last executing test programs: 2m7.327669447s ago: executing program 5 (id=39): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000001c0), r0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_ADD_DEVKEY(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000200)={0x28, r1, 0x607, 0x0, 0x0, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan1\x00'}]}, 0x28}}, 0x0) 2m7.06608333s ago: executing program 5 (id=41): close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r0 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r0, &(0x7f0000000080), 0xc) getpeername(r0, 0x0, &(0x7f0000000040)=0xb3143642) 2m6.545129001s ago: executing program 5 (id=44): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000440)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000480)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000003900000008000300", @ANYRES32=r2, @ANYBLOB="14005a80100000800600020000f9"], 0x30}}, 0x0) 2m6.069913663s ago: executing program 5 (id=49): syz_mount_image$erofs(&(0x7f0000000040), &(0x7f00000001c0)='./file1\x00', 0x818, &(0x7f0000000280)=ANY=[], 0x7e, 0x1cf, &(0x7f0000001080)="$eJxiGAWjYBSMWPDo4dcHvU4WIToMDAw8DCoM7FDxF8wMDIyMEDYTkvo7M0u1p9q6ztl0e+mRPL7aXejmgbT8/48mgAewMDAwHHBkZiiB8v//R9HNoAKlQxiY4OxQBiYGTSg7nIGRQQ/KTmBgYgiDslMZGBkioewsJHY+SL2eXlpmTqpecn5OCohhACIMQYQRiDBGd9/bRkaGFCT3IXupuLIqOzEnJ7UIicEClcMiRRaDUPi9dWRisEVyHyi+IjqaG0F8WNgYIIWfIQMTgyHUE8YMjAzBUHELBnZY2ECCBMn/UiwI85kx/E+RbzmoEUZYGYK65GnXoGLkVVYxMNDMg8QyWKjoHUyGHyi/EaO4b0ADgUiG2NtdpzGlng68w4YYA1E+/V/IyKCOVD6xIJUf+iW5BfrFlVW6mbmJ6anpqXlGRsZmBowMBqZG+uCCCELiKf84weUTF5L5rDjUsjGxMVQklpQUGUJINkYo3whCIpW4wdvy34D1MDEwlDB4MDAwKEPMABWbbHjKY0Y2iBomsFoQS4MZj/JRMApGwSgYBaNgFIyCUTAKRsEoGAWjYBSMglEwCkbBKCAByDMwgkdBCQCjALBqQAAAAP//K/hxXQ==") mount$bind(&(0x7f00000001c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) chroot(&(0x7f0000000180)='./file0\x00') umount2(&(0x7f0000002140)='./file0\x00', 0x0) 2m5.62554437s ago: executing program 5 (id=55): bind$l2tp(0xffffffffffffffff, &(0x7f00000000c0)={0x2, 0x0, @multicast2}, 0x10) r0 = syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0xf1f6, 0x13580, 0x0, 0x101}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_FALLOCATE={0x11, 0x4, 0x0, @fd_index}) io_uring_enter(r0, 0x54, 0x0, 0x1, 0x0, 0x0) 2m4.458309717s ago: executing program 5 (id=66): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x1, 0xa, 0x5, 0x7, 0xc1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x18000000000002a0, 0x2, 0x0, &(0x7f0000000500)="b958", 0x0, 0x1cb0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000100), 0x3f, r0}, 0x38) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r0, &(0x7f0000000340), &(0x7f00000004c0)=""/192}, 0x20) 2m4.082889225s ago: executing program 32 (id=66): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x1, 0xa, 0x5, 0x7, 0xc1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x18000000000002a0, 0x2, 0x0, &(0x7f0000000500)="b958", 0x0, 0x1cb0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000100), 0x3f, r0}, 0x38) bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000001c0)={r0, &(0x7f0000000340), &(0x7f00000004c0)=""/192}, 0x20) 5.23111387s ago: executing program 2 (id=1269): setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000040)={0x9e2}, 0x10) r0 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc) write$FUSE_NOTIFY_STORE(r0, &(0x7f0000000040)=ANY=[@ANYBLOB='\t'], 0x28) execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) 4.969335979s ago: executing program 2 (id=1275): io_setup(0x7, &(0x7f0000000000)=0x0) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder1\x00', 0x0, 0x0) io_submit(r0, 0x1, &(0x7f0000000700)=[&(0x7f00000002c0)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000240)={0x4c, 0x0, &(0x7f0000000100)=[@reply_sg={0x40486312, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) 4.708151271s ago: executing program 2 (id=1283): syz_mount_image$jfs(&(0x7f0000000400), &(0x7f0000000040)='./file1\x00', 0xc00, &(0x7f0000000580)=ANY=[@ANYBLOB="2c756d61736b3d300004000000000000000000", @ANYRES32, @ANYRES64, @ANYRES32=0x0, @ANYRESOCT, @ANYRES8, @ANYRESDEC, @ANYBLOB="7569643d905d71524d6613c415e10839b8aebc330a7196ada7453b3ac69b748c4314d22ec85487abc5c78285138c51d979f457ee167c34bb9e2d88d15ddf56f006eab8f8b4155bd1aac2a44e1d52ee5402b2bfbc1242ec6930b178d71d374ce907288e233b9cd39d67476fd3ab3c9a84fce295ec770000000000000000002000000000", @ANYRESOCT=0x0, @ANYRES16=0x0, @ANYRES16], 0x21, 0x6207, &(0x7f0000012500)="$eJzs3ctvHVcdB/DfffoRmkZdVCVCyG3Do5TmWUKgQNsFLNiwQNmiRK5bRaSAkoDSKiKuvGHBHwFCYokQS1b8AV2wZccfQKQECdRVpxr7HGc88c21k/rOtc/nIzlzf3NmfM/ke+c+PDP3BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQP/7RT8/1IuLKb9KMExFfiEFEP2KprlciYmnlRHOdF2KzOZ6PiNFCRL3+5j/PRrweER8fj7j/4M5qPfv8Hvvxw7/+608/O/aTf/5ldOb/f7s1eGPScrdv//5/f7/75NsLAAAAJaqqquqlj/knI2KYPtsDAEdffv2vkjxfPXf1+pz1R61Wq9WHsG6qdne3WUTEenOd+j2Dw/EAcMisxyddd4EOyb9ow4g41nUngLnW67oDHIj7D+6s9lK+vebrwcpWez4XZEf+673t6zsmTadpn2Myq8fXRgziuQn9WZpRH+ZJzr/fzv/KVvs4LXfQ+c/KpPzHW5c+FSfnP2jn33J08u/vmn+pcv7DfeU/kD8AAAAAAMyx/Pf/Ex0f/114+k3Zk8cd/12ZUR8AAAAAAAAA4PO23/H/hq3x/7YZ/w8AAADmVv1ZvfaH4w/nTfoutnr+5V7EM63lgcKki2WWu+4HAAAAAAAAAAAAAJRkuHUO7+VexCginllerqqq/mlq1/v1tOsfdqVvP5Ss6yd5AADY8vHx1rX8vYjFiLicvutvtLy8XFWLS8vVcrW0kN/PjhcWq6XG59o8rectjPfwhng4rupftthYr2na5+Vp7e3fV9/XuBrsoWOz0WHgABARW69G970iHTFV9Wx0/S6Hw8H+f/TY/9mLrh+nAAAAwMGrqqrqpa/zPpmO+fe77hQAMBP59b99XECtVqvVavXRq5uq3d1tFhGx3lynfs9gOH4AOGTW45Ouu0CH5F+0YUS80HUngLnW67oDHIj7D+6s9lK+vebrQRrfPZ8LsiP/9d7menn93abTtM8xmdXjayMG8dyE/jw/oz7Mk5x/v53/la32cVruoPOflUn519t5ooP+dC3nP2jn33J08u/vmn+pcv7DfeU/kD8AAAAAAMyx/Pf/E3N1/Hf8pJsz1eOO/64c2L0CAAAAAAAAwMG6/+DOar7uNR///9Iuy7n+82jK+ffkX6Scf7+V/9dbyw0at++9/TD//z64s/rnW//5Yp7uMf+Hv66XHlm99IjopabeME2fZusetTEajOt7GvX6g2E656cavRvX4nqsxdkdy/bT/8fD9nOPbMRos70abLWf39E+3G7P61/Y0T5KZzpVS7n9dKzGL+N6vLPZXrctTNn+xSnt1ZT2nP/A/l+knP+w8VPnv5zae61p7d5H/Uf2++Z0t/t569qXf3f24Ddnqo0YbG9bU719L3XQn83/k2Pj+PXNtRunb1+9devGuUiTHXPPR5p8znL+o/Sz/fz/8lZ7fqJu7q/3PhrvO/95sRHDifm/3Lhdb+8rM+5bF3L+4/ST838nte++/x/m/Cfv/6920B8AAAAAAAAAAAAAAAB4nKqqNi8RfSsiLqbrf7q6NhMAmK38+l8lef6s6sGM70+tPuR1b876M9P602q++qNWH8a6qdrdm80iIv7RXKd+z/Db3X4ZADDPPo2If3fdCToj/4Ll7/urp6e67gwwUzc/+PDnV69fX7txs+ueAAAAAAAAAABPKo//udIY//lUVVV3W8vtGP/17Vh52vE/h/nG9gCjEwaqHux/mx5noz8e9BvDjb8Yk8b/Hm3fetz438Mp9zea0j6e0r7w6KylZrE4Zf1dL/RoyPm/2Bjv/FREnGwNv17C+K/tMe9LkPN/qfF4rvP/Wmu5Zv7VHw9z/v0d+Z+59f6vztz84MPXrr1/9b2199Z+ceHcubMXLl68dOnSmXevXV87u/Vvhz0+WDn/PPa180DLkvPPmcu/LDn/r6Ra/mXJ+X811fIvS84/v9+Tf1ly/vmzj/zLkvN/JdXyL0vO/xupln9Zcv6vplr+Zcn5fzPV8i9Lzv+1VMu/LDn/06mWf1ly/mdSvcf8lw66X8xGzj8f4bL/lyXnn89skH9Zcv7nUy3/suT8L6Ra/mXJ+b+eavmXJef/rVTLvyw5/4upln9Zcv7fTrX8y5Lzv5Rq+Zcl5/+dVMu/LDn/76Za/mXJ+b+RavmXJef/vVTLvyw5/++nWv5lyfn/INXyL0vO/81Uy78sD7//3w03Znxj5OE3vze6fmYCAAAAAAAAAAAAANpmcTpx19sIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfMYOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrB3dzFynfX9wM+ud9drBxIDIX8nfwMbx4SQONn1S/xCm2LCa8N7IBT6gu1612bBb3jtEmgkGwVKJIyKKtqGi7aAUMlNhVWhilaAcoFaVa0E7QW9QVS0XERVQAG1UltBtppznufZmdnZmVnvZH3mnM9Hin/emTNzzpw5c3a/63xnAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABodutr5z41kmVZ47/8jy1Z9rzG3zdNbckve9W13kIAAABgrX6R//nMDemCQ33cqGmZv3vpd762uLi4mL13wx+Of25xMV0xlWXjG7Msvy668sP3jTQvEzyaTY6MNn092mP1G3pcP9bj+vEe10/0uH5jj+sne1y/bAcss6n4fUx+Zzvyv24pdml2YzaeX7ejw60eHdk4Ohp/l5MbyW+zOH48m89OZnPZTMvyxbIj+fLfuLWxrjdlcV2jTeva1jhCfvrIsbgNI2Ef72hZ19J9Rj9+TTb1s58+cuzPzz99c6fZcze03F+xnXdsb2znJ8IlxbaOZBvTPonbOdq0nds6PCcbWrZzJL9d4+/t2/lMn9u5YWkz11X7cz6ZjeZ//26+n8aaf62X9tO2cNl/35Zl2aWlzW5fZtm6stFsc8slo0vPz2RxRDbuo3EovTAbW9Vxemsfx2ljzu5oPU7bXxPx+b813G5shW1ofpp+/PGJpuf954tXc5xGjUe90mul/Rgc9GulLMdgPC6+mz/oxzoegzvC43/k9pWPwY7HTodjMD3upmNwe69jcHRiQ77No1/ZHNe+veUY3NWy/IZ8TSP5fOr27sfg9PlTZ6cXPvqxu+dPHT0xd2Lu9J5du2b27Nt34MCB6ePzJ+dmij+ven+X3eZsNL0Gtod9F18Dr2hbtvlQXfzixLLz79W+Die7vA63tC076NfhWPuDG1mfF+TSMR0vKV4b727s9MnLo9kKr7H8+blz7a/D9LibXodjTa/Djt9Tlm3zSH6bXq/DxjJn7+zvZ5axpv86bcPK3wvWdgxuaToG238eaT8GB/3zSFmOwclwXHz/zpW/F2wL2/vYztX+PLJh2TGYHm449zQuST/vTx7IR6fj8pbGFddNZBcW5s7d8/DR8+fP7crCWBcvajpW2o/XzU2PKVt2vI6u+ng9NP/Sx27pcPmWsK8m7278Mbnic9VYZu893Z+r/Ltb5/3ZcunuLIwBW+/92em7eWN/TmTZ57/98Qe/+cjnX7vi/mzkzU9Mr/1n8ZRLm86/4yucf2Puf7ZYX7qrRzeMjxWv3w1p74y3nI9bn6qx/Nw1kq/7men+zsfj4b/1Ph/f2OV8vLVt2UGfj8fbH1w8H4/0+m3H2rQ/n5PhODk50/183Fhm6+7VHpNjXc/Ht4U5Evb/K0NSSLmo6dhZ6bhN6xobGw+PayyuofU43dOy/HjIZo11PbH76o7TO24r7mtDenRL1us4nWpbdtDHafrd10rH6Uiv375dnfbnczIcFzfu6X6cNpZ5cu/az52b4l+bzp0TvY7B8Q0TjW0eTwdhfr7PFjfFY/Ce7Fh2JjuZzebXTuTH00i+rp339ncMToT/1vtcubXLMXhH27KDPgbT97GVjr2RseUPfgDan8/JcFw8fm/3Y7CxzOv2D/Zn1zvCJWmZpp9d23+/ttLvvG5p203P1bEyFrbz2/u7/262sczJA6vNmd33013hkus67Kf21+9Kr6nZbH3209awnU8fWHk/NbanscznDvZ5PB3Ksuzih+/Pf98b/n3lLy9872st/+7S6d90Ln74/p88//jfrmb7ARh+zxZjc/G9rulfpvr5938AAABgKMTcPxpmIv8DAABAZcTcH/+v8ET+BwAAgMqIuX8szKQm+X/r656ef/Zilpr5i0G8Pu2GB4rlYsd1Jnw9tbikcfn9X577r7+52N+6R7Ms+/kDv9tx+a0PxO0qTIXtvPL61suX+drdfa37yEMX03qb++tfCPcfH0+/h0GnCu5MlmXfuOEz+Xqm3nc5n08+cCSfD1567NHGMs8cLL6Ot3/qRcXyfxLKv4eOH225/VNhP/wozJk3d94f8XZfvfzKbfvfs7S+eLuR7dfnD/vx9xf3G98n57OPFsvH/bzS9n/z0098tbH8wy/vvP0XRztv/xPhfr8c5v+8pFi++TlofB1v98mw/XF98Xb3fOlbHbf/yqeK5c++oVjuSJhx/XeEr3e84en55v318MjRlseVvbFYLq5/5nu/n18f7y/ef/v2Tx6+3LI/2o+PJ/+5uJ/ptuXj5XE90V+3rb9xP83HZ1z/E793pGU/91r/lQefeknjftvXf1fbcmc/fGe+/qX7a33Hpj/95Gc6ri9uz6G/ONvyeA69M7yOw/off384HsP1/3uluL/2d1c48s7W809c/gtbLrY8nuhNPyvWf+XVJ/K5cXLT5uue9/zrL72sse+y7Lsbi/vrtf4Tf3amZfu/eFOxP+L1saPfvv6VxPWf+8jO02cWLszPpr36yA35e+e8pdieuL03hHNr+9eHz5z/wNy5qZmpmSybqu5b6F21L4X5k2Jc6r704rIz6J0Phefzlj/+xubb/+nT8fJ/eXdx+eU3F9+3XhGW+2y4fEt4/la3/uUev/Wm/PU98mTYwsXl7xe8Ftt2/MeBvhYMj7/954J4vJ998Qfy/dC4Lv++EV/Xa9z+H8wW9/P1sF8Xwzszb79paX3Ny8f3Rrj8ruL1vub9F05z8Xn9Sni+3/qj4v7jdsXH+4Pwc8y3trae7+Lx8fWLo+33n7+Lx6VwPskuFdfHpeL+vvzMTR03L74PSXbp5vzrP0j3c/OqHuZKFj66MH1y/vSFh6fPzy2cn1746McOnzpz4fT5w/l7eR7+YK/bL52fNufnp9m5fXuz/Gx1phjPsWu9/WcfOja7f+b22bnjRy8cP//Q2blzJ44tLBybm124/ejx43Mf6XX7+dn7du0+uGf/7p0n5mfvO3Dw4J6DO+dPn2lsRrFRPeyb+dDO0+cO5zdZuG/vwV333rt3ZuepM7Nz9+2fmdl5odft8+9NOxu3/p2d5+ZOHj0/f2pu58L8x+bu23Vw377dPd8N8NTZ4wtT0+cunJ6+sDB3brp4LFPn84sb3/t63Z5qWvjX4ufZdiPFG/Flb79rX3p/1oYvf3zFuyoWaXsD0afDe9H8/QvOHujn65j7x8NMapL/AQAAoA5i7p8IM5H/AQAAoDJi7t8YZiL/AwAAQGXE3D8ZZlKT/F+5/v/Wi32tX/9f/795f+n/16z//66y9f8b54u51OvU/1+btfbv9f8D/X/9f/1//X/9fwagbP3/mPs3ZVkt8z8AAADUQcz9m8NM5H8AAACojJj7rwszkf8BAACgMmLuf16YSU3yv/6//r/+v/6//n/n9a9v/9/n/w+K/n93+v896P9PZ/Xq/18a5Pbr//fZ/5/qdU9USdn6/zH3Pz/MpCb5HwAAAOog5v7rw0zkfwAAAKiMmPtvCDOR/wEAAKAyYu7fEmZSk/yv/6//r/+v/6//33n9+v/DSf+/O/3/HvT/ff6//r/P/2egytb/j7n/BWEmNcn/AAAAUD3Lf5kQc/8Lw0zkfwAAACifsau7Wcz9LwozWZb/r3IFAAAAwDUXc/+NWVsRvCb//q//r/+v/6//r//fef399/83ZPr/5aH/353+fw/6/2vrzzdOjPr/+v/6/zQpW/8/z/3ZZPbiMJOa5H8AAACog5j7bwozkf8BAACgMmLu/39hJvI/AAAAVEbM/VvDTGqS//X/9f/r1v//t736//r/Pv+/yvT/u9P/70H/3+f/6//r/zNQZev/x9x/c5hJTfI/AAAA1EHM/beEmcj/AAAAUBkx9///MBP5HwAAACoj5v5tYSY1yf/6/yXv/8fmqP6/z//X/9f/1//vi/5/d/r/Pej/6//r/+v/M1Bl6//H3P+SMJOa5H8AAACog5j7XxpmIv8DAABAZcTc/7IwE/kfAAAAKiPm/qkwk5rkf/3/kvf/ix78hM//1//X/9f/1//vj/5/d/r/Pej/6//r/+v/M1Bl6//H3H9rmElN8j8AAADUQcz928NM5H8AAACojJj7bwszkf8BAACgMmLu3xFmUpP8r/8/FP3/TP9f/1//X/9f/78/+v/d6f/3oP+v/6//r//PQJWt/x9z/8vDTGqS/wEAAKAOYu6/PcxE/gcAAIDKiLn/FWEm8j8AAABURsz9d4SZ1CT/6//r/+v/6//r/3dev/7/cNL/707/vwf9f/1//X/9fwaqbP3/mPtfGWZSk/wPAAAAdRBz/51hJvI/AAAAVEbM/XeFmcj/AAAAUBkx9+8MM6lJ/tf/1//X/9f/1//vvH79/+Gk/9+d/n8P+v/6//r/+v8MVNn6/zH33x1mUpP8DwAAAHUQc/89YSbyPwAAAFRGzP3TYSbyPwAAAFRGzP0zYSY1yf/6//r/+v+l7P/nNyll//9lS/er/1/Q/y8X/f/u9P970P/X/7/m/f9x/X8qpWz9/5j7d4WZ1CT/AwAAQB3E3L87zET+BwAAgMqIuX9PmIn8DwAAAJURc//eMJOa5H/9f/1//f9S9v9zpez/N9H/L+j/l4v+f3eD7//Hh6j/r/+v/+/z//X/Wa5s/f+Y++8NM6lJ/gcAAIA6iLl/X5iJ/A8AAACVEXP//jAT+R8AAAAqI+b+A2EmNcn/+v/6//r/+v/6/53Xr/8/nMrZ/x/te/3D1//3+f/6/0v0//X/9f9pV7b+f8z9B8NMapL/AQAAoA5i7n9VmIn8DwAAAJURc/8vhZnI/wAAAFAZMff/cphJTfK//n/Z+/+jmf6//r/+v/6//n//ytn/75/+v/6//v/wbr/+v/4/y5Wt/x9z/31hJjXJ/wAAAFAHMff/SpiJ/A8AAACVEXP/q8NM5H8AAACojJj7D4WZ1CT/V6z/P9nfmoep/+/z//X/9f/1//X/V0P/vzv9/x70//X/9f/1/xmosvX/Y+5/TZhJTfI/AAAA1EHM/feHmcj/AAAAUBkx9782zET+BwAAgMqIuf91YSY1yf8V6/9X8PP/9f/1//X/9f/1/1dD/787/f8e9P/1//X/9f8ZqLL1/2Puf32YSU3yPwAAANRBzP1vCDMav2ZbBAAAAAxazP1vDDPx7/8AAABQGTH3vynMpCb5X/9f/1//X/9f/7/z+vX/h5P+f3f6/z3o/+v/6//r/zNQZev/x9z/q2EmNcn/AAAAUAcx9z8QZiL/AwAAQGXE3P/mMBP5HwAAACoj5v63hJnUJP/r/+v/6//r/+v/d16//v9w0v/vbsj6/7+4Plyu/1/Q/y/39q+2/z/W9vVz0v//4Ur9/8WN7bfX/+e5ULb+f8z9bw0zqUn+BwAAgDqIuf9tYSbyPwAAAFRGzP1vDzOR/wEAAKAyYu5/R5hJTfK//n9jO5bay/r/+v/5BevS/3/Hf+r/6/9n+v8Dp//f3ZD1/33+fxv9/3Jvv8//1/9nubL1/2Puf2eYSU3yPwAAANRBzP0PhpnI/wAAAFAZMfe/K8xE/gcAAIDKiLn/3WEmNcn/+v8+/1//3+f/6/93Xr/+/3DS/+9O/78H/X/9/7L1//9d/5/hVrb+f8z9D4WZ1CT/AwAAQB3E3P+eMBP5HwAAACoj5v5fCzOR/wEAAKAyYu5/b5hJTfL/te7/b9L/77P/P6X/r/+v/9/2ePT/9f870f/vTv+/B/1//f+y9f99/j9Drmz9/5j73xdm0n/+n+x7SQAAAOCaiLn/18NMavLv/wAAAFAHMff/RpiJ/A8AAACVEXP/b4aZ1CT/X+v+v8//9/n/+v816v+P6v/r/z/31q//H888+v/6//r/kf6//r/+P+3K1v+Puf+3wkxqkv8BAACgDmLuf3+YifwPAAAAQ6HT/5PdLub+w2Em8j8AAABURsz9R8JMapL/9f9r1P//q38ortT/H47+/x9t/8fvf+dtR3ZVqf/v8//1/9fBun7+f+PF7/P/9f/1/xP9f/1//X/ala3/H3P/0TCTmuR/AAAAqIOY+387zET+BwAAgMqIuf9YmIn8DwAAAJURc/9smElN8r/+f436/z7/f7j6/0P8+f9xf+j/txpY/z+edPX/O1rX/v97lnri+v+r7f9PdLxU/1//f5i3X/9f/5/lytb/j7l/LsykJvkfAAAA6iDk/tHjxVy6Qv4HAACAyoi5/0SYifwPAAAAlRFz/wfCTGqS//X/9f/1//X/ff5/5/WXtv/v8/+70v/vrjz9/870//X/h3n79f/1/1mubP3/mPvnw0xqkv8BAACgDmLu/2CYifwPAAAAlRFz/4fCTOR/AAAAqIyY+0+GmdQk/+v/6//r/+v/6/93Xr/+/3DS/+9O/78H/X/9/6vZ/nDc6P/r/7Nc2fr/MfefCjOpSf4HAACAOoi5/3SYifwPAAD8H3v38WRpWfZx/DQM0l1UiTsXblzrn8BC1/oHuHDjxip1YcKcGMwRE+aAOWMARUyomMGEYhYRc0BFFANijeXMdV3TPefp53TPnNP9nPv+fBZevvM6ngPvlL4/hm/dQDNy9z8qbrH/AQAAoBm5+x8dt3Sy//X/+v9m+//76f93+3z9v/6/Zfr/cfr/BfT/+n/v/+v/Waqp9f+5+x8Tt3Sy/wEAAKAHufsfG7fY/wAAANCM3P0Xxi32PwAAADQjd//j4pZO9v8p/f/GrM/+PzNe/X9L/b/3/3f9fP2//r9lB9v/X/z//+TT/+v/9f9B/6//1/9zqqn1/7n7Hx+3dLL/AQAAoAe5+58Qt9j/AAAA0Izc/U+MW+x/AAAAaEbu/ifFLZ3sf+//e/9f/6//1/8Pf77+fz15/39cT/3/hTee98jbr7rX1fv5/NX3/7ft7P+D/n85Dvv76//1/8ybWv+fu//JcUsn+x8AAAB6kLv/KXGL/Q8AAADNyN3/1LjF/gcAAIBm5O5/WtzSyf7X/+v/9f/6/1b6/0vjx/X/fdP/j+up/z+dz/f+v/5f/6//Z7mm1v/n7n963NLJ/gcAAIAe5O5/Rtxi/wMAAEAzcvdfFLfY/wAAANCM3P1H45ZO9r/+f/X9/3/1//r/uPp/7//r/1dP/z9O/7+A/l//r//X/7NUU+v/c/dfHLd0sv8BAACgB7n7nxm32P8AAADQjNz9z4pb7H8AAABoRu7+Z8ctnex//b/3//X/+n/9//Dn6//Xk/5/nP5/Af3/mfbz5+j/9f/6f7bbZ/9/58h/bC+l/8/d/5y4pZP9DwAAAD3I3f/cuMX+BwAAgGbk7n9e3GL/AwAAQDNy9z8/bulk/+v/9f/6f/3/aff/87/0jtP/D1te/79V/576/3n6/3GT6f83jgz+sP5/7ft/7//r//X/7DC19/9z978gbulk/wMAAEAPcve/MG4Z2f/7/ov5AAAAwKHK3f+iuMXv/wMAAMDay+osd/+L45ZO9r/+X/+v/9f/e/9/+PPH+v+rt30/7/9Pi/5/3GT6/13o//X/6/z99f/6f+ZNrf/P3f+SuKWT/Q8AAAA9yN1/Sdxi/wMAAEAzcve/NG6x/wEAAKAZuftfFrd0sv+H+/+T/3v9/97o/3d+f/3/8K+PZfX/+e+o/x/t/+/f7vv/+v8x+v9x+v8F9P/77+e3/SHq/5vu/7cW/Xz9P0Om1v/n7n953NLJ/gcAAIAe5O5/Rdxi/wMAAEAzcve/Mm6x/wEAAKAZufsvjVs62f/e/9f/Zz+/uQb9/9n6f+//T+T9/9mB9/9H9P97pP8fp/9fQP/v/f82+v/8Ie//c+im1v/n7n9V3NLJ/gcAAIAe5O5/ddxi/wMAAMB62P73Dpz6N5SG3P2viVvsfwAAAGhG7v7Xxi2d7H/9v/7f+//6f/3/8OdPq//3/v9e6f/H6f8X0P+vop8/0lj/f9luP38K/f9Fq3v/X//PadnR/19z8scPq//P3f+6uKWT/Q8AAAA9yN3/+rjF/gcAAIBm5O5/Q9xi/wMAAEAzcve/MW7pZP+vvP/f2v2z9f/6f/2//l//f+JXj/5/efT/4/T/C+j/vf/fxvv/+n8mY0f/v81h9f+5+98Ut3Sy/wEAAKAHufvfHLfY/wAAANCM3P2XxS32PwAAADQjd/9b4pZO9r/3//X/+n/9v/5/+PO9/7+e9P/j9P8L6P+39/MPn+n/9f/6f87Q1Pr/3P1vjVs62f8AAADQg9z9b4tb7H8AAABoRu7+t8ct9j8AAAA0I3f/O+KWTva//n+1/X/+uP5f/z/T/+v/9f8Hotv+f2Pov4nm7dL/X/+wow/c+SP6f/2/9//1//p/lmAS/f+xk//fZe7+d8Ytnex/AAAA6EHu/nfFLfY/AAAANCN3/7vjFvsfAAAAmpG7/z1xyz73/z2W+q0Ojv7f+//6f/2//n/48/X/66nb/n+PvP+/gP5f/6//1/+zVJPo/7f9z7n73xu3+P1/AAAAaEbu/vfFLfY/AAAANCN3//vjFvsfAAAAmpG7/wNxSyf7X/+v/9f/6//1/8Ofr/9fT/r/cRPt/7fyn+j/T6v/v/U++v9JfH/9v/6feVPr/3P3Xx63dLL/AQAAoAe5+z8Yt9j/AAAA0Izc/R+KW+x/AAAAaEbu/g/HLZ3sf/2//l//r//X/w9/vv5/Pen/x020/y8H0v9fMfIFhvr/Y+dOvf/3/v9Evr/+X//PvKn1/7n7PxK3dLL/AQAAoAe5+6+IW+x/AAAAaEbu/ivjFvsfAAAAmpG7/6NxSyf7X/+v/9f/6//1/8OfP9D/H9n+vfT/06T/H6f/X2A93//X/0/k++v/9f/Mm1r/n7v/Y3FLJ/sfAAAAepC7/6q4xf4HAACAZuTu/3jcYv8DAABAM3L3Xx23dLL/9f/6f/2//l//P/z53v9fT6vr/2f6f/2//n+BffXz5y7lKx/e9x+g/9f/M29q/X/u/k/ELZ3sfwAAAOhB7v5Pxi172f9b56/qawEAAABLlLv/U3GL3/8HAACAZuTu/3Tc0sn+1//PZmdti5f1//r/4z+g/9f/L7v/P1//f1C8/z9O/7+A/t/7//p//T9LNbX+P3f/Z+KWTvY/AAAA9CB3/zVxi/0PAAAAzbjj+D9uzj4bt9j/AAAA0Izc/Z+LWzrZ//p/7//v7P9nM/2//l//f8IBvP+/OdP/L53+f5z+fwH9f5v9/1mzhvr/rV1/vv6fKZpa/5+7//NxSyf7HwAAAHqQu//auMX+BwAAgGbk7v9C3GL/AwAAQDNy938xbulk/+v/9f/e/9f/6/+HP/8A+v/6s6r/Xx79/zj9/wL6/zb7f+//6/85NFPr/3P3fylu6WT/AwAAQA9y9385brH/AQAAoBm5+78St9j/AAAA0Izc/V+NWzrZ//p//b/+X/+v/x/+fP3/etL/j9P/L6D/1//r//X/LNXU+v/c/V+LWzrZ/wAAANCD3P3XxS32PwAAADQjd//1cYv9DwAAAM3I3f/1uKWT/a//1//r/9ez/9/U/+v/9f+DptL/X3DBA27Q/+v/9f/6f/2//r93U+v/c/d/I27pZP8DAABAD3L3fzNusf8BAACgGbn7vxW32P8AAADQjNz9345bOtn/8/3/ObMTheoJQ/1/NGr6/230/zu/v/5/+NeH9//1//r/1Tu1/z93nz/f+/9B/6//1/+vtv+/9/zP1//Toqn1/7n7b4hbOtn/AAAA0IPc/d+JW+x/AAAAaEbu/u/GLfY/AAAANCN3/41xSyf73/v/+n/9/0H2/xv6f/2//n/FpvL+v/7/9L6//l//v87fv5n3/8/W/7M8q+//t+Kf7a3/z93/vbilk/0PAAAAPcjd//24xf4HAACAZuTu/0HcYv8DAABAM3L3/zBu6WT/6//1//p/7//r/4c/X/+/nvT/4/T/C/TT/28O/eBh9/Nn6rC/fzP9v/f/WaKpvf+fu/9HcUsn+x8AAAB6kLv/x3GL/Q8AAADNyN3/k7jF/gcAAIBm5O7/adzSyf7X/+v/2+//H6L/P+XzD6n/P6r/1/8fBP1//jf6MP3/ApPp/4f/r+j9/2l/f/2//p95U+v/c/ffFLd0sv8BAACgB7n7fxa32P8AAADQjNz9N8ct9j8AAAA0I3f/z+OWTva//r+v/n9j1mP/7/3/ifT/3v/X/x8I/f84/f8Ck+n/V/7+/6DD7ucP4fvftczvr//X/zNvav1/7v5bNo50uf8BAABgXT3ovo+4aa//2luO/+Pm7Bdxi/0PAAAAzcjd/8u4xf4HAACAZuTu/1Xc0sn+1//31f/3+f6//l//r//vif5/nP5/Af1/b/3/Ur+//l//z7yp9f+5+38dt2wbfkf2/UcJAAAATEnu/t/ELZ38/j8AAAD0IHf/b+OWuf1/bI9/VzsAAAAwNbn7fxe3dPL7/2vc/w9nGa31/7MV9f/xr+u1/7/2gp1/vvT/+v+hz9f/ryf9/7gz7P+Pbej/9f8jhvv5m++u/9f/6//7NbX+P3f/7+OWTvY/AAAANGrHX1HI3f+HuMX+BwAAgGbk7v9j3GL/AwAAQDNy998at3Sy/9e4/9/lD6ix/v+03v/fqn/m/f/O3/+/ZHPw85fe/5+z849X/z9M/38w9P/jvP+/gP7f+//6f/0/SzW1/j93/5/ilk72PwAAAPQgd/+f4xb7HwAAAJqRu/8vcYv9DwAAAM3I3X9b3NLJ/tf/t9j/7+H9f/1/H/3/Lp/fzvv/9zzv6HUPfuiVl+v/Oekg+//8taD/1//r/0/Q/+v/9f+camr9f+7+v8Ytnex/AAAA6EHu/tvjFvsfAAAAmpG7/29xi/0PAAAAzcjd//e4pZP9r//X/0+l/88/14fQ/x9dv/4/m+Le+3/v/+v/53n/f5z+fwH9v/5f/6//Z6mm1v/n7r8jbulk/wMAAEAPcvf/I27J/b+x7790DwAAAExM7v5/Hr/b/h4tv/8PAAAAzTix+zdn/4pbOtn/+n/9/1T6/+T9/5M/z/v/J+j/9f/7sfb9/+ws/b/+X/+/pt9f/6//Z97U+v/c/f+OWzrZ/wAAANCD3P13xi079//dDvZbAQAAAMuUu/8/cYvf/wcAAIBm5O6/K27pZP/r//X/+n/9v/5/+PP1/+tp7ft/7//r//X/a/v99f/6f+ZNrf/P3f+/AAAA//+4rmTi") r0 = openat(0xffffffffffffff9c, &(0x7f00000001c0)='.