uH75+NPHNuvN7fP+nz7VPv43Ov8PRcSnW+z/3RN3O2661+d/3v+pbR3/7RcefvDZd53a39rxf6NROl0s2cr4t9Ud3M1rBwAAAAAAAPtNKSKORFIqr5ZLpXJ55fMdJ+JwqZrV6meuZPPXpqLxXdnhGCg1r3QPtXweYqz4PGyzPr6mPhERxyPi675DjXp5MqtO7XXnAQAAAAAAAAAAAAAAAAAAYJ8Y6vD9/9yvfXu9d8Bz5ye/oXdtGv/d+KUnYF/y/x96l/iH3iX+oXeJf+hd4h96l/iH3iX+oXeJfwAAAAAAAAAAAAAAAAAAAAAAAAAAAOiqSxcv5rflpSe3JvP61I2F+ZnsxtmptDZTnp2fLE9mc9fL01k2XU3Lk9nshk+W/BHVLLs+Nh7zN0fraa0+WltYvDybzV+rX746W5lOL6cD/1bHAAAAAAAAAAAAAAAAAAAA4AVSW1icqVSr6ZyCwo4K/ftjNxRWCs3A3vUT7u24BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACt/gkAAP//ys442g==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0)
open_by_handle_at(r0, &(0x7f0000000240)=@reiserfs_2={0x8, 0x2, {0xb}}, 0x0)
mount$9p_xen(0x0, &(0x7f00000000c0)='./file1\x00', 0x0, 0x8081, 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x200)

2m1.07213227s ago: executing program 1 (id=3057):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, 0x0, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x50)
capset(&(0x7f0000000dc0)={0x20080522}, &(0x7f0000000e00)={0x0, 0x4, 0x4, 0x0, 0x80000, 0xffffffff})
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1, 0x2a, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000b50000008200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8a00fe00000000bfa200000000000007020000f8ffffffb703000008000000b7040000010000008500000082000000bf91000000000000b7020000010000008500000085000000b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2m0.652983614s ago: executing program 1 (id=3063):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000180)='./file0\x00', 0x1400c, &(0x7f0000000080)={[{@test_dummy_encryption}, {@init_itable}, {@journal_dev={'journal_dev', 0x3d, 0x2}}]}, 0x3, 0x47a, &(0x7f00000006c0)="$eJzs3M1vG0UbAPBn13H65k1pTClfLR+BgqgQJE1boAcOgEDiUCQkOMDRSkJVmhbUBIlWkUg5lBNCSNwRR/4FTnBBiBMSV7ijShXqhZaT0dq7sZ3YTpPaccG/n+T2mf3IzOPd2czu2AlgZE1n/yQReyPit4iYahTbN5hu/Hfj+ur8zeur80nUam/9mdS3++v66nyxabHfZGshkjjUod7li5fOVpeWFi/k5dmVcx/OLl+89OyZc9XTi6cXzx87efLE8bkXnj/2XF/ynIw0j15/98s3Tn3elv+GPPpkutfKJ2u1Plc3XHe1xGNDbAfbU8qPV7ne/6ei1HL0puK1T9cLnwypgcDA1Gq12mT31Ws14D8sifayLg+jovhFX9z/droPfmlgo4/hu/Zy4wYoy/tG/mqsGVt/YlDecH/bT9MR8c7a319nrxjMcwgAgDbfZ+OfZ7LRzup8NvZojj/SuK9lu3353FAlIu6OiP0RcU+cjwMRcW9Efdv7I+KBbdbfMklSH2ZuHv+kV3ec3C3Ixn8v5nNb7eO/YvQXlVK9dLFRiHLy3pmlxaP5e3Ikynuy8lyPOn549dcvuq1rHf9lr6z+YiyYt+Pq2J72fRaqK9WdZ9zu2uWIg2Od8k/WZwKSiHgwIg52+gHp1nWcefrbh7qt2zr/Hvow0VT7JuKpxvFfiw35F5Le85Oz/4ulxaOzxVmx2c+/XHmzW/23lX8fZMf//x3P//X8K0nrfO3yNiuoRFz5/bOu9zTT5TzYxvm/Vl2pjidv1+PxfNnH1ZWVC3MR48mpotrm8mPNfYtysX2W/5HDnfv//mi+E4ciIjuJH46IRyLi0fzYPRYRj0fE4R5vwU+vPPH+xmUTRf53wPFf2Nbxbwbj0b4k7bBNFpTO/vhdW6WVZpjnf7P39e9EPTqSL7mV69/mVnQObvf9AwAAgH+DNCL2RpLOrMdpOjPT+Az/gcbUd+aj8wuN7whUopwWT7qmWp6HzuW39Y3y5YhofLSgWH880vpz469KE/XyzPwHSwtDzRyY7NL/M3+Uht06YOB8YQtGl/4Po6tn/y/vXjuA3bep//fs83sG2hZgd3X4/T8xjHYAu6/T+N/f+4HRsKH/m/aDEeL5P4wu/R9Gl/4PI2l5Irb+knzPoPhJO9x9q2Aq4nZbOJwgyndEMwYWRDrwKsYHe2ptHUzEjnZPhtnmfgVtl4l9u31dAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6Jd/AgAA///miM2S")
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000000), 0x8, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
chdir(&(0x7f0000000300)='./bus\x00')
symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000380)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

1m59.77533275s ago: executing program 1 (id=3069):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000280)={@val={0x0, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x3d}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x2, 0xb, 0x0, 0x0, 0x0, 0x1c, {[@window={0xa, 0x3}, @timestamp={0x5, 0x2}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0x4e)

1m58.772636389s ago: executing program 1 (id=3077):
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x10, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x6}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000003640)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000003580)=@newtfilter={0x30, 0x2c, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x14, 0x7}, {}, {0x8, 0x9}}, [@filter_kind_options=@f_u32={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x40)

1m58.208891189s ago: executing program 40 (id=3077):
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x10, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x6}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000003640)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000003580)=@newtfilter={0x30, 0x2c, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x14, 0x7}, {}, {0x8, 0x9}}, [@filter_kind_options=@f_u32={{0x8}, {0x4}}]}, 0x30}, 0x1, 0x0, 0x0, 0x80}, 0x40)

1m43.785036793s ago: executing program 2 (id=3179):
r0 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @empty}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000280))
shutdown(r0, 0x1)

1m43.406255624s ago: executing program 2 (id=3185):
syz_mount_image$squashfs(&(0x7f00000000c0), &(0x7f0000000080)='./file1\x00', 0x4, &(0x7f0000000280)=ANY=[], 0x2, 0x1b4, &(0x7f0000000800)="$eJzsVU+L00AU/71k2jQexKsieFC0PbRN45+rnqQfwA9gaWMtpqhNQVs8xFO/hwj9Gh7Er+BB2Uv3sCzsYfe6LFkm8yZN2sKyLGzLMj9If7/3ezOZN5ny5n30OXIAnFno4hVS2LiNf0QQAB6Q8l47ig/LihscHwjFNfZ/MP9njibTD50wDEYbRVIFio6NVedioVUdl5p2wwRtSMW41jL+OFg7ghjATnyf7QswiilYWy3M3fpnyQkSBce56guX4cvvFo7SXvb3+FtXircAkiRJpNdTD+XHyE70W41xpXdPpA/ZSLIxsvnJ4AmA05/DT81oMq0Php1+0A/I95++8J553nO/+W4QBp76pdwSFv8hJNcAyJ7q5vIlAHvcYG9hHbp8zpO7Ur5G9eFSE6+n5yYsCL+yudzbId/xBo9RAfAlpqWrC0e6pTYINkQatERuHbW3SppodD+GvRkIxCO9OQQsPW2BUhb4WSAK250Bd2VpjzhuM8+ZF8z6ztJ3kZA9CPscVWOgjK+d8XjUkpZSqadrVp5/J0bugOSqJ+Xi5u47G07FwMDAwMDAwGCncR4AAP//mMZQbw==")
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x121140, 0x13d)
mmap(&(0x7f0000454000/0x3000)=nil, 0x3000, 0x200000d, 0x12, r0, 0x2000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3)

1m43.004662063s ago: executing program 2 (id=3189):
r0 = syz_mount_image$btrfs(&(0x7f00000004c0), &(0x7f00000015c0)='./file0\x00', 0x0, &(0x7f0000000180)={[{@clear_cache}, {@user_subvol_rm}, {@nodiscard}, {@noautodefrag}, {@autodefrag}, {@ssd}, {@max_inline={'max_inline', 0x3d, [0x7, 0x32, 0x38, 0x2d, 0x35, 0x36, 0x78, 0x2d, 0x2d, 0x37]}}, {@space_cache}]}, 0x0, 0x559e, &(0x7f00000103c0)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
chdir(&(0x7f0000000080)='./file0\x00')
ioctl$BTRFS_IOC_QUOTA_CTL(r0, 0xc0109428, &(0x7f0000000580)={0x1})
r1 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
fallocate(r1, 0x1, 0x0, 0x1001f0)

1m40.564643932s ago: executing program 2 (id=3200):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f00000001c0)={[{}, {@init_itable}, {@nolazytime}, {@noblock_validity}]}, 0x3, 0x453, &(0x7f0000000780)="$eJzs3M9vFFUcAPDvzHaLCNiKqPxS8Vck/mgpoHLwoEYTD5iY6EGPTVsIslBDayKEKBiDJ2NMvBuP/gt60Ysxnoxe9W5IiOECeFozuzN0d7u7tNsti93PJxl4b+ZN3/v2zdt9M2+3AQytfdk/ScTWiPgzIsbq2eYC++r/Xb96fubG1fMzSVSrb/+T1Mpdu3p+pihanLclz+xPI9LPktjTpt6Fs+dOTlcqc2fy/OTiqQ8mF86ee+7Eqenjc8fnTh88cuTwoakXXzj4fF/izNp0bffH83t3vfHeV28e/aIp/pY41mznpsYf3daT1WrfqrsTbGtIJyMDbAirUoqIrLvKtfE/FqVY6ryxeP3TgTYOWFfVarW6pfPhC1VgA0uiOW/Iw7Ao3uiz+99ia50EvLx+04+Bu/JK/QYoi/t6vtWPjESalym33N/2076IePfCv99kW/T7OQQAQBs/ZvOfZ9vN/9J4oKHcPfna0HhE3BsR2yPivojYERH3R9TKPhgRO1dZf+siyfL5T3q5p8BWKJv/vZSvbTXP/4rZX4yX8ty2Wvzl5NiJytyB/HeyP8qbsvxUlzp+eu2PLzsda5z/ZVtWfzEXzNtxeWRT8zmz04vTa4m50ZWLEbtH2sWf3FwJSCJiV0Ts7rGOE09/t7fTsVvH30Uf1pmq30Y8Ve//C9ESfyHpvj45eVdU5g5MFlfFcr/+dumtTvWvKf4+yPr/7rbX/834x5PG9dqF1ddx6a/PO97T9Hr9jybv1NKj+b6PphcXz0xFjCZH641u3H9w6dwiX5T/4ff6/nbjf3ss/Sb2RER2ET8UEQ9HxCN52x+NiMci4vEu8f/y6hPv9x7/+sr6f3ZV/b+UGI3WPe0TpZM/f99U6fiy+G907//DtdT+fM9KXv9W0q7ermYAAAD4/0kjYmsk6cTNdJpOTNQ/L78jIq3MLyw+c2z+w9Oz9e8IjEc5LZ50jTU8D53Kb+vr+YsRUf9oQXH8UP7c+OvS5lp+Yma+Mjvo4GHIbekw/jN/lwbdOmDd+b4WDC/jH4aX8Q/Dy/iH4dVm/G8eRDuA26/d+/8nA2gHcPu1jH/LfjBE3P/D8Oo4/jfyX/4Barz/w1Ba2By3/pJ810Txk3o8fcMmonxHNGPtiWrStnMjHXTDJNYzMdjXJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH75LwAA//8HW+BC")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000580)=""/174, 0xff56)

1m39.01268789s ago: executing program 2 (id=3212):
r0 = syz_io_uring_setup(0x10d, &(0x7f0000000540)={0x0, 0xd4bb, 0x400, 0xfffffffd}, &(0x7f0000000380)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0x10000, 0x0, 0x4)
r3 = socket$tipc(0x1e, 0x5, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x1, r3, 0x0, 0x0, 0x0, 0x80800})
io_uring_enter(r0, 0x3517, 0xc2de, 0x9, 0x0, 0x0)

1m38.500189279s ago: executing program 2 (id=3218):
r0 = io_uring_setup(0x560d, &(0x7f0000000680)={0x0, 0xb586, 0x8, 0xfffffffe, 0x3bd})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000440)=ANY=[@ANYBLOB="1400000010000100000000000060ff000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c000080080003400000000214000000110001"], 0xb0}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
close_range(r0, 0xffffffffffffffff, 0x0)

1m37.923999655s ago: executing program 41 (id=3218):
r0 = io_uring_setup(0x560d, &(0x7f0000000680)={0x0, 0xb586, 0x8, 0xfffffffe, 0x3bd})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000440)=ANY=[@ANYBLOB="1400000010000100000000000060ff000500000a3c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc4c0000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000020000380100000800c00018006000100d10300000c000080080003400000000214000000110001"], 0xb0}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
close_range(r0, 0xffffffffffffffff, 0x0)

1m33.192770276s ago: executing program 6 (id=3249):
r0 = gettid()
timer_create(0x8, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = socket$kcm(0x2d, 0x2, 0x0)
recvmsg(r2, &(0x7f0000001800)={0x0, 0x0, 0x0}, 0x0)

1m32.321036488s ago: executing program 6 (id=3251):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000040)="05806ab382844306d758e60803dc", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r1, 0x8943, &(0x7f0000000900)={'syz_tun\x00', @random='\x00\x00\x00 \x00'})

1m32.184534009s ago: executing program 6 (id=3252):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
r2 = pidfd_getfd(r1, r1, 0x0)
setns(r2, 0x66020000)
umount2(&(0x7f0000000180)='.\x00', 0xd)

1m32.091957056s ago: executing program 6 (id=3254):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f00000001c0)={[{}, {@init_itable}, {@nolazytime}, {@noblock_validity}]}, 0x3, 0x453, &(0x7f0000000780)="$eJzs3M9vFFUcAPDvzHaLCNiKqPxS8Vck/mgpoHLwoEYTD5iY6EGPTVsIslBDayKEKBiDJ2NMvBuP/gt60Ysxnoxe9W5IiOECeFozuzN0d7u7tNsti93PJxl4b+ZN3/v2zdt9M2+3AQytfdk/ScTWiPgzIsbq2eYC++r/Xb96fubG1fMzSVSrb/+T1Mpdu3p+pihanLclz+xPI9LPktjTpt6Fs+dOTlcqc2fy/OTiqQ8mF86ee+7Eqenjc8fnTh88cuTwoakXXzj4fF/izNp0bffH83t3vfHeV28e/aIp/pY41mznpsYf3daT1WrfqrsTbGtIJyMDbAirUoqIrLvKtfE/FqVY6ryxeP3TgTYOWFfVarW6pfPhC1VgA0uiOW/Iw7Ao3uiz+99ia50EvLx+04+Bu/JK/QYoi/t6vtWPjESalym33N/2076IePfCv99kW/T7OQQAQBs/ZvOfZ9vN/9J4oKHcPfna0HhE3BsR2yPivojYERH3R9TKPhgRO1dZf+siyfL5T3q5p8BWKJv/vZSvbTXP/4rZX4yX8ty2Wvzl5NiJytyB/HeyP8qbsvxUlzp+eu2PLzsda5z/ZVtWfzEXzNtxeWRT8zmz04vTa4m50ZWLEbtH2sWf3FwJSCJiV0Ts7rGOE09/t7fTsVvH30Uf1pmq30Y8Ve//C9ESfyHpvj45eVdU5g5MFlfFcr/+dumtTvWvKf4+yPr/7rbX/834x5PG9dqF1ddx6a/PO97T9Hr9jybv1NKj+b6PphcXz0xFjCZH641u3H9w6dwiX5T/4ff6/nbjf3ss/Sb2RER2ET8UEQ9HxCN52x+NiMci4vEu8f/y6hPv9x7/+sr6f3ZV/b+UGI3WPe0TpZM/f99U6fiy+G907//DtdT+fM9KXv9W0q7ermYAAAD4/0kjYmsk6cTNdJpOTNQ/L78jIq3MLyw+c2z+w9Oz9e8IjEc5LZ50jTU8D53Kb+vr+YsRUf9oQXH8UP7c+OvS5lp+Yma+Mjvo4GHIbekw/jN/lwbdOmDd+b4WDC/jH4aX8Q/Dy/iH4dVm/G8eRDuA26/d+/8nA2gHcPu1jH/LfjBE3P/D8Oo4/jfyX/4Barz/w1Ba2By3/pJ810Txk3o8fcMmonxHNGPtiWrStnMjHXTDJNYzMdjXJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH75LwAA//8HW+BC")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@xino_auto}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000580)=""/174, 0xff56)

1m31.586845008s ago: executing program 6 (id=3259):
r0 = syz_usb_connect(0x0, 0x5a, &(0x7f0000000080)=ANY=[@ANYBLOB="1201000060f94d100d05020027230102030109024840020000000009047d04031d5abf0009050400005539000009050b00000000000009050200000005000009047d01013481af0009a00e00230000690009047dbe"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000600)={0x44, &(0x7f0000000340)={0x40, 0x15, 0x5, "153c140b35"}, 0x0, 0x0, &(0x7f00000004c0)={0x20, 0x81, 0x1, "99"}, 0x0, 0x0, 0x0, 0x0})

1m31.028149042s ago: executing program 6 (id=3268):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
sendmsg$NL80211_CMD_SET_BSS(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000440)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00042cbd7000fedbdf251900000008000300", @ANYRES32=0x0, @ANYBLOB="ebff1d000800000091"], 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x10040800)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000), 0x20000328)

1m30.494865795s ago: executing program 42 (id=3268):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
connect$inet(r0, &(0x7f0000000140)={0x2, 0x0, @remote}, 0x10)
sendmsg$NL80211_CMD_SET_BSS(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000440)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=0x0, @ANYBLOB="00042cbd7000fedbdf251900000008000300", @ANYRES32=0x0, @ANYBLOB="ebff1d000800000091"], 0x24}, 0x1, 0x0, 0x0, 0x20000000}, 0x10040800)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000000000), 0x20000328)

6.030631986s ago: executing program 0 (id=4000):
syz_emit_ethernet(0x2e, &(0x7f0000000000)={@random="83b6a82dcf49", @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x73, 0x0, @private, @multicast1}, {0x0, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[], 0x32651)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r0, 0x0)
setitimer(0x1, &(0x7f0000000000), 0x0)

5.813898765s ago: executing program 0 (id=4004):
ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000240)={{&(0x7f0000400000/0x1000)=nil, 0x20400000}, 0x1})
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f00000013c0)={0x0, 0x2, 0x2, {0x5, @vbi={0x0, 0x0, 0x4, 0x0, [], [0x8200], 0x1}}})
ioctl$VIDIOC_QBUF(r0, 0xc058565d, &(0x7f0000000200)=@fd={0x0, 0x5, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "8000"}, 0x0, 0x2, {}, 0x20800})
kexec_load(0x0, 0x1, &(0x7f0000000480)=[{0x0, 0x11, 0x11000000, 0x1000000}], 0x0)

5.370855394s ago: executing program 0 (id=4009):
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000240)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x4f3, 0x755, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x40, 0xb1, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0x101, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0xc}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000340)={0x2c, &(0x7f0000000040)={0x20, 0xa, 0x7, {0x7, 0xf, "00f4000000"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$hidraw(&(0x7f0000000280), 0x82, 0x2)
ioctl$HIDIOCGRDESC(r1, 0x90044802, &(0x7f0000000380)={0x81b, "aaa41a472088c4ce2d3878ce1e93dfdd7eb8190756adea8b433e4f053d616807df1c65c7d340421a5dbafec7c320f7b9453d70e62165eb6ed1d7ab5744426eff2dbfa501ace70bfa599c8ce3f62ed19b86fb878d7444e764b4922c4a3c84439c4b88d460840da4c9e1c16a43d6c28080473c6d52a33eba660a01d6324e44af2ac2cb51f08228c6e9788cbb9afc7280132d36ce779b647d73733d7f7b0ddf49a2f8a2d301b2213515b6df20d1827b871124fae0a01baa787570cb4d7ee69663f147dfd7d67c4d617fcdf6462931af423beefd138c222f019d745a2dbfe636da574b4990d15e434d96a2f8aadcfe549cf9904f170df52e6235b6d51650ec0f1f6e871f061ed7d09476f0180f010f6b096148f01127d5781cf0a2a98d905e578f0b2d5c96d42ce9b78e3692820562714b43b39cdf446d4ebe44429e74c9296b8939b96befefd6945ecbfee0f149726af9f28b6e161946c3184e648942fc58947cd8962290ab64390656ac0658a575da2397d7857644901c8292ea5f3d0878dcf8f535a17e9aee082270bb640e18d252fdec1c215088feda602597116b3a830992acf6f0236b1a22e9ed5b83616f15fcdbd3c55442d746948b2fefb73f753a1dfefcf1a948331633c356123e36418a2d7e3afff1e9c01cd7e1a2df949166a761861377fdda0a44d3470dce2dfde9947d1e43deab6e203e488447d64c513108fa6f2da6e19a60733356200b295b70fd8ec964dd944d266e6b77218f0019dfaa1e4e1380277fe1303b9c600f85df19e94974f91b9df7c8006137c08d5c0b2419a1dd1d5f2534ef49840d360b20c951f8edf9b3c999e51f831d75e3e8a9be5de99415a397a6b637a20a924686dd58608f3872fa90b029e7584fc44995fc0b9606dde102b33d4d4984d337df4de92601296f953e32a588a000d977f44766bc535b41512bacc222fd6f09d5bac123f5626855a419a87d7d98b001879d7f88ce9ef35898275c99b4c7e4ea5e6df05afb1537bb9d45395efbec71d19ace57e87184863957410551e16be9e3c0592f9a2e8ed82874b34a4575756fc147bb4b4da90ac9dd2016e5b2ad2041745e3b27f61dd3ad8f0b94278781b50beba8c6eb58a84207617f1143b46bca74d0ea4517d6294b8eed593c1193b3a21132d910bb3d45c54fc4a1c043ab6f550b4ef8d9b837380979b69b6e6c7633291dacb9c40c2270b660175c81d3cfb7bcf0179465fbf8abcdc8f3f55e94a8cd8cb0befb34ef146db6b81f43a057278455d010ddfbdc17016e075221959f9381ba974317797ec2b3506cb3a94faa22945e355fa476d438b02ebe5434dd99c3db69c188583a43041f4df6e52d3b3b3928e2d2b65734a4d82e437917ef70acd2dd45e4677c48cc2e6373f130b1d3e6b7f8eaf494415533660144d78426736256d9df464a09586b9ad5b2976bd46aa36eb18f9859afa23facbcbe07a4b1e56b2889f3b5cda34ef2666c58f0ab8cfc3d6fba98e9cf41bb04219a326f869b7f032c7488a15573cad9a93cd1ac1400d139eb9ef7765840a73eb927da436d077f6bb1ccae9e8f95cf2609684104e9e3424f06d7a65d74cdc4ed67926e442a7c391621f626286739246515d756eb160676851389fec74c1f0abace2d57002c185f3d4eef85b708d06a58e73c1b0fe56f80bbd383cb3ea57a229a4813ab3d666772e98f42187caa428d20929699c3d4f7cb8450fb7e7453cedf179c64af8569e0beeb652081319700ec30af6e35215b1aa3adf91c62181b47ca32f32f8ce3876fe3796f57f9c36c8888bcefba5d8528afd236855449e91c04ca7b61fc3d073c847ce82107619120f72e2b0d4bb0169fcb0d7e20ef6edd133b94a8ed7ca3138ef0c55b395b2b69839e99a376a6206bc6c7a1d1e4985e6b62afa264083714f920c84b16af600eb9bd138bf5e7c3f0b86384ed3118d10e22fccbbdc543dd15d1107d0bc9d1bbe291063ab81d95aa99cfc43cc0ed81eb6af713ac51fa8e6066434452180a39b69b31a05ddb47ff947c1ca1ec5b0bada4fad3b0e188a291f1b5d2ab53dcf7eefda178f86986440afe73c29ae83a42a04b3330100f3e85cb605e8cb9328c7451dcab3c6f88bdf384531dcec90937e570bbf1920f93dc04321e768742f0b9362fb3b4a63094c58ce5439c3f8cd719060dcd8d5868e25cc16d1e78b1ba06499611ee15d2415648ce9baef3233578c0b51103d917e8549b075a51c4c7061078e05c65d3d55a5b08c20b616ed4c462d77d542450bfabd9d100a5ba7da4913a2af8abc4dfa975ba1b3d39bbce7fce8b6cb9c73ff967685f5238b1a6cb946949ef15bb0c86dbc54abe24329bcec05d0dbb7b8369a4b2d3c13fdab8c8191f6b433fed62098cc06add86fa36600c7b44158c03a9312cf372489b946edad8ea2421580cd75b428a697f08920ad2f59eb5eda3e2ce945a1545bd57eed779439e3fd4fe5b38c7749a693475535d214b75932fb89ffe50a3f75c79428c21dc5449e7294786d4f572f9627aebc3404d2e5cf7c2ac8dbafaf25920522e0da0908102a6ffc0a8492549379bf502ef5806e24ca9868a99918f6269a0216ee5334b345c03f36426d693357117d5854b768f721fe2a9bd71fcbe7eee1c248efbf29744f543a8db46d54de7bd483395c1ba0240a6546470b04cf4aefcae3f367c3977c30b044b748ec029d0195f978b608361bd6a6077c80f0529e99a175af3aba0d5af5db12368f4d7aed328506d65b580d833e0e70d152485c175ee6f0d418f324a5a2d438f2c3c64b7ebe907fd3d83585f923c6e115271dee57e3f5526454b7020a3051cc1b6749eb126614ffedbec98714907daffc18047a3be8747bb2e04b3c36590c8ac3af1569982445537c142219ef9f6364234f42acec823dbeb1c7cb4f61fd9afd3b99b8b5b72eac2a797390c13"})