\x00', 0x0, 0x0) unlinkat(r0, &(0x7f0000000280)='./file1\x00', 0x0) lsetxattr$trusted_overlay_origin(&(0x7f0000000000)='./file1\x00', &(0x7f0000000140), 0x0, 0x0, 0x1) 4.051482245s ago: executing program 0 (id=1287): r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000001c0)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1}) ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000080)={{&(0x7f00000e9000/0x2000)=nil, 0x2000}, 0x1}) 3.828138403s ago: executing program 2 (id=1288): syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./file0\x00', 0x100000a, &(0x7f0000000140)={[{@journal_async_commit}, {@heartbeat_none}, {@localflocks}, {@inode64}, {@localalloc={'localalloc', 0x3d, 0xfffffffffffffffa}}, {@noacl}]}, 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzJ6vZpMl2P9ImafoxSQQXLcumT9X6ENeqjabNh7bVVFlnN9vN6uzMujujBYPUIIiCoARBxQ+qQulLLYiBvtQiFPxAWoVSUbS+iBSq4INBG+jKzNybnXtntneyk7S0/f2gnb3n3nPumf3vPXfOPZNCrHZqYaW4sFIsVYrV2ftXbil+rlquL86FwqvktT4/vbkSOcn+tXPkfR/4yD23hPCHY1/70Orq6mpoGA5dHWj7+fy/T8+2vyYKmTqNdru31vLH+iMv/fwtr3REnhMhhB0d/WrYFEL42C9C2BxCGInLRuPXLSGEbSGEKITw6G/+9ePBfrrQ5uy9Lzx37MzhfWemHn/smQvzR9c9MArhu+XdN88vvrh/023Pv+MynR4AAF7RB48fufvo5IHwZBSGzg10fl7fGb8mn4/vfNun7np4YG3/Kr3Z9CqGCgAAABlr8//h6OUu63XJylqyJPjEAyfufipa229i+/p26K4jt79/8kC8/ht17L81Lvrnezc111Cz677Z9d+RTP3u679r53n4q8/+svLWjfc/6V9y3uEQFSZS24XCxEQIx6Za27uirYVydaX2zvur9crJjZ/3jSKdf3b1fm1Bv9f8RzPV89b/d3/i8z/bMtDPOxgL2b/axnax80+ZLtL5rz+W/+RLUU/5j2Xq5eV/x9Pbz/9qcz/vIHtGLkU6/9aFuK/9gGJrAGjk/82B/Px3ZNrPy//7U+cePbGB7/80xpnhqNHXwdQI8HJcvs5XmMhI598KIjV0xr/I9a7//2XyvybTfl7+d1b/8bu/9XH/X2/8H5/qp803j3T+rSCKqSPWrv+RQv71f22m/bz8f3vqz89+sq97dWf+jf6Pu//3JJ1/fCNOD57N32Sv4//OTPt5+e8au++hhQ30+8Nb4n4ORWGs7Vun5xq3sKG19ermlKaxe2kDJ3kTSOff+q2lLp2h1kvz+h/OH/93ZdrPy/+hPV9/z+m+vv/bffyfNP73JJ3/lmbZpeT/Uib/3Zn28/L/4em//+W+yzz+N7YPyr8n6fy3duxfe/5T6Gn+d12mft7zn32jTz3y1z7m/0n/kvMmz3+S5xDjUev5D92l879q3eN6vf/vydTLu/6/9Z/nn97fz/gfDXoC0Id0/ttahV0mgL3mf32m/bz8v3DPlz/+pw3M/5qf+AaT/Nvm/5tb5UeN/z1J57+9VZj6x1APNv/fvP9Hnbn/N5P/DZn28/K/cGhi4CuX+f7f6P94l0fZdErnP7TucY38f9/D/f/GTL28/L+496cv3tzX5/8QJs31Nyyd/9XrHte8/gfz878pUy8v/+9849dPPNhH/9/eR12y+bfu9anLKf5s3uv8v5hpPy//H42fP7v/Csz/bnX/70k6/9aq+aXkn53/7820n5f/9478YHngCjz/uUP+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzIavw6HqDCR2i4UJiZCGIu3d4Wt0Uzp5PRMuTr7mZUQdsTlxTAazZerM6Xy9EKlenJuulQuV2dDuCbevyMMRivlam16sbR07cW2tkSn5krLtZm5Ui2EsDMuvz5sT9qaWagtlpaaxyZ1ropKn61Xa6WJ+srccth9sXxbUj6/XK0vXXexrasL1eWlU6XK9MmF5XdPTk5Ohj0X+zwSzT1Qm6vUWr1t7W3USeoOR21vprn7hrbzfbpaX66Uys3yG9vqlKuzpXJbnZvazldbrldmS7W56XJ1Pjlfsa1u23tr7t4b7xsPI6n3l9TNOhi/3n7o+EePHz7Qsb8YpfOu1BfnJrd3/5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4I3rydve9e0QwkBrqxBCOJj8EMX/pZy994Xnjp05vO/M1OOPPXNh/mi3YwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYuZ+XKro4DsBnxve+FkgpbYRcBoaI6E7Cgn4RSeU1smWb1kGtEjIoCgwjWhYEQVC7qCBoFVT+BVELl62qTS1aGERQMTqTlzvCDS90zHkeGM4Mc++ZLwzcO3M+hwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB+nN2x2JW1l3ZtXtq6+0PozM/9H0IYTZb3P+/tCD0hhK9fZk6HVdpCT1P/bybnxstXTX7v7R9/eH00WXv9xXeL63aHJB1qON6ZpOnQ0Nr736juDD6bHkxCSGMXQhQLY0/O1EIIHbELIYqfH+cvZr/v/8UuhCj6P9ztyu5/LXYhRLF196e+Wv6MR/Wcr18YbPzvb/UI3sYjOuvQ25NX3qVuauW9zN//k3zzPlgNsyeOvH8euwiimZ2bOhq7BgAA4O861yL/D1uW9+9fTkJPdzn3/9aU//c29b96/r/i3vYbYzNthRDbSmOT2fHwvnb63PhODVy9/bpmvKeq5P/VJv+vNvl/tcn/q03+X23yfzKv5P+V9PjmnsUXsYsgGvk/AABUz6HjE1P14ZHs5X/Tj85yXt+Xt/U8T39wa3rgUcO4kfzw33b42MSBg8Mj+X0vDwiurP+QLp39ns/3aG4Lk03zLlqt/9D7dGH+Wmf5E/U/nL9R1Fdc1/oPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAvdueehkEwCsPod1sRtdGqaMLCT4IPNDAiACnMaEAHEwZgIAQUMJBzlnuTZ3kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5/tXeV18f2mM9Foj0lR22bV/jqfZz9y3w/I+e9y4FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZ24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KkAAAD//8Oayzs=") r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/schedstat\x00', 0x0, 0x0) read$FUSE(r0, &(0x7f0000006140)={0x2020, 0x0, 0x0, 0x0}, 0x2020) lchown(&(0x7f0000000040)='.\x00', r1, 0x0) 3.751869557s ago: executing program 0 (id=1289): syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file1\x00', 0x101884a, &(0x7f0000000280)=ANY=[], 0x1, 0x550b, &(0x7f00000079c0)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy") munmap(&(0x7f0000002000/0x1000)=nil, 0x1000) r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x0) pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x57e00}], 0x2, 0x1200, 0x41001, 0x3) 3.164960998s ago: executing program 1 (id=1292): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804810, &(0x7f00000002c0), 0x4, 0x76b, &(0x7f0000001400)="$eJzs3M1rXOUaAPDnnGaSfuTeyYUL9+pChBZaKJ0kzaZdNW7cFQoFtzUkJyHkJBMyk9qJhbauhdpsFARR1y7dCqX+Ae6koOBeEK1xIW5GzmSS0piZpEnaadPfD07P856v531mDm/nQN4TwCvrzeKfJGIwIq5ERLm9PY2I/lZ0NOL2+nFrj25OFksSzebVX5PitFhrljevlbTXJ6J1Svw/Ih6UIs5+8M+8tcbK3ESeZ0vt9nB9fnG41lg5Nzs/MZPNZAujYxdHLoyNXRgZ27GG/+2y1lPvXDx277u3V1e//7p+942+c0mMt+qOdm27vMxTWf9MSjG+ZfvCs0jWQ0mXfUefYz8AAOiu+J1/JCL6Wr9Sy3GkFQEAAACHSXOguaN041gAAADgJZV4rgcAAIBDbuPvADbm9j6rebCd/PJWRAxtl7+vNYc44miUIuL4WvLEzIRk/TTYl9t3IuL++Nb778viDru9z2uPbGk/OUe6f59X5yDcL8af8e3Gn3Rz/Iltxp++jXcn7FPn8e9x/iMdxr8ru8zxzWevlTrmvxPxet92+ZPN/EmH/O+2op0/hburH97rtK/5RcTpbf//SZ7I1eX9EOPTs3m31w/Eg7/OPOxW//FO+ZPu9S/uWPm699d+n+s0lhT5z5zs8P3f6py/uCc+avcjjYh77XXRXt2S4+T8D992q38qormX7//zXdb/01cDN3Z5KAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALSkETEYSVrZjNO0Uok4ERH/jeNpXq3Vz05Xlxemin0RQ1FKp2fzbCQiyuvtpGiPtuLH7fNb2mMR8Z8fj60nnc2zymQ1n+p18QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGw6ERGDkaSViEgj4o9ymlYqEX27OHfgOfQPAAAAOCBDve4AAAAA8Mx5/gcAAIDDb6/P/8kB9wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA41K5cvlwszbVHNyeL9tT1xvJc9fq5qaw2V5lfnqxMVpcWKzPV6kyeVSar8ztdL69WF0cvxvKN4XpWqw/XGivX5qvLC/Vrs/MTM9m1rPRcqgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBpDbaWJK1ERNqK07RSifhXRAxFKZmezbORiPh3RDwslwaK9mivOw0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCBqzVW5ibyPFsSCF6KoL99574o/dlbcCsiXoBudAl6PDABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANATtcbK3ESeZ0u1XvcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA3kp/TiKiWE6XTw1u3duf/FlurSPivU+vfnxjol5fGi22/7a5vf5Je/v5XvQfAAAAXgmXnubgjef0jed4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA3ao1VuYm8jxb2l9wKRorzaTDMb2uEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2Ju/AwAA///+/bx6") r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x123042, 0x0) unlink(&(0x7f0000000100)='./file1\x00') write$binfmt_script(r0, &(0x7f0000000080), 0xffffff3e) 2.592699982s ago: executing program 6 (id=1295): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="34000000000883ec0000000000010000000000000400048005000300010000000900010073797a3000000000060002"], 0x34}}, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) sendmsg$IPCTNL_MSG_TIMEOUT_DELETE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)={0x14, 0x2, 0x8, 0x3, 0x0, 0x0, {0x0, 0x0, 0x3}}, 0x14}}, 0x40000) 2.458845299s ago: executing program 4 (id=1296): openat$rdma_cm(0xffffff9c, &(0x7f00000006c0), 0x2, 0x0) r0 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x559b, 0x10100}, &(0x7f0000000040)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r0, 0x2def, 0x0, 0x0, 0x0, 0x0) 2.376124818s ago: executing program 6 (id=1297): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x4, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9) munlock(&(0x7f000066d000/0x3000)=nil, 0x3000) 2.29056701s ago: executing program 0 (id=1298): r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000040)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_JOIN_IBSS(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x5c, r0, 0x101, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_PRIVACY={0x4}, @NL80211_ATTR_KEYS={0x2c, 0x51, 0x0, 0x1, [{0x28, 0x0, 0x0, 0x1, [@NL80211_KEY_IDX={0x5, 0x2, 0x3}, @NL80211_KEY_CIPHER={0x8, 0x3, 0xfac01}, @NL80211_KEY_DATA_WEP104={0x11, 0x1, "701261b963939435aabeacc131"}]}]}, @NL80211_ATTR_SSID={0x5, 0x34, @random="f7"}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x5c}}, 0x0) 2.282819067s ago: executing program 4 (id=1299): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'bond0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=@newlink={0x6c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x40000}, [@IFLA_LINKINFO={0x44, 0x12, 0x0, 0x1, @vlan={{0x9}, {0x34, 0x2, 0x0, 0x1, [@IFLA_VLAN_ID={0x6, 0x1, 0x80}, @IFLA_VLAN_EGRESS_QOS={0x28, 0x3, 0x0, 0x1, [@IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x0, 0x7}}, @IFLA_VLAN_QOS_MAPPING={0xc, 0x1, {0x5c0}}, @IFLA_VLAN_QOS_MAPPING={0xc}]}]}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x6c}}, 0x0) 2.207918295s ago: executing program 1 (id=1300): ioprio_set$uid(0x3, 0x0, 0x0) r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0) r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/timer_list\x00', 0x0, 0x0) sendfile(r0, r1, 0x0, 0x20000023896) 2.111997738s ago: executing program 3 (id=1301): io_setup(0x222, &(0x7f0000000180)=0x0) r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000240), 