4.72692845s ago: executing program 4 (id=4014):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_int(r0, 0x6, 0x19, &(0x7f00000001c0)=0x1, 0x4)
bind$inet(r0, &(0x7f0000000100)={0x2, 0x4e24, @loopback}, 0x10)
sendmmsg$inet(r0, &(0x7f0000004980)=[{{&(0x7f0000000000)={0x2, 0x4e24, @loopback}, 0x10, &(0x7f0000000040)=[{&(0x7f0000000340)="b9cd14c222ee", 0x4b}], 0x1}}], 0x1, 0x20008000)
setsockopt$inet_tcp_TLS_TX(r0, 0x6, 0x1, &(0x7f0000000140)=@gcm_128={{0x304}, "60000100", "9de66ebc3914c06f0f109088d190e700", '\x00', "f8dde5bf3eba23db"}, 0x28)

4.423631353s ago: executing program 4 (id=4017):
ioctl$vim2m_VIDIOC_S_CTRL(0xffffffffffffffff, 0xc008561c, 0x0)
r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1adb23610000000109022d0001100000000904000003fe03010009cd8d1f000200000009050502000000001009058b1e20"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000240)={0x84, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
ioctl$FS_IOC_GETVERSION(r1, 0x40045b0a, 0x0)

4.01312184s ago: executing program 5 (id=4021):
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3200009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}]})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0, 0x1)
open_by_handle_at(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="18"], 0x98300)

3.707831114s ago: executing program 5 (id=4025):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000002880), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f00000000c0)={'batadv_slave_1\x00', <r2=>0x0})
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000180)={'batadv0\x00', <r3=>0x0})
sendmsg$BATADV_CMD_SET_HARDIF(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)={0x2c, r1, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r2}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r3}, @BATADV_ATTR_HOP_PENALTY={0x5, 0x35, 0x2}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4c000}, 0x4040000)

3.496619698s ago: executing program 5 (id=4027):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'team_slave_1\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd27, 0xffffffff, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x2, 0xfff3}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x3ff, 0x2}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x4000, &(0x7f0000000140)={&(0x7f0000000840)=@newtfilter={0x5c, 0x2c, 0xd2b, 0x703d2b, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0xf}, {}, {0x7, 0x9}}, [@filter_kind_options=@f_u32={{0x8}, {0x30, 0x2, [@TCA_U32_CLASSID={0x8, 0x1, {0x7, 0x10}}, @TCA_U32_SEL={0x24, 0x5, {0xa, 0x7, 0x1, 0x3d3f, 0x0, 0xfff, 0x3, 0x58f, [{0xebd, 0x1, 0x1, 0xb}]}}]}}]}, 0x5c}}, 0x404c004)

3.317700062s ago: executing program 0 (id=4031):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000bc0)={{0x12, 0x1, 0x0, 0xa0, 0x11, 0xaa, 0x10, 0x2001, 0x4002, 0xdfbf, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xa0, 0xe6, 0xce}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000780)={0x1c, &(0x7f0000000040)=ANY=[@ANYBLOB="000001"], 0x0, 0x0})

3.205383521s ago: executing program 5 (id=4032):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000bc0)=ANY=[@ANYBLOB="0a000000050000000200000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x3}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x2000000, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='ext4_ext_remove_space_done\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f00000005c0)='./file1\x00', 0x18000, &(0x7f0000000000), 0x1, 0x632, &(0x7f0000001280)="$eJzs3c9rHNcdAPDvzEqyZauVXUqpTUsFPdhQvJZcU7c92e6hPhhqqA8h5GBhSY7w+geWDLZjsAw5JJBACLmG4Ev+gZBr0DXkFgKJbzkHnBCc5JAEb5jZWWuz2rU3kla78Xw+MDNvfmjf++7s2/dmZkcTQGlNZaM0Yl9EnEsiJlvWTURj5VSx3cOvb5/PhiTq9f9/lURSLGtu/6iY7s5GSeNvPj4Z8bvK+nyXbt66OFurN9yJOLx86erhpZu3Di1emr0wf2H+8syRfx49Nv2vmQ+3Js7dxfTU6f/96fWXX/zHwie1Q0kcj7OjL81FWxxbZarx7kYWYuvykYg4liU6vC+wnSrF53E0Iv4Qk1HJ5xomY/G1gRYO6Kt6pdE+1cfqQOkk0UwMuCDANmv2A5rH9v04Dh5mD05k4xsd4h8pjt535sdGux4mLUdG2dKIPVuQ/0pE/Hh7/9vZEF3OQ4xsQT5d878bEX/stP+TPP49eaRZ/GmkLX+XpaeLcxtZ+f6ziTIkLenePn93NpHbz/2S+Fv3Qxb/8WKaLT/Z5fWfdopnqm2+bPUPgMFYPVE05FlHJNbav6xn2Oz/RHv/p/5+fm2ove3aiO7tX7oFr/50ef9vpFP732zvd+ZteNrWD0ti5dsznV9ytH3B56+eerNb/lMt/b9syPJv9gV7sOmu4YO7Efvb4n8lf+uTx/s/6dD/zfp753rM47+ffnmq27pNxr9p9XsRBzoe/6z1SrNU2/XJJJrXJ4/OHF5YrM1PN8Yd8/jgoxfe7Zb/oOPP9v+uLvE/af9ny672mMd7Z+5daqR2rFs38dT40y/GkrN5aiwfr1WvseR0sUljcmN2efnakSeXpblNPp1pxH/wr53rf5f484OP8eZXZg+uPnfxYbd1m9z/j+o9bthNFv/cBvf/Gz3m8d3z1//cbd36+NfOSYxvNCgAAAAAAAAoqTS/Bpuk1cfpNK0WF95+H7vS2pWl5b8tXLl+eS7iYP57yNG0eaV7sjGfZPMzxe9hm/NH2ub/HhF7I+Ktyng+Xz1/pTY36OABAAAAAAAAAAAAAAAAAABgSOwu7v9/VDwP7JtKmlargy4VsG36+YA5YLip/1Beef3fnuetAUNG+w/l1bH++1KAUlDVobzUfygv9R/KS/2H8lL/oby61/91a+72uywAAAAAwJbZ+5fV+yMRsfLv8XzIjBXrRgdaMqDf1HEor8qgCwAMzOML/G7/h9Lpqf//ffHPAftfHGAAkpb0SjORdw7qT678q0nfywYAAAAAAAAAAAAANBzYt3o/cf8/lJLb/qC8Nnb/f2XjfwoMjU7/+t/jQKAcHONDyfVwEmBntxXu/wcAAAAAAAAAAACAbTORD0laLX4GPBFpWq1G/CYi9sRosrBYm5+OiN9GxGeV0R3Z/MygCw0AAAAAAAAAAAAAAAAAAADPmKWbty7O1mrz11oTP6xb8mwnmk88HZbytCYi6XsWabQtGY+IYYi9P4mRliVJxEq257filZPNf35iGN6fIjHgLyYAAAAAAAAAAAAAAAAAACihlnuPO9v/zjaXCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC239rz//uXGHSMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCv008BAAD//xS+O5U=")

2.887969469s ago: executing program 5 (id=4035):
r0 = syz_usb_connect(0x0, 0x3c, &(0x7f0000000380)=ANY=[@ANYBLOB="120101000814c910be0632a2f333010203010902120001000000000904"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_RDWR(r1, 0x707, &(0x7f0000000440)={&(0x7f00000000c0)=[{0xf5ff, 0x11, 0x0, 0x0}], 0x1})

2.687429444s ago: executing program 4 (id=4037):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000580)=[@in={0x2, 0x4e21, @empty}], 0x10)
sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x1)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r1, 0x84, 0x85, &(0x7f0000000400)={0x0, @in={{0x2, 0x4e21, @local}}, 0xff8, 0x4001}, 0x90)

2.686519505s ago: executing program 9 (id=4050):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1700000007"], 0x50)
sendto$packet(0xffffffffffffffff, &(0x7f0000000000)='[', 0x1, 0x20004840, 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

2.558931648s ago: executing program 9 (id=4038):
mmap(&(0x7f00009fd000/0x600000)=nil, 0x600000, 0x2000001, 0x6031, 0xffffffffffffffff, 0x4000)
mremap(&(0x7f0000ceb000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
munlock(&(0x7f00002a4000/0x2000)=nil, 0x2000)
munlock(&(0x7f0000daf000/0x1000)=nil, 0x1000)
munlockall()

2.360048656s ago: executing program 4 (id=4040):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000105509147200ed0000000109022400010000000009040000030300000009210000000122050009058103"], 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x11, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000300)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000140)={0x24, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x22, 0x5, {[@main=@item_4={0x3, 0x0, 0xb, "1a3952b5"}]}}, 0x0}, 0x0)

2.232837426s ago: executing program 3 (id=4041):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7ffffffe)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

2.112162762s ago: executing program 3 (id=4042):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000000100)={@val={0x0, 0x800}, @val={0x3, 0x0, 0x0, 0x0, 0x14}, @ipv4=@icmp={{0x5, 0x4, 0x0, 0x0, 0xfde1, 0x66, 0x0, 0x0, 0x1, 0x0, @private=0xa010100, @local}, @redirect={0x5, 0x0, 0x0, @multicast2, {0x5, 0x4, 0x3, 0x2, 0xf6c, 0x68, 0x2f, 0x5, 0x33, 0x1, @remote, @rand_addr=0x64010101}}}}, 0xfdef)

1.855112947s ago: executing program 9 (id=4045):
r0 = syz_open_dev$radio(&(0x7f0000001640), 0x0, 0x2)
r1 = syz_open_dev$radio(&(0x7f0000000000), 0x0, 0x2)
r2 = dup2(r1, r1)
read$FUSE(r2, &(0x7f0000000540)={0x2020}, 0x2020)
preadv(r0, &(0x7f00000033c0)=[{&(0x7f00000031c0)=""/207, 0xcf}], 0x1, 0x6, 0x0)

1.799325512s ago: executing program 3 (id=4047):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r0 = landlock_create_ruleset(&(0x7f0000000180)={0x100}, 0x18, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000200)={0x100, r1}, 0x0)
close(r0)

1.612815682s ago: executing program 9 (id=4048):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-avx2\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380), 0xa, 0x4004000}], 0x1, 0x40800)

1.598546337s ago: executing program 7 (id=4049):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000200)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)={0x28, r1, 0x1, 0x80000000, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0xc, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HT_OPMODE={0x6, 0x16, 0xa}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x8cdee586d14ea9fb}, 0x0)

1.591256574s ago: executing program 3 (id=4051):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a2c000000000a499d0000000000000000020000010900010073797a310000000008000240000000030400060014000000110001"], 0x54}}, 0x0)
sendmsg$NFT_MSG_GETTABLE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000000c0)={0x14, 0x1, 0xa, 0x201, 0x0, 0x0, {0x2, 0x0, 0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x4004}, 0x10)

1.545555942s ago: executing program 9 (id=4052):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112})
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000240)=ANY=[@ANYBLOB="e80000006c00010029bd7000fcdbdf2500000000", @ANYRES32, @ANYBLOB="001000008000000008000f002000000014003500726f7365300000000000000000000000a40034801400350070696d367265673000000020000000001400350076657468305f6d614176746170000000140035006d61637674617030020000000000000014003500677265300000000000000000000000001400350076657468305f746f5f626174616476001400350001657468315f6d6163767461700000001400350067726530000000000000000000000000140035006261746164765f736c6176655f31000008000f"], 0xe8}}, 0x0)
close(r0)

1.443078856s ago: executing program 3 (id=4053):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
r1 = syz_io_uring_setup(0xcd0, &(0x7f0000000400)={0x0, 0x586d, 0x10300, 0xfffffffe, 0x152}, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000e40)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0xa3d, 0x0, 0x0, 0x0, 0xff39)
write$dsp(r0, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000)

1.384855623s ago: executing program 7 (id=4054):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/locks\x00', 0x0, 0x0)
pread64(r0, &(0x7f00000024c0)=""/209, 0xd1, 0x8)
r1 = open(&(0x7f0000000000)='./file1\x00', 0x1e07c0, 0x78e22799f4a46fbe)
fcntl$setlease(r1, 0x400, 0x0)
fcntl$setlease(r1, 0x400, 0x2)

1.277611331s ago: executing program 7 (id=4055):
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000100)='./file1\x00', 0x4, &(0x7f0000000340)={[{@uid}, {@type={'type', 0x3d, "0142bc05"}}, {@type={'type', 0x3d, ' qs!'}}, {@barrier}, {@part={'part', 0x3d, 0x7}}, {@force}, {@gid}, {@nls={'nls', 0x3d, 'koi8-ru'}}, {@nobarrier}, {@creator={'creator', 0x3d, "ef6a7415"}}]}, 0xfc, 0x6e0, &(0x7f0000000580)="$eJzs3c1vHGcdB/Dv7K7fUtE4bdIWVImoEQURkfhFKQQJJSCEfKhQBAckbiZxGiubtLJdcCME4f3aQ/+A9pAbJyTuQeUMFwRHi1MlRC+cfFs0s7Prje111nESx/D5VLPzzDzvv52Z3dnUmgD/txbOpnU/RRbOvrlebm/cm29v3JufqLPbScp0I2l1VyluJ8XHyeV0l3y23FmXL4b188Hyxe/9/T8bn3S3WvVSlW/srPfzTpIvjD6Lu/WS00ma9XqnsW3bE8nkw9u7OrS9fit9u8+/6OeUATvTCxwcts4Od/dTfej5DhwdRb7xmd32TyfH0v2YrD7n6qtD4+mO7vHb11UOAAAADtnCv0/N7af8VL0+vpnNrB/523gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4qoqk2V1VS6OXPp2i9/z/8Xpf6vSRdv+wBwAAAAAAAAAAO4w9sDWeZKK3cWn3Gp/fzGbW83xvu1NU/+b/WrVxsnp9Lu9mNUtZybmsZzFrWctKZpNMD3a2vri2tjI7Qs25XWvOPTiu5mgTnhytGAAAAAAAAAD8z/tlFrb+/R8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4FRdLsrqrlZC89nUYryWSS8bLc3eSvvfQRUey28/7THwcAAAAcyOQj1Dm+mc2s5/nedqeo7vlfqu6XJ/Nubmcty1lLO0u5Vt9Dl3f9jY178+2Ne/O3yuXAQ69aTPe3h917fqUqMZXrWa72nMvVajDX0qhqlv6Z5FZvTDvH9YtPy7Yvdf1kxJFdq9dlZ+/3fkWYOPCEH4PppNXIWD8iM9XYugfBicEo7IzENz8d1ujl7qq1vacM9jSbRv+Xn5PdHsrkQ2N+acSZHavX5Xx+O+yXm8dtcqvTu0ML9SPRSBWJuYGj76W9Y5588Y+/f/9G+/bNG9dXzz6VKT1J24+J+YFIvDxCJH7wzEaitXd2Y/uOmWrnqd7mR88l+X7O5nSuZCXL+XEWs5alFPVMF+vjuXyd3jtSlx/YujJkAH3j9fvSrMv1x5SFfGfXMZ3Ot6vUYl6r6j6f5RR5O9eylDeq/+Yym6/mQi7k4sA7fGrouKu5VWd9Y39n/Zkv1YmpJL+r14ete1Eo43piIK6D19zpKm9rz9hAlF7Y+93deW18+JRbn6sTZR+/2vNoeNq2R2J2IBIv7h2Jjzrl62r79s2VG4vv7PLp2inGqvXfziSdTnff63VeecT95uFff/500Pk9xMB1rDxeXshkfSU5kbHu0Jq9vBf7V5kqXuOD9U728x78xB3PZHk+N7o9dc/U7w49U8fr73A7W5qr8l7eNW++yntlIG/w+1bydtr970MAPMOOffnY+NS/pv4y9eHUr6duTL05+a2Jr028Op6xP499vTXTfL3xavGHfJifbd3/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAj271vTs3F9vtpZXdE43m0KwhiXTu3FzsPcln1FpZLeon6eyrr8NK9B/584yM54kkih17yhk/ni56Tz7aX62ZnUfU5cMM1D/2WyuTA1NuDi18rE50jnejtK8uprcfmcmQwhPdYDaHnKf1W/QoDxcFjoTza7feOb/63p2vLN9afGvpraXbYxcuXJy5eOGN+fPXl9tLM93Xwx4l8CRsfW8HAAAAAAAAAAAAjooR/67gyg9/VP0fgo/09xKHPUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgaFs4m9b9FJmdOTdTbm/cm2+XSy+9VbKVpNFIip8mxcfJ5XSXTA80Vwzr54Pli80kn2y11eqVb+xRrzMx0izu1ktOJ2nW6wN4oL2rB26v6M+wDNiZXuDgsP03AAD//9ev6fg=")
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
mkdirat(r1, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0)
renameat2(r1, &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r0, &(0x7f0000000180)='./file1\x00', 0x4)

1.268929429s ago: executing program 9 (id=4056):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x4000, &(0x7f0000000040)=ANY=[], 0xff, 0x60c0, &(0x7f000000d800)="$eJzs3U1vHVf9B/DfffC147RpVP1V5R+xcFMeWkrznEB5asqCBSxAQl2TyHWrlBRQEhCtIuLKC8QGeAmw6YZFJV4BL6CvASGxJVLSVReUQWOf44xvrn3tJp659vl8pJuZ35w7vmfyveOZ65m5EwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/OD7PznXi4irv04Tjkc8FYOIfsSRul6KeuRKfv4wIk7EenM8FxGD+Yh6/vV/nom4GBEfH4u4/+DOcj35/C77cens7Zuf/fB7//jdH9dOvPPmTz8cb//x/1346Pd3I47/6NWPPrv7ZJYdAAAASlFVVdVLH/NPps/3/a47BQC0Im//qyRPV6vVavUTrf/Q38vznzradX/Vh7Ruqia72ywiYrU5T73P4HA8ABwwq/Fp112gQ/Iv2jAijnbdCWCm9bruAPvi/oM7y72Ub6+5PVjaaM9/p9yS/2pv8/qO7YbTjJ9j0tb7ay0G8ew2/TnSUh9mSc6/P57/1Y32UXrefufflu3yH21c+lScnP9gPP8xW/L/U0Qc2Pz7E/MvVc5/uJf8VwcHeP2XPwAAAAAAh1/++//xjo//zj/+ouzKTsd/l1rqAwAAAAAAAAA8aY97/79N7v8HAAAAM6v+rF7787GH07b7LrZ6+hu9iKfHng8UZqnx5YAAAAAAAAAAAAAAQDuGEYvpvP65iHh6cbGqqvrRNF7v1ePOf9CVvvxQsq5/yQMAwIaPj41dy9+LWIiIN9J3/c0tLi5W1VxELFZH5vP+7Gh+oTrS+Fybh/W0+dEudoiHo6r+YQuN+ZqmfV6e1j7+8+rXGlWDXXSsHR0GDgARsbE1um+LdMhU1TPR9V4OB4P1//Cx/rMbXb9PAQAAgP1XVVXVS1/nfTId8+933SkAoBV5+z9+XECtVquLqT/ZmDgz/VGr97Fuqia72ywiYrU5T73P4Hb8AHDArManXXeBDsm/aMOIONF1J4CZ1uu6A+yL+w/uLPdSvr3m9mBpoz2fC7Il/9Xe+nx5/knDacbPMWnr/bUWg3h2m/4811IfZknOvz+e/9WN9nyL/818FvYn/7Zsl3+9nMc76E/Xcv6D8fzH7Pf635a16E/Mv1Q5/+Ge8h/IHwAAAAAAZlj++/9xx3/zIgMAAAAAAADAgXP/wZ3lfN1rPv7/hQnP6zXHXP95aOT8e7vO3/W/h0nOvz+e/9gJOYPG+L3XH+b/yYM7yx/e/vf/5+HM5z83GNWvPdfrD4bpnJ9q7q24HjdiJc4+8vzhlvZzj7TPbWk/P6X9wiPto7r9SG4/Hcvxi7gRb262z085MWphSns1pT3nP7D+FynnP2w86vwXU3tvbFi790H/kfW+OZz0Olf++p8vP7p2tWG4pVqLweayNRyr/znVWp8eWv8/OTqKX91auXn6N9du3755LtJgy9TzkQZPWM5/Lj1y/i++sNGef+8319d7H4z2nP+sWIvhpPzX398vNMbr5X2p5b51Iec/So+cf94CTV7/D3L+E9f/9eV7uYP+AAAAAAAAAAAAAAAAwE6qqlq/RPRKRFxO1/90dW0mANCuvP2vkjxdre6g/tffZqs/arVavbXuzVh/PkfdVE32WrOIiL8356n3GX476YcBALPsvxHxz647QWfkX7D8fX/18ItddwZo1a333v/ZtRs3Vm7e6ronAAAAAAAAAMDnle//udS4//P6eUBj943ecv/X12PpwN7/sz8arN/rPC3Q87Hz/b9Pxc73/x5Oeb25Ke2jKe3zU9oXprRPvNCjIef/fMo4538yLVhJ9399sYP+dC3nfyrd6znn/5Wx5zXzr/5ykPPvb8n/zO13f3nm1nvvv3L93Wtvr7y98vNzZy9fvHDp4oVLl868df3GytmNfzvs8f7K+ed7XzsPtCw5/5y5/MuS8/9SquVflpT/5m6o/MuS1/+8vyf/suT882cf+Zcl5/9SquVflpz/V1Mt/7Lk/F9OtfzLkvP/WqrlX5ac/yupln9Zcv6nUy3/suT8z6Ra/mXJ+ecjXPIvS84/n9kg/7Lk/M+nWv5lyflfSLX8y5Lzv5hq+Zcl538p1fIvS87/cqrlX5ac/9dTLf+y5Py/kWr5lyXn/2qq5V+WnP83Uy3/suT8v5Vq+Zcl5//tVO+U/zst9ot25Py/k2rrf1ly/t9NtfzLkvN/LdXyL8vD7/83sueRxdnoRpsjVRUxA90wsu8jXf9mAgAAAAAAAAAAAADGtXE6cdfLCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRX27jVGrrO+H/izV6+TQPwnIYQQiO1cMGST3fUtMcFgrv809JIGQksLdYy9dgy+1buGBKFmaWgLAqmR2hf0RSkgQEhtlahCKpUoilSk9k1VXhVFlVArIdWVoDIRVKICtjpznufZmdnZmV3vrj1zzueD4p+9M2fmmTNnZve76DsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABotuNts380FEIo/mv8sS2E64q/bw2Hin8u7L/aKwQAAADW6+eNP//q+vyFQ6vYqOk6//iaf/n64uLiYvjgixd/8SeLi/mC7SGMbAmhcVnyTz/9yWLzdaKnw8TQcNO/h3vc/UiPy0d7XD7W4/LxHpdv6XH5RI/Ll+2AZbaWv49p3Ngdjb9uK3dpuDGMNS67o8NWTw9tGR5Ov8tpGGpsszh2PJwMp8JsmF62zVDjfyF8c0dxXw+GdF/DTfd1awjh0o8+fjStYSju4ztCy501ND93P3xL2P7ijz5+9KvzP3hlp9lzNyxbaQi7dhbr/GQIS7+uCkNhS94naZ3DTeu8tcM6R1rWOdTYrvh7+zovrXKd6XFPxHV+p8s6b41fe+L2EMJCWPE67Z4Ow+GatnvN+3uiPCKK2yieypeF0TUdJztWcZwU23z/9tbjpP2YTPt/R9wnoyusofnp+OEnxpft98s9TopH3Q/HanHbDxd3OjHR/KvVlmO1uM7H71z5GOj43HU4BvKx3HQM7Ox1DAyPjzSOgeGlNe9sOQZmlm0zHIYa93Xxzu7HwNT86XNTc09+7J6Tp4+cmD0xe2Zmev/ePfv27tm3b+r4yVOz0+Wfa9ulA+SaMJyPwZ3xvSYdg69tu27zIbn4xY17HUz0yeugeOzvuatY0HXDYYVjvLjOJ3et/3WQv+83vQ5Gm14HHd9TO7wORlfxOiiuc2nX6r5njjb912kNm/VeuK3pGLia3w+L+3z/61Z+L7w1rutTr1/r98ORZcdAelhD8bVXfCX/vDdxf9wvy4+LW4oLrh0PF+Zmz9/7xJH5+fMzIY4r4oam56r9eLmm6TGFZcfL8JqPl0N/+bO7bunw9W1xX03cvfRcjXd4Horr7J3s/lw13t0778+Wr+4OcWywK70/O303K/ZnzhJdjv3iOp+8Z/0/C+Zc0vT+N9br/W9kbLR8/xvJe2Os5f1v+VMz0lhZCJfuWd3731j870q//93YJ+9/xb56/73dj4HiOp+aWusxMNr1/e/2OIfiel4XE8NEU+7/RePyhfIwbXouex43o6Nj8bgZTffYetzsWbZNcWvFfe+avrzjZtftrc9Vy88tFTxuin31p9Pdj5viOs/PrP+9Y2v6a9N7x3ivY2BsZLxY71g+CMr3u8Wt6Ri4NxwNZ8OpcCxvUzzLxX1N7l7dMTAe/7vS7x0398kxUOyrz+3ufgwU1/n2no392WlX/Eq+TtPPTu2/X1gp898yunR77bttozN/sc637+3+u6HiOj/Yu9ac0X0/3R2/cm2H/dT++lnpmD4Wrsx+ujmu89S+7r+bKq5z4/5VHk+HQggvzLzQ+H1X/P3u31z416+3/N630++UX5h54aGpR767lvUDAHD5ftH4c2G8/Fmz6f+xXs3//w8AAAAMhJT7h+PM5H8AAACojJT7R+LM5H8AAACojJT7R+PMapL/H7//wLM/fyrkTwNcjNLlaTc8/KbyeqnjvRD/vX1xSfH1t3557NlPP7W6+x4OIfzsoVd1vP7jb0rrKp1L63xD69eXufm2Vd3/Y48uXa/58xMuHShvPz2e1R4Gqav8zandjdvd/uRMYz7/UGjMRxY+9XR5++W/0/Uv7imv/+fxQ0sOHR9q2X5XXM8dcW6Pnynz8KGl/VDMtN2zt77mH25479L9pe2Gdr608TA/93vl7abPiHrmhvL66XGvtP6//8zXni2u/8Sdndf/1HDn9V+Mt/v9OH96sLx+8z7/dNP6/yCuP91f2u7eL32r4/qfe0V5/eficfGFONvX/5Y/fvXPOz1f6X4OPVBul+5/+n/2NrZLt5duv339E0/NtOyP9tt//sXydg5+5McjzddPX0/3kzz2QOvxPRSf35YeeQjha38YWvZzeGO53d+1rT/d3rkHOq//7rZ1nhu6rbH90uPZ1vK4Pv+V3R0fb1rPob/e1vJ4nnlH3H8vTn27uN2Lj8TjMV7+v98pb6/9s0yfe0fr+026/he2la/bdHtTbet/pm39C7cV+673+h98sVz/c2/e0rL+Q++Mx9OD5ey1/hN/cX3L9l/8avl8nP/o5JmzcxdOHosPZlvb63jLxNZrrr3uJS+9Pr6Xtv/78Nn5x2fPb5/ePh3C9gH8yMDNXv+X4vzvcixs/D2Uvvvj8rj77LvK71uv/Un572fi1x+Lz2f6/vj5PxtrOV7bn/eFN5dzvet/fVzHar3iM/9xW4cv/+eyz/y9+IFvXvjb3/9B+88F6fGce/lE4/F9bsdNjcuGni8vb3+/6uXfX976uv7e6HRjfiPu18X4ycw7byrvr/3202eTfPbd5es3/SSXtg9tnyeybaT1cax3/d+LP8d86+bW9790fHzjqbZPc94WhoolLMT3h7BQXp6ulfb3Zy/d1PH+0ufwhIVXrmWZK5p7cm7q1MkzF56Ymp+dm5+ae/Jjh0+fvXBm/nDjs0sPf6jX9kuv72sar+9js/v3hsar/Ww5NtnVXv+5R48eu2/6rmOzx49cOD7/6LnZ8yeOzs0dnT02d9eR48dnP9pr+5PHDs7sPrDnvt2TJ04eO3j/gQN7DkyePHO2WEa5qB72T3948sz5w41N5g7uPTCzb9/e6cnTZ4/NHrxvenryQq/tG9+bJoutPzJ5fvbUkfmTp2cn505+bPbgzIH9+3f3/PTH0+eOz22fOn/hzNSFudnzU+Vj2T7f+HLxva/X9tTD3Nn4ftdmKP50/r679+fPxy18+RMr3lR5ldYfT8MP42dBpe9vvf6dcv9YnFlN8j8AAADUQcr98YP/ly6Q/wEAAKAyUu7fEmcm/wMAAEBlpNw/EWdWk/yv/6//r/+v/6//fwX7/0H/f6Pp/29I/385/f9V0f/X/9f/1/+nu37r/6fcvzWEWuZ/AAAAqIOU+6+JM5P/AQAAoDJS7r82zkz+BwAAgMpIuf+6OLN65P+x9r/q/+v/6/839//TdfX/g/6//v9l0v/X/+9G/1//f5DX34f9/636//Sbfuv/p9z/kjizeuR/AAAAqIWU+18aZyb/AwAAQGWk3H99nJn8DwAAAJWRcv+2OLOa5P8NPP//Z+JF+v/6/4Pe/z+djmPn/9f/1/9fP/1//f9u9P/1/wd5/X3Y/3f+f/pOv/X/U+7/f3FmNcn/AAAAUAcp978szkz+BwAAgMpIuf+GODP5HwAAACoj5f4b48xqkv83sP/v/P/6/1Xp/zed/1//v5n+v/7/5dD/1//vRv9f/3/j1z8Uf0zQ/++1vf4/V0K/9f9T7n95nFlN8j8AAADUQcr9N8WZyf8AAABQGSn3vyLOTP4HAACAyki5/+Y4s5rkf/1//X/9f/1//X/9/82k/6//343+v/7/IK9f/1//n976rf+fcv8r48xqkv8BAACgDlLuvyXOTP4HAACAyki5/1VxZvI/AAAAVEbK/bfGmdUk/+v/91X//8mg/7+8/z+s/6//X1pr/79hoff69f8312D1/4dXvET/v6T/30r/X/9f/1//n+76rf+fcv+r48xqkv8BAACgDlLuf02cmfwPAAAAlZFy/21xZvI/AAAAVEbK/dvjzGqS//X/+6r/7/z/zv+v/+/8/0v9//kh/f9VcP5//f+g/3/ZrnZ/ftDXr/+v/09v/db/T7l/R5xZTfI/AAAA1EHK/TvjzOR/AAAAqIyU+2+PM5P/AQAAoDJS7r8jzqwm+V///zL7/1tb/6n/33n9+v/6//r/zv+v/6//343+v/7/IK9f/391/f/xXjdEpfVb/z/l/jvjzGqS/wEAAKAOUu6/K85M/gcAAIDKSLn/tXFm8j8AAABURsr9u+LMapL/9f+d/1//X/9f/1//fzPp/6+6/7/1cta1Kf3/9Car/9+T/r/+/6D0/yc6bO/8/1wJ/db/T7n/dXFmNcn/AAAAUAcp978+zkz+BwAAgMpIuf/uODP5HwAAACoj5f7JOLOa5H/9f/1//X/9f/1//f/NVNX+f34fdf5//X/9f/3/Te7/f2WF7Qfl/P/UW7/1/1PuvyfOrCb5HwAAAOog5f5748zkfwAAAKiMlPun4szkfwAAAKiMlPun48xqkv+r3/9vbxaX9P9L+v/6/0H/X/9/k1W1/99+/v8Qgv6//n+m/6//32/n/+9E/58rYf39//G8SePPdfb/U+6fiTOrSf4HAACAOki5f3ecmfwPAAAAlZFy/544M/kfAAAAKiPl/r1xZjXJ/9Xv/3em/1/S/9f/D/r/+v+brC79f+f/Ly/X/y/p/+v/6//r/9fRcIevrb//v7RJ48919v9T7t8XZ1aT/A8AAAB1kHL//jgz+R8AAAAqI+X+++LM5H8AAACojJT7748zq0n+1//X/9f/1//v3/5/6/1vXv//v/T/N5H+v/5/N/r/+v+DvH79f/1/etvY/v/16+7/p9x/IM6sJvkfAAAA6iDl/jfEmcn/AAAAUBkp9z8QZyb/AwAAwEDpdB7CJOX+N8aZ1ST/6/9Xvf+/uEX/X/9/cPv/rfvT+f/1/zuJb5/6/6tUr/7/1mX3p//f6mr35wd9/fr/+v/0trH9/2U/nq65/59y/8E4s5rkfwAAAKiDlPvfFGcm/wMAAEBlpNz/5jgz+R8AAAAqI+X+Q3FmNcn/+v9V7//33/n/h8Lg9v9H9f/1//X/18z5//X/u3H+/8Hs/6fP3dD/75/+f3EM6f/Tj/qt/59y/1vizGqS/wEAAKAOUu5/a5yZ/A8AAACVkXL/2+LM5H8AAACojJT73x5nVpP8r/+v/+/8/87/r/+v/7+Z9P/1/7vR/x/M/n+i/98//X/n/6df9Vv/P+X+d8SZ1ST/AwAAQB2k3P/OODP5HwAAACoj5f7/H2cm/wMAAEBlpNz/YJxZTfJ/hfr/Y3Hq/+v/6//r/zfo//cH/X/9/270//X/B3n9+v/6//TWb/3/lPt/Kc6sJvkfAAAA6iDl/ofizOR/AAAAqIyU+98VZyb/AwAAQGWk3P/LcWY1yf8V6v+X+vT8/8P59vX/9f/1//X/9f830oD2/yf0/0v6//r/g7x+/X/9f3rrt/5/yv2/EmdWk/wPAAAAdZBy/6/Gmcn/AAAAUBkp9/9anJn8DwAAAJWRcv/DcWY1yf/6/87/r/+v/9+3/f/R1v2p/6//38mA9v+d/z/S/9f/H+T16//r/9Nbv/X/U+7/9TizmuR/AAAAqIOU+x+JM5P/AQAAoDJS7n93nJn8DwAAAJWRcv974sxqkv/1//X/9f/1//u2/9+2P/X/+7X//29dL9X/1//vRv9f/3+Q16//r/9Pb/3W/0+5/9E4s5rkfwAAAKiDlPvfG2cm/wMAAEBlpNz/G3Fm8j8AAABURsr9vxlnNpj5f3itG+j/6//r/+v/r7r/vxBC0P/X/18j/f/l/f/iPexq9v/HV3NF/f9V0f/X/9f/1/+nu37r/6fc/744s8HM/wAAAEAHKff/VpyZ/A8AAACVkXL/b8eZyf8AAABQGSn3vz/OrCb5X/9f/1//X//f+f/1/zeT/n+9zv8/HvT/g/6//r/+v/4/Wb/1/1Pu/0CcWU3yPwAAANRByv2/E2cm/wMAAEBlpNx/OM5M/gcAAIDKSLn/sTizmuR//f+r1P/fWl5f/1//vzr9/0X9f/3/jvT/69X/d/7/kv6//r/+v/4/pX7r/6fcfyTOrCb5HwAAAOog5f4PxpnJ/wAAAFAZKfcfjTOT/wEAAKAyUu4/FmdWk/yv/+/8//r/+v/O/6//v5n0//X/u9H/1/8f5PXr/+v/01u/9f9T7p+NM6tJ/gcAAIA6SLn/eJyZ/A8AAACVkXL/iTgz+R8AAAAqI+X+x+PMapL/9f/1/1fV/x8L+v/6//r/+v+XRf9f/78b/X/9/0Fev/6//j+9bVz//583pP+fcv/JOLOa5H8AAACog5T7PxRnJv8DAABAZaTc/+E4M/kfAAAAKiPl/lNxZjXJ//r/+v/O/1/B/v+o/n/Q/+8b+v/6/93o/+v/D/L69f/1/+ltKGxU/z9sSP8/5f7TcWY1yf8AAABQByn3n4kzk/8BAACgMlLuPxtnJv8DAABAZaTcfy7OrCb5X/9f/1//v4L9f+f/b9D/7w/6//r/3ej/6/8P8vr1//X/6W3jzv+/Mf3/lPt/N86sJvkfAAAA6iDl/v9j7z6a5LyrPY63riWPVK5bd3X3vAV27OAd+DWwYUuRc44GTE4m55yTiSbnnIPJORlMBkOVKWvOOfZIPd2t0fT08/zP57PgMGaseayhxvUr1beee8ct9j8AAAAMI3f/feIW+x8AAACGkbv/vnFLk/2v/9f/6//1//p//f826f/1/6vo/+fT/59Z8vfr//X/+n/WmVr/n7v/fnFLk/0PAAAAHeTuv3/cYv8DAADAMHL3PyBusf8BAABgGLn7Hxi3NNn/+n/9v/5/Mv3/fuen/9f/6/8vif5f/7/Ydf9/Lj4YvP9fRv+v/9f/s87U+v/c/Q+KW5rsfwAAAOggd/+D4xb7HwAAAIaRu/8hcYv9DwAAAMPI3f/QuKXJ/tf/6//H7f/35tb/e/9/fl9H7P9P3f5l9f/HS/+v/1/suv9v8v7/ZfT/+n/9P+tMrf/P3f+wuKXJ/gcAAIAOcvc/PG6x/wEAAGAYufsfEbfY/wAAADCM3P2PjFua7H/9v/5/3P5/du//1//n93WI/v9c/Tre/6//1/8fTv+v/5/z8+v/9f+sN7X+P3f/o+KWJvsfAAAAOsjd/+i4xf4HAACAYeTuf0zcYv8DAADAMHL3PzZuabL/9f/6f/2//l//fwLv/9f/6//1/0vp//X/c35+/b/+n/Wm1v/n7n9c3NJk/wMAAEAHufsfH7fY/wAAADCM3P1PiFvsfwAAABhG7v4nxi1N9v+l9f+n9P+H0P8vf379v/5f/6//1//r/1fR/+v/5/z8+n/9P+ttvf+/+przd9P+P3f/NXFLk/0PAAAAHeTuf1LcYv8DAADAMHL3Pzlusf8BAABgGLn7nxK3NNn/S/r/KxYzfv//2c2+tP4/vv7B/v/WU/p//f80+/9b4qeM/l//f7F59/9n9f876//39P8r+/nNfif0//p//T/rbL3/X9P7X/hx7v5r45Ym+x8AAAA6yN3/1LjF/gcAAIBh5O5/Wtxi/wMAAMAwcvc/PW5psv8v7f3/0+//vf9/t+//z193C/3/mWXPr//v0v/v8/5//f8y8+7/vf9/i/3/PfI30/v/D7frfn7uz7+q/7/rBs+v/6eDqfX/ufufEbc02f8AAADQQe7+Z8Yt9j8AAAAMI3f/s+IW+x8AAACGkbv/2XFLg/1/Wv9fz5H0/97/v1H/f27/79f/H3we/b/+fxn9v/5/ld29/1//v5hAPz/35/f+//X9/1XrfhGGN7X+P3f/c+KWBvsfAAAAusjd/9y4xf4HAACAYeTuf17cYv8DAADAMHL3Pz9uabL/9f/6f/2/9/9fVv9/xTb6/9NLfz/1//r/ZfT/+v+F/v/Idt3Pz/359f/e/896U+v/c/dfF7fU8Dt9hH9KAAAAYEpy978gbmny5/8AAADQQe7+F8Yt9j8AAAAMI3f/i+KWJvtf/6//1//r/73/X/+/Tfr/4fr/U/r/2+n/9f/6f/0/q02t/8/d/+K4pcn+BwAAgA5y978kbrH/AQAAYBi5+18at9j/AAAAMIzc/S+LW5rsf/2//l//r//X/+v/t0n/P1z/7/3/d6D/1//r//X/rDa1/j93/8vjlib7HwAAADrI3f+KuMX+BwAAgGHk7n9l3GL/AwAAwDBy978qbpnd/r+woN2M/l//r//X/+v/9f/bNP3+/8xGn6X/36f/P2hb/f/ZQ76e/n9az388/X9+9/X/jGkC/f/d7vhx7v5Xxy2z2/8AAADAYXL3vyZusf8BAABgGLn7Xxu32P8AAAAwjNz9r4tbmuz/w/r/m6/a/9/X9P/5G6b/j6v/1/8v9P9F/6//X8yi/9+M/n+f/v8g7//X/3v/v/6f1SbQ/x/4OHf/6+OWJvsfAAAAOsjd/4a4xf4HAACAYeTuf2PcYv8DAADAMHL3vyluabL/vf9f/6//1//r//X/26T/1/+vMqP+f2/ZX9T/6//1//p/Vpta/5+7/81xS5P9DwAAAB3k7n9L3GL/AwAAwDBy9781brH/AQAAYBi5+98WtzTZ//p//f/O+///GbL/P/+I+n/9v/5f/6//X21G/f9S+n/9v/5f/89qU+v/c/e/PW5psv8BAACgg9z974hb7H8AAAAYRu7+d8Yt9j8AAAAMI3f/u+KWJvtf/6//33n/7/3/Rf8f31f9v/7/Euj/9f8L/f+R7bqfn/vz6//1/6w3tf4/d/+745Ym+x8AAAA6yN3/nrjF/gcAAIBh5O6/Pm6x/wEAAGAYufvfG7c02f/6f/2//l//r//X/2+T/l//v8rJ9v/X3qz/P2jX/fzcn1//r/9nvan1/7n73xe3NNn/AAAA0EHu/vfHLfY/AAAADCN3/wfiFvsfAAAAhpG7/4NxS5P9r/+fe/9/95viCabW/+en6P/1/yv7/73FxfT/+v9Lof/X/y+28v7/C39SLKf/1//r//X/rHZi/f89r77XXW77L2v6/9z9H4pbmux/AAAA6CB3/w1xi/0PAAAAw8jd/+G4xf4HAACAYeTu/0jc0mT/9+j/z1z0aeP0/97/r/+fdP+fP1S9/1//r//X/y813f5/M/p//b/+X//PalN7/3/u/o/GLU32PwAAAHSQu/9jcYv9DwAAAMPI3f/xuMX+BwAAgGHk7v9E3NJk//fo/y+m/9937P3/rf+n/9f/l03e/6//1/9fLv2//n+h/z+yXffzc3/+ofv/Uwv9P8diav1/7v5Pxi1N9j8AAAB0kLv/U3GL/Q8AAADDyN3/6bjF/gcAAIBh5O7/TNxw5//d3SOdKP2//t/7//X/+n/9/zbp/4/Q/586vfFz6f/36f+PZtf9/Nyff+j+3/v/OSZT6/9z9382bvHn/wAAADCM3P2fi1vsfwAAABhG7v7Pxy32PwAAAAxgv3fP3f+FuKXJ/l/T/+/l5x25/z93+NfW/+v/F/p//b/+X/9/mYbs/y+B/n+f/v9odt3Pz/35Z9f/X3/wQ/0/J2FJ/3/+J/Gu+v/c/V+MW5rsfwAAAOggd/+X4hb7HwAAAIaRu//LcYv9DwAAAMPI3f+VuKXJ/l/a/+95/7/+X/+v/1/o//X/x0L/r/9fRf+v/5/z88+u/7+A/p+TMLX3/+fu/2rc0mT/AwAAQAe5+78Wt9j/AAAAMIzc/V+PW+x/AAAAGEbu/m/ELU32/5r3/+v/N/tH0f/r/5f+/0H/r//fsP8/s9D/H5n+X/+/0P8f2a77+bk//+X0/+f0/zQxtf4/d/8345Ym+x8AAAA6yN3/rbjF/gcAAIBh5O7/dtxi/wMAAMAwcvd/J25psv9H7v9XfZr+f5/+X/+/0P9Pof/3/v/LoP/X/y/0/0e2635+7s/v/f/6f9abWv+fu/+7cUuT/Q8AAAAd5O7/Xtxi/wMAAMAwcvffuFjcYP8DAADAmG48/59nF9+PW5rs/5H7/1X0//v0//r/hf5f/79l+n/9/yr6f/3/nJ9f/6//Z72p9f+5+38QtzTZ/wAAANBB7v4fxi32PwAAAAwjd/+P4hb7HwAAAIaRu//HcUuT/a//1//r//X/+n/9/zbp//X/q+j/9f9zfn79v/6f9abW/+fu/0nc0mT/AwAAQAe5+38at9j/AAAAMIzc/T+LW+x/AAAAGEbu/p/HLU32v/5f/6//1//r//X/26T/1/+vov/X/8/5+fX/+n/Wm1r/n7v/F3FLk/0PAAAAHeTu/2XcYv8DAADAMHL3/ypusf8BAABgGLn7fx23NNn/+v/bnuNc/XX9v/5f/6//T/r/49G2/7/tX6v6/7X0//r/OT+//l//z3pT6/9z9/8mbmmy/wEAAKCD3P2/jVvsfwAAABhG7v7fxS32PwAAAAwjd//v45Ym+1//7/3/+n/9/zz6/yv1//r/pSbb/3v//0b0//r/OT+//l//z3pT6/9z998UtzTZ/wAAANBB7v4/xC32PwAAAAwjd/8f4xb7HwAAAIaRu//muKXJ/tf/6/+H7P/39P/j9f/e/z/L/v9O+n/9/2r6f/3/nJ9f/6//Z72p9f+5+/8UtzTZ/wAAANBB7v4/xy32PwAAAAwjd/9f4hb7HwAAAIaRu/+vcUuT/a//1/8P2f97/7/+X/8/Gfp//f8q+n/9/5yfX/+v/2e9qfX/ufv/Frc02f8AAADQQe7+v8ct9j8AAAAMI3f/P+IW+x8AAACGkbv/n3FLk/2v/9f/6//1//p//f826f/n2/9fuThC/3/dQv+v/9f/6//1/5Sp9f+5+/8VtzTZ/wAAANBB7v5b4pal+///T+ipAAAAgOOUu//fcYs//wcAAIBh5O7/T9zSZP/r//X/+n/9v/5f/79N+v/59v/e/7+e/l//r//X/7Pa1Pr/3P3/DQAA///E7/7M")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0xc6081, 0xcc)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x82200, 0x0)
setxattr$trusted_overlay_upper(&(0x7f0000000380)='./file1\x00', &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
sendfile(r0, r1, 0x0, 0x20fffe85)

1.26766572s ago: executing program 3 (id=4057):
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x4000, &(0x7f0000000380)=ANY=[], 0x2, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0xf5ff, 0x2000000})
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x88040, 0x0)

1.121105548s ago: executing program 0 (id=4058):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000300)={0x20000002})
epoll_pwait2(r1, &(0x7f00000001c0)=[{}], 0x1, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000180)={0x800001f})

975.477837ms ago: executing program 7 (id=4059):
r0 = syz_io_uring_setup(0x2736, &(0x7f00000001c0)={0x0, 0x1, 0x100, 0x2, 0x366}, &(0x7f0000000080)=<r1=>0x0, &(0x7f0000000300))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r0, 0xbe9, 0x10a5, 0x3, 0x0, 0x0)
io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r0, 0x13, &(0x7f0000000040)=[0x0, 0x101], 0x2)
io_uring_enter(r0, 0x5e1, 0xf419, 0x0, 0x0, 0x0)

563.535306ms ago: executing program 7 (id=4060):
r0 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x400, 0x1, 0x40000333}, &(0x7f00000006c0)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000040)=[{0x0}], 0x1})
io_uring_enter(r0, 0x847ba, 0x0, 0xe, 0x0, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x1400000, 0x0, 0xc3072, 0xffffffffffffffff, 0x0)

562.875934ms ago: executing program 0 (id=4061):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[], 0x2, 0x5508, &(0x7f00000079c0)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwCU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx49e/Tg2Zt4ULwJSmamuvUDlKbNdvv7weSZ982bZ543LAvPTEkA59Zc8stPpbgelyNiOiKuRWTnpeLIrOXhuYi4ERFTjxylYv6PiQsRcSUiro+S5zlLxVuf3hreXP3xjZ+/+vbizNXPvvxucrsGJu35iOhu5+d73TymrTw+KOZrw3YWuyvDIuZvdB8W4zSPe83NLMNe7XBdLYvLrXx9ur3bH8WtTq0+iq32Vja/3csv2B+2DvNkH3hQ28nGjeZmFtv9NIutg7yu/YP8/7aD/iDP0yjyfZClj8HgMObzzf1mvp/th1ms9wbFfJ43bTT3R3FYxOJyUU87jayOzeN804+3N9u93f1k2Nzpt9NeslqpvlCp3i5Xd9JGc9BcKde6jdsryXyrM1pWHjRr3bVWmrY6zUo97S4k8616vVytJvN3mpvtWi+pVivLlcXy6kJxdit59d47SaeRzI/iy+3e7qDd6Sdb6U6Sf2IhWaosv7iQ3Kwmb61vJBv3795d33j7vTvv3ntp/fVXikV/KyuZX1pcWipXF8tL1YVztP+PiqLHuH84ltKkCwA4e/5n//+N/h8Yh5Pr/3fuR5x8/x/6/7E4U/3vee//T2D/cCz6fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAc+v72c9fy07m8vHVYv6pYuqZYlyKiKmI+O0fTMeFIzmnizyz/7J+9i81fF2KLMPoGheL40pErBXHr0+f9LcAAAAAT64vPrzxSd6t5y9zky6I05TftJm69v6Y8pUiYnbuhzFlmxq9PDumZNm/75nYH1O27AbWpTEly2+5zYwr238yfSRceiSU8jB1quUAAACn4mgncLpdCAAAAKfp40kXwGSU4vBR5uGz4Owv7/98IHj5yAgAAAA4g0qTLgAAAAA4cVn/7/f/AAAA4MmW//4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA7+zcz23iQBQH4GeDF/afFq32vq3sDcrYEva4x4gC0gQF5EBaSAPUQG4pIYIIj0Mg4hDJY1uJvk9yJmOZH28QHGZGGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALp0X60Xt1e/r9vm7Pbt5BkNAAAAcMm2Wi/qf2ap/7W5/7259bPpFxFRRsSlufsoPp1ljpqc6uX5m9Pnq1c13EXUCYf3mDTXl4j401yPP7r+FAAAAODj2ixX8zRbT39mQxdEn9KiTfntb6a8IiKq2UOmtPKQ9ytTWP39Hsf/TGn1AtY0U1hachvnSnuT+ud+XLWbnjRFasqLLzsWmW3sAABAj0ZnTb+zEAAAAPr0b+gCGEYRz1uZx63ASWqa7b3PZz0AAADgHSqGLgAAAADoXD3/7+n8v73z/wAAAGAY6fw/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAurSt1ovNcjVvm7Pbt5NnNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE/szzsKhEAYhMHe9Z3J3P+w0qCpqUkVCB9/YzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABvfveX/xNT40wy99pYeh5J1k6NrVNj79w4+sP4+jUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLE/LykQAkEQBXPG/076/oeVBD2DCBHQ8KiiFg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBf97pf/E1PjTDJ32lg6HknWrhpbV429B42jB+Pt3wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcLFzP69xVHEAwN/M7GxtVVyj7CEiCh70Yrfb2tqbeFCCB/8EIaTbGrv1R5uDLUXMxZvk3IvoUURQ4q3/Q84J5BJvOewhgmdlZmeykx/g+mtmk3w+8OZ9dxjmfd8shHznvQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAojd6exEl26IzjuDi3ufdwKeu3DvWZx2vb81nL4qjOpE+GF6sfom5ziQAAAHB2JGV9H0LYSdcXsj7u5PV/Wl6T1fzfPj2Oy3r+cN1f9mXtn7Vfft59fn+gznic7KY3l4eDS0dTaf1/s5xtz/zlFa38yefvXpL8C4nfW31ulObPM/p6Y+Oddh6eqyNbAOCfuFj2RVD+PpT1/SYTA+DMaFUK77L+TzrN5gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQh9FqeLKMoxDCfGsSZ7b2Hi4d1z9e254v27VHj9bCl5N7ZrdIQwg3l4eDS7XOZrbdu//g9uJwOLhbf/BSCKGp0d8qpn/7gykuDqGR5yP4j4K4+LJnJZ+TETT4QwkAgFMpLVpW1++k6wvZuWguhD++O1j/v1qJw5T1/+6H1zarY1Xr/35tM5x9vZU7n/bu3X/w+vKdxVuDW4OP37jcf7N/5frVq9d7+buSnjcmAAAA/DvtolXr/3ju6Pr/hUocpqz/P/um/0V1rET9f6zJol/TmQAAAJxtz778+2/RMeejdjt8vriycrc/Pu5/vjw+NpDq33auaNX6P5lrOisAAACgDqPV6MD6/41KHKZc/3/q+xd+rN4zCSGcL9b/Ly59MrxR33RmWh1/Ttz0HAEAAGjW+aJV1//TfP9/vL/lIQ4hvPbKOC7+DeBU9X/y7lc/VMeq7v+/Ut8UZ1LcHT+PvO+G0Oo2nREAAACn2RNFy4r9X9P1hY9+uvB+2/5/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgLr9GQAA//+51j9h")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r1 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
read$FUSE(r1, &(0x7f0000000480)={0x2020, 0x0, 0x0, <r2=>0x0, <r3=>0x0}, 0x2020)
fchown(r0, r2, r3)