0x4000000044402, 0x0) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0x200000e, 0x13, r1, 0x0) io_submit(r0, 0x2, &(0x7f0000000080)=[&(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0xffff, r1, &(0x7f0000000280)="1c", 0x1}, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x3, r1, 0x0, 0xfffffe8b}]) 2.11143611s ago: executing program 2 (id=1302): syz_mount_image$udf(&(0x7f0000000480), &(0x7f00000004c0)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="00b96fa236bfd596c74e808dd7b85a97c6ab3f6173849702311b635ac7a4e02bb352424c"], 0x1, 0x46f, &(0x7f0000000540)="$eJzs299PW2Ucx/HPc2i7M0a0MIZuWUwTE0cwAgUZbKgJDjHGDeZY8cYsYVCwrlBCwcCyKLf7A3alN14sMV4si//DovEP0LhkXuj0xpvezSs153BOz2npBlra0u39SqCnp9+e85znx3m+T9MKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABIb78z1p80jS4FAACop8npS/0DzP8AADxTLrP+BwAAeJYYWfpNRu/PFMwF9/k2+3xmeX0jNT5R+W2HjfvOFjfe+bOTA4OvD50eHvEfn/z+/XZcU9OXxxLncksrq+l8Pj2fSC1n5nLz6T0fodr3l+txKyCxdG19fmEhnxjoHSx5eSP+x6EjXfHR0zOppB+bGp+YmA7FRKL/++w7PC7Dj8nSmzLqs++YSUmWqq+LXfpOrR12L6LHvYjU+IR7IdnM7PKa86LxK8IqrZOYX0d1aIuqWJJTLhPbnzVbVJZekdEPnQUzJanFr4dX3Q+G91SeRog4S1dJ3WqCNjvADsnSFRnd64vrolevbvvHpBuNLhxqLiJLd2R06q2C+cC9Hzjjybltnp9JvLe8kAvFGuONqGafH+rpgN+bbFmadEd8wVxqdGFQd06ylJZRavRTN6+Qm5c+Pzp8oufDcIbxwi7HcWJ7vcG1lzk5GkodTINyCEi2sfRQRo9+tt3n3f4cIG3909iioR6Mpfsyyq0X3KVReF3aElrfFzX73F/b8h+2z+VWNlczix+vVXy91R67ml9bnZ2r/PL22rXkdrjbOrZKUWPpCxl99e7XxfN6a4BIeeztN4Ky2d75i8Vw+81z259n+HPI8YHO8HbFIv+H/Mj2zttS3SUjxHj3/4UrL3pr/1bt6INe3DEZfXTrpBdnxZwgv5PE3f/2Qiab7ndi/5ZRx/d+rPsxk3Nk19EgNunErsro5r3S2CNebGcQO+DE/iSjBz9Wjj0WxA46sRsyyj9I+LGtTuxLXmxXENs7l8vO16yCDzhn/H8no0/6EsZvy9LxH4y22zeC8b5VfqDHjPlqx388tG/L64e/e/01skt/vSmjzT9P+tfj9hX/ttLu/g/6a1ZG394qjfUXih1BbHLPFdsknPaPyKh96G6xbrw68J4GrRZu/xPlvaNG7d8e2hf3zhvbn0uHpPzm9Wuz2Wx6lQ022GCjuNHoOxPqwZn//5LRrz33i/mON/+3bT8L8r9HnwXz/9nyA9Vo/u8I7TvrZSPRiGSvLa1EuyQ7v3n9tczS7GJ6Mb08PDhyZmjwTHIkGvNzu2Cr6qp6KjntPyuj1NQ3xfVZaf5XOf9vLT9Qjdr/aGhfa0m+UvWlw2v/hIw2Ht4trqOflP/766zul7cfi+OzRu3fGdoX987btj+XDgAAAAAAAAAAAAAAAABNLWos/SKji1cjxv9t1F6+/7fjB1M1+v5XV2jffJ1+r1B1pQIAAAAAAAAAADSQJUtfyuiUCuZzZ0ebdCH8iKfavwEAAP//M8EfQQ==") setrlimit(0x1, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) r0 = open(&(0x7f00000000c0)='./bus\x00', 0x1431c2, 0x0) pwrite64(r0, &(0x7f0000005680)="a9a74b673822987ec60cdc60aa1ef138964740ed45d223166f6d8c37be985a21f62ea0daa9b7c1772c73f40c1ac011bae9ee7372e5d8905233f29bb3747941a2bff2720ac5bea9602bc298d7699624aebb022d44565d931ab6a0557a707e4534cc4f4ca38287c54cefd362bd4b2ffeaae9eaefb3f7a75131fcadd62d59b3aadb054a76373c17c451784d6757a3fc47b58c24f34f17db3fa054b4ea288f5a780bd75b1518555d8b3b4a3fe61644c40a4e0deb273b8833767a8ff985e356308ff18bbfd680418d1204cfce1924202febbef708a5762a61ae6b83a2c7c975f6669b9f007a5d1594fe15df9de15dc1833ba5306589dde8e62c1bf44a5be5", 0xfffffe16, 0x600000fff) 1.988398294s ago: executing program 4 (id=1303): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=") mkdir(0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000440)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rmdir(&(0x7f0000001100)='./file1\x00') 1.850712239s ago: executing program 3 (id=1304): r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'\x00', 0x52d35ce30131f272}) ioctl$TUNSETOFFLOAD(r0, 0x400454c9, 0x3) ioctl$SIOCSIFHWADDR(r0, 0x8924, &(0x7f00000001c0)={'bond0\x00', @local}) 1.497385738s ago: executing program 3 (id=1305): syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f00000004c0)={[{@resuid}, {@init_itable}, {@stripe}, {@noblock_validity}]}, 0x3, 0x453, &(0x7f0000001f80)="$eJzs3M9vFFUcAPDvzHaLCNiKqPxS8Vck/mgpoHLwoEYTD5iY6EGPTVsIslBDayKEKBiDJ2NMvBuP/gt60Ysxnoxe9W5IiOECeFozuzN0d7u7tNsti93PJxl4b+ZN3/v2zdt9M2+3AQytfdk/ScTWiPgzIsbq2eYC++r/Xb96fubG1fMzSVSrb/+T1Mpdu3p+pihanLclz+xPI9LPktjTpt6Fs+dOTlcqc2fy/OTiqQ8mF86ee+7Eqenjc8fnTh88cuTwoakXXzj4fF/izNp0bffH83t3vfHeV28e/aIp/pY41mznpsYf3daT1WrfqrsTbGtIJyMDbAirUoqIrLvKtfE/FqVY6ryxeP3TgTYOWFfVarW6pfPhC1VgA0uiOW/Iw7Ao3uiz+99ia50EvLx+04+Bu/JK/QYoi/t6vtWPjESalym33N/2076IePfCv99kW/T7OQQAQBs/ZvOfZ9vN/9J4oKHcPfna0HhE3BsR2yPivojYERH3R9TKPhgRO1dZf+siyfL5T3q5p8BWKJv/vZSvbTXP/4rZX4yX8ty2Wvzl5NiJytyB/HeyP8qbsvxUlzp+eu2PLzsda5z/ZVtWfzEXzNtxeWRT8zmz04vTa4m50ZWLEbtH2sWf3FwJSCJiV0Ts7rGOE09/t7fTsVvH30Uf1pmq30Y8Ve//C9ESfyHpvj45eVdU5g5MFlfFcr/+dumtTvWvKf4+yPr/7rbX/834x5PG9dqF1ddx6a/PO97T9Hr9jybv1NKj+b6PphcXz0xFjCZH641u3H9w6dwiX5T/4ff6/nbjf3ss/Sb2RER2ET8UEQ9HxCN52x+NiMci4vEu8f/y6hPv9x7/+sr6f3ZV/b+UGI3WPe0TpZM/f99U6fiy+G907//DtdT+fM9KXv9W0q7ermYAAAD4/0kjYmsk6cTNdJpOTNQ/L78jIq3MLyw+c2z+w9Oz9e8IjEc5LZ50jTU8D53Kb+vr+YsRUf9oQXH8UP7c+OvS5lp+Yma+Mjvo4GHIbekw/jN/lwbdOmDd+b4WDC/jH4aX8Q/Dy/iH4dVm/G8eRDuA26/d+/8nA2gHcPu1jH/LfjBE3P/D8Oo4/jfyX/4Barz/w1Ba2By3/pJ810Txk3o8fcMmonxHNGPtiWrStnMjHXTDJNYzMdjXJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgH75LwAA//8HW+BC") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0) pwritev2(r0, &(0x7f0000000080)=[{&(0x7f00000001c0)='&', 0x1}], 0x1, 0xe7b, 0x0, 0x0) ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f0000000480)={0x17c04, 0xffffffffffffffff, 0x0, 0x100000003, 0x9}) 1.495791937s ago: executing program 4 (id=1306): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuacct.usage_percpu_user\x00', 0x26e1, 0x0) close(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000380)) ioctl$SIOCSIFHWADDR(r0, 0x8b1b, &(0x7f0000000000)={'wlan1\x00', @random='\x00\x00\\ \x00'}) 1.474517192s ago: executing program 2 (id=1307): syz_mount_image$bcachefs(&(0x7f00000000c0), &(0x7f0000000180)='./file1\x00', 0x800000, &(0x7f0000000480)=ANY=[@ANYBLOB='acl,direct_io,norecovery,fsck,journal_flush_disabled,noreTovery,btree_node_mem_ptr_optimization,reconstruct_alloc,no_data_io,hash,\x00'], 0x1, 0x5903, &(0x7f0000010b40)="$eJzs3W2QXFXdIPBzu3synZm8TAJIBJkMgSiCmglvhS+l0fWtAKlYWErYKAxkgtEkpJJBIKAEF1wowEJLS1E/oIXUotGiClaJlMjLJqyiFKtLbSG1uot+8CnkISWQh7J8nKdm+p5Oz52+c3t6ekICv18lc/ucvv0/5957+vb9n+6ZDgAAALwm7Ll+275zjvrAr744/NI1H/7ZpmtDb3m8vhpX6EuXV7xSPeRA6q4sGV9mx8WbrvrBnwcuft8v7+75/su71x27/vfvP+zi+z9z5q7bvv3Qi/Pv/eczRXHjeDpxfzl5Lgmh+vO9X//S7seOHKtLQgjlpG9HCIuSxQ8tSjIhBv8eQliXFpZk7rznpVPWjy2vval7Qv3CzHrG+2tbNR1n2/ddflL4w3vXXPebpT/+UdfOZ3fsXyWpNoynEBZc2Pj4rhDC3PT/mDja4niMg3Z1CKGn4XFnFPTruBb7vyKnfHS6nJMuewvixPuXZcqlzHrZctSVWfYUtDdTef1od70i8zLl7MlopvL6GesXpcufpssTpxm/HP8noZSESr37G5P9YyQ0HLckJOPHslovl+rHNqTbnyknmXIpUy53ZbZrvN10oJWTZGJ9XC9TH0/HlbT+2MZzdRPn5tS/Pl1W0yfqy7EcsjdqeifdqG/XuNivvVP05UAoNZyDmtXXD3x6MHrTut5k8aTHjDYR79u95ubl5bUP7+nL6Udyd5LGT9qKv/3Xi+Z96oc3XpZ9Xa/Hv7CUxi+1Ff+PZz3+/Pk3fu9bufFvjfHLbcU/+YGe58565Ppluftnb9w/lbbiDz3z6C1LD79oZ27/b4/xq23FX7Xr8e75+x54MLf/g3H/zG0r/tPv/OCf7nryvmdz44cYv6et+Gt3bflyd/++E3LjPxj3T2974+eFnac/1d//l4G8+E/E+PPbin/njtveccfCm87MPb6r4/7payv+2cfff928ffcdk3fuTG7v1CsnwGvTYek11g1pud08c6Ya8oVvDlRq13zz0v/zO9lQ5uJzrJ0FnYwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACGEI076nx/6/x/ve66SlrvTG0+XastYPyeEZG4IYdvI0NaRDZsvGfjMpZdt3Ty0cWBoZGB488jWKwdOfcvA1uEtG4euHLt38K2n1B63OCS1ZXLMpLa7R0dHS30T62J7/+n4nX9Yfsa//DWEwSN+11/J7f+K2zbdcXiTnxnJqtH3bLrsnN+d9t10u/rSfvU16dfo6OhoyOnXv573jzu+uvfPJ4Qw+Lqp+vXo0+/+xYQOjVfsj5MqdYdah7qTnqb9qPc67U/cX5X1GzYOD069f8ceX87Zjv981bN/X3/FV/5R27/V3O1ocf/OXTW6sfSNNWf/+zeurlUU9euVOu5F+ztuRexf3H/VdH8vSLdrQc52VXK26/rfPPjkz4+68cUdYbDywtLJbRdtV1c6ALqS17fUbmyhJ1k0ob6arh+PeHzcipFNW1Zsu3L7WzdsGrpk+JLhzW9feerK0wdPO/20FeNbvqLD2x/bf2OL239gxtPCz+34afzZ2ngq6lfR/hjrV/H+aOxR3vOv59wvfe3ttz1yTq2iaJzHtevnk3TZM3acV4aG8TZ5XzXbrqL9EEIYaLYfnn/xzHDk/9lwXdF5qPHINP7MSFaNPrbsb9894ztL3lWrOCDn+cYOtXmer/d6f3/G91c1PR6jB+n+7Q7ldLt6m/Zr5WOPdN2856+fr/dvzpxwxdDIyNaVtZ/z0p7OS45u2q9sbdyupeM/yyHdLaE+TJuM1zFdoda/7Pkzrp7dq73pfb3J4qbblRXv273m5uXltQ/vydvTyd21FueG+bVl8oacNTdmHliud7hZ+wfr869ofPR/6Dv3fvzen5w6aXycXPtZtF1Jznb9+Mk7v/b9r/zXn3Ruuz707sf7/vZ/P728VnGonFfqvU77kzSeV04Ooej5tzQ0347c51+p+fYUPf+y7exfv3m8gUy5N5Tber6e/EDPc2c9cv2y3Ofr3lafr1dPKJULnq8Hy/jJPr+SysR+zN7za8JASVaN/vKGw3Y8dM3qo2oVReO6vnazcX1KC/lHznb94vyn+i8d+C//u3PnjR+85Z4Lfj+06gu1ivaPe+xLZ457Nd2/1Zz9W+91zDsb9+/bLr5047pa/cF7/ZsuC/KfeCrZduX2zw5t3Di8dVtr29Xq62lsJ7uX2309jWe3xQXbVZq0XbN3o5X91erzLfZ/Xdv7a+LzrTckbb0ubP/1onmf+uGNl/VNelTa0IWlNH6prfh/POvx58+/8Xvfyo1/a4xfaSv+0DOP3rL08It25sa/PUnjV9uKv2rX493z9z3wYG78wdj/uW3Ff/qdH/zTXU/e92xu/BDj97a3/1/YefpT/f1/yY3/RJK2M3aNFMI9L52yvlZOQlf6fIv96JrQr5AtJ5lyKVMuN5ZLtbnWegPlJJlYH9dL649t6Eszn8ipj1dh1SW15cuxHLI3pq4/2JQazv3N6ouuUwEAXu3i+//xGjS+/z+cXijlzzTAfjPNw5bkxI152P75nDkT7l+Sxo+Pj/OA/W8Lg2PLawdqF/rTfR8hPh+y85yxnROOmxij3XnOovn3ZZly7FdtvrzSkIemJuc1ldDC/Pvkdqaef89sfvH8+MANk7o10DBvlT1+XemMWbPPO2T6WxmLkDc+svNi8fMc/QvC6vH2Whwf2c/RxOOQ/RxNbOeozImz3c/RzHR8xG5PMT7Gu1z8/sbk4xem2L/7j1/zaNnjN43jXR1bf7bfn+3AvGHTU9qBmzec3ffDzEvmxE+fYAf7vGGsj9tRaXE+8eM59Z2aT4yni9ivvVP05UAwnwi8WsX8P75GjOX/Yxfg/5ZZr+g6NHvVGOPlfk6o3Lw/RXnH5M/p9bT1Or5215Yvd/fvOyH3OufBVj/3s2VCqafgcz9F+3F5ply4H3MmaIryvWw7Rfs9+7mM3jC/rf1+547b3nHHwpvOzN3vq2svpMX7/WsTSvML9vshkC80jy9feE3kC7M9f/aK5SPpB59mKx/5WE79dPORnkk36ts17pDLR7oObL8AgENHzP/r75+l+f//iyuk1xFFeeuJmXKMl5u35lyf5OWtH0mXV2TW701/o2K6181nH3//dfP23XdMbt5ye6t56H+bUOorzENnljfn5hGrO/N58dw8op5nzSxPzO1/PU+cWZ6eG7+ep88sj87dP/U8embzALnx6/MAh3qeWzBfl2ksFludr3vV5tHpr8/OVh59bk79dPPo3kk36ts1Th4NAPDKivl/vIyL+f8jmfVm+j57bl7Qoev27N8Dqcd/4kDllbOd98