331.658362ms ago: executing program 4 (id=4062):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r1 = openat$cgroup_devices(r0, &(0x7f0000000480)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r1, &(0x7f0000000180)={'c', ' *:* ', 'rwm\x00'}, 0xa)
write$cgroup_devices(r1, &(0x7f0000000200)={'a', ' *:* ', 'rwm\x00'}, 0xa)

156.418865ms ago: executing program 5 (id=4063):
syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x3200400, &(0x7f0000000140)=ANY=[@ANYRES8=0x0], 0x3, 0xa7a, &(0x7f0000000a00)="$eJzs3U2MG1cBAOBn73rTTVLilIQuSWgTftry091ms4SfCJqquRA1FbdKFZcoTUNEGhCpBK0qkeTEjVZVuJYiTuVQAUJqLyjqiUslGolLT4UDB6IgVeIAhcRo7fe84xebsXc3a3v9fdLb5zdv7PdmdmY8npn3XgAmVrX5d2lprhLClbdfPfb3B/42uzzl0fYc9ebf6UKqFkKoxPR09nkfTLXimx++dKpbXAmLzb8pHZ680X7vthDCxbA/XA31sOfKtVfeXXzixKXjlw+898aR63dm6QEAYLJ8++qRpd1/+dPenR+9ed/RsKU9PZ2f12N6ezzvPxpP/NP5fzV0piuFUDSTzTcdQzWbb6rLfMVyatl80z3Kn8k+t9bO39sx35aS8qcK07otN4yztB3XQ6U635GuVufnW7/JQ/N3/Uxl/vzZc89eGFJFgXX3z/tDCPuFQUOj0fhJcwWOQF0EYbWhsWPYRyCAlvx+4W0u5lcW1qb9adP9lX/jsWr398M62OjtX/njVf6vLjnisH4269aUlivtR9tjOr+PkD+/NOj+nz4vvx9R67Oeve4jjMv9hV71nNrgeqxWr/rn28Vm9Y0Yp/XwzSy/uP/k/9Nx+R8D3f1ro67/vz479Gudy2H/CNRhU4faCNRB6Ds0hn0AAkbWynNzLY0o5efP9eX5W0ry7yrJny3J31qSv60kHybZ757/WXi5svI7P/9NP+j1sHSd7e4Yf2zA+uTXIwctP3/ud1BrLT9/nhhG2Vsnnzr91WeevtZ6/r/S3v5vxe19f0zX4751Nc6Qrhfm19Xbz/7XO8up9pjvnqw+d982f6NV4q7O+Sq7Vj4nFI4zt9VjrvN9O3rNt69zvno232wMd2X1zc9PtmbvS+cf6bia1td0try1bDlmsnqk48rOGOf1gNVI22Ov5//T9jkXapVnz547/UhMp+30j1O1LcvTDxY/9NcbU3dgbfpt/zMXOtv/bG9Pr1WLx4UdK9MrxeNCPZu+2Eq2b5On6YdiOn3PfXdqtjl9/tT3zz2z3gsPE+7CCy9+7+S5c6d/6EV6MWu1eOFF2ZFjsz45CJNj4fnnfrBw4YUXHz773Mkzp8+cPn/o8OFDi4uHv3ZoaaF5Xr9QPLsHNpOVL/1h1wQAAAAAAAAAAADo14+OH7v253e+8n6r/f9K+7/U/j89+Zva//80a/+ft5NPrQJSO8CdXfKb4+691VmPmWy+Wgwfz+q7Kytnd/a+T8S4PY5fbP+f2tvn/bqm+tybTc/7703zZd0J3NZfykzWB0l7vMDYYP/TMX05xr8MMESV2e6TY1zWv3Xa1lP/FPqlGE/p/5a2htSPSWr/3atfp3T837kBdWT9bURzwmEvI9DdP0Z+/M/CmfjQ6/J/Q6Mx/DqsPYz+ehbWMTQaRvEARsOwx/9M1z1TfP4P37prOaTZbjzWebzM+y+FtRj18SeVv7nG/2yPf9fX8a9L7+od/Tz3P7rCv1+7/n6h2LCn3+NvvvypH+hd5WUWfRTLT8v/YOiv/MbrWfn5DaE+/Scrf2uf5d+2/PtWV/5/Y/lptT30mVZ85rXWf693+a0aV6qd9civG6f7f/l14+Rmtvypb8+Bl3+VAzXeiuXDJOs9zmy/I9iOpnEZ/7eX/DmML8d0OhCm5xzyb+RB65+er0jfA7uzz6+UfL+NyzjFvUz6+L9fj3HZ/pDG/03bY71LulpI17qs23HfVmCz+WDk7/+NWbg4AnUQRjSMxhjYxdBoNIbakbdexIdr2Ot/2Hefh13+sNd/mXz83/wcPh//t5r9gMjH/83fn4//m+fn4+vl+fn4v/n6zMf/zfPvzT43v4I9V5L/yZL8PSX5e1fyZ7vl7yt5/6dK8g+U5N9Xkn9/Sf49JflTJfmfLcn/XEn+AyX5D5Xkf74kf7Nrtkcp7FSTtvwwyfL2efZ/mBzp/k+v/X9XST4wvn7+5sHHn/7td+qt9v8z7d9r6T7e0Ziuxd/OP47p/L53KKSX896J6b9m+aN+vQMmSd5/Rv79/mBJPjC+0nNe9m+YQJXuPfbk99t69VvV6zyf8fKFGH8xxl+K8cMxno/xQowPxnhxg+rHnfH4b35/5OXKyu/9HVl+v8+T5+2B8n6iDvVZn/z6wKDPs+f9+A1qreWvsjkYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA0FSbf5eW5iohXHn71WNPnTi7sDzl0fYc9ebf6UKq1n5fCI/EeCrGv4gvbn740qlifCvGlbAYKqHSnh6evNEuaVsI4WLYH66Gethz5dor7y4+ceLS8csH3nvjyPU7twYAAABg8/tfAAAA///pGxs+")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r1, &(0x7f0000000140)="01", 0x1, 0x8000c61)
sendfile(r0, r0, 0x0, 0xe3aa6ea)

51.60436ms ago: executing program 4 (id=4064):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = fcntl$dupfd(r0, 0x406, r1)
ioctl$VHOST_NET_SET_BACKEND(r2, 0xaf01, 0x0)

0s ago: executing program 7 (id=4065):
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000002c0)={&(0x7f00000004c0)=ANY=[@ANYBLOB="9f"], 0x0, 0x4a, 0x0, 0x1}, 0x28)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000540)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r2, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

kernel console output (not intermixed with test programs):

y 0 port 6081 - 0
[  529.809041][ T5918] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  529.936745][ T6030] netdevsim netdevsim6 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  529.979117][ T5918] usb 5-1: Using ep0 maxpacket: 32
[  530.003157][ T5918] usb 5-1: config 0 has an invalid interface number: 85 but max is 0
[  530.028967][ T5918] usb 5-1: config 0 has no interface number 0
[  530.060306][ T5918] usb 5-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  530.120542][ T5918] usb 5-1: config 0 interface 85 has no altsetting 0
[  530.129303][T15416] 8021q: adding VLAN 0 to HW filter on device batadv0
[  530.139347][ T6030] netdevsim netdevsim6 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  530.161587][T15546] block nbd7: NBD_DISCONNECT
[  530.174187][ T5918] usb 5-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  530.183685][T15544] block nbd7: Disconnected due to user request.
[  530.192998][ T5918] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  530.205682][T15544] block nbd7: shutting down sockets
[  530.225406][ T5918] usb 5-1: Product: syz
[  530.250836][ T5918] usb 5-1: Manufacturer: syz
[  530.256275][ T5918] usb 5-1: SerialNumber: syz
[  530.282392][ T5918] usb 5-1: config 0 descriptor??
[  530.394195][T15549] syzkaller1: entered promiscuous mode
[  530.402925][T15549] syzkaller1: entered allmulticast mode
[  530.421120][T15416] veth0_vlan: entered promiscuous mode
[  530.432563][ T5143] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  530.440365][T15552] netlink: 36 bytes leftover after parsing attributes in process `syz.0.3276'.
[  530.442762][ T5143] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  530.457979][ T5143] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  530.466655][ T5143] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  530.476413][ T5143] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  530.607230][T15416] veth1_vlan: entered promiscuous mode
[  530.682754][ T6030] bridge_slave_1: left allmulticast mode
[  530.688408][ T6030] bridge_slave_1: left promiscuous mode
[  530.709880][ T6030] bridge0: port 2(bridge_slave_1) entered disabled state
[  530.722385][T15537] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  530.749516][T15537] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  530.760166][ T6030] bridge_slave_0: left allmulticast mode
[  530.765812][ T6030] bridge_slave_0: left promiscuous mode
[  530.799086][ T6030] bridge0: port 1(bridge_slave_0) entered disabled state
[  530.854846][T15561] netlink: 24 bytes leftover after parsing attributes in process `syz.9.3279'.
[  531.209156][ T5143] Bluetooth: hci4: command tx timeout
[  531.273957][ T6030] dvmrp8 (unregistering): left allmulticast mode
[  531.347679][ T6030] team0: Port device geneve0 removed
[  531.669615][ T5918] appletouch 5-1:0.85: Geyser mode initialized.
[  531.678304][ T5918] input: appletouch as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.85/input/input37
[  531.697228][ T5918] usb 5-1: USB disconnect, device number 29
[  531.700227][    C0] appletouch 5-1:0.85: atp_complete: usb_submit_urb failed with result -19
[  531.770995][ T5918] appletouch 5-1:0.85: input: appletouch disconnected
[  532.028405][T15559] loop7: detected capacity change from 0 to 131072
[  532.037305][T15559] F2FS-fs (loop7): Test dummy encryption mode enabled
[  532.044987][ T6030] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  532.063119][T15559] F2FS-fs (loop7): invalid crc value
[  532.110463][ T6030] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  532.147452][ T6030] bond0 (unregistering): Released all slaves
[  532.164327][T15559] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  532.175071][T15559] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  532.253724][T15551] lo speed is unknown, defaulting to 1000
[  532.517817][T15416] veth0_macvtap: entered promiscuous mode
[  532.556299][T15416] veth1_macvtap: entered promiscuous mode
[  532.569655][ T5143] Bluetooth: hci5: command tx timeout
[  532.586422][T15580] netlink: 'syz.9.3285': attribute type 1 has an invalid length.
[  532.592376][T15416] batman_adv: batadv0: Interface activated: batadv_slave_0
[  532.638286][T15416] batman_adv: batadv0: Interface activated: batadv_slave_1
[  532.764169][ T6104] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  532.796138][ T6104] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  532.895072][T15580] bond1: entered promiscuous mode
[  532.903512][T15580] 8021q: adding VLAN 0 to HW filter on device bond1
[  533.039902][T15584] 8021q: adding VLAN 0 to HW filter on device bond1
[  533.047072][T15584] bond1: (slave gre1): The slave device specified does not support setting the MAC address
[  533.078049][T15584] bond1: (slave gre1): Setting fail_over_mac to active for active-backup mode
[  533.089292][T15584] bond1: (slave gre1): Opening slave failed
[  533.149547][ T6104] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  533.158286][ T6104] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  533.514313][   T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  533.565078][   T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  533.578648][T15599] netlink: 'syz.9.3292': attribute type 3 has an invalid length.
[  533.587473][T15599] netlink: 32 bytes leftover after parsing attributes in process `syz.9.3292'.
[  533.622690][T15551] chnl_net:caif_netlink_parms(): no params data found
[  533.819932][   T50] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  533.827785][   T50] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  534.029678][T15551] bridge0: port 1(bridge_slave_0) entered blocking state
[  534.058679][T15551] bridge0: port 1(bridge_slave_0) entered disabled state
[  534.065862][T15551] bridge_slave_0: entered allmulticast mode
[  534.105493][T15551] bridge_slave_0: entered promiscuous mode
[  534.149700][T15551] bridge0: port 2(bridge_slave_1) entered blocking state
[  534.156831][T15551] bridge0: port 2(bridge_slave_1) entered disabled state
[  534.175936][T15551] bridge_slave_1: entered allmulticast mode
[  534.194732][T15551] bridge_slave_1: entered promiscuous mode
[  534.415596][ T5937] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  534.500567][T15551] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  534.534039][T15551] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  534.568770][   T10] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[  534.580418][ T5937] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  534.596153][ T5937] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  534.636828][ T5937] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  534.653076][ T5143] Bluetooth: hci5: command tx timeout
[  534.668639][ T5937] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  534.715442][T15609] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  534.738596][   T10] usb 10-1: Using ep0 maxpacket: 32
[  534.751958][ T5937] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  534.760696][   T10] usb 10-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  534.784560][   T10] usb 10-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  534.835898][   T10] usb 10-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  534.878672][   T10] usb 10-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  534.905024][   T10] usb 10-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  534.924632][   T10] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  534.939946][   T10] usb 10-1: Product: syz
[  534.949742][   T10] usb 10-1: Manufacturer: syz
[  534.954497][   T10] usb 10-1: SerialNumber: syz
[  534.973817][T15551] team0: Port device team_slave_0 added
[  535.002082][    C0] imon 10-1:155.0: imon usb_rx_callback_intf0: status(-71)
[  535.050097][   T10] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:155.0/input/input38
[  535.069681][ T6030] hsr_slave_0: left promiscuous mode
[  535.094834][ T6030] hsr_slave_1: left promiscuous mode
[  535.103748][   T24] libceph: connect (1)[c::]:6789 error -101
[  535.112311][ T6030] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  535.124942][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  535.145325][ T6030] batman_adv: batadv0: Removing interface: batadv_slave_0
[  535.159585][T15623] ceph: No mds server is up or the cluster is laggy
[  535.179008][ T6030] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  535.218497][ T6030] batman_adv: batadv0: Removing interface: batadv_slave_1
[  535.238799][   T10] imon 10-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  535.258648][   T10]  (id 0x00)
[  535.283583][   T24] usb 1-1: USB disconnect, device number 20
[  535.371375][   T10] rc_core: IR keymap rc-imon-pad not found
[  535.377375][   T10] Registered IR keymap rc-empty
[  535.382951][   T10] imon 10-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[  535.385843][ T6030] veth1_macvtap: left promiscuous mode
[  535.399535][   T10] imon 10-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  535.561830][   T10] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:155.0/rc/rc0
[  535.569200][ T6030] veth0_macvtap: left promiscuous mode
[  535.578040][ T6030] veth1_vlan: left promiscuous mode
[  535.584325][ T6030] veth0_vlan: left promiscuous mode
[  535.591666][   T10] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:155.0/rc/rc0/input39
[  535.619141][   T10] imon 10-1:155.0: iMON device (15c2:ffdc, intf0) on usb<10:13> initialized
[  535.642192][   T10] usb 10-1: USB disconnect, device number 13
[  536.369658][ T6030] team0 (unregistering): Port device team_slave_1 removed
[  536.447373][ T6030] team0 (unregistering): Port device team_slave_0 removed
[  536.730916][ T5143] Bluetooth: hci5: command tx timeout
[  538.306434][T15551] team0: Port device team_slave_1 added
[  538.780305][T15551] batman_adv: batadv0: Adding interface: batadv_slave_0
[  538.787279][T15551] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  538.817616][T15551] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  538.819737][ T5143] Bluetooth: hci5: command tx timeout
[  538.924086][T15551] batman_adv: batadv0: Adding interface: batadv_slave_1
[  538.958437][T15551] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  539.024604][T15551] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  539.214652][T15663] loop4: detected capacity change from 0 to 4096
[  539.232682][T15668] 9pnet: p9_errstr2errno: server reported unknown error 
[  539.269729][T15663] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  539.285452][T15551] hsr_slave_0: entered promiscuous mode
[  539.317483][T15551] hsr_slave_1: entered promiscuous mode
[  539.337418][T15551] debugfs: 'hsr0' already exists in 'hsr'
[  539.346656][T15551] Cannot create hsr debugfs directory
[  539.417409][T15663] ntfs3(loop4): ino=19, mi_enum_attr
[  539.423696][T15663] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  539.578577][ T6030] IPVS: stop unused estimator thread 0...
[  539.735806][T15681] faux_driver vgem: [drm] Unknown color mode 13; guessing buffer size.
[  539.914925][T15551] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  540.097986][T15551] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  540.195262][T15696] loop3: detected capacity change from 0 to 4096
[  540.252583][T15696] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  540.270299][T15551] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  540.281383][   T31] audit: type=1800 audit(2000000260.826:135): pid=15696 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3326" name="file3" dev="loop3" ino=16 res=0 errno=0
[  540.291260][T15696] fs-verity (loop3, inode 16): Error -22 reading file data
[  540.329694][T15696] fs-verity (loop3, inode 16): Error -22 building Merkle tree
[  540.395391][T15551] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  540.454775][T15416] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  540.753894][T15551] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  540.787031][T15551] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  540.832349][T15551] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  540.867255][T15551] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  541.142449][T15551] 8021q: adding VLAN 0 to HW filter on device bond0
[  541.194774][T15551] 8021q: adding VLAN 0 to HW filter on device team0
[  541.236701][ T3524] bridge0: port 1(bridge_slave_0) entered blocking state
[  541.243863][ T3524] bridge0: port 1(bridge_slave_0) entered forwarding state
[  541.317465][ T3524] bridge0: port 2(bridge_slave_1) entered blocking state
[  541.324627][ T3524] bridge0: port 2(bridge_slave_1) entered forwarding state
[  541.534846][T15728] loop9: detected capacity change from 0 to 4096
[  541.580869][T15728] ntfs3(loop9): Different NTFS sector size (4096) and media sector size (512).
[  541.601144][T13860] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  541.658211][T15728] ntfs3(loop9): ino=19, mi_enum_attr
[  541.663702][T15728] ntfs3(loop9): Mark volume as dirty due to NTFS errors
[  541.709053][T15735] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3340'.
[  541.769148][T13860] usb 1-1: Using ep0 maxpacket: 16
[  541.777170][T13860] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  541.799125][T13860] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  541.820843][T13860] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  541.850300][T13860] usb 1-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  541.868426][T13860] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  541.889487][T13860] usb 1-1: config 0 descriptor??
[  542.025392][T15551] 8021q: adding VLAN 0 to HW filter on device batadv0
[  542.076521][T15746] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3344'.
[  542.315931][T13860] HID 045e:07da: Invalid code 65791 type 1
[  542.366088][T13860] input: HID 045e:07da as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:045E:07DA.001F/input/input40
[  542.410513][T13860] microsoft 0003:045E:07DA.001F: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.0-1/input0
[  542.530258][T13860] usb 1-1: USB disconnect, device number 21
[  542.875769][T15551] veth0_vlan: entered promiscuous mode
[  542.917057][T15551] veth1_vlan: entered promiscuous mode
[  543.000087][T15551] veth0_macvtap: entered promiscuous mode
[  543.013470][T15551] veth1_macvtap: entered promiscuous mode
[  543.051290][T15551] batman_adv: batadv0: Interface activated: batadv_slave_0
[  543.076490][T15551] batman_adv: batadv0: Interface activated: batadv_slave_1
[  543.102867][ T6104] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  543.102934][ T6104] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  543.102993][ T6104] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  543.103054][ T6104] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  543.341340][   T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  543.367358][   T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  543.468653][ T6409] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  543.487451][ T6409] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  543.500088][T15788] hsr0: entered promiscuous mode
[  543.558127][T15788] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3360'.
[  543.607572][T15788] hsr_slave_0: left promiscuous mode
[  543.661031][T15788] hsr_slave_1: left promiscuous mode
[  543.753770][T15788] hsr0 (unregistering): left promiscuous mode
[  543.826394][T15799] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3366'.
[  544.426346][T15813] netlink: 'syz.5.3371': attribute type 1 has an invalid length.
[  544.693628][T15822] loop3: detected capacity change from 0 to 256
[  544.710624][T15822] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d)
[  544.728790][T15822] exFAT-fs (loop3): failed to test first cluster bit of root dir(5)
[  544.768893][T15822] exFAT-fs (loop3): start_clu is invalid cluster(0x400)
[  544.908123][ T5937] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  545.068368][ T5937] usb 5-1: Using ep0 maxpacket: 16
[  545.106976][ T5937] usb 5-1: config 0 has an invalid interface number: 41 but max is 0
[  545.115851][ T5937] usb 5-1: config 0 has no interface number 0
[  545.138497][ T5937] usb 5-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  545.162619][ T5937] usb 5-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  545.193034][ T5937] usb 5-1: config 0 interface 41 has no altsetting 0
[  545.214166][ T5937] usb 5-1: New USB device found, idVendor=0fe6, idProduct=9700, bcdDevice=d1.9a
[  545.228372][ T5937] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  545.246572][ T5937] usb 5-1: Product: syz
[  545.256746][ T5937] usb 5-1: Manufacturer: syz
[  545.288271][ T5937] usb 5-1: SerialNumber: syz
[  545.301664][ T5937] usb 5-1: config 0 descriptor??
[  545.309035][T15820] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  545.316328][T15820] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  545.372241][T15835] loop3: detected capacity change from 0 to 2048
[  545.397231][T15835] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  545.453516][T15835] UDF-fs: warning (device loop3): udf_rmdir: empty directory has nlink != 2 (0)
[  545.559553][T15823] loop9: detected capacity change from 0 to 32768
[  545.560239][T15820] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  545.580329][T15820] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  545.590979][T15823] btrfs: Deprecated parameter 'usebackuproot'
[  545.597060][T15823] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  545.651460][T15823] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.3375 (15823)
[  545.691516][T15841] loop3: detected capacity change from 0 to 256
[  545.701315][T15823] BTRFS info (device loop9): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  545.718716][T15823] BTRFS info (device loop9): using crc32c (crc32c-lib) checksum algorithm
[  545.735291][T15841] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  545.813557][T15823] BTRFS info (device loop9): rebuilding free space tree
[  545.838704][T15823] BTRFS info (device loop9): setting nodatasum
[  545.844899][T15823] BTRFS info (device loop9): enabling ssd optimizations
[  545.868215][T15823] BTRFS info (device loop9): turning on async discard
[  545.885396][T15823] BTRFS info (device loop9): enabling free space tree
[  545.894453][T15823] BTRFS info (device loop9): force clearing of disk cache
[  545.901756][T15823] BTRFS info (device loop9): trying to use backup root at mount time
[  545.918046][T15823] BTRFS info (device loop9): max_inline set to 0
[  546.006249][ T5937] Error reading MAC address
[  546.012818][T15820] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  546.020430][T15820] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  546.242346][ T5937] sr9700 5-1:0.41 (unnamed net_device) (uninitialized): Error reading MAC address
[  546.285215][ T5937] usb 5-1: USB disconnect, device number 30
[  546.441853][ T5940] libceph: connect (1)[c::]:6789 error -101
[  546.448230][ T5940] libceph: mon0 (1)[c::]:6789 connect error
[  546.478424][T15869] ceph: No mds server is up or the cluster is laggy
[  546.520797][ T9534] BTRFS info (device loop9): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  546.768772][T14615] IPVS: starting estimator thread 0...
[  546.869465][T15881] IPVS: using max 23 ests per chain, 55200 per kthread
[  547.027692][T15890] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci5/hci5:200/input41
[  547.258844][T15904] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3401'.
[  547.307966][T11797] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  547.459410][T13497] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  547.490162][T11797] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  547.511118][T11797] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  547.520707][T11797] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  547.531002][T11797] usb 5-1: SerialNumber: syz
[  547.648257][T13497] usb 6-1: Using ep0 maxpacket: 32
[  547.661428][T13497] usb 6-1: config 155 has an invalid descriptor of length 0, skipping remainder of the config
[  547.688640][T13497] usb 6-1: config 155 interface 0 altsetting 0 has an endpoint descriptor with address 0xE2, changing to 0x82
[  547.710782][T13497] usb 6-1: config 155 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  547.743240][T13497] usb 6-1: config 155 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 11
[  547.816926][T13497] usb 6-1: New USB device found, idVendor=15c2, idProduct=ffdc, bcdDevice=bd.30
[  547.827915][T13497] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  547.840605][T13497] usb 6-1: Product: syz
[  547.844805][T13497] usb 6-1: Manufacturer: syz
[  547.850365][T13497] usb 6-1: SerialNumber: syz
[  547.865022][    C1] imon 6-1:155.0: imon usb_rx_callback_intf0: status(-71)
[  547.881588][T13497] input: iMON Panel, Knob and Mouse(15c2:ffdc) as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:155.0/input/input42
[  548.098321][T13497] imon 6-1:155.0: Unknown 0xffdc device, defaulting to VFD and iMON IR
[  548.126930][T13497]  (id 0x00)
[  548.225017][T11797] cdc_ether 5-1:1.0 usb0: register 'cdc_ether' at usb-dummy_hcd.4-1, CDC Ethernet Device, 42:42:42:42:42:42
[  548.300534][T13497] rc_core: IR keymap rc-imon-pad not found
[  548.306360][T13497] Registered IR keymap rc-empty
[  548.334884][T13497] imon 6-1:155.0: Looks like you're trying to use an IR protocol this device does not support
[  548.365922][T13497] imon 6-1:155.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  548.430175][T13497] rc rc0: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:155.0/rc/rc0
[  548.451304][T13497] input: iMON Remote (15c2:ffdc) as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:155.0/rc/rc0/input43
[  548.520777][T13497] imon 6-1:155.0: iMON device (15c2:ffdc, intf0) on usb<6:14> initialized
[  548.625040][T13497] usb 5-1: USB disconnect, device number 31
[  548.653980][T13497] cdc_ether 5-1:1.0 usb0: unregister 'cdc_ether' usb-dummy_hcd.4-1, CDC Ethernet Device
[  548.768510][T11797] usb 6-1: USB disconnect, device number 14
[  548.918679][T15915] loop7: detected capacity change from 0 to 32768
[  548.936310][T15915] btrfs: Deprecated parameter 'usebackuproot'
[  548.955614][T15915] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  549.302002][T15919] loop9: detected capacity change from 0 to 40427
[  549.323638][T15915] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.3404 (15915)
[  549.361072][T15919] F2FS-fs (loop9): invalid crc value
[  549.366910][T15915] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  549.458146][T15915] BTRFS info (device loop7): using crc32c (crc32c-lib) checksum algorithm
[  549.616644][T15928] loop3: detected capacity change from 0 to 131072
[  549.628142][T15928] F2FS-fs (loop3): invalid crc value
[  549.723152][T15928] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  549.748299][T15928] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  549.770998][T15915] BTRFS info (device loop7): rebuilding free space tree
[  549.804430][T15919] F2FS-fs (loop9): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  549.823133][T15915] BTRFS info (device loop7): setting nodatasum
[  549.829684][T15919] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  549.837199][T15915] BTRFS info (device loop7): enabling ssd optimizations
[  549.874025][T15915] BTRFS info (device loop7): turning on async discard
[  549.898117][T15919] F2FS-fs (loop9): Inconsistent error blkaddr:5633, sit bitmap:0
[  549.916036][T15915] BTRFS info (device loop7): enabling free space tree
[  549.924191][T15919] CPU: 0 UID: 0 PID: 15919 Comm: syz.9.3407 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  549.924247][T15919] Tainted: [L]=SOFTLOCKUP
[  549.924261][T15919] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  549.924285][T15919] Call Trace:
[  549.924297][T15919]  <TASK>
[  549.924311][T15919]  dump_stack_lvl+0x16c/0x1f0
[  549.924357][T15919]  __f2fs_is_valid_blkaddr+0xb95/0x1310
[  549.924405][T15919]  ? f2fs_get_read_data_folio+0x1aa/0xf10
[  549.924445][T15919]  f2fs_is_valid_blkaddr+0xce/0x2b0
[  549.924486][T15919]  ? srso_alias_return_thunk+0x5/0xfbef5
[  549.924542][T15919]  f2fs_get_read_data_folio+0x1aa/0xf10
[  549.924587][T15919]  ? f2fs_find_data_folio+0x17f/0x3f0
[  549.924629][T15919]  ? __pfx_f2fs_get_read_data_folio+0x10/0x10
[  549.924670][T15919]  ? register_lock_class+0x41/0x4b0
[  549.924724][T15919]  ? srso_alias_return_thunk+0x5/0xfbef5
[  549.924770][T15919]  ? __filemap_get_folio_mpol+0x32f/0xc60
[  549.924844][T15919]  f2fs_find_data_folio+0x17f/0x3f0
[  549.924893][T15919]  f2fs_readdir+0x4d6/0xa90
[  549.924958][T15919]  ? __pfx_f2fs_readdir+0x10/0x10
[  549.925013][T15919]  ? srso_alias_return_thunk+0x5/0xfbef5
[  549.925062][T15919]  ? srso_alias_return_thunk+0x5/0xfbef5
[  549.925108][T15919]  ? down_read_killable+0x313/0x4c0
[  549.925164][T15919]  ? srso_alias_return_thunk+0x5/0xfbef5
[  549.925210][T15919]  ? common_file_perm+0x1b1/0x500
[  549.925279][T15919]  iterate_dir+0x296/0xaf0
[  549.925325][T15919]  __x64_sys_getdents+0x13c/0x2b0
[  549.925365][T15919]  ? __pfx___x64_sys_getdents+0x10/0x10
[  549.925403][T15919]  ? srso_alias_return_thunk+0x5/0xfbef5
[  549.925451][T15919]  ? __pfx_filldir+0x10/0x10
[  549.925505][T15919]  do_syscall_64+0xcd/0xf80
[  549.925552][T15919]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  549.925591][T15919] RIP: 0033:0x7f24a2f8f749
[  549.925622][T15919] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  549.925661][T15919] RSP: 002b:00007f24a3e05038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[  549.925697][T15919] RAX: ffffffffffffffda RBX: 00007f24a31e5fa0 RCX: 00007f24a2f8f749
[  549.925724][T15919] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  549.925748][T15919] RBP: 00007f24a3013f91 R08: 0000000000000000 R09: 0000000000000000
[  549.925773][T15919] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  549.925798][T15919] R13: 00007f24a31e6038 R14: 00007f24a31e5fa0 R15: 00007ffe2beb3708
[  549.925850][T15919]  </TASK>
[  550.173573][T15915] BTRFS info (device loop7): force clearing of disk cache
[  550.182566][T15915] BTRFS info (device loop7): trying to use backup root at mount time
[  550.191138][T15915] BTRFS info (device loop7): max_inline set to 0
[  550.375738][ T5937] hid-generic 0000:0000:0000.0020: unknown main item tag 0x0
[  550.394079][ T5937] hid-generic 0000:0000:0000.0020: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  550.762045][T14660] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  550.766820][T15968] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3419'.
[  551.356595][T15981] loop5: detected capacity change from 0 to 128
[  552.062474][T16003] netlink: 'syz.4.3432': attribute type 9 has an invalid length.
[  552.071333][T16003] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3432'.
[  552.089940][T16003] hsr0: entered promiscuous mode
[  552.096126][T16003] macvlan2: entered promiscuous mode
[  552.102092][T16003] macvlan2: entered allmulticast mode
[  552.107773][T16003] hsr0: entered allmulticast mode
[  552.112828][T16003] hsr_slave_0: entered allmulticast mode
[  552.118900][T16003] hsr_slave_1: entered allmulticast mode
[  552.281222][T16005] lo speed is unknown, defaulting to 1000
[  552.363511][T16006] lo speed is unknown, defaulting to 1000
[  552.677407][T16015] loop5: detected capacity change from 0 to 4096
[  553.674022][T16050] use of bytesused == 0 is deprecated and will be removed in the future,
[  553.762832][T16050] use the actual size instead.
[  553.837538][T16053] ref_ctr_offset mismatch. inode: 0xc4 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x200000000180
[  554.504335][ T6005] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  554.693880][ T6005] usb 1-1: Using ep0 maxpacket: 8
[  554.736274][ T6005] usb 1-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  554.778555][ T6005] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  554.821101][ T6005] usb 1-1: Product: syz
[  554.825285][ T6005] usb 1-1: Manufacturer: syz
[  554.843205][ T6005] usb 1-1: SerialNumber: syz
[  554.868532][ T6005] usb 1-1: config 0 descriptor??
[  554.884834][T16047] loop4: detected capacity change from 0 to 32768
[  554.950699][ T6005] gspca_main: se401-2.14.0 probing 047d:5003
[  555.001171][T16047] JBD2: Ignoring recovery information on journal
[  555.028808][T16071] dummy0: entered promiscuous mode
[  555.081934][T16071] bond_slave_0: entered promiscuous mode
[  555.109458][T16071] bond_slave_0: left promiscuous mode
[  555.137708][T16071] dummy0: left promiscuous mode
[  555.156779][T16047] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  555.354114][ T6005] gspca_se401: Frame size: 0x2 bayer
[  555.367488][ T6005] gspca_se401: Frame size: 0x65535 bayer
[  555.387371][ T6005] gspca_se401: Frame size: 65535x0 bayer
[  555.484549][T16085] loop5: detected capacity change from 0 to 512
[  555.496123][ T5823] ocfs2: Unmounting device (7,4) on (node local)
[  555.511878][T16085] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  555.537799][T16085] EXT4-fs (loop5): 1 truncate cleaned up
[  555.545388][T16085] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  555.558692][ T6005] input: se401 as /devices/platform/dummy_hcd.0/usb1/1-1/input/input44
[  555.576632][ T6005] usb 1-1: USB disconnect, device number 22
[  555.628059][   T31] audit: type=1800 audit(2000000276.167:136): pid=16085 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3461" name="file1" dev="loop5" ino=15 res=0 errno=0
[  555.792206][T15551] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  555.824680][T16095] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3467'.
[  555.836840][T16093] loop3: detected capacity change from 0 to 1024
[  555.858495][T16093] EXT4-fs: Ignoring removed bh option
[  555.875204][T16093] EXT4-fs (loop3): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  555.926109][T16093] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  556.279753][T15416] EXT4-fs error (device loop3): ext4_read_inline_dir:1485: inode #12: block 7: comm syz-executor: path /38/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  556.387312][T15416] EXT4-fs (loop3): Remounting filesystem read-only
[  556.472453][T15416] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  557.120222][T16101] loop5: detected capacity change from 0 to 32768
[  557.147702][T16101] btrfs: Deprecated parameter 'usebackuproot'
[  557.154114][T16101] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  557.198899][T16101] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.3466 (16101)
[  557.241166][T16101] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  557.277397][T16101] BTRFS info (device loop5): using crc32c (crc32c-lib) checksum algorithm
[  557.404563][T16123] loop3: detected capacity change from 0 to 32768
[  557.413070][T16123] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3474 (16123)
[  557.432193][T16123] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  557.442858][T16123] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  557.540271][T16101] BTRFS info (device loop5): rebuilding free space tree
[  557.578130][T16101] BTRFS info (device loop5): setting nodatasum
[  557.594980][T16101] BTRFS info (device loop5): enabling ssd optimizations
[  557.612250][T16101] BTRFS info (device loop5): turning on async discard
[  557.618525][T16123] BTRFS info (device loop3): rebuilding free space tree
[  557.622373][T16101] BTRFS info (device loop5): enabling free space tree
[  557.658185][T16123] BTRFS info (device loop3): disabling free space tree
[  557.665141][T16101] BTRFS info (device loop5): force clearing of disk cache
[  557.665176][T16101] BTRFS info (device loop5): trying to use backup root at mount time
[  557.665209][T16101] BTRFS info (device loop5): max_inline set to 0
[  557.715324][T16123] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  557.751868][T16123] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  557.810902][T16123] BTRFS info (device loop3): setting nodatasum
[  557.836948][T16123] BTRFS info (device loop3): setting nodatacow
[  557.853338][T16123] BTRFS info (device loop3): turning off barriers
[  557.864493][T16123] BTRFS info (device loop3): force clearing of disk cache
[  558.048093][ T5940] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  558.150680][T15416] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  558.231376][T15551] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  558.247221][ T5940] usb 1-1: Using ep0 maxpacket: 32