123jrbef1sz0sc6nnxbM8Lze482Ws+L04blRcDAHAwi/n/3LScn//PLD9plr91TchP5OdN48vPD5L8/FCf/5L/e1+8mPwfAODVLeb/8dce49//+x9pOft36+XpOfHl6fL0qcZPy3l65+fZgs8BvLLzAHP3r28eAACAV0LXeKY0+ffsP5kus79nn/d7+efnrN+qSnp5fNHI1uHhCy7bsm5oZPiCzZeuG952weVbN4yMDG+urTfTvDE3b0nzxq5QSfdH8/WyedvC9O8hLMz5ewjZ9WPYo8dvTP57CNlm5xb8HYH9x6+1/uYdv9IU6zcbH3nHOy/+J3LWj+rH/+JPn3zB+m0XbNi8YWTD0MYN24cnrjeWtfZM43sz426Z1velZn5MUpr+93d2ph+lSf3oSvdH3vezJ5l+LEp7sijv+w9y+v2r//XVzx0/+o+7Qhg8ovyGGe2/ZNXofz9v+CMje363Zaz/pSn7X18z7VfR95Vm14/bU9l46baRk9Zfetnm7DdKtifOZ5Tq5Vmaz0if/uUW5yfW5tRP93MK5Uk3Dk4tz08AADBBfP8/Xs/G9w+/kl5AxfrW8/SZvX+cm6cPtpanZ7+XrChPz64ft7fVPL06wzw9235Rnt5s/WZ5el7enRf/YznrT1fr42Rmn/PIHScXtjZOst9nUDROsutPd5wkMxwn2faLxkmz9ZuNk7zjnhf/oznr52l9PMzsczm54+HW1sbDmzPlovGQXX+646E0w/GQbb9oPDRbv9l4yDu+efHPyVm/VRPHx9jAGB8XwxdcfunWzzasN9vffzHz/s3u93+0q/X+z+7nvma//7P7ubLZ7//MPleW2/8nZjYT1nr/Z/f7Xdp1wOZr0w+bFX3+rGged01O/XTncedMunFwMo8Lr5yY/8e3e2L+f1O67PTbQIf+96T5HrOm8Tv0PWZF1zFez6do7CDg9RwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNd2VJePLPddv23fOUR/41ReHX7rmwz/bdO2brvrBnwcuft8v7+75/su71x27/vfvP+zi+z9z5q7bvv3Qi/Pv/eczhYH7xn9WTkyL1RCS55IQqj/f+/Uv7X7syLG6JIRQTvp2hLAoWfzQoiQTYfDvIYR19X5OvPOel05ZP7a89qbuCfULM0Gy2xV6y7E/jf0M4YrCLeIQVE3H2fZ9l58U/vDeNdf9ZumPf9S189kd+1dJqg3jKYQFFzY+viuEMDf9PyaOtiXxwelydQihp+FxZxT067gW+78ip3x0upyTLnsL4sT7l2XKpcx62XLUlVn2FLQ3U3n9aHe9IvMy5ezJaKby+hnrF6XLn6bLE6cZvxz/J6GUhEq9+xuT/WMkNBy3JCTjx7JaL5fqxzak258pJ5lyKVMud2W2a7zddKCVk2RifVwvUx9Px5W0/tjGc3UT5+bUvz5dVtMn6suxHLI3anon3ahv17jYr71T9OVAKDWcg5rV1w98ejB607reZPGkx4w2Ee/bvebm5eW1D+/py+lHcneSxk/air/914vmfeqHN162JC/+haU0fqmt+H886/Hnz7/xe9/KjX9rjF9uK/7JD/Q8d9Yj1y/L3T974/6ptBV/6JlHb1l6+EU7c/t/e4xfbSv+ql2Pd8/f98CDuf0fjPtnblvxn37nB/9015P3PZsbP8T4PW3FX7try5e7+/edkBv/wbh/etsbPy/sPP2p/v6/DOTFfyLGn99W/Dt33PaOOxbedGbu8V0d909fW/HPPv7+6+btu++YvHNncnunXjkBXpsOS6+xbkjL7eaZM9WQL3xzoFK75puX/p/fyYYyxtpZMIvxAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4dfrt1ad+8rz3fHRNJQkhyVlntIl4X3nOqlUDbbQ79Myjtyw9/KKdjXVL2ogDAAAAFIt5eKleUw1LwuXJ3HB00/XjHMHRsZRMrM/OIcQ42TmCduOUOhSn3KE4lQ7F6epQnDkditPdoTjVgjjV0FqcuVPEqYyNihb70zNlf1qP09uhOPM6FGd+h+Is6FCchR2K0zdlnNbH4aIOxVncoTiHdSjO4R2Kc0SH4ryuQ3GO7FCc7JzydMfh/HTNo/LijN8oF8apJOX6Hc3m049M2zlmhu30FrQzv+j1uMV25rbYznGZx5Wm2U61xXbeOMN2khbbefMM2ykVtBPH7RXZ/sV2YqnF8X9lh+Js71CcqzoU5+oOxfl8h+J8oUNxrplhHIBWxfx/f77XF7or7wo96RknOwsQ892l4z8nv97lnZBivDdk6ucUxcsm6pl4S6fbv+wEQibeskx914R4lXo+MkW8amO85Zk7C7c3O6GQ6d+JmfruonjZiQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmEW/vfrUT573no+uCUkY+9fUaBPxvvKcVasG2mh395qbl5fXPrynsa670kYgAAAAoFDMw7vqNdXQXVkZupM5E9arpvMA1bRc7qst+xeE1WPLZKA0Xu5JFk35uEr6uBUjm7as2Hbl9rdu2DR0yfAlw5vfvvLUlacPnnb6aSvWb9g4PFj7GUJ3QbwQwvj0w7Yrt392aOPG4a3bapXZ/i9JH7ckLSfp4/rfFgbHltem/V9c0F5pUnuzd6P46AEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/Brt2FyHnVfwA/z8zszHTb/LN/+jYNzWbIS4laNIlbSbV0HxAstEnIUpDZ6lqCTbC4aUKblFjHNmBbExShJRAiuTASi63Fm77YIvaFQKRGA24M0hbthV4orVbSkgtJGcnunNmZ2ZnMOpamjZ/PxTwz5/zO+T1nLha+zw4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDBmqqOTFRGx8YHkxCSLjW1DuJcNp+m5T76fvn57d8vDJ9e2TxWyPWxEQAAANBTzOEDjZFiKOSyIRuumv60NDRNhNncDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/O+Zqo5MVEbHxi9OQki61NQ6iHPZfJqW++j7xjtPfubV4eG/No+V+tgHAAAA6C3m8ExjpBhKYVkYSK5qqYvPBha1rW+vi/ssnmdd+7ODbnXL5ll3zTzrPtajbkP9uisAAADAR1/M/7nGyFAo5BZ0zf+9cn2sW9JWl61f+/mtAAAAAPDfifm/0BgphUKu1Mjr8837S9vq4vpe/7eP61d0Wd/r//nr61f/pwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAj46p6shEZXRsPJuEkHSpqXUQ57L5NC330XfNC4N/v+XIQ0ubxwq5PjYCAAAAeoo5fDZ6F0MhNxgGwsXTuX/4poNPf/HpZ0dCCDMxP58Puzbt2HH3mpnXWLf62JGB7x1961tz6lbPvJ63AwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO+bqerIRGV0bPyiJISkS02tgziXzadpuY++r3/uC39+/ORzbzaPlfrYBwAAAOgt5vDZ7F8MpZAP+XDF9KfmrH9Wpm19t2cGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwIXjnm/c9/VNk5Ob7/bGG2+8abw533+ZAACA99uSkITaf+jKjef7rgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgA+DqerIRGV0bLyYhJB0qal1EOey+TQt99E3ff54YcHpF15qHiv1sQ8AAADQW8zhs9m/GEphIAyEy6c/dXomMJ3/hz7AmwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+VKaqIxOV0bHxBUkISZeaWgdxLptP03IffR/bfeCzhxd+9+bmsUKuj40AAACAnmIOzzdGiqGQ+3gohKvrnydbFyTZ+rXzc4HZddtblg3Oe121ZV123uv2tJ0sVz/NzLpi3G9o5tpYV567rty0rhQa7cst68K+llULetxnAAAAgPMo5v9CY2QoFHKFppz7k5b6ITkXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOhiqjoyURkdG0+SEJIuNbUO4lw2n6blPvre95v/v+QrP927s3ms1Mc+AAAAQG8xh89m/2IohcXh/8Li6dwfhlrrY90/KmcOP/rPv6wMYdUVJ4Zz7dv+ML751es3vtj+EkKmtToTwsJ6v6RLv1//7tF7l9fOPB7CqsuzV8/pF87dr3XLtPZMZfP6HUdPbO/x5QAAAMAFIub/gcbIUCjk7uqa/2Py7pH/G6YD+MJ7d//8svprPZG3rcgM1ftluvT7/PIn/7Ri7d/eOpv/z9XvUwe2Hr6speHMSJskrY1u3bnhxHWHMvHUM/2zbf3j9/Klb775ry27Hjkz078YivXxRblO/ee+trkorU1m9o+ve29/tbV/rsv5H/rtSyd/uWjvu2f7v7NksNH/mnOc/9z9B299eN/1B45saO0fQih36v/2uzeHK/9w54Pt5x9s27j5m29+bZOktWNLTx1ae7B0Q2v/pK1//P5/dvKxfT9+5DvPxv7xtyIrl823f6at/yt7Lt398gMbF7X2z3Q5/4u3vTq8rfzt37ef/46WXXNd72Lu+Z+49qnbX9uU3t8+BQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcGGZqo5MVEbHxjNJCEmXmloHcS6bT9NyH33fuOX427ft/dEPmsdKfewDAAAA9BZz+Gz2L4ZSyId8GJzO/c9UNq/fcfTE9jA0M5vUr7nJbffs+MSWbTvvuuM83TkAAAAwXzH/5xojQ6GQWx4G6vl/dOvODSeuO5SJ+T8T8/+WOyc3rwqNulf2XLr75Qc2Lmo8Jwhh+mcBxbN1n56tu+nG40On/vi1FR3r1szWHVt66tDag6UbYl1orlsdGs8nnrj2qdtf25Te37i/5rpPfnXbZP3xRNx38NaH911/4MiGxjnq18H6vrFuMrN/fN17+6uxLlu/FuvnBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADmmqqOTFRGx8ZDNoSkS02tgziXzadpuY++65b/4sFLTj+3uHmskOtjIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAf7MDBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWF/foJjaPs4wD+PLvJm202aZP2BaNimlZFqQeLgoheVFSkFSl4qhSptvYgCoKIUg+m0oqlKl4Eq5ciKqhRCgo2FkurpOK/4sWDCgrVg1CKAe1SPKhk95ntZrrj6qQK6ucDw5PnmZnv/GaeZ2ezAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/KMM9I0128M77m/ccs4NHz1614lHbnrn3m0XPfzqdxObrvtw7+BLJ2c2r9jy5fXLNu2/e8307ucP/TT81i9HewY/1GpWpW4thHg8hlB7d/aZx2Y+PmtuLIYQqnFkMoTRuPTQaMwlrP45hLC5Xef8nW+euHzLXLtt18C88SW5kPx9hXo1q6dlZH69/LvU0jrb2njwkvD1teu3f7r8jdf7p45Nnjok1jrWUwiLN3ae3x9CWJS2OdlqG8tOTu26EMJgx3lX9qjr/D9Y/6UF/XNT+7/U1nvkZPtX5vqV3HH5fqY/1w72uN5CFdVR9rhehnL9/MtooYrqzMZHU/t2alf9yfxqtsVQiaGvXf498dQaCR3zFkNszmWt3a+05zak+8/1Y65fyfWr/bn7al43LbRqjPPHs+Ny49nruC+Nr+h8V3dxa8H42amtpQ/qyawf8n+01E/7o31fTVlds79Ty9+h0vEO6jbenvg0GfU0Vo9LTzvn1y6yfTPrn7iwuuG9wyMFdcS9MeXHUvlbPxkduv21nQ+MFeVvrKT8Sqn8b9Ye+eG2nS88V5j/dJZfLZV/2YHB42vf37Gy8PnMZs+nr1T+HUc/eHL5/++c6jbXzfw9WX6tVP4100cGhhsHDhbWvzp7PotK5X919Y3fvvL5vmOF+SHLHyyVv2H6vqcGxhsXF+YfbH0U6s0VWmL9/Dh1xRfj499PFOV/lj3/4S75sWf+y5O7r3pxya41hetzXfZ8RkrVf/MF+7cPNfadV/TujHvO1DcnwH/TsvQ/1uOpX/Z35kJ1/F54dqKv9Q00lLbhM3mhnLnrLP4L8wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5jBw5IAAAAAAT9f92OQAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgqAAD//2BzKEU=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1ff) ioctl$PAGEMAP_SCAN(r0, 0x40305829, &(0x7f00000002c0)={0x60, 0x2, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffe000/0x1000)=nil, 0xffffffffffffffff, 0x0, 0x0, 0xfc, 0x32, 0x10, 0x47, 0x6a}) read$FUSE(r0, 0x0, 0x0) 1.300175327s ago: executing program 0 (id=1308): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x11, 0x80a, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bond={{0x9}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BOND_MIIMON={0x8}]}}}]}, 0x3c}}, 0x0) 1.299671096s ago: executing program 6 (id=1309): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xc, &(0x7f00000003c0)=ANY=[@ANYBLOB="1800"], 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x140, 0x0) r1 = syz_io_uring_setup(0x2421, &(0x7f0000000380)={0x0, 0x0, 0x13090}, &(0x7f0000000100), &(0x7f0000000080)) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000480)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}}) 1.145824369s ago: executing program 1 (id=1310): mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff) r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0) r1 = openat$cgroup_devices(r0, &(0x7f0000000080)='devices.allow\x00', 0x2, 0x0) write$cgroup_devices(r1, &(0x7f0000000640)=ANY=[@ANYBLOB='b'], 0xa) 1.145602287s ago: executing program 6 (id=1311): r0 = socket$kcm(0x11, 0xa, 0x300) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x6, 0x3, &(0x7f0000000100)=ANY=[@ANYBLOB="1800000002000000000000000000001e95"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r1, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) recvmsg$kcm(r0, &(0x7f0000000880)={0x0, 0x0, 0x0}, 0x0) 1.144292713s ago: executing program 3 (id=1312): r0 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), r0) sendmsg$nl_generic(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)={0x20, 0x10, 0x701, 0x0, 0x0, {0xa}, [@typed={0xc, 0x2, 0x0, 0x0, @str='nl80211\x00'}]}, 0x20}}, 0x0) recvmmsg(r0, &(0x7f0000002fc0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000001540)=[{&(0x7f0000000140)=""/130, 0x82}, {&(0x7f0000000200)=""/83, 0x53}, {&(0x7f0000000380)=""/4096, 0x1000}, {&(0x7f0000000040)=""/9, 0x9}, {&(0x7f0000000280)=""/70, 0x46}, {&(0x7f0000001380)=""/74, 0x4a}, {&(0x7f0000001400)=""/143, 0x8f}, {&(0x7f00000014c0)=""/94, 0x5e}], 0x8}, 0x6e04}, {{0x0, 0x0, 0x0}, 0x1}], 0x3, 0x0, 0x0) 1.069216535s ago: executing program 