[  558.254792][ T5940] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  558.287880][ T5940] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  558.310997][ T5940] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00
[  558.336276][ T5940] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  558.387249][ T5940] usb 1-1: config 0 descriptor??
[  558.749280][T16179] netlink: 'syz.4.3491': attribute type 12 has an invalid length.
[  558.776097][T16179] netlink: 'syz.4.3491': attribute type 29 has an invalid length.
[  558.795441][T16179] netlink: 148 bytes leftover after parsing attributes in process `syz.4.3491'.
[  558.805346][T16179] netlink: 'syz.4.3491': attribute type 1 has an invalid length.
[  558.821863][ T5940] koneplus 0003:1E7D:2D51.0021: hidraw0: USB HID v0.00 Device [HID 1e7d:2d51] on usb-dummy_hcd.0-1/input0
[  558.831138][T16179] netlink: 43 bytes leftover after parsing attributes in process `syz.4.3491'.
[  559.156812][T16190] loop3: detected capacity change from 0 to 1024
[  559.192791][T16190] EXT4-fs: Ignoring removed orlov option
[  559.212763][ T5940] usb 1-1: USB disconnect, device number 23
[  559.254631][T16190] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  559.277327][T16190] ext4 filesystem being mounted at /42/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  559.346824][   T31] audit: type=1800 audit(2000000279.887:137): pid=16190 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3495" name="file1" dev="loop3" ino=15 res=0 errno=0
[  559.369541][   T31] audit: type=1800 audit(2000000279.917:138): pid=16190 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3495" name="file1" dev="loop3" ino=15 res=0 errno=0
[  559.482424][T16190] EXT4-fs error (device loop3): ext4_map_blocks:825: inode #15: comm syz.3.3495: lblock 0 mapped to illegal pblock 0 (length 1)
[  559.521231][T16190] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  559.540782][T16190] EXT4-fs (loop3): This should not happen!! Data will be lost
[  559.540782][T16190] 
[  559.577417][T16193] EXT4-fs error (device loop3): ext4_validate_block_bitmap:440: comm ext4lazyinit: bg 0: block 112: padding at end of block bitmap is not set
[  559.584087][T16190] EXT4-fs error (device loop3): ext4_map_blocks:825: inode #15: block 1: comm syz.3.3495: lblock 1 mapped to illegal pblock 1 (length 1)
[  559.595151][T16183] loop5: detected capacity change from 0 to 32768
[  559.641059][T16183] ea_get: invalid extended attribute
[  559.648232][T16183] ffff88807a1227d0: 04 00 00 00                                      ....
[  559.650195][T16199] loop9: detected capacity change from 0 to 4096
[  559.669757][T16183] ea_get: invalid extended attribute
[  559.694878][T16190] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 1 with error 117
[  559.704824][T16183] ffff88807a1227d0: 04 00 00 00                                      ....
[  559.712112][T16190] EXT4-fs (loop3): This should not happen!! Data will be lost
[  559.712112][T16190] 
[  559.726937][T16201] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  559.757497][T16200] EXT4-fs error (device loop3): ext4_map_blocks:783: inode #15: comm syz.3.3495: lblock 0 mapped to illegal pblock 0 (length 2)
[  559.960375][T15416] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  560.207260][   T24] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  560.302943][T16214] syzkaller1: entered promiscuous mode
[  560.337547][T16214] syzkaller1: entered allmulticast mode
[  560.397282][   T24] usb 1-1: Using ep0 maxpacket: 16
[  560.405190][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  560.427076][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  560.475554][   T24] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  560.515310][   T24] usb 1-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  560.529092][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  560.541298][   T24] usb 1-1: config 0 descriptor??
[  560.573367][T16221] loop5: detected capacity change from 0 to 128
[  560.582722][T16221] hpfs: hpfs_map_sector(): read error
[  560.589758][T16221] hpfs: filesystem error: can't load hotfix map; already mounted read-only
[  560.613031][T16221] hpfs: hpfs_map_sector(): read error
[  560.662854][T16223] netlink: 28 bytes leftover after parsing attributes in process `syz.9.3508'.
[  560.672716][T16223] netlink: 28 bytes leftover after parsing attributes in process `syz.9.3508'.
[  560.787107][ T9630] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  560.829018][ T5143] Bluetooth: hci1: unexpected event for opcode 0x041c
[  560.950343][ T9630] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  560.976942][ T9630] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  561.004847][   T24] input: HID 0955:7214 Haptics as /devices/virtual/input/input45
[  561.027050][ T9630] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  561.051752][ T9630] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  561.079842][T16219] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  561.081288][   T24] shield 0003:0955:7214.0022: Registered Thunderstrike controller
[  561.101624][   T24] shield 0003:0955:7214.0022: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.0-1/input0
[  561.118479][ T9630] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  561.250745][T11797] shield 0003:0955:7214.0022: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  561.263004][ T9630] usb 1-1: USB disconnect, device number 24
[  561.278660][T11797] shield 0003:0955:7214.0022: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  561.297488][T16243] ref_ctr_offset mismatch. inode: 0x9b offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x200000000180
[  561.302599][T11797] shield 0003:0955:7214.0022: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  561.322185][T11797] shield 0003:0955:7214.0022: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  561.534870][ T5940] usb 5-1: USB disconnect, device number 32
[  561.657318][T16249] loop3: detected capacity change from 0 to 4096
[  561.684146][T16249] NILFS (loop3): invalid segment: Checksum error in segment payload
[  561.733252][T16249] NILFS (loop3): trying rollback from an earlier position
[  561.777346][T16249] NILFS (loop3): recovery complete
[  561.788156][T16257] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  561.994297][T16260] Bluetooth: MGMT ver 1.23
[  562.900610][T16268] loop4: detected capacity change from 0 to 65536
[  562.996549][T16268] XFS (loop4): Mounting V5 Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  563.017864][T16268] XFS (loop4): Ending clean mount
[  563.067176][T16290] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3535'.
[  563.078390][T16268] XFS (loop4): Metadata CRC error detected at xfs_agfl_read_verify+0x12d/0x1d0, xfs_agfl block 0x3 
[  563.090619][T16268] XFS (loop4): Unmount and run xfs_repair
[  563.096746][T16268] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[  563.104226][T16268] 00000000: 58 41 46 4c 00 00 00 00 d6 f6 9d bd 8c 5d 46 be  XAFL.........]F.
[  563.113139][T16268] 00000010: b8 8e 92 c0 ae 88 ce b2 00 00 00 00 00 00 00 00  ................
[  563.122191][T16268] 00000020: 35 fc 5c 25 ff 00 ff ff 00 00 00 05 00 00 00 06  5.\%............
[  563.131467][T16268] 00000030: 00 00 00 07 00 00 00 08 ff ff ff ff ff ff ff ff  ................
[  563.140395][T16268] 00000040: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  563.149320][T16268] 00000050: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  563.158185][T16290] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3535'.
[  563.167187][T16268] 00000060: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  563.167257][T16268] 00000070: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff  ................
[  563.167286][T16268] XFS (loop4): metadata I/O error in "xfs_alloc_read_agfl+0x23b/0x390" at daddr 0x3 len 1 error 74
[  563.255291][ T5823] XFS (loop4): Unmounting Filesystem d6f69dbd-8c5d-46be-b88e-92c0ae88ceb2
[  563.277041][ T5823] XFS (loop4): Uncorrected metadata errors detected; please run xfs_repair.
[  563.457050][ T5925] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  563.637440][ T5925] usb 4-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  563.646645][ T5925] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  563.697366][ T5925] usb 4-1: Product: syz
[  563.701552][ T5925] usb 4-1: Manufacturer: syz
[  563.714445][ T5925] usb 4-1: SerialNumber: syz
[  563.748609][ T5925] usb 4-1: config 0 descriptor??
[  563.965276][ T6005] usb 4-1: USB disconnect, device number 11
[  564.167042][ T5940] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[  564.256730][T16318] loop5: detected capacity change from 0 to 128
[  564.306147][T16318] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  564.329942][ T5940] usb 10-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  564.341501][ T5940] usb 10-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  564.352296][ T5940] usb 10-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  564.361660][ T5940] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  564.362935][T16318] ext4 filesystem being mounted at /35/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  564.409190][T16307] raw-gadget.1 gadget.9: fail, usb_ep_enable returned -22
[  564.429613][ T5940] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[  564.631676][T15551] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  564.696414][T16326] loop7: detected capacity change from 0 to 1024
[  564.734487][T16326] EXT4-fs: Ignoring removed nobh option
[  564.753698][T16326] EXT4-fs: Ignoring removed bh option
[  564.787814][T16326] EXT4-fs (loop7): stripe (8) is not aligned with cluster size (16), stripe is disabled
[  564.894521][T16326] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  564.941475][ T6005] usb 10-1: USB disconnect, device number 15
[  565.115054][T14660] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  565.276844][T11797] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  565.694445][T16354] loop4: detected capacity change from 0 to 40427
[  565.711338][T16354] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  565.719173][T16354] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  565.733762][T16354] F2FS-fs (loop4): invalid crc value
[  565.848275][T16354] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  565.877423][T16354] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  565.884514][T16354] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  566.294894][T16363] loop9: detected capacity change from 0 to 1024
[  566.326783][T11797] usb 1-1: Using ep0 maxpacket: 16
[  566.329543][T16363] EXT4-fs: Ignoring removed orlov option
[  566.335026][T11797] usb 1-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  566.347199][T11797] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  566.358394][T11797] usb 1-1: config 0 descriptor??
[  566.409636][T16363] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  566.543076][T16363] EXT4-fs: Ignoring removed orlov option
[  566.559383][T16363] EXT4-fs: Remounting file system with no journal so ignoring journalled data option
[  566.570257][T16352] loop5: detected capacity change from 0 to 131072
[  566.581270][T16352] F2FS-fs (loop5): Test dummy encryption mode enabled
[  566.590574][T11797] gspca_main: sonixj-2.14.0 probing 0471:0327
[  566.601835][T16363] EXT4-fs error (device loop9): __ext4_remount:6789: comm syz.9.3565: Abort forced by user
[  566.614047][T16352] F2FS-fs (loop5): invalid crc value
[  566.621603][T16363] EXT4-fs (loop9): Remounting filesystem read-only
[  566.628597][T16363] EXT4-fs (loop9): re-mounted 00000000-0000-0000-0000-000000000000.
[  566.721889][T16352] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  566.732947][T16352] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  566.741449][   T31] audit: type=1326 audit(2000000287.278:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16372 comm="syz.3.3569" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff43cf8f749 code=0x0
[  566.789120][ T9534] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  567.121909][T16380] loop7: detected capacity change from 0 to 1024
[  567.135468][T16380] EXT4-fs: Ignoring removed bh option
[  567.142499][T16380] EXT4-fs (loop7): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  567.169084][T16380] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  567.238701][T16384] dummy0: entered promiscuous mode
[  567.265684][T16384] bond_slave_0: entered promiscuous mode
[  567.288818][T16384] bond_slave_0: left promiscuous mode
[  567.307933][T16384] dummy0: left promiscuous mode
[  567.318137][T16380] evm: overlay not supported
[  567.384854][T16380] EXT4-fs error (device loop7): ext4_find_dest_de:2049: inode #12: block 7: comm syz.7.3572: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0
[  567.414721][T16380] EXT4-fs (loop7): Remounting filesystem read-only
[  567.501229][T14660] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  567.525641][   T10] usb 1-1: USB disconnect, device number 25
[  567.536713][ T5937] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[  567.706675][ T5937] usb 5-1: Using ep0 maxpacket: 16
[  567.724506][ T5937] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  567.754120][ T5937] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  567.773759][ T5937] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  567.797848][ T5937] usb 5-1: config 0 descriptor??
[  568.027605][T16399] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3578'.
[  568.226509][ T5937] mcp2221 0003:04D8:00DD.0023: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.4-1/input0
[  568.322851][T16407] loop9: detected capacity change from 0 to 1024
[  568.338078][T16407] EXT4-fs: Ignoring removed oldalloc option
[  568.344260][T16407] EXT4-fs: Ignoring removed bh option
[  568.372108][T16407] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  568.433451][ T5940] usb 5-1: USB disconnect, device number 33
[  568.454915][T16389] loop3: detected capacity change from 0 to 32768
[  568.462319][T16389] btrfs: Deprecated parameter 'usebackuproot'
[  568.468457][T16389] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  568.478461][T16389] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3574 (16389)
[  568.497970][T16389] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  568.508838][ T5937] usb 1-1: new full-speed USB device number 26 using dummy_hcd
[  568.538789][T16389] BTRFS info (device loop3): using crc32c (crc32c-lib) checksum algorithm
[  568.581982][ T9534] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  568.671153][ T5937] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  568.680151][ T5937] usb 1-1: config 1 has no interface number 0
[  568.686672][ T5937] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  568.704309][ T5937] usb 1-1: config 1 interface 1 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  568.734462][T16389] BTRFS info (device loop3): rebuilding free space tree
[  568.769918][ T5937] usb 1-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  568.782638][T16389] BTRFS info (device loop3): setting nodatasum
[  568.794217][T16389] BTRFS info (device loop3): enabling ssd optimizations
[  568.809347][ T5937] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 512, setting to 64
[  568.830330][T16389] BTRFS info (device loop3): turning on async discard
[  568.840396][ T5937] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 107, setting to 64
[  568.851458][T16389] BTRFS info (device loop3): enabling free space tree
[  568.861096][T16389] BTRFS info (device loop3): force clearing of disk cache
[  568.869567][T16389] BTRFS info (device loop3): trying to use backup root at mount time
[  568.879430][T16429] loop9: detected capacity change from 0 to 1024
[  568.886646][ T5937] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  568.901489][ T5937] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=7
[  568.909832][T16389] BTRFS info (device loop3): max_inline set to 0
[  568.918284][T16429] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  568.919167][ T5937] usb 1-1: Product: syz
[  568.933361][ T5937] usb 1-1: Manufacturer: syz
[  568.938207][ T5937] usb 1-1: SerialNumber: syz
[  568.950830][T16405] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  568.970505][T16429] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  568.983372][T16429] EXT4-fs (loop9): orphan cleanup on readonly fs
[  568.990748][T16429] EXT4-fs error (device loop9): ext4_free_blocks:6727: comm syz.9.3583: Freeing blocks not in datazone - block = 0, count = 4096
[  569.004779][T16429] EXT4-fs (loop9): 1 orphan inode deleted
[  569.015721][T16429] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  569.069645][ T9534] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  569.200649][T16405] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  569.322940][T16438] loop9: detected capacity change from 0 to 4096
[  569.384246][T16440] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  569.422332][T16405] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  569.448567][T15416] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  569.477357][T13497] usb 5-1: new high-speed USB device number 34 using dummy_hcd
[  569.653740][T13497] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  569.676659][T13497] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  569.717416][T13497] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66
[  569.745669][T13497] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  569.782562][T13497] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  569.809438][T13497] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  569.828777][T13497] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  569.852674][T16405] raw-gadget.2 gadget.0: fail, usb_ep_enable returned -22
[  569.875150][T13497] usb 5-1: Product: syz
[  569.885266][T13497] usb 5-1: Manufacturer: syz
[  569.971735][T13497] cdc_wdm 5-1:1.0: skipping garbage
[  569.990662][T13497] cdc_wdm 5-1:1.0: skipping garbage
[  570.017827][T13497] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  570.037006][T13497] cdc_wdm 5-1:1.0: Unknown control protocol
[  570.196888][T13497] usb 5-1: USB disconnect, device number 34
[  570.230087][T16442] loop9: detected capacity change from 0 to 32768
[  570.242805][ T5937] cdc_ncm 1-1:1.1: bind() failure
[  570.251215][T16442] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  570.260539][T16442] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  570.291013][ T5937] usb 1-1: USB disconnect, device number 26
[  570.303355][T16442] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 1ms
[  570.315494][ T5940] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  570.324646][ T5940] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  570.416689][ T5940] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 92ms
[  570.424192][ T5940] gfs2: fsid=syz:syz.0: jid=0: Done
[  570.429762][T16442] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  570.626818][T16460] input: syz1 as /devices/virtual/input/input46
[  571.368053][T16481] netlink: 92 bytes leftover after parsing attributes in process `syz.0.3606'.
[  571.546523][T13497] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  571.706436][T13497] usb 6-1: Using ep0 maxpacket: 16
[  571.720160][T13497] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  571.758747][T13497] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  571.785363][T13497] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  571.803640][T13497] usb 6-1: Product: syz
[  571.816420][T13497] usb 6-1: Manufacturer: syz
[  571.823843][T13497] usb 6-1: SerialNumber: syz
[  571.834882][T16492] tun0: tun_chr_ioctl cmd 1074025675
[  571.845354][T13497] usb 6-1: config 0 descriptor??
[  571.858751][T16492] tun0: persist enabled
[  571.868315][T13497] hub 6-1:0.0: bad descriptor, ignoring hub
[  571.884928][T13497] hub 6-1:0.0: probe with driver hub failed with error -5
[  571.892813][T16492] tun0: tun_chr_ioctl cmd 1074025675
[  571.906437][T16492] tun0: persist enabled
[  571.914813][T13497] input: syz syz as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input47
[  572.424513][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  572.432547][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  572.442223][T13497] usb 6-1: USB disconnect, device number 15
[  572.862051][T16519] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  572.876069][T16519] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  572.907028][T16519] overlayfs: inode number too big (/, ino=4611686018427387905, xinobits=3)
[  573.016929][ T3487] bridge_slave_1: left allmulticast mode
[  573.043052][ T3487] bridge_slave_1: left promiscuous mode
[  573.050746][ T3487] bridge0: port 2(bridge_slave_1) entered disabled state
[  573.077984][ T3487] bridge_slave_0: left allmulticast mode
[  573.084607][ T3487] bridge_slave_0: left promiscuous mode
[  573.102212][ T3487] bridge0: port 1(bridge_slave_0) entered disabled state
[  573.126822][ T5937] usb 1-1: new high-speed USB device number 27 using dummy_hcd
[  573.197912][T16530] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3623'.
[  573.216571][T16530] netlink: 'syz.3.3623': attribute type 30 has an invalid length.
[  573.268398][T16533] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3623'.
[  573.296596][T16533] netlink: 'syz.3.3623': attribute type 30 has an invalid length.
[  573.308412][ T5937] usb 1-1: New USB device found, idVendor=1645, idProduct=0008, bcdDevice=cf.36
[  573.326392][ T5937] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  573.350659][ T5937] usb 1-1: config 0 descriptor??
[  573.583956][T16539] loop5: detected capacity change from 0 to 1024
[  573.597364][ T5937] kaweth 1-1:0.0: Firmware present in device.
[  573.731346][ T3487] bond1 (unregistering): (slave bridge1): Releasing backup interface
[  573.778737][ T5937] kaweth 1-1:0.0: Statistics collection: 0
[  573.791679][ T5937] kaweth 1-1:0.0: Multicast filter limit: 0
[  573.805652][ T5937] kaweth 1-1:0.0: MTU: 0
[  573.813459][ T5937] kaweth 1-1:0.0: Read MAC address 00:00:00:00:00:00
[  573.917221][ T3487] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  573.930903][ T3487] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  573.941035][ T3487] bond0 (unregistering): Released all slaves
[  574.056922][ T3487] bond1 (unregistering): Released all slaves
[  574.095818][T15648] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  574.106999][T15648] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  574.115830][T15648] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  574.147511][T15648] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  574.395180][ T5937] kaweth 1-1:0.0: Error setting receive filter
[  574.415701][ T5937] kaweth 1-1:0.0: probe with driver kaweth failed with error -5
[  574.444854][ T5937] usb 1-1: USB disconnect, device number 27
[  574.579638][ T3487] hsr_slave_0: left promiscuous mode
[  574.593096][ T3487] hsr_slave_1: left promiscuous mode
[  574.607500][ T3487] batman_adv: batadv0: Removing interface: batadv_slave_0
[  574.628097][ T3487] batman_adv: batadv0: Removing interface: batadv_slave_1
[  575.251455][T16569] loop9: detected capacity change from 0 to 512
[  575.271369][T16569] EXT4-fs: Ignoring removed oldalloc option
[  575.327429][T16569] EXT4-fs error (device loop9): ext4_xattr_inode_iget:436: comm syz.9.3639: Parent and EA inode have the same ino 15
[  575.349777][T16554] loop4: detected capacity change from 0 to 32768
[  575.357218][T16554] btrfs: Deprecated parameter 'usebackuproot'
[  575.363555][T16554] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  575.376963][T16554] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.3630 (16554)
[  575.378661][T16569] EXT4-fs error (device loop9): ext4_xattr_inode_iget:436: comm syz.9.3639: Parent and EA inode have the same ino 15
[  575.408691][T16554] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  575.419896][T16554] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  575.485588][T16569] EXT4-fs (loop9): 1 orphan inode deleted
[  575.491675][T13497] usb 1-1: new high-speed USB device number 28 using dummy_hcd
[  575.524761][T16569] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  575.605412][T16554] BTRFS info (device loop4): rebuilding free space tree
[  575.617571][ T9534] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  575.656280][T13497] usb 1-1: Using ep0 maxpacket: 16
[  575.664515][T13497] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  575.689849][T13497] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  575.701995][T13497] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  575.715553][T13497] usb 1-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  575.725102][T13497] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  575.726251][T16554] BTRFS info (device loop4): setting nodatasum
[  575.736631][T13497] usb 1-1: config 0 descriptor??
[  575.757773][T16600] loop7: detected capacity change from 0 to 512
[  575.758642][T16554] BTRFS info (device loop4): enabling ssd optimizations
[  575.789548][T16554] BTRFS info (device loop4): turning on async discard
[  575.797185][T16554] BTRFS info (device loop4): enabling free space tree
[  575.800682][T16600] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  575.804174][T16554] BTRFS info (device loop4): force clearing of disk cache
[  575.831450][T16554] BTRFS info (device loop4): trying to use backup root at mount time
[  575.844997][T16554] BTRFS info (device loop4): max_inline set to 0
[  576.028589][T16606] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  576.047728][T14660] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  576.169191][T13497] input: HID 05ac:8241 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:05AC:8241.0024/input/input48
[  576.285794][T13497] appleir 0003:05AC:8241.0024: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.0-1/input0
[  576.366398][T13497] usb 1-1: USB disconnect, device number 28
[  576.411754][ T5823] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  576.522794][ T3487] team0 (unregistering): Port device team_slave_1 removed
[  576.644005][ T3487] team0 (unregistering): Port device team_slave_0 removed
[  577.629284][T16638] input: syz1 as /devices/virtual/input/input49
[  578.478954][T16630] loop4: detected capacity change from 0 to 32768
[  578.506155][ T5937] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  578.588175][T16630] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  578.677588][T16630] XFS (loop4): Ending clean mount
[  578.690444][T16630] XFS (loop4): Quotacheck needed: Please wait.
[  578.706814][ T5937] usb 6-1: Using ep0 maxpacket: 32
[  578.763174][ T5937] usb 6-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  578.796180][ T5937] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  578.822353][ T5937] usb 6-1: Product: syz
[  578.837013][T16630] XFS (loop4): Quotacheck: Done.
[  578.838247][ T5937] usb 6-1: Manufacturer: syz
[  578.858873][ T5937] usb 6-1: SerialNumber: syz
[  578.874323][ T5937] usb 6-1: config 0 descriptor??
[  578.891789][ T5937] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  578.961799][T16649] loop3: detected capacity change from 0 to 32768
[  578.977647][ T5823] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  578.989455][T16649] btrfs: Deprecated parameter 'usebackuproot'
[  579.038030][T16649] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  579.073152][T16649] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.3665 (16649)
[  579.148225][T16649] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  579.195474][T16649] BTRFS info (device loop3): using crc32c (crc32c-lib) checksum algorithm
[  579.417120][T16649] BTRFS info (device loop3): rebuilding free space tree
[  579.499569][T16649] BTRFS info (device loop3): setting nodatasum
[  579.529230][T16649] BTRFS info (device loop3): enabling ssd optimizations
[  579.546943][T16649] BTRFS info (device loop3): turning on async discard
[  579.562459][T16649] BTRFS info (device loop3): enabling free space tree
[  579.583240][T16649] BTRFS info (device loop3): force clearing of disk cache
[  579.600900][T16649] BTRFS info (device loop3): trying to use backup root at mount time
[  579.630712][T16649] BTRFS info (device loop3): max_inline set to 0
[  579.909908][ T5937] gspca_ov534_9: reg_w failed -71
[  580.106555][T15416] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  580.246541][ T5937] gspca_ov534_9: Unknown sensor 0000
[  580.246641][ T5937] ov534_9 6-1:0.0: probe with driver ov534_9 failed with error -22
[  580.284157][ T5937] usb 6-1: USB disconnect, device number 16
[  580.408305][T16708] loop9: detected capacity change from 0 to 32768
[  580.443060][T16708] JBD2: Ignoring recovery information on journal
[  580.637482][T16708] ocfs2: Mounting device (7,9) on (node local, slot 0) with ordered data mode.
[  580.883836][T16723] netlink: 4 bytes leftover after parsing attributes in process `syz.0.3689'.
[  580.902270][ T9534] ocfs2: Unmounting device (7,9) on (node local)
[  581.023073][T16726] input: syz1 as /devices/virtual/input/input50
[  581.306840][T16735] erspan0: entered promiscuous mode
[  581.332741][T16734] loop3: detected capacity change from 0 to 4096
[  581.364316][T16734] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  581.385052][T16734] ntfs3(loop3): Failed to load $Extend (-22).
[  581.393012][T16734] ntfs3(loop3): Failed to initialize $Extend.
[  582.275848][T11797] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  582.456017][T11797] usb 6-1: Using ep0 maxpacket: 16
[  582.464656][T11797] usb 6-1: config 0 has no interfaces?
[  582.487644][T11797] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  582.525823][T11797] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  582.533834][T11797] usb 6-1: SerialNumber: syz
[  582.556777][T11797] usb 6-1: config 0 descriptor??
[  582.777942][T16762] netlink: 64 bytes leftover after parsing attributes in process `syz.7.3705'.
[  582.941537][T16760] loop3: detected capacity change from 0 to 32768
[  582.967747][T16760] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  582.976381][T16760] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  582.993087][T16760] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  583.002571][T13860] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  583.013118][T13860] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  583.064583][T13860] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 51ms
[  583.072826][T13860] gfs2: fsid=syz:syz.0: jid=0: Done
[  583.077205][T16751] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  583.078654][T16760] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  583.145663][T16751] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  583.220592][T14615] usb 6-1: USB disconnect, device number 17
[  583.238864][T16760] gfs2: fsid=syz:syz.0: found 1 quota changes
[  583.386791][T15416] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error - inode = 11 2339, function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 402
[  583.465848][T15416] gfs2: fsid=syz:syz.0: G:  s:EX n:2/923 f:aqonN t:EX d:EX/0 a:0 v:0 r:2 m:20 p:1
[  583.496238][T15416] gfs2: fsid=syz:syz.0:  H: s:EX f:H e:0 p:15416 [syz-executor] gfs2_quota_sync+0x322/0x570
[  583.523100][T15416] gfs2: fsid=syz:syz.0:  I: n:11/2339 t:0 f:0x00 d:0x00000000 s:0 p:0
[  583.552763][T15416] CPU: 1 UID: 0 PID: 15416 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  583.552818][T15416] Tainted: [L]=SOFTLOCKUP
[  583.552832][T15416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  583.552855][T15416] Call Trace:
[  583.552867][T15416]  <TASK>
[  583.552881][T15416]  dump_stack_lvl+0x16c/0x1f0
[  583.552930][T15416]  gfs2_withdraw+0xc6/0x1d0
[  583.552972][T15416]  inode_go_instantiate+0xe71/0x12a0
[  583.553019][T15416]  ? __pfx_inode_go_instantiate+0x10/0x10
[  583.553059][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  583.553118][T15416]  gfs2_instantiate+0x16c/0x250
[  583.553171][T15416]  gfs2_glock_wait+0x214/0x330
[  583.553225][T15416]  ? __pfx_gfs2_glock_wait+0x10/0x10
[  583.553291][T15416]  gfs2_glock_nq+0xd1f/0x17b0
[  583.553357][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  583.553411][T15416]  do_sync+0x70d/0xd60
[  583.553464][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  583.553524][T15416]  ? __pfx_do_sync+0x10/0x10
[  583.553575][T15416]  ? __pfx_bh_get+0x10/0x10
[  583.553639][T15416]  ? gfs2_quota_sync+0x322/0x570
[  583.553697][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  583.553754][T15416]  gfs2_quota_sync+0x322/0x570
[  583.553825][T15416]  gfs2_sync_fs+0x44/0xb0
[  583.553868][T15416]  ? __pfx_gfs2_sync_fs+0x10/0x10
[  583.553916][T15416]  sync_filesystem+0x111/0x290
[  583.553971][T15416]  generic_shutdown_super+0x74/0x390
[  583.554033][T15416]  kill_block_super+0x3b/0x90
[  583.554090][T15416]  gfs2_kill_sb+0x4ab/0x590
[  583.554141][T15416]  deactivate_locked_super+0xc1/0x1a0
[  583.554180][T15416]  deactivate_super+0xde/0x100
[  583.554218][T15416]  cleanup_mnt+0x225/0x450
[  583.554265][T15416]  task_work_run+0x150/0x240
[  583.554316][T15416]  ? __pfx_task_work_run+0x10/0x10
[  583.554379][T15416]  exit_to_user_mode_loop+0xfb/0x540
[  583.554433][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  583.554486][T15416]  do_syscall_64+0x4ee/0xf80
[  583.554531][T15416]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  583.554569][T15416] RIP: 0033:0x7ff43cf90a77
[  583.554597][T15416] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  583.554634][T15416] RSP: 002b:00007ffdf57a4278 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  583.554668][T15416] RAX: 0000000000000000 RBX: 00007ff43d013d7d RCX: 00007ff43cf90a77
[  583.554693][T15416] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdf57a4330
[  583.554717][T15416] RBP: 00007ffdf57a4330 R08: 0000000000000000 R09: 0000000000000000
[  583.554741][T15416] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdf57a53c0
[  583.554766][T15416] R13: 00007ff43d013d7d R14: 000000000008e3be R15: 00007ffdf57a5400
[  583.554818][T15416]  </TASK>
[  583.822789][T15416] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  583.913472][T16780] vivid-003: =================  START STATUS  =================
[  583.937982][T16780] vivid-003: Radio HW Seek Mode: Bounded
[  583.955104][T16780] vivid-003: Radio Programmable HW Seek: false
[  583.973227][T16780] vivid-003: RDS Rx I/O Mode: Block I/O
[  584.015394][T16780] vivid-003: Generate RBDS Instead of RDS: false
[  584.044615][T16780] vivid-003: RDS Reception: true
[  584.069050][T16780] vivid-003: RDS Program Type: 0 inactive
[  584.088314][T16786] netlink: 20 bytes leftover after parsing attributes in process `syz.0.3713'.
[  584.110183][T16780] vivid-003: RDS PS Name:  inactive
[  584.139124][T16780] vivid-003: RDS Radio Text:  inactive
[  584.160323][T16780] vivid-003: RDS Traffic Announcement: false inactive
[  584.187304][T16771] loop7: detected capacity change from 0 to 40427
[  584.195383][T16771] F2FS-fs (loop7): Invalid log_blocksize (268), supports only 12
[  584.200604][T16780] vivid-003: RDS Traffic Program: 
[  584.204780][T16771] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  584.214217][T16780] false inactive
[  584.229343][T16780] vivid-003: RDS Music: false inactive
[  584.234848][T16780] vivid-003: ==================  END STATUS  ==================
[  584.245209][T16771] F2FS-fs (loop7): invalid crc value
[  584.414609][T16771] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  584.473047][T16771] F2FS-fs (loop7): Try to recover 1th superblock, ret: 0
[  584.487995][T16771] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  584.540299][T16800] loop4: detected capacity change from 0 to 256
[  585.586309][T14615] usb 10-1: new full-speed USB device number 16 using dummy_hcd
[  585.608087][T16802] loop5: detected capacity change from 0 to 40427
[  585.623020][T16818] loop4: detected capacity change from 0 to 256
[  585.629114][T16802] F2FS-fs (loop5): invalid crc value
[  585.660109][T16818] FAT-fs (loop4): Directory bread(block 64) failed
[  585.675749][T16818] FAT-fs (loop4): Directory bread(block 65) failed
[  585.683340][T16818] FAT-fs (loop4): Directory bread(block 66) failed
[  585.695526][T16818] FAT-fs (loop4): Directory bread(block 67) failed
[  585.704138][T16818] FAT-fs (loop4): Directory bread(block 68) failed
[  585.711303][T16818] FAT-fs (loop4): Directory bread(block 69) failed
[  585.718164][T16818] FAT-fs (loop4): Directory bread(block 70) failed
[  585.731760][T16818] FAT-fs (loop4): Directory bread(block 71) failed
[  585.744019][T16818] FAT-fs (loop4): Directory bread(block 72) failed
[  585.752481][T14615] usb 10-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  585.772739][T16818] FAT-fs (loop4): Directory bread(block 73) failed
[  585.775663][T16802] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  585.779345][T14615] usb 10-1: config 0 interface 0 has no altsetting 0
[  585.808663][T16802] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  585.822044][T14615] usb 10-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  585.855620][T14615] usb 10-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  585.895701][T14615] usb 10-1: Product: syz
[  585.899958][T14615] usb 10-1: Manufacturer: syz
[  585.904910][T14615] usb 10-1: SerialNumber: syz
[  585.947344][T14615] usb 10-1: config 0 descriptor??
[  585.963849][T14615] usb 10-1: selecting invalid altsetting 0
[  585.970646][T16802] F2FS-fs (loop5): Inconsistent error blkaddr:5633, sit bitmap:0
[  586.004323][T16802] CPU: 0 UID: 0 PID: 16802 Comm: syz.5.3719 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  586.004378][T16802] Tainted: [L]=SOFTLOCKUP
[  586.004393][T16802] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  586.004415][T16802] Call Trace:
[  586.004428][T16802]  <TASK>
[  586.004442][T16802]  dump_stack_lvl+0x16c/0x1f0
[  586.004487][T16802]  __f2fs_is_valid_blkaddr+0xb95/0x1310
[  586.004533][T16802]  ? f2fs_get_read_data_folio+0x1aa/0xf10
[  586.004572][T16802]  f2fs_is_valid_blkaddr+0xce/0x2b0
[  586.004613][T16802]  ? srso_alias_return_thunk+0x5/0xfbef5
[  586.004666][T16802]  f2fs_get_read_data_folio+0x1aa/0xf10
[  586.004709][T16802]  ? f2fs_find_data_folio+0x17f/0x3f0
[  586.004751][T16802]  ? __pfx_f2fs_get_read_data_folio+0x10/0x10
[  586.004791][T16802]  ? register_lock_class+0x41/0x4b0
[  586.004843][T16802]  ? srso_alias_return_thunk+0x5/0xfbef5
[  586.004894][T16802]  ? __filemap_get_folio_mpol+0x32f/0xc60
[  586.004967][T16802]  f2fs_find_data_folio+0x17f/0x3f0
[  586.005012][T16802]  f2fs_readdir+0x4d6/0xa90
[  586.005076][T16802]  ? __pfx_f2fs_readdir+0x10/0x10
[  586.005132][T16802]  ? srso_alias_return_thunk+0x5/0xfbef5
[  586.005181][T16802]  ? srso_alias_return_thunk+0x5/0xfbef5
[  586.005227][T16802]  ? down_read_killable+0x313/0x4c0
[  586.005282][T16802]  ? srso_alias_return_thunk+0x5/0xfbef5
[  586.005328][T16802]  ? common_file_perm+0x1b1/0x500
[  586.005394][T16802]  iterate_dir+0x296/0xaf0
[  586.005439][T16802]  __x64_sys_getdents+0x13c/0x2b0
[  586.005480][T16802]  ? __pfx___x64_sys_getdents+0x10/0x10
[  586.005518][T16802]  ? srso_alias_return_thunk+0x5/0xfbef5
[  586.005570][T16802]  ? __pfx_filldir+0x10/0x10
[  586.005625][T16802]  do_syscall_64+0xcd/0xf80
[  586.005670][T16802]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  586.005709][T16802] RIP: 0033:0x7f4554f8f749
[  586.005737][T16802] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  586.005776][T16802] RSP: 002b:00007f4555ec4038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[  586.005811][T16802] RAX: ffffffffffffffda RBX: 00007f45551e5fa0 RCX: 00007f4554f8f749
[  586.005838][T16802] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[  586.005861][T16802] RBP: 00007f4555013f91 R08: 0000000000000000 R09: 0000000000000000
[  586.005886][T16802] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  586.005918][T16802] R13: 00007f45551e6038 R14: 00007f45551e5fa0 R15: 00007ffe3f0b2b68
[  586.005970][T16802]  </TASK>
[  586.283112][ T7093] kworker/u8:20: attempt to access beyond end of device
[  586.283112][ T7093] loop4: rw=1, sector=1224, nr_sectors = 12 limit=256
[  586.412312][ T9630] usb 10-1: USB disconnect, device number 16
[  586.559868][T16825] loop7: detected capacity change from 0 to 32768
[  586.588837][T16825] XFS (loop7): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  586.643512][T16825] XFS (loop7): Ending clean mount
[  586.658863][T16825] XFS (loop7): Quotacheck needed: Please wait.
[  586.731701][T16825] XFS (loop7): Quotacheck: Done.
[  586.819281][T14660] XFS (loop7): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  587.167150][   T10] usb 5-1: new full-speed USB device number 35 using dummy_hcd
[  587.328092][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  587.339289][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  587.370988][   T10] usb 5-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  587.395567][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  587.442241][   T10] usb 5-1: config 0 descriptor??
[  587.735573][ T5937] usb 1-1: new high-speed USB device number 29 using dummy_hcd
[  587.884346][   T10] elan 0003:04F3:0755.0025: failed to start in urb: -90
[  587.905907][ T5937] usb 1-1: Using ep0 maxpacket: 32
[  587.927910][ T5937] usb 1-1: config index 0 descriptor too short (expected 156, got 27)
[  587.942340][   T10] elan 0003:04F3:0755.0025: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.4-1/input0
[  587.975655][ T5937] usb 1-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  588.019471][ T5937] usb 1-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  588.045621][ T5937] usb 1-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  588.085941][   T10] usb 5-1: USB disconnect, device number 35
[  588.094532][ T5937] usb 1-1: config 0 interface 0 has no altsetting 0
[  588.120333][ T5937] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  588.137635][ T5937] usb 1-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  588.155481][ T5937] usb 1-1: Product: syz
[  588.159655][ T5937] usb 1-1: Manufacturer: syz
[  588.164254][ T5937] usb 1-1: SerialNumber: syz
[  588.197207][T16882] loop7: detected capacity change from 0 to 256
[  588.206162][ T5937] usb 1-1: config 0 descriptor??
[  588.215365][ T5937] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  588.242459][ T5937] ldusb 1-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  588.478490][T11797] usb 1-1: USB disconnect, device number 29
[  588.504748][T11797] ldusb 1-1:0.0: LD USB Device #0 now disconnected
[  588.648515][T16888] loop7: detected capacity change from 0 to 256
[  588.665997][T16888] exfat: Deprecated parameter 'utf8'
[  588.679414][T16888] exfat: Deprecated parameter 'utf8'
[  588.886066][T15416] gfs2: fsid=syz:syz.0: warning: assertion "gfs2_log_is_empty(sdp)" failed - function = gfs2_make_fs_ro, file = fs/gfs2/super.c, line = 564
[  588.903705][T15416] CPU: 1 UID: 0 PID: 15416 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  588.903759][T15416] Tainted: [L]=SOFTLOCKUP
[  588.903773][T15416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  588.903796][T15416] Call Trace:
[  588.903808][T15416]  <TASK>
[  588.903822][T15416]  dump_stack_lvl+0x16c/0x1f0
[  588.903867][T15416]  gfs2_assert_warn_i+0x1e4/0x370
[  588.903914][T15416]  ? __pfx_gfs2_assert_warn_i+0x10/0x10
[  588.903954][T15416]  ? mark_held_locks+0x49/0x80
[  588.903998][T15416]  ? _raw_spin_unlock_irqrestore+0x52/0x80
[  588.904035][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  588.904088][T15416]  gfs2_make_fs_ro+0x25e/0x370
[  588.904139][T15416]  ? __pfx_gfs2_make_fs_ro+0x10/0x10
[  588.904191][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  588.904241][T15416]  ? __pfx_autoremove_wake_function+0x10/0x10
[  588.904286][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  588.904343][T15416]  gfs2_put_super+0x197/0x670
[  588.904397][T15416]  ? __pfx_gfs2_put_super+0x10/0x10
[  588.904450][T15416]  generic_shutdown_super+0x156/0x390
[  588.904514][T15416]  kill_block_super+0x3b/0x90
[  588.904572][T15416]  gfs2_kill_sb+0x4ab/0x590
[  588.904623][T15416]  deactivate_locked_super+0xc1/0x1a0
[  588.904661][T15416]  deactivate_super+0xde/0x100
[  588.904700][T15416]  cleanup_mnt+0x225/0x450
[  588.904747][T15416]  task_work_run+0x150/0x240
[  588.904798][T15416]  ? __pfx_task_work_run+0x10/0x10
[  588.904862][T15416]  exit_to_user_mode_loop+0xfb/0x540
[  588.904916][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  588.904968][T15416]  do_syscall_64+0x4ee/0xf80
[  588.905014][T15416]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  588.905052][T15416] RIP: 0033:0x7ff43cf90a77
[  588.905081][T15416] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  588.905118][T15416] RSP: 002b:00007ffdf57a4278 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  588.905156][T15416] RAX: 0000000000000000 RBX: 00007ff43d013d7d RCX: 00007ff43cf90a77
[  588.905182][T15416] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdf57a4330
[  588.905207][T15416] RBP: 00007ffdf57a4330 R08: 0000000000000000 R09: 0000000000000000
[  588.905231][T15416] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdf57a53c0
[  588.905256][T15416] R13: 00007ff43d013d7d R14: 000000000008e3be R15: 00007ffdf57a5400
[  588.905307][T15416]  </TASK>
[  592.033330][T16956] loop5: detected capacity change from 0 to 32768
[  592.153607][T16956] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  592.309631][T16956] XFS (loop5): Ending clean mount
[  592.348539][   T31] audit: type=1804 audit(2000000312.899:140): pid=16956 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.5.3779" name="/newroot/75/file0/file1" dev="loop5" ino=9286 res=1 errno=0
[  592.421682][T16986] netlink: 'syz.4.3789': attribute type 10 has an invalid length.
[  592.429667][T16986] netlink: 55 bytes leftover after parsing attributes in process `syz.4.3789'.
[  592.451499][T15551] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  592.602104][T16989] loop9: detected capacity change from 0 to 256
[  594.055201][T13497] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  594.209588][T13497] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  594.221517][T13497] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  594.313063][T17000] loop5: detected capacity change from 0 to 131072
[  594.321633][T17000] F2FS-fs (loop5): Test dummy encryption mode enabled
[  594.331278][T13497] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  594.344621][T17000] F2FS-fs (loop5): invalid crc value
[  594.350556][T13497] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  594.360026][T13497] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  594.373112][T13497] usb 4-1: config 0 descriptor??
[  594.457587][T17000] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  594.474687][T17000] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  594.520660][T17000] F2FS-fs (loop5): f2fs_fill_dentries: corrupted namelen=1025, run fsck to fix.
[  594.865693][T13497] plantronics 0003:047F:FFFF.0026: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  594.915722][ T6010] usb 5-1: new full-speed USB device number 36 using dummy_hcd
[  595.008358][T17029] netlink: 40 bytes leftover after parsing attributes in process `syz.7.3808'.
[  595.082170][ T6010] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  595.115333][ T6010] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  595.145133][ T6010] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  595.163073][ T6010] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  595.213512][ T5925] hid-generic 0000:0000:0000.0027: unknown main item tag 0x0
[  595.240864][ T5925] hid-generic 0000:0000:0000.0027: hidraw1: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  595.437939][ T6010] usb 5-1: usb_control_msg returned -32
[  595.458138][ T6010] usbtmc 5-1:16.0: can't read capabilities
[  595.582765][T17021] loop9: detected capacity change from 0 to 40427
[  595.610897][T17021] F2FS-fs: heap/no_heap options were deprecated
[  595.655436][T17021] F2FS-fs (loop9): build fault injection rate: 19
[  595.661872][T17021] F2FS-fs (loop9): build fault injection type: 0x3bfe8c
[  595.715866][T17021] F2FS-fs (loop9): invalid crc value
[  595.773068][T17021] F2FS-fs (loop9): inject page alloc in f2fs_grab_cache_folio of __f2fs_build_free_nids+0x207/0xfe0
[  595.870403][T17021] F2FS-fs (loop9): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_get_node_info+0xd42/0x11e0
[  595.889430][T17021] F2FS-fs (loop9): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  595.900949][T17021] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  596.028631][T17021] F2FS-fs (loop9): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_get_node_info+0xd42/0x11e0
[  596.064806][T17021] F2FS-fs (loop9): inject dquot initialize in f2fs_dquot_initialize of f2fs_new_inode+0x556/0x2750
[  596.157862][ T9534] syz-executor: attempt to access beyond end of device
[  596.157862][ T9534] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  596.195261][ T9534] CPU: 0 UID: 0 PID: 9534 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  596.195316][ T9534] Tainted: [L]=SOFTLOCKUP
[  596.195330][ T9534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  596.195353][ T9534] Call Trace:
[  596.195365][ T9534]  <TASK>
[  596.195379][ T9534]  dump_stack_lvl+0x16c/0x1f0
[  596.195426][ T9534]  f2fs_handle_critical_error+0x624/0x9f0
[  596.195490][ T9534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  596.195537][ T9534]  ? f2fs_build_fault_attr+0x53/0x1f0
[  596.195601][ T9534]  f2fs_write_end_io+0x958/0xcf0
[  596.195669][ T9534]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  596.195739][ T9534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  596.195796][ T9534]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  596.195858][ T9534]  bio_endio+0x751/0x8a0
[  596.195909][ T9534]  submit_bio_noacct+0x306/0x1f40
[  596.195977][ T9534]  __submit_merged_bio+0x33c/0x710
[  596.196046][ T9534]  __submit_merged_write_cond+0x319/0x3f0
[  596.196123][ T9534]  f2fs_write_cache_pages+0x2075/0x2570
[  596.196200][ T9534]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  596.196247][ T9534]  ? __lock_acquire+0x436/0x2890
[  596.196305][ T9534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  596.196350][ T9534]  ? __lock_acquire+0x436/0x2890
[  596.196415][ T9534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  596.196484][ T9534]  ? find_held_lock+0x2b/0x80
[  596.196587][ T9534]  ? mod_memcg_lruvec_state+0x381/0x5f0
[  596.196658][ T9534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  596.196712][ T9534]  f2fs_write_data_pages+0x4ad/0xd90
[  596.196767][ T9534]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  596.196809][ T9534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  596.196866][ T9534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  596.196923][ T9534]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  596.196971][ T9534]  do_writepages+0x27a/0x600
[  596.197020][ T9534]  ? __pfx_do_writepages+0x10/0x10
[  596.197059][ T9534]  ? do_raw_spin_unlock+0x172/0x230
[  596.197112][ T9534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  596.197156][ T9534]  ? _raw_spin_unlock+0x28/0x50
[  596.197221][ T9534]  filemap_writeback+0x225/0x2d0
[  596.197267][ T9534]  ? __pfx_filemap_writeback+0x10/0x10
[  596.197370][ T9534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  596.197414][ T9534]  ? find_held_lock+0x2b/0x80
[  596.197473][ T9534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  596.197531][ T9534]  f2fs_sync_dirty_inodes+0x2a2/0x960
[  596.197600][ T9534]  block_operations+0x2b0/0xfe0
[  596.197644][ T9534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  596.197690][ T9534]  ? lockdep_hardirqs_on+0x7c/0x110
[  596.197735][ T9534]  ? finish_task_switch.isra.0+0x8c3/0xbd0
[  596.197802][ T9534]  ? __pfx_block_operations+0x10/0x10
[  596.197846][ T9534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  596.197892][ T9534]  ? __schedule+0x10b9/0x6150
[  596.197991][ T9534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  596.198040][ T9534]  ? ktime_get+0x200/0x310
[  596.198082][ T9534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  596.198126][ T9534]  ? lockdep_hardirqs_on+0x7c/0x110
[  596.198166][ T9534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  596.198211][ T9534]  ? rcu_is_watching+0x12/0xc0
[  596.198253][ T9534]  f2fs_write_checkpoint+0x32b/0x5300
[  596.198303][ T9534]  ? __pfx_try_to_wake_up+0x10/0x10
[  596.198365][ T9534]  ? f2fs_stop_gc_thread+0x79/0xd0
[  596.198419][ T9534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  596.198461][ T9534]  ? rcu_is_watching+0x12/0xc0
[  596.198494][ T9534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  596.198538][ T9534]  ? kthread_stop+0x272/0x5d0
[  596.198587][ T9534]  kill_f2fs_super+0x3d6/0x490
[  596.198634][ T9534]  ? __pfx_kill_f2fs_super+0x10/0x10
[  596.198702][ T9534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  596.198767][ T9534]  deactivate_locked_super+0xc1/0x1a0
[  596.198807][ T9534]  deactivate_super+0xde/0x100
[  596.198847][ T9534]  cleanup_mnt+0x225/0x450
[  596.198896][ T9534]  task_work_run+0x150/0x240
[  596.198952][ T9534]  ? __pfx_task_work_run+0x10/0x10
[  596.199019][ T9534]  exit_to_user_mode_loop+0xfb/0x540
[  596.199075][ T9534]  ? srso_alias_return_thunk+0x5/0xfbef5
[  596.199128][ T9534]  do_syscall_64+0x4ee/0xf80
[  596.199173][ T9534]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  596.199212][ T9534] RIP: 0033:0x7f24a2f90a77
[  596.199241][ T9534] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  596.199277][ T9534] RSP: 002b:00007ffe2beb2998 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  596.199312][ T9534] RAX: 0000000000000000 RBX: 00007f24a3013d7d RCX: 00007f24a2f90a77
[  596.199337][ T9534] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe2beb2a50
[  596.199361][ T9534] RBP: 00007ffe2beb2a50 R08: 0000000000000000 R09: 0000000000000000
[  596.199386][ T9534] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe2beb3ae0
[  596.199411][ T9534] R13: 00007f24a3013d7d R14: 0000000000091882 R15: 00007ffe2beb3b20
[  596.199467][ T9534]  </TASK>
[  596.225089][ T9534] F2FS-fs (loop9): Stopped filesystem due to reason: 3
[  596.582193][T17051] syzkaller1: entered promiscuous mode
[  596.749702][T17051] syzkaller1: entered allmulticast mode
[  596.937489][ T5937] usb 4-1: USB disconnect, device number 12
[  597.635329][T17085] netlink: 830 bytes leftover after parsing attributes in process `syz.3.3824'.
[  597.689700][ T9630] usb 5-1: USB disconnect, device number 36
[  597.736026][T17085] netlink: 830 bytes leftover after parsing attributes in process `syz.3.3824'.
[  598.826766][T17125] lo speed is unknown, defaulting to 1000
[  598.998151][T17128] lo speed is unknown, defaulting to 1000
[  599.281996][T17139] loop9: detected capacity change from 0 to 2048
[  599.331565][T17146] loop3: detected capacity change from 0 to 128
[  599.382369][T17146] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  599.411447][T17151] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  599.422532][T17146] ext4 filesystem being mounted at /87/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  599.538968][T15416] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  599.785038][T17156] lo speed is unknown, defaulting to 1000
[  599.994904][T11797] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[  600.111573][T17175] loop7: detected capacity change from 0 to 164
[  600.118921][T17175] iso9660: Unknown parameter 'moäe'
[  600.165101][T11797] usb 1-1: Using ep0 maxpacket: 8
[  600.179732][T11797] usb 1-1: config 1 interface 0 altsetting 16 bulk endpoint 0x1 has invalid maxpacket 64
[  600.206778][T17178] vcan0: tx drop: invalid da for name 0x0000000000000010
[  600.245377][T11797] usb 1-1: config 1 interface 0 has no altsetting 0
[  600.268013][T11797] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  600.293118][T11797] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  600.309698][T11797] usb 1-1: Product: syz
[  600.314631][T11797] usb 1-1: Manufacturer: syz
[  600.320358][T11797] usb 1-1: SerialNumber: syz
[  600.330616][T17159] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  600.623308][T11797] usb 1-1: USB disconnect, device number 30
[  600.665044][T17183] lo speed is unknown, defaulting to 1000
[  600.731638][T17188] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3864'.
[  600.882850][T17184] lo speed is unknown, defaulting to 1000
[  601.045215][ T5143] Bluetooth: hci2: command 0x0406 tx timeout
[  601.773524][T17217] loop9: detected capacity change from 0 to 1024
[  601.814515][   T31] audit: type=1800 audit(2000000322.360:141): pid=17217 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.3871" name="file1" dev="loop9" ino=20 res=0 errno=0
[  601.846246][ T6010] usb 1-1: new full-speed USB device number 31 using dummy_hcd
[  602.028146][ T6010] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  602.059191][ T6010] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 127, setting to 64
[  602.083445][ T6010] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  602.095268][T17223] gre0: entered promiscuous mode
[  602.106213][T17223] gre0: entered allmulticast mode
[  602.114274][ T6010] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  602.142493][T17213] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  602.152444][T17213] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  602.206042][ T6010] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  602.281165][ T5937] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  602.461233][ T5937] usb 6-1: config index 0 descriptor too short (expected 23569, got 27)
[  602.461372][   T24] usb 1-1: USB disconnect, device number 31
[  602.494737][ T5937] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  602.543481][ T5937] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  602.569692][ T5937] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  602.585845][ T5937] usb 6-1: Manufacturer: syz
[  602.601426][T17238] loop4: detected capacity change from 0 to 512
[  602.610434][ T5937] usb 6-1: config 0 descriptor??
[  602.627376][T17238] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  602.686208][T17238] EXT4-fs error (device loop4): __ext4_iget:5426: inode #11: block 524312: comm syz.4.3884: invalid block
[  602.700016][T17238] EXT4-fs error (device loop4): ext4_orphan_get:1394: comm syz.4.3884: couldn't read orphan inode 11 (err -117)
[  602.713138][ T5937] rc_core: IR keymap rc-hauppauge not found
[  602.723222][ T5937] Registered IR keymap rc-empty
[  602.729568][ T5937] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0
[  602.730224][T17238] EXT4-fs (loop4): 1 truncate cleaned up
[  602.741921][ T5937] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input53
[  602.764053][T17220] loop3: detected capacity change from 0 to 32768
[  602.780292][T17220] 
[  602.780292][T17220]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  602.780292][T17220] 
[  602.796825][T17238] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  602.826728][    C0] igorplugusb 6-1:0.0: Error: urb status = -32
[  602.836976][ T5937] usb 6-1: USB disconnect, device number 18
[  602.861572][T17238] EXT4-fs error (device loop4): ext4_check_dx_root:2200: inode #2: comm syz.4.3884: Corrupt dir, invalid name_len for '.', running e2fsck is recommended
[  602.879036][T17220] read_mapping_page failed!
[  602.883533][T17220] ERROR: (device loop3): txAbort: 
[  602.883533][T17220] 
[  602.949196][ T5823] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  602.967910][T15416] 
[  602.967910][T15416]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  602.967910][T15416] 
[  602.988285][T15416] 
[  602.988285][T15416]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  602.988285][T15416] 
[  603.093167][T17250] netlink: 40 bytes leftover after parsing attributes in process `syz.9.3889'.
[  603.123861][T17250] netlink: 40 bytes leftover after parsing attributes in process `syz.9.3889'.
[  603.169638][T17252] loop4: detected capacity change from 0 to 128
[  603.189683][T17252] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  603.215966][T17252] ext4 filesystem being mounted at /682/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  603.309536][T17256] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  603.358230][ T5823] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  603.990749][T17283] loop5: detected capacity change from 0 to 4096
[  604.020590][T17283] NILFS (loop5): invalid segment: Checksum error in segment payload
[  604.020649][T17283] NILFS (loop5): trying rollback from an earlier position
[  604.044722][T11797] usb 1-1: new high-speed USB device number 32 using dummy_hcd
[  604.065933][T17283] NILFS (loop5): recovery complete
[  604.068259][T17286] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  604.210422][T11797] usb 1-1: config index 0 descriptor too short (expected 23569, got 27)
[  604.237318][T11797] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  604.269230][T11797] usb 1-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  604.288402][T11797] usb 1-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  604.308330][T11797] usb 1-1: Manufacturer: syz
[  604.334256][T11797] usb 1-1: config 0 descriptor??
[  604.407781][ T5918] usb 10-1: new high-speed USB device number 17 using dummy_hcd
[  604.514575][T11797] rc_core: IR keymap rc-hauppauge not found
[  604.529028][T11797] Registered IR keymap rc-empty
[  604.545723][T11797] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0
[  604.574973][ T5918] usb 10-1: Using ep0 maxpacket: 16
[  604.586621][T11797] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/rc/rc0/input54
[  604.617059][ T5918] usb 10-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  604.630334][ T5918] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  604.652936][ T5918] usb 10-1: Product: syz
[  604.661314][ T5918] usb 10-1: Manufacturer: syz
[  604.666830][ T5918] usb 10-1: SerialNumber: syz
[  604.689299][ T5918] usb 10-1: config 0 descriptor??
[  604.710340][ T5918] ftdi_sio 10-1:0.0: FTDI USB Serial Device converter detected
[  604.730318][ T5918] usb 10-1: Detected FT232H
[  604.832130][T17277] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  604.841713][T17277] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  604.852455][ T6010] usb 1-1: USB disconnect, device number 32
[  604.941934][ T5918] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  605.365700][ T5918] usb 10-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  605.555559][T17321] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  605.640556][T13497] usb 10-1: USB disconnect, device number 17
[  605.679314][T13497] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  605.706638][T13497] ftdi_sio 10-1:0.0: device disconnected
[  605.869425][T17329] netlink: 20 bytes leftover after parsing attributes in process `syz.4.3920'.
[  606.414613][ T5937] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  606.433110][T17343] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3927'.
[  606.469032][T17343] netlink: 16 bytes leftover after parsing attributes in process `syz.7.3927'.
[  606.580041][ T5937] usb 4-1: New USB device found, idVendor=2304, idProduct=023e, bcdDevice=d7.69
[  606.602283][ T5937] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  606.620903][ T5937] usb 4-1: Product: syz
[  606.638628][ T5937] usb 4-1: Manufacturer: syz
[  606.643395][ T5937] usb 4-1: SerialNumber: syz
[  606.653154][ T5937] usb 4-1: config 0 descriptor??
[  606.666794][ T5937] hub 4-1:0.0: bad descriptor, ignoring hub
[  606.683013][ T5937] hub 4-1:0.0: probe with driver hub failed with error -5
[  606.884770][ T5937] dvb-usb: found a 'Pinnacle PCTV Hybrid Stick Solo' in warm state.
[  606.915489][ T5937] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  606.945235][ T5937] dvbdev: DVB: registering new adapter (Pinnacle PCTV Hybrid Stick Solo)
[  606.953697][ T5937] usb 4-1: media controller created
[  607.038223][ T5937] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  607.147306][T17360] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3934'.
[  607.184486][T17360] netlink: 60 bytes leftover after parsing attributes in process `syz.5.3934'.
[  607.363132][ T5937] DVB: Unable to find symbol dib7000p_attach()
[  607.390104][ T5937] dvb-usb: no frontend was attached by 'Pinnacle PCTV Hybrid Stick Solo'
[  607.408003][T17345] loop9: detected capacity change from 0 to 32768
[  607.436032][T17345] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.3928 (17345)
[  607.445415][T17365] i2c i2c-1: Invalid block size returned: 52