0 (id=1313): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x804810, &(0x7f00000002c0), 0x4, 0x76b, &(0x7f0000001400)="$eJzs3M1rXOUaAPDnnGaSfuTeyYUL9+pChBZaKJ0kzaZdNW7cFQoFtzUkJyHkJBMyk9qJhbauhdpsFARR1y7dCqX+Ae6koOBeEK1xIW5GzmSS0piZpEnaadPfD07P856v531mDm/nQN4TwCvrzeKfJGIwIq5ERLm9PY2I/lZ0NOL2+nFrj25OFksSzebVX5PitFhrljevlbTXJ6J1Svw/Ih6UIs5+8M+8tcbK3ESeZ0vt9nB9fnG41lg5Nzs/MZPNZAujYxdHLoyNXRgZ27GG/+2y1lPvXDx277u3V1e//7p+942+c0mMt+qOdm27vMxTWf9MSjG+ZfvCs0jWQ0mXfUefYz8AAOiu+J1/JCL6Wr9Sy3GkFQEAAACHSXOguaN041gAAADgJZV4rgcAAIBDbuPvADbm9j6rebCd/PJWRAxtl7+vNYc44miUIuL4WvLEzIRk/TTYl9t3IuL++Nb778viDru9z2uPbGk/OUe6f59X5yDcL8af8e3Gn3Rz/Iltxp++jXcn7FPn8e9x/iMdxr8ru8zxzWevlTrmvxPxet92+ZPN/EmH/O+2op0/hburH97rtK/5RcTpbf//SZ7I1eX9EOPTs3m31w/Eg7/OPOxW//FO+ZPu9S/uWPm699d+n+s0lhT5z5zs8P3f6py/uCc+avcjjYh77XXRXt2S4+T8D992q38qormX7//zXdb/01cDN3Z5KAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALSkETEYSVrZjNO0Uok4ERH/jeNpXq3Vz05Xlxemin0RQ1FKp2fzbCQiyuvtpGiPtuLH7fNb2mMR8Z8fj60nnc2zymQ1n+p18QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGw6ERGDkaSViEgj4o9ymlYqEX27OHfgOfQPAAAAOCBDve4AAAAA8Mx5/gcAAIDDb6/P/8kB9wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA41K5cvlwszbVHNyeL9tT1xvJc9fq5qaw2V5lfnqxMVpcWKzPV6kyeVSar8ztdL69WF0cvxvKN4XpWqw/XGivX5qvLC/Vrs/MTM9m1rPRcqgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBpDbaWJK1ERNqK07RSifhXRAxFKZmezbORiPh3RDwslwaK9mivOw0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCBqzVW5ibyPFsSCF6KoL99574o/dlbcCsiXoBudAl6PDABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANATtcbK3ESeZ0u1XvcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA3kp/TiKiWE6XTw1u3duf/FlurSPivU+vfnxjol5fGi22/7a5vf5Je/v5XvQfAAAAXgmXnubgjef0jed4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA3ao1VuYm8jxb2l9wKRorzaTDMb2uEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2Ju/AwAA///+/bx6") r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x123042, 0x0) unlink(&(0x7f0000000100)='./file1\x00') write$binfmt_script(r0, &(0x7f0000000080), 0xffffff3e) 1.068573162s ago: executing program 1 (id=1314): rt_sigprocmask(0x0, &(0x7f0000000300)={[0xfffffffffffffff9]}, 0x0, 0x8) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='mm_vmscan_write_folio\x00', r0, 0x0, 0x100000001}, 0x18) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x15) 970.894462ms ago: executing program 1 (id=1315): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x0, 0x0) mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f}) mount$fuse(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x10000a1, 0x0) 874.88445ms ago: executing program 4 (id=1316): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000001fc0)=@newtaction={0x208, 0x30, 0x2, 0x70b52d, 0x25dfdbff, {}, [{0x1f4, 0x1, [@m_skbmod={0x184, 0x1f, 0x0, 0x0, {{0xb}, {0x78, 0x2, 0x0, 0x1, [@TCA_SKBMOD_SMAC={0xa, 0x4, @local}, @TCA_SKBMOD_SMAC={0xa}, @TCA_SKBMOD_DMAC={0xa, 0x3, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}, @TCA_SKBMOD_SMAC={0xa, 0x4, @random="c2b3ae27cf6d"}, @TCA_SKBMOD_DMAC={0xa, 0x3, @multicast}, @TCA_SKBMOD_PARMS={0x24, 0x2, {{0xff, 0x9, 0x20000000, 0x80000001, 0x8}, 0x9}}, @TCA_SKBMOD_ETYPE={0x6, 0x5, 0x5}, @TCA_SKBMOD_DMAC={0xa, 0x3, @multicast}]}, {0xe1, 0x6, "f35b170018835b10e25baf9bf64eab2c30518026962cf5e57280dcc6e0b661f629afad601525508fce3d07af5dbb2381b08ccd78556c2f647620130671db1d7c309ebf6ed9bc2f6b34c06c478c617dcc6317198463a26239ee81dff9479ece66ca5a638081721d7abf577a62661f2fd72b9861bd4c0ec269d5a8d476a77a8d3e900d3ab9594606b9a1193813c8fa3b6eae4487242a39bb08c3fb5efe0513a176efe7d453756955a40048b74b617760e6e0ab30fae7f4eb7e131dbd8abb4dc20c8a58b1ebd68afbb719dbdcc144b12d5e71f885dad6ce7ecace9aaf8a1a"}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}, @m_skbedit={0x6c, 0x11, 0x0, 0x0, {{0xc}, {0x4}, {0x3d, 0x6, "2d3226d2e3c57ead557080202f648bcdfedc8d7821b2facbf465d9f7be2aa1e8f71e4d6e3358561c91cc59b3e412fff5eebfc75d3f6b2f7b38"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x208}}, 0x0) r0 = socket(0x10, 0x803, 0x0) sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0) recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x334}, {&(0x7f00000007c0)=""/154, 0x2c}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400}) 788.094585ms ago: executing program 6 (id=1317): mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3, &(0x7f0000000000)=0xd, 0x8, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0) get_mempolicy(0x0, 0x0, 0x0, &(0x7f000010e000/0x3000)=nil, 0x2) 662.203834ms ago: executing program 3 (id=1318): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f00000000c0)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) lsm_get_self_attr(0x64, 0x0, 0x0, 0x3800) 574.995732ms ago: executing program 6 (id=1319): syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x800714, &(0x7f0000000500), 0xff, 0x485, &(0x7f0000001040)="$eJzs3M9rHFUcAPDvTJL+bhNrrba2Gq1i8UfSpFV78KCi4EFB0EM9xiSttdtGmgi2BI0i9SgF7+JR8C/w5kXUgwheFTxKoWgQmnqKzK9mu9mkSZpkbfbzgc2+t/Nm3/vOzNt9My+zAbSt3uxPErEjIn6LiO4ie3OB3uJpZnpy+Pr05HASs7Nv/JXk5a5NTw5XRav1tpeZw2lE+mkSzyfz6x2/cPHMUK02er7M90+cfa9//MLFp06fHTo1emr03ODx48eODjz7zODTqxJnFte1/R+OHdj3yluXXxs+cfntH7/JmrX3YLG8Po5but4koCZ6s63292yucdmjy2j7nWBnXTrpbGFDWJaOiMh2V1fe/7ujI+Z2Xne8/ElLGwesqey7afPCi6dmgQ0siVa3AGiN6os+O/+tHus09PhfuPpCxKYyPTM9OTxzI/7OSMvXu9aw/t6IODH175fZI5Z7HQIAYAXysc2TzcZ/aezNn4u5jl3lHEpPRNwVEbsj4u6I2BMR90TkZe+NiPuKlWe7l1h/b0N+/vgnvdK0zaskG/89Vzf2m6mLv3zq6ShzO/P4u5KTp2ujR8ptcji6Nmf5gUXq+O6lXz9faFn9+C97ZPVXY8GyAVc6Gy7QjQxNDK3WRrj6ccT+zmbxJzdmArIjYF9E7F/eW++qEqcf//rAQoVuHf8iVmGeafariMeK/T8VDfFXksXnJ/u3RG30SH91VMz30y+XXl+o/tuKfxVk+3/bzcd/Q4nuf5JivrYrarXR8+PLr+PS758teE6z0uN/U/JmPmf98zvFax8MTUycH4jYlLya56tzuvz1wbl1q3xVPov/8KHm/X93uU4W//0RkR3EByPigYh4sGz7QxHxcEQcWiT+H1585N1F4k8iiZbu/5Gmn383jv+epH6+fgWJjjPff7vQjPnS9v+xmMo/awv5598tLLWBt7n5AAAA4I6QRsSOSNK+It27I9K0r6/4H/49sS2tjY1PPHFy7P1zI8U9Aj3RlVZXurrrrocOJFPlOxb5wfJacbX8aHnd+IuOrXm+b3isNtLi2KHdbb+5/0fV/zN/drS6dcCac78WtK/G/p+2qB3A+lvK979zAdiYmvT/ra1oB7D+nP9D+2rW/z9qyBv/w8Y0v///0eQn64CNyPgf2pf+D+1L/4e2dDv39a88Ud0ssPL32bLkO/zbJVH94sVa1rU15l6JtOUht1Ei6zHrW+ncb6gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADcyf4LAAD///ss5ts=") mkdir(0x0, 0x0) syz_mount_image$fuse(0x0, &(0x7f0000000440)='./file1\x00', 0x0, 0x0, 0x0, 0x0, 0x0) rmdir(&(0x7f0000001100)='./file1\x00') 506.842242ms ago: executing program 1 (id=1320): syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x40, &(0x7f0000000340), 0x1, 0x58d, &(0x7f00000005c0)="$eJzs3UtoHGUcAPD/zGZNn6aCgkoPRYUKpZukD62e0qtYKPQgeKlhsw0hm2zIbrQJOaT3Ivbgi17qTQ8eFQ8exItHr14Uz4JoUGh6kJV9pWmyG7c1r2Z/P5js981M5v99M/v/dmeYYQPoWSdqf9KI5yLichIxsGZZXzQXnmist7K8mL+3vJhPolq98kcSSUTcXV7Mt9ZPmq+HI2IpIp6NiO+zEafSjXHL8wuTo8ViYbZZH6xMzQyW5xdOT0yNjhfGC9NnX33t/IVz54fPDG9ZX2/+cuv9mz++cefWF18eX8p/OJrESBxpLlvbj63U2CfZGFk3/9x2BNtFSYf5H53f4YbwUDLNPM9GxDMxEJlm1gP7X7U/orqp1si++VrA4yiJteXGN7ndbA+wU1rfA2rnv61pJ79//H6xcQJytz8ilhfzK6vx+xrXJuJA/dzk0F/JA2cmtVHq2E42lH1p6UZEDPX1bXz/J83336Mb2ooGsq2+u9g4UBuPf7o6/sS68edoRP264f99f8Sa8W+lOfattImf6TD+Xe4yxj9v//ppx/g3Ip5vGz9ZjZ+0iZ9GxDtdxr/91jcXOi2rfhZxMtrHb0k2vz48eG2iWBhq/G0b49uTx1/vdIWy1v9DHeI3rtkeqH/MtNv/M132/+sfvnphqcOyWvyXX9z8+Lfb/wcj4oMu4z919/M3Oy2rxR/r0P/N4tfm3eky/isjJ37uclUAAAAAAAAAAOAhpPV72ZI0t1pO01yu8Qzv03EoLZbKlVPXSnPTY4173o5FNm3daTXQqCe1+nDzftxW/cy6+tlMM2DmYL2ey5eKY7vcdwAAAAAAAAAAAAAAAAAAANgrDq97/v/vTOP5f6BH+Mlv6F3yH3rXg/nf/ocSgf3J5z/0rKr8h94l/6F3yX/oXfIfepf8h94l/6F3yX8AAAAAAAAAAAAAAAAAAAAAAAAAANgWly9dqk3Ve8uL+Vp9rG9+brL07umxQnkyNzWXz+VLszO58VJpvFjI5UtT/7W9Yqk0MxTTc9cHK4VyZbA8v3B1qjQ3Xbk6MTU6XrhayO5IrwAAAAAAAAAAAAAAAAAAAODxcqQ+JWkuItJ6OU1zuYijEXEsssm1iWJhKCKejIifMtn+Wn14txsNAAAAAAAAAAAAAAAAAAAA+0x5fmFytFgszCpsLETE0tZuubbFh/6vbPNYbWUHR5rb3BP7eW8Vqv17ohm7XdjFQQkAAAAAAAAAAAAAAAAAAHrU/Yd+u1g53YEGAQAAAAAAAAAAAAAAAAAAQE9Kf0siojadHHjpyPqlTyQrmfprRLx3+8rH10crldnh2vw/V+dXPmnOP9M+wsH+be8E0IVWnrbyGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALivPL8wOVosFma3sbDbfQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FP8GAAD//wbmv/Y=") r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x0) lchown(&(0x7f0000000ac0)='./file1\x00', 0xee01, 0x0) ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611) 504.490538ms ago: executing program 4 (id=1321): sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004804}, 0x20040000) r0 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0) syz_usb_connect$hid(0xf63067478e218e8, 0x36, &(0x7f0000000cc0)=ANY=[], 0x0) writev(r0, &(0x7f0000000240)=[{&(0x7f0000000800)='9', 0x1}], 0x1f) 203.485798ms ago: executing program 0 (id=1322): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xd}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq={{0x7}, {0xc, 0x2, [@TCA_FQ_QUANTUM={0x8}]}}]}, 0x38}}, 0x0) 0s ago: executing program 3 (id=1323): timerfd_settime(0xffffffffffffffff, 0x0, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0) r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1) bind$bt_hci(r0, &(0x7f0000000000)={0x27}, 0x74) sendmmsg$unix(r0, &(0x7f0000000b00)=[{{&(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}, {{&(0x7f0000000e80)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000740)=[{&(0x7f0000001dc0)="bb", 