[  607.505157][T17345] BTRFS info (device loop9): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  607.523932][T17368] netlink: 20 bytes leftover after parsing attributes in process `syz.5.3935'.
[  607.544548][ T5937] rc_core: IR keymap rc-dib0700-rc5 not found
[  607.545158][T17345] BTRFS info (device loop9): using sha256 (sha256-lib) checksum algorithm
[  607.556287][ T5937] Registered IR keymap rc-empty
[  607.579322][ T5937] dvb-usb: could not initialize remote control.
[  607.618687][ T5937] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully initialized and connected.
[  607.630543][T17366] team0: Port device team_slave_0 removed
[  607.649575][    C0] raw-gadget.0 gadget.3: ignoring, device is not running
[  607.686060][ T5937] usb 4-1: USB disconnect, device number 13
[  607.729238][T17345] BTRFS info (device loop9): rebuilding free space tree
[  607.741704][ T5937] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully deinitialized and disconnected.
[  607.797286][T17345] BTRFS info (device loop9): disabling free space tree
[  607.839208][T17345] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  607.886711][T17345] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  607.928983][T17345] BTRFS info (device loop9): setting nodatasum
[  607.968350][T17387] loop4: detected capacity change from 0 to 4096
[  607.974405][T17345] BTRFS info (device loop9): setting nodatacow
[  607.980961][T17345] BTRFS info (device loop9): turning off barriers
[  607.989168][T17389] netlink: 'syz.7.3939': attribute type 1 has an invalid length.
[  608.014400][T17345] BTRFS info (device loop9): force clearing of disk cache
[  608.036518][T17387] NILFS (loop4): invalid segment: Checksum error in segment payload
[  608.074529][T17389] netlink: 'syz.7.3939': attribute type 2 has an invalid length.
[  608.074652][T17387] NILFS (loop4): trying rollback from an earlier position
[  608.131803][T17392] netlink: 'syz.7.3939': attribute type 1 has an invalid length.
[  608.150908][T17393] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.3941'.
[  608.165357][T17392] netlink: 'syz.7.3939': attribute type 2 has an invalid length.
[  608.200653][T17394] loop5: detected capacity change from 0 to 2048
[  608.210695][T17387] NILFS (loop4): recovery complete
[  608.250375][T17395] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  608.319577][T17394] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  608.359793][T17394] EXT4-fs (loop5): shut down requested (2)
[  608.445565][ T9534] BTRFS info (device loop9): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  608.456742][T15551] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  608.538806][   T24] IPVS: starting estimator thread 0...
[  608.664468][T17403] IPVS: using max 22 ests per chain, 52800 per kthread
[  608.701714][T17406] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  609.684566][T17429] loop5: detected capacity change from 0 to 512
[  610.324584][T17195] Bluetooth: hci3: command 0x0406 tx timeout
[  611.408196][T17457] netlink: 'syz.3.3968': attribute type 1 has an invalid length.
[  611.438237][T17457] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  611.445521][T17457] IPv6: NLM_F_CREATE should be set when creating new route
[  611.452763][T17457] IPv6: NLM_F_CREATE should be set when creating new route
[  611.459368][T17464] netlink: 'syz.3.3968': attribute type 1 has an invalid length.
[  611.478559][T17464] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  611.484226][T13497] usb 10-1: new high-speed USB device number 18 using dummy_hcd
[  611.664249][T13497] usb 10-1: Using ep0 maxpacket: 32
[  611.683494][T13497] usb 10-1: New USB device found, idVendor=0fd9, idProduct=0021, bcdDevice=29.40
[  611.703467][T13497] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  611.730706][T13497] usb 10-1: config 0 descriptor??
[  611.804454][ T6010] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  611.946931][T13497] dvb-usb: found a 'Elgato EyeTV DTT' in warm state.
[  611.983031][ T6010] usb 6-1: Using ep0 maxpacket: 16
[  611.985455][T13497] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  611.996612][ T6010] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  612.033662][T13497] dvbdev: DVB: registering new adapter (Elgato EyeTV DTT)
[  612.035561][ T6010] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  612.065690][T13497] usb 10-1: media controller created
[  612.070337][ T6010] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  612.114481][ T6010] usb 6-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  612.128488][ T6010] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  612.141276][T13497] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  612.199743][ T6010] usb 6-1: config 0 descriptor??
[  612.357372][T13497] DVB: Unable to find symbol dib7000p_attach()
[  612.363544][T13497] dvb-usb: no frontend was attached by 'Elgato EyeTV DTT'
[  612.604329][T13497] rc_core: IR keymap rc-dib0700-rc5 not found
[  612.610649][T13497] Registered IR keymap rc-empty
[  612.616338][T13497] dvb-usb: could not initialize remote control.
[  612.622756][T13497] dvb-usb: Elgato EyeTV DTT successfully initialized and connected.
[  612.637275][T13497] usb 10-1: USB disconnect, device number 18
[  612.688312][T13497] dvb-usb: Elgato EyeTV DTT successfully deinitialized and disconnected.
[  612.688312][ T6010] input: HID 0955:7214 Haptics as /devices/virtual/input/input57
[  612.731972][ T6010] shield 0003:0955:7214.0028: Registered Thunderstrike controller
[  612.761390][ T6010] shield 0003:0955:7214.0028: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.5-1/input0
[  612.804176][T14615] usb 5-1: new high-speed USB device number 37 using dummy_hcd
[  612.949854][ T5940] shield 0003:0955:7214.0028: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  612.950371][T13497] usb 6-1: USB disconnect, device number 19
[  612.970333][T14615] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  612.975769][ T5940] shield 0003:0955:7214.0028: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  612.996435][T14615] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  613.037285][T14615] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  613.039250][ T5940] shield 0003:0955:7214.0028: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  613.060898][T14615] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  613.090729][ T5940] shield 0003:0955:7214.0028: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  613.101308][T14615] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  613.136753][T14615] usb 5-1: config 0 descriptor??
[  613.464214][T13497] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  613.577164][T14615] plantronics 0003:047F:FFFF.0029: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  613.614124][T13497] usb 4-1: Using ep0 maxpacket: 16
[  613.622250][T13497] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  613.637167][T13497] usb 4-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  613.646389][T13497] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  613.655965][T13497] usb 4-1: Product: syz
[  613.660208][T13497] usb 4-1: Manufacturer: syz
[  613.666653][T13497] usb 4-1: SerialNumber: syz
[  613.676976][T13497] usb 4-1: config 0 descriptor??
[  613.685668][T13497] hub 4-1:0.0: bad descriptor, ignoring hub
[  613.691672][T13497] hub 4-1:0.0: probe with driver hub failed with error -5
[  613.703618][T13497] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input58
[  614.065537][T14615] usb 4-1: USB disconnect, device number 14
[  614.627029][T17538] loop9: detected capacity change from 0 to 64
[  614.895279][T17542] loop3: detected capacity change from 0 to 4096
[  614.941086][T17554] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  615.394116][ T5918] usb 1-1: new full-speed USB device number 33 using dummy_hcd
[  615.493353][T17564] loop7: detected capacity change from 0 to 1024
[  615.505469][T17564] EXT4-fs: Ignoring removed bh option
[  615.512260][T17564] EXT4-fs: inline encryption not supported
[  615.520638][T17564] EXT4-fs (loop7): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  615.552375][T17564] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  615.556369][ T5918] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  615.580774][T17564] EXT4-fs error (device loop7): ext4_map_blocks:783: inode #3: block 2: comm syz.7.4013: lblock 2 mapped to illegal pblock 2 (length 1)
[  615.594029][ T5918] usb 1-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  615.596497][ T6010] usb 5-1: USB disconnect, device number 37
[  615.606645][T17564] Quota error (device loop7): qtree_write_dquot: dquota write failed
[  615.624445][T17564] EXT4-fs error (device loop7): ext4_map_blocks:783: inode #3: block 48: comm syz.7.4013: lblock 0 mapped to illegal pblock 48 (length 1)
[  615.625438][ T5918] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  615.662505][T17564] Quota error (device loop7): v2_write_file_info: Can't write info structure
[  615.700478][T17564] EXT4-fs error (device loop7): ext4_acquire_dquot:6984: comm syz.7.4013: Failed to acquire dquot type 0
[  615.736343][ T5918] usb 1-1: config 0 descriptor??
[  615.746258][T17564] EXT4-fs error (device loop7) in ext4_reserve_inode_write:6298: Corrupt filesystem
[  615.768818][T17557] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  615.790040][T17564] EXT4-fs error (device loop7): ext4_evict_inode:253: inode #11: comm syz.7.4013: mark_inode_dirty error
[  615.835434][T17564] EXT4-fs warning (device loop7): ext4_evict_inode:255: couldn't mark inode dirty (err -117)
[  615.864675][T17559] loop3: detected capacity change from 0 to 32768
[  615.872867][T17564] EXT4-fs (loop7): 1 orphan inode deleted
[  615.882480][T17564] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  615.923765][   T12] EXT4-fs error (device loop7): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:0: lblock 1 mapped to illegal pblock 1 (length 1)
[  615.942489][   T31] audit: type=1800 audit(2000000336.490:142): pid=17559 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.4010" name="file1" dev="loop3" ino=7 res=0 errno=0
[  615.965250][   T12] Quota error (device loop7): remove_tree: Can't read quota data block 1
[  615.973996][   T12] EXT4-fs error (device loop7): ext4_release_dquot:7020: comm kworker/u8:0: Failed to release dquot type 0
[  615.986638][T17564] EXT4-fs error (device loop7): ext4_map_blocks:783: inode #3: block 1: comm syz.7.4013: lblock 1 mapped to illegal pblock 1 (length 1)
[  616.052845][T17564] Quota error (device loop7): find_tree_dqentry: Can't read quota tree block 1
[  616.079014][T17564] Quota error (device loop7): qtree_read_dquot: Can't read quota structure for id 980643439
[  616.109730][T17564] EXT4-fs error (device loop7): ext4_acquire_dquot:6984: comm syz.7.4013: Failed to acquire dquot type 0
[  616.212488][T14660] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  616.229424][T15648] EXT4-fs error (device loop7): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:23: lblock 1 mapped to illegal pblock 1 (length 1)
[  616.255893][ T5918] elan 0003:04F3:0755.002A: hidraw0: USB HID v1.01 Device [HID 04f3:0755] on usb-dummy_hcd.0-1/input0
[  616.260316][T15648] Quota error (device loop7): remove_tree: Can't read quota data block 1
[  616.277010][T15648] EXT4-fs error (device loop7): ext4_release_dquot:7020: comm kworker/u8:23: Failed to release dquot type 0
[  616.307822][T14660] EXT4-fs error (device loop7): __ext4_get_inode_loc:4829: comm syz-executor: Invalid inode table block 1 in block_group 0
[  616.324234][T17580] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4018'.
[  616.345636][T17580] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4018'.
[  616.358068][T14660] EXT4-fs error (device loop7) in ext4_reserve_inode_write:6298: Corrupt filesystem
[  616.374184][T14660] EXT4-fs error (device loop7): ext4_quota_off:7270: inode #3: comm syz-executor: mark_inode_dirty error
[  616.394028][ T5925] usb 5-1: new high-speed USB device number 38 using dummy_hcd
[  616.506749][ T5918] usb 1-1: USB disconnect, device number 33
[  616.564017][ T5925] usb 5-1: Using ep0 maxpacket: 8
[  616.571292][ T5925] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  616.585584][ T5925] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  616.607228][T17585] overlayfs: failed to decode file handle (len=6, type=0, flags=0, err=-22)
[  616.626119][ T5925] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  616.664065][ T5925] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  616.706589][ T5925] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  616.739714][ T5925] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  616.774585][T17590] loop7: detected capacity change from 0 to 512
[  616.819156][T17590] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  616.927599][T17590] syz.7.4024 (pid 17590) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  616.969436][ T5925] usb 5-1: GET_CAPABILITIES returned 0
[  616.984340][ T5925] usbtmc 5-1:16.0: can't read capabilities
[  617.078572][T14660] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  617.175094][ T6010] usb 5-1: USB disconnect, device number 38
[  617.221211][T17605] loop3: detected capacity change from 0 to 2048
[  617.243928][T17605] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  617.304135][T17613] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4044'.
[  617.318887][T17613] netlink: 'syz.9.4044': attribute type 30 has an invalid length.
[  617.342335][T17611] loop5: detected capacity change from 0 to 1024
[  617.353645][ T3452] netdevsim netdevsim9 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  617.368586][T17613] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4044'.
[  617.378192][T17611] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  617.378639][ T3452] netdevsim netdevsim9 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  617.378711][ T3452] netdevsim netdevsim9 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  617.378773][ T3452] netdevsim netdevsim9 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  617.417022][T17615] loop7: detected capacity change from 0 to 128
[  617.435321][T17613] netlink: 'syz.9.4044': attribute type 30 has an invalid length.
[  617.446495][ T5991] usb 1-1: new high-speed USB device number 34 using dummy_hcd
[  617.458733][T17611] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  617.469712][T17611] EXT4-fs (loop5): orphan cleanup on readonly fs
[  617.477653][T17611] EXT4-fs error (device loop5): ext4_free_blocks:6727: comm syz.5.4032: Freeing blocks not in datazone - block = 0, count = 4096
[  617.491805][T17611] EXT4-fs (loop5): 1 orphan inode deleted
[  617.499794][T17611] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  617.613870][ T5991] usb 1-1: Using ep0 maxpacket: 16
[  617.621597][ T5991] usb 1-1: New USB device found, idVendor=2001, idProduct=4002, bcdDevice=df.bf
[  617.631017][ T5991] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  617.643139][ T5991] usb 1-1: config 0 descriptor??
[  617.807167][T15551] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  618.234513][ T6010] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  618.262336][T17637] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[  618.383941][ T6010] usb 6-1: Using ep0 maxpacket: 16
[  618.395977][ T6010] usb 6-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  618.415332][ T6010] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  618.433542][ T6010] usb 6-1: Product: syz
[  618.443640][ T6010] usb 6-1: Manufacturer: syz
[  618.449935][ T5940] usb 5-1: new high-speed USB device number 39 using dummy_hcd
[  618.454760][T17640] syzkaller1: entered promiscuous mode
[  618.463993][ T6010] usb 6-1: SerialNumber: syz
[  618.473335][T17642] loop7: detected capacity change from 0 to 128
[  618.480836][T17640] syzkaller1: entered allmulticast mode
[  618.481643][ T6010] usb 6-1: config 0 descriptor??
[  618.497719][T17642] UDF-fs: error (device loop7): udf_read_tagged: read failed, block=256, location=256
[  618.518802][T17642] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  618.624001][ T5940] usb 5-1: Using ep0 maxpacket: 16
[  618.635485][ T5940] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  618.661055][ T5940] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  618.675355][ T5991] pegasus 1-1:0.0: probe with driver pegasus failed with error -71
[  618.695273][ T5940] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  618.709467][ T5991] usb 1-1: USB disconnect, device number 34
[  618.732378][ T5940] usb 5-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  618.743628][ T5940] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  618.756831][ T5940] usb 5-1: config 0 descriptor??
[  618.760073][T17648] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  618.926118][ T6010] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[  618.948842][ T6010] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  618.979643][ T6010] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[  619.000369][ T6010] usb 6-1: media controller created
[  619.039355][ T6010] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  619.243059][ T5940] input: HID 0955:7214 Haptics as /devices/virtual/input/input59
[  619.312421][ T5940] shield 0003:0955:7214.002B: Registered Thunderstrike controller
[  619.335403][ T5940] shield 0003:0955:7214.002B: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.4-1/input0
[  619.354108][T17665] loop7: detected capacity change from 0 to 1024
[  619.415400][   T10] shield 0003:0955:7214.002B: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  619.430561][ T5940] usb 5-1: USB disconnect, device number 39
[  619.436723][   T10] shield 0003:0955:7214.002B: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  619.459808][   T10] shield 0003:0955:7214.002B: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  619.471379][   T10] shield 0003:0955:7214.002B: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  619.604158][T17630] dtv5100: wlen = 0, aborting.
[  619.610683][ T6010] zl10353_read_register: readreg error (reg=127, ret==0)
[  619.638369][ T6010] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[  619.653698][ T6010] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[  619.675664][ T6010] usb 6-1: USB disconnect, device number 20
[  619.748609][ T6010] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[  620.251079][T17662] loop3: detected capacity change from 0 to 40427
[  620.264610][T17666] loop9: detected capacity change from 0 to 32768
[  620.286184][T17662] F2FS-fs (loop3): invalid crc value
[  620.387787][T17682] loop5: detected capacity change from 0 to 2048
[  620.449152][T17685] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  620.560063][T17662] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  620.611792][T17662] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  620.700772][  T110] ==================================================================
[  620.708850][  T110] BUG: KASAN: slab-use-after-free in jfs_lazycommit+0xa46/0xb30
[  620.716515][  T110] Read of size 4 at addr ffff888057ab7094 by task jfsCommit/110
[  620.724148][  T110] 
[  620.726477][  T110] CPU: 0 UID: 0 PID: 110 Comm: jfsCommit Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  620.726531][  T110] Tainted: [L]=SOFTLOCKUP
[  620.726545][  T110] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  620.726567][  T110] Call Trace:
[  620.726580][  T110]  <TASK>
[  620.726594][  T110]  dump_stack_lvl+0x116/0x1f0
[  620.726636][  T110]  print_report+0xcd/0x630
[  620.726674][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[  620.726720][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[  620.726765][  T110]  ? __phys_addr+0xe8/0x180
[  620.726802][  T110]  ? jfs_lazycommit+0xa46/0xb30
[  620.726846][  T110]  kasan_report+0xe0/0x110
[  620.726887][  T110]  ? jfs_lazycommit+0xa46/0xb30
[  620.726942][  T110]  jfs_lazycommit+0xa46/0xb30
[  620.726993][  T110]  ? __pfx_jfs_lazycommit+0x10/0x10
[  620.727040][  T110]  ? __pfx_default_wake_function+0x10/0x10
[  620.727102][  T110]  ? lockdep_hardirqs_on+0x7c/0x110
[  620.727143][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[  620.727189][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[  620.727233][  T110]  ? __kthread_parkme+0x19e/0x250
[  620.727270][  T110]  ? __pfx_jfs_lazycommit+0x10/0x10
[  620.727315][  T110]  kthread+0x3c5/0x780
[  620.727358][  T110]  ? __pfx_kthread+0x10/0x10
[  620.727403][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[  620.727448][  T110]  ? rcu_is_watching+0x12/0xc0
[  620.727480][  T110]  ? __pfx_kthread+0x10/0x10
[  620.727525][  T110]  ret_from_fork+0x983/0xb10
[  620.727566][  T110]  ? __pfx_ret_from_fork+0x10/0x10
[  620.727608][  T110]  ? srso_alias_return_thunk+0x5/0xfbef5
[  620.727653][  T110]  ? __switch_to+0x7af/0x10d0
[  620.727714][  T110]  ? __pfx_kthread+0x10/0x10
[  620.727759][  T110]  ret_from_fork_asm+0x1a/0x30
[  620.727829][  T110]  </TASK>
[  620.727842][  T110] 
[  620.897843][  T110] Allocated by task 17666:
[  620.902250][  T110]  kasan_save_stack+0x33/0x60
[  620.906933][  T110]  kasan_save_track+0x14/0x30
[  620.911608][  T110]  __kasan_kmalloc+0xaa/0xb0
[  620.916195][  T110]  jfs_fill_super+0xca/0x1040
[  620.920892][  T110]  get_tree_bdev_flags+0x38c/0x620
[  620.926008][  T110]  vfs_get_tree+0x8e/0x330
[  620.930443][  T110]  path_mount+0x7bf/0x23a0
[  620.934874][  T110]  __x64_sys_mount+0x293/0x310
[  620.939657][  T110]  do_syscall_64+0xcd/0xf80
[  620.944165][  T110]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  620.950059][  T110] 
[  620.952368][  T110] Freed by task 9534:
[  620.956335][  T110]  kasan_save_stack+0x33/0x60
[  620.961009][  T110]  kasan_save_track+0x14/0x30
[  620.965683][  T110]  kasan_save_free_info+0x3b/0x60
[  620.970726][  T110]  __kasan_slab_free+0x5f/0x80
[  620.975489][  T110]  kfree+0x2f8/0x6e0
[  620.979395][  T110]  generic_shutdown_super+0x156/0x390
[  620.984788][  T110]  kill_block_super+0x3b/0x90
[  620.989482][  T110]  deactivate_locked_super+0xc1/0x1a0
[  620.994854][  T110]  deactivate_super+0xde/0x100
[  620.999616][  T110]  cleanup_mnt+0x225/0x450
[  621.004039][  T110]  task_work_run+0x150/0x240
[  621.008639][  T110]  exit_to_user_mode_loop+0xfb/0x540
[  621.013937][  T110]  do_syscall_64+0x4ee/0xf80
[  621.018533][  T110]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  621.024430][  T110] 
[  621.026747][  T110] The buggy address belongs to the object at ffff888057ab7000
[  621.026747][  T110]  which belongs to the cache kmalloc-256 of size 256
[  621.040796][  T110] The buggy address is located 148 bytes inside of
[  621.040796][  T110]  freed 256-byte region [ffff888057ab7000, ffff888057ab7100)
[  621.054595][  T110] 
[  621.056910][  T110] The buggy address belongs to the physical page:
[  621.063305][  T110] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x57ab6
[  621.072060][  T110] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  621.080556][  T110] anon flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  621.088534][  T110] page_type: f5(slab)
[  621.092515][  T110] raw: 00fff00000000040 ffff88813ff26b40 0000000000000000 dead000000000001
[  621.101099][  T110] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  621.109688][  T110] head: 00fff00000000040 ffff88813ff26b40 0000000000000000 dead000000000001
[  621.118359][  T110] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  621.127031][  T110] head: 00fff00000000001 ffffea00015ead81 00000000ffffffff 00000000ffffffff
[  621.135703][  T110] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002
[  621.144364][  T110] page dumped because: kasan: bad access detected
[  621.150766][  T110] page_owner tracks the page as allocated
[  621.156466][  T110] page last allocated via order 1, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 9534, tgid 9534 (syz-executor), ts 284401364426, free_ts 281561183768
[  621.178018][  T110]  post_alloc_hook+0x1af/0x220
[  621.182800][  T110]  get_page_from_freelist+0xd0b/0x31a0
[  621.188285][  T110]  __alloc_frozen_pages_noprof+0x25f/0x2430
[  621.194227][  T110]  alloc_pages_mpol+0x1fb/0x550
[  621.199083][  T110]  new_slab+0x2c3/0x430
[  621.203247][  T110]  ___slab_alloc+0xe18/0x1c90
[  621.207938][  T110]  __slab_alloc.constprop.0+0x63/0x110
[  621.213410][  T110]  __kmalloc_noprof+0x4fc/0x910
[  621.218272][  T110]  fib_create_info+0x53f/0x4680
[  621.223141][  T110]  fib_table_insert+0x177/0x1c60
[  621.228078][  T110]  fib_magic+0x4d4/0x5c0
[  621.232327][  T110]  fib_add_ifaddr+0x16d/0x580
[  621.237013][  T110]  fib_netdev_event+0x38a/0x710
[  621.241875][  T110]  notifier_call_chain+0xbc/0x3e0
[  621.246913][  T110]  call_netdevice_notifiers_info+0xbe/0x110
[  621.252817][  T110]  __dev_notify_flags+0x12c/0x2e0
[  621.257863][  T110] page last free pid 5991 tgid 5991 stack trace:
[  621.264184][  T110]  __free_frozen_pages+0x7df/0x1170
[  621.269392][  T110]  qlist_free_all+0x4c/0xf0
[  621.273918][  T110]  kasan_quarantine_reduce+0x195/0x1e0
[  621.279398][  T110]  __kasan_slab_alloc+0x69/0x90
[  621.284247][  T110]  __kmalloc_cache_noprof+0x282/0x800
[  621.289635][  T110]  nsim_fib_event_work+0xea7/0x65f0
[  621.294852][  T110]  process_one_work+0x9ba/0x1b20
[  621.299806][  T110]  worker_thread+0x6c8/0xf10
[  621.304405][  T110]  kthread+0x3c5/0x780
[  621.308478][  T110]  ret_from_fork+0x983/0xb10
[  621.313070][  T110]  ret_from_fork_asm+0x1a/0x30
[  621.317857][  T110] 
[  621.320166][  T110] Memory state around the buggy address:
[  621.325786][  T110]  ffff888057ab6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  621.333845][  T110]  ffff888057ab7000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  621.341906][  T110] >ffff888057ab7080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  621.349959][  T110]                          ^
[  621.354538][  T110]  ffff888057ab7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  621.362593][  T110]  ffff888057ab7180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  621.370640][  T110] ==================================================================
[  621.378687][  T110] Disabling lock debugging due to kernel taint
[  621.436712][T15416] syz-executor: attempt to access beyond end of device
[  621.436712][T15416] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  621.453686][T15416] CPU: 0 UID: 0 PID: 15416 Comm: syz-executor Tainted: G    B        L      syzkaller #0 PREEMPT(full) 
[  621.453745][T15416] Tainted: [B]=BAD_PAGE, [L]=SOFTLOCKUP
[  621.453761][T15416] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  621.453784][T15416] Call Trace:
[  621.453795][T15416]  <TASK>
[  621.453809][T15416]  dump_stack_lvl+0x16c/0x1f0
[  621.453852][T15416]  f2fs_handle_critical_error+0x624/0x9f0
[  621.453919][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  621.453965][T15416]  ? f2fs_build_fault_attr+0x53/0x1f0
[  621.454020][T15416]  f2fs_write_end_io+0x958/0xcf0
[  621.454083][T15416]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  621.454139][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  621.454183][T15416]  ? rcu_is_watching+0x12/0xc0
[  621.454221][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  621.454264][T15416]  ? lock_release+0x201/0x2d0
[  621.454310][T15416]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  621.454370][T15416]  bio_endio+0x751/0x8a0
[  621.454410][T15416]  submit_bio_noacct+0x306/0x1f40
[  621.454469][T15416]  __submit_merged_bio+0x33c/0x710
[  621.454534][T15416]  __submit_merged_write_cond+0x319/0x3f0
[  621.454603][T15416]  f2fs_write_cache_pages+0x2075/0x2570
[  621.454661][T15416]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  621.454702][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  621.454748][T15416]  ? rcu_is_watching+0x12/0xc0
[  621.454783][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  621.454828][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  621.454874][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  621.454921][T15416]  ? rcu_is_watching+0x12/0xc0
[  621.454954][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  621.455012][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  621.455067][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  621.455112][T15416]  ? update_sd_lb_stats.constprop.0+0x14c4/0x2df0
[  621.455199][T15416]  ? mod_memcg_lruvec_state+0x381/0x5f0
[  621.455259][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  621.455302][T15416]  ? __mod_zone_page_state+0xcc/0x1a0
[  621.455351][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  621.455400][T15416]  f2fs_write_data_pages+0x4ad/0xd90
[  621.455446][T15416]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  621.455494][T15416]  ? rcu_is_watching+0x12/0xc0
[  621.455526][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  621.455570][T15416]  ? lock_release+0x201/0x2d0
[  621.455614][T15416]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  621.455658][T15416]  do_writepages+0x27a/0x600
[  621.455703][T15416]  ? __pfx_do_writepages+0x10/0x10
[  621.455742][T15416]  ? do_raw_spin_unlock+0x172/0x230
[  621.455794][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  621.455838][T15416]  ? _raw_spin_unlock+0x28/0x50
[  621.455900][T15416]  filemap_writeback+0x225/0x2d0
[  621.455947][T15416]  ? __pfx_filemap_writeback+0x10/0x10
[  621.456018][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  621.456064][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  621.456108][T15416]  ? rcu_is_watching+0x12/0xc0
[  621.456141][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  621.456185][T15416]  ? lock_release+0x201/0x2d0
[  621.456231][T15416]  f2fs_sync_dirty_inodes+0x2a2/0x960
[  621.456288][T15416]  block_operations+0x2b0/0xfe0
[  621.456329][T15416]  ? trace_irq_enable.constprop.0+0xd4/0x110
[  621.456380][T15416]  ? finish_task_switch.isra.0+0x8c3/0xbd0
[  621.456443][T15416]  ? __pfx_block_operations+0x10/0x10
[  621.456486][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  621.456531][T15416]  ? trace_sched_exit_tp+0xd1/0x110
[  621.456568][T15416]  ? __schedule+0x10b9/0x6150
[  621.456633][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  621.456678][T15416]  ? rcu_is_watching+0x12/0xc0
[  621.456712][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  621.456756][T15416]  ? trace_irq_enable.constprop.0+0xd4/0x110
[  621.456803][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  621.456848][T15416]  ? rcu_is_watching+0x12/0xc0
[  621.456893][T15416]  f2fs_write_checkpoint+0x32b/0x5300
[  621.456947][T15416]  ? __pfx_try_to_wake_up+0x10/0x10
[  621.457004][T15416]  ? rcu_is_watching+0x12/0xc0
[  621.457036][T15416]  ? f2fs_stop_gc_thread+0x79/0xd0
[  621.457087][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  621.457131][T15416]  ? rcu_is_watching+0x12/0xc0
[  621.457164][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  621.457208][T15416]  ? kthread_stop+0x272/0x5d0
[  621.457253][T15416]  kill_f2fs_super+0x3d6/0x490
[  621.457298][T15416]  ? __pfx_kill_f2fs_super+0x10/0x10
[  621.457365][T15416]  deactivate_locked_super+0xc1/0x1a0
[  621.457402][T15416]  deactivate_super+0xde/0x100
[  621.457439][T15416]  cleanup_mnt+0x225/0x450
[  621.457482][T15416]  task_work_run+0x150/0x240
[  621.457531][T15416]  ? __pfx_task_work_run+0x10/0x10
[  621.457581][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  621.457629][T15416]  exit_to_user_mode_loop+0xfb/0x540
[  621.457681][T15416]  ? srso_alias_return_thunk+0x5/0xfbef5
[  621.457729][T15416]  do_syscall_64+0x4ee/0xf80
[  621.457771][T15416]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  621.457808][T15416] RIP: 0033:0x7ff43cf90a77
[  621.457835][T15416] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  621.457873][T15416] RSP: 002b:00007ffdf57a4278 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  621.457913][T15416] RAX: 0000000000000000 RBX: 00007ff43d013d7d RCX: 00007ff43cf90a77
[  621.457938][T15416] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdf57a4330
[  621.457962][T15416] RBP: 00007ffdf57a4330 R08: 0000000000000000 R09: 0000000000000000
[  621.457986][T15416] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdf57a53c0
[  621.458011][T15416] R13: 00007ff43d013d7d R14: 00000000000978db R15: 00007ffdf57a5400
[  621.458051][T15416]  </TASK>
[  621.458520][T15416] F2FS-fs (loop3): Stopped filesystem due to reason: 3