0x1}], 0x1}}], 0x2, 0x0) kernel console output (not intermixed with test programs): 0.0: Error: mce write submit urb error = -90 [ 139.870461][ T5929] mceusb 3-1:0.0: Registered with mce emulator interface version 1 [ 139.875981][ T7349] loop4: detected capacity change from 0 to 512 [ 139.881349][ T46] asix 1-1:0.251 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71 [ 139.900280][ T46] asix 1-1:0.251 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9 [ 139.918668][ T5929] mceusb 3-1:0.0: 2 tx ports (0x1 cabled) and 2 rx sensors (0x0 active) [ 139.931776][ T7349] EXT4-fs (loop4): filesystem is read-only [ 139.946592][ T46] asix 1-1:0.251: probe with driver asix failed with error -71 [ 139.957820][ T5929] usb 3-1: USB disconnect, device number 3 [ 139.968643][ T7349] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors [ 139.982256][ T46] usb 1-1: USB disconnect, device number 4 [ 140.019019][ T7349] EXT4-fs (loop4): filesystem is read-only [ 140.041319][ T7349] EXT4-fs (loop4): orphan cleanup on readonly fs [ 140.067244][ T7349] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.467: bg 0: block 64: padding at end of block bitmap is not set [ 140.138594][ T7349] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6550: Corrupt filesystem [ 140.172945][ T7349] EXT4-fs (loop4): 1 orphan inode deleted [ 140.193892][ T7349] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none. [ 140.320158][ T5838] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 140.367179][ T7350] loop3: detected capacity change from 0 to 32768 [ 140.421170][ T7350] jfs_rename did not expect dtDelete to return rc = -2 [ 140.428317][ T7350] ERROR: (device loop3): jfs_rename: [ 140.428317][ T7350] [ 140.472864][ T7350] jfs_mkdir: dtSearch returned -17 [ 140.703398][ T5906] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 140.861436][ T5906] usb 5-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47 [ 140.880598][ T5906] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 140.902520][ T5906] usb 5-1: config 0 descriptor?? [ 140.921265][ T5906] gspca_main: STV06xx-2.14.0 probing 046d:0870 [ 141.111774][ T7373] sch_tbf: peakrate 64 is lower than or equals to rate 4294967295 ! [ 141.178228][ T7355] loop6: detected capacity change from 0 to 40427 [ 141.202961][ T7355] F2FS-fs (loop6): Invalid Fs Meta Ino: node(0) meta(0) root(83886083) [ 141.216702][ T7355] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock [ 141.237454][ T7355] F2FS-fs (loop6): build fault injection attr: rate: 690, type: 0x1fffff [ 141.262704][ T7355] F2FS-fs (loop6): heap/no_heap options were deprecated [ 141.271271][ T7355] F2FS-fs (loop6): Image doesn't support compression [ 141.285330][ T7355] F2FS-fs (loop6): invalid crc value [ 141.375719][ T7355] F2FS-fs (loop6): Found nat_bits in checkpoint [ 141.539605][ T5906] gspca_stv06xx: vv6410 sensor detected [ 141.571661][ T7387] loop3: detected capacity change from 0 to 128 [ 141.606151][ T7387] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 141.639887][ T7355] F2FS-fs (loop6): Try to recover 2th superblock, ret: 0 [ 141.647095][ T7355] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 141.649034][ T7387] ext4 filesystem being mounted at /99/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 141.713633][ T7367] loop0: detected capacity change from 0 to 32768 [ 141.729226][ T7355] F2FS-fs (loop6): inject alloc nid in f2fs_alloc_nid of f2fs_get_dnode_of_data+0x6a5/0x1d60 [ 141.805426][ T5906] STV06xx 5-1:0.0: probe with driver STV06xx failed with error -71 [ 141.819128][ T6176] syz-executor: attempt to access beyond end of device [ 141.819128][ T6176] loop6: rw=2049, sector=45096, nr_sectors = 16 limit=40427 [ 141.825656][ T5906] usb 5-1: USB disconnect, device number 3 [ 141.840172][ T6176] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 141.850941][ T6176] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 141.921546][ T5845] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 141.983692][ T7367] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode. [ 142.067106][ T7395] loop3: detected capacity change from 0 to 1024 [ 142.219700][ T7395] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 142.320838][ T5845] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 142.545412][ T5846] ocfs2: Unmounting device (7,0) on (node local) [ 142.776961][ T7398] loop2: detected capacity change from 0 to 32768 [ 142.821927][ T7398] JBD2: Ignoring recovery information on journal [ 142.982521][ T7414] loop1: detected capacity change from 0 to 764 [ 142.982619][ T7398] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 143.017789][ T7414] rock: directory entry would overflow storage [ 143.037212][ T7414] rock: sig=0x4654, size=5, remaining=4 [ 143.133344][ T7414] rock: directory entry would overflow storage [ 143.172429][ T7414] rock: sig=0x4f50, size=4, remaining=3 [ 143.197780][ T7420] rock: directory entry would overflow storage [ 143.226189][ T7414] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 143.232781][ T7420] rock: sig=0x4f50, size=4, remaining=3 [ 143.256475][ T7419] OCFS2: ERROR (device loop2): int ocfs2_validate_inode_block(struct super_block *, struct buffer_head *): Invalid dinode #65: signature = [ 143.256537][ T7407] infiniband syz1: set active [ 143.278577][ T7420] iso9660: Corrupted directory entry in block 4 of inode 1792 [ 143.282333][ T7419] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted. [ 143.320354][ T7407] infiniband syz1: added team_slave_0 [ 143.321981][ T7419] OCFS2: File system is now read-only. [ 143.359531][ T7419] (syz.2.488,7419,0):ocfs2_find_entry_id:407 ERROR: status = -30 [ 143.512528][ T5840] ocfs2: Unmounting device (7,2) on (node local) [ 143.543291][ T7410] loop4: detected capacity change from 0 to 32768 [ 143.630308][ T7410] (syz.4.493,7410,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 143.645712][ T7410] (syz.4.493,7410,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 143.660754][ T7407] RDS/IB: syz1: added [ 143.665773][ T7407] smc: adding ib device syz1 with port count 1 [ 143.739229][ T7407] smc: ib device syz1 port 1 has pnetid [ 143.792078][ T7410] JBD2: Ignoring recovery information on journal [ 143.877706][ T7441] loop6: detected capacity change from 0 to 1024 [ 144.005828][ T7441] hfsplus: xattr searching failed [ 144.132025][ T3483] hfsplus: b-tree write err: -5, ino 4 [ 144.134271][ T7451] loop2: detected capacity change from 0 to 64 [ 144.138416][ T7410] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 144.728995][ T7461] loop2: detected capacity change from 0 to 1024 [ 144.742191][ T5838] ocfs2: Unmounting device (7,4) on (node local) [ 144.998735][ T5906] usb 1-1: new high-speed USB device number 5 using dummy_hcd [ 145.012793][ T7456] loop6: detected capacity change from 0 to 32768 [ 145.061988][ T79] hfsplus: b-tree write err: -5, ino 3 [ 145.095235][ T7456] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode. [ 145.113701][ T79] (kworker/u8:4,79,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=16, inode=66, rec_len=491, name_len=2 [ 145.178770][ T5906] usb 1-1: Using ep0 maxpacket: 8 [ 145.179527][ T7468] loop1: detected capacity change from 0 to 512 [ 145.214498][ T7468] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode [ 145.224770][ T5906] usb 1-1: config 0 has an invalid interface number: 55 but max is 0 [ 145.233488][ T5906] usb 1-1: config 0 has no interface number 0 [ 145.239745][ T5906] usb 1-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping [ 145.251257][ T5906] usb 1-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B [ 145.264741][ T5906] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 145.276564][ T5906] usb 1-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2 [ 145.290163][ T5906] usb 1-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a [ 145.299649][ T5906] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 145.305374][ T7470] program syz.2.516 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 145.391069][ T6176] ocfs2: Unmounting device (7,6) on (node local) [ 145.679630][ T7468] EXT4-fs (loop1): 1 truncate cleaned up [ 145.686781][ T7468] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 145.722802][ T7479] loop3: detected capacity change from 0 to 4096 [ 145.742223][ T5906] usb 1-1: config 0 descriptor?? [ 145.747673][ T7479] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512). [ 145.844087][ T5906] ldusb 1-1:0.55: LD USB Device #0 now attached to major 180 minor 0 [ 145.921647][ T7484] netlink: 40 bytes leftover after parsing attributes in process `syz.2.521'. [ 146.006232][ T5839] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 146.136309][ T5929] usb 1-1: USB disconnect, device number 5 [ 146.145586][ T5929] ldusb 1-1:0.55: LD USB Device #0 now disconnected [ 146.260698][ T7476] loop4: detected capacity change from 0 to 32768 [ 146.275866][ T7476] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.517 (7476) [ 146.293841][ T7476] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 146.324657][ T7476] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 146.348916][ T7476] BTRFS info (device loop4): using free-space-tree [ 146.435808][ T7500] loop3: detected capacity change from 0 to 1764 [ 146.485124][ T7500] iso9660: Corrupted directory entry in block 2 of inode 1920 [ 146.507374][ T7476] BTRFS info (device loop4): rebuilding free space tree [ 146.519849][ T7513] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 146.773036][ T29] audit: type=1800 audit(1731104357.560:140): pid=7476 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.517" name="bus" dev="loop4" ino=263 res=0 errno=0 [ 147.051119][ T7527] loop1: detected capacity change from 0 to 64 [ 147.059351][ T5838] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 147.187810][ T7527] hfs: request for non-existent node 237 in B*Tree [ 147.218538][ T7527] hfs: request for non-existent node 237 in B*Tree [ 147.227292][ T7527] hfs: request for non-existent node 237 in B*Tree [ 147.244450][ T7532] loop0: detected capacity change from 0 to 2048 [ 147.298876][ T7527] hfs: request for non-existent node 237 in B*Tree [ 147.312376][ T7535] hfs: request for non-existent node 237 in B*Tree [ 147.345403][ T7536] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 147.360609][ T7485] loop6: detected capacity change from 0 to 40427 [ 147.367456][ T7535] hfs: request for non-existent node 237 in B*Tree [ 147.416523][ T7535] hfs: request for non-existent node 237 in B*Tree [ 147.425401][ T7485] F2FS-fs (loop6): Image doesn't support compression [ 147.445744][ T7535] hfs: request for non-existent node 237 in B*Tree [ 147.454525][ T29] audit: type=1800 audit(1731104358.240:141): pid=7532 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.535" name="file2" dev="loop0" ino=16 res=0 errno=0 [ 147.493669][ T7485] F2FS-fs (loop6): invalid crc value [ 147.543113][ T7532] NILFS (loop0): vblocknr = 15 has abnormal lifetime: start cno (= 4128770) > current cno (= 3) [ 147.749137][ T7532] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=16) [ 147.820073][ T7540] loop4: detected capacity change from 0 to 32768 [ 147.828382][ T29] audit: type=1800 audit(1731104358.270:142): pid=7532 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.535" name="file2" dev="loop0" ino=16 res=0 errno=0 [ 147.848814][ C0] vkms_vblank_simulate: vblank timer overrun [ 147.901393][ T7540] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.533 (7540) [ 147.927145][ T7532] Remounting filesystem read-only [ 148.000557][ T7540] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 148.011725][ T7540] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 148.031969][ T7540] BTRFS info (device loop4): using free-space-tree [ 148.048654][ T7485] F2FS-fs (loop6): Found nat_bits in checkpoint [ 148.243199][ T5846] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer [ 148.373774][ T7552] loop2: detected capacity change from 0 to 164 [ 148.409540][ T7485] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 148.447920][ T7485] syz.6.518: attempt to access beyond end of device [ 148.447920][ T7485] loop6: rw=2049, sector=77824, nr_sectors = 8 limit=40427 [ 148.469936][ T7485] syz.6.518: attempt to access beyond end of device [ 148.469936][ T7485] loop6: rw=2049, sector=77848, nr_sectors = 8 limit=40427 [ 148.484691][ T7485] syz.6.518: attempt to access beyond end of device [ 148.484691][ T7485] loop6: rw=2049, sector=77888, nr_sectors = 16 limit=40427 [ 148.502401][ T7485] syz.6.518: attempt to access beyond end of device [ 148.502401][ T7485] loop6: rw=2049, sector=77936, nr_sectors = 32 limit=40427 [ 148.517015][ T7485] syz.6.518: attempt to access beyond end of device [ 148.517015][ T7485] loop6: rw=2049, sector=77976, nr_sectors = 8 limit=40427 [ 148.534055][ T7485] syz.6.518: attempt to access beyond end of device [ 148.534055][ T7485] loop6: rw=2049, sector=78016, nr_sectors = 16 limit=40427 [ 148.549729][ T7485] syz.6.518: attempt to access beyond end of device [ 148.549729][ T7485] loop6: rw=2049, sector=78048, nr_sectors = 16 limit=40427 [ 148.564654][ T7485] syz.6.518: attempt to access beyond end of device [ 148.564654][ T7485] loop6: rw=2049, sector=78088, nr_sectors = 24 limit=40427 [ 148.567154][ T7567] loop0: detected capacity change from 0 to 128 [ 148.579564][ T7485] syz.6.518: attempt to access beyond end of device [ 148.579564][ T7485] loop6: rw=2049, sector=78136, nr_sectors = 8 limit=40427 [ 148.609403][ T29] audit: type=1804 audit(1731104359.400:143): pid=7571 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.518" name="/newroot/53/file1/file1" dev="loop6" ino=10 res=1 errno=0 [ 148.631514][ C0] vkms_vblank_simulate: vblank timer overrun [ 148.718913][ T29] audit: type=1326 audit(1731104359.510:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7544 comm="syz.1.538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8149b7e719 code=0x7fc00000 [ 148.759325][ T6176] syz-executor: attempt to access beyond end of device [ 148.759325][ T6176] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 148.850291][ T7540] BTRFS info (device loop4): setting incompat feature flag for SIMPLE_QUOTA (0x10000) [ 149.035918][ T5838] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 149.101568][ T6176] F2FS-fs (loop6): Remounting filesystem read-only [ 149.141042][ T29] audit: type=1326 audit(1731104359.530:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7544 comm="syz.1.538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f8149b7e719 code=0x7fc00000 [ 149.239177][ T29] audit: type=1326 audit(1731104359.530:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7544 comm="syz.1.538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8149b7e719 code=0x7fc00000 [ 149.262357][ T29] audit: type=1326 audit(1731104359.530:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7544 comm="syz.1.538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8149b7e719 code=0x7fc00000 [ 149.285702][ T29] audit: type=1326 audit(1731104359.530:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7544 comm="syz.1.538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8149b7e719 code=0x7fc00000 [ 149.308262][ T29] audit: type=1326 audit(1731104359.530:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7544 comm="syz.1.538" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8149b7e719 code=0x7fc00000 [ 149.539235][ T7590] loop3: detected capacity change from 0 to 256 [ 149.546837][ T7590] exfat: Deprecated parameter 'utf8' [ 149.565572][ T7590] exfat: Deprecated parameter 'utf8' [ 149.587132][ T7590] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xb6248695, utbl_chksum : 0xe619d30d) [ 149.838356][ T7580] loop0: detected capacity change from 0 to 32768 [ 149.923502][ T7580] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.546 (7580) [ 149.968820][ T7580] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 150.009689][ T7580] BTRFS info (device loop0): using sha256 (sha256-ni) checksum algorithm [ 150.018303][ T7580] BTRFS info (device loop0): using free-space-tree [ 151.049102][ T7594] loop1: detected capacity change from 0 to 40427 [ 151.055872][ T7580] BTRFS info (device loop0): rebuilding free space tree [ 151.129474][ T7606] loop2: detected capacity change from 0 to 40427 [ 151.138707][ T7594] F2FS-fs (loop1): Small segment_count (9 < 1 * 24) [ 151.148519][ T7594] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock [ 151.158182][ T7606] F2FS-fs (loop2): Image doesn't support compression [ 151.168196][ T7606] F2FS-fs (loop2): invalid crc value [ 151.180414][ T7622] loop3: detected capacity change from 0 to 32768 [ 151.220398][ T7594] F2FS-fs (loop1): Found nat_bits in checkpoint [ 151.294877][ T7622] (syz.3.558,7622,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 151.332710][ T5846] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 151.356203][ T7606] F2FS-fs (loop2): Found nat_bits in checkpoint [ 151.422130][ T7622] (syz.3.558,7622,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 151.510745][ T7594] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0 [ 151.517985][ T7594] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5 [ 151.597617][ T7622] JBD2: Ignoring recovery information on journal [ 151.606327][ T7645] netlink: 8 bytes leftover after parsing attributes in process `syz.4.565'. [ 151.632075][ T7606] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5 [ 151.845025][ T5839] F2FS-fs (loop1): Stopped filesystem due to reason: 3 [ 151.974124][ T29] kauditd_printk_skb: 38 callbacks suppressed [ 151.974150][ T29] audit: type=1804 audit(1731104362.760:188): pid=7606 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.557" name="/newroot/106/file1/file1" dev="loop2" ino=10 res=1 errno=0 [ 152.000612][ T7622] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 152.189754][ T5840] F2FS-fs (loop2): Remounting filesystem read-only [ 152.335743][ T7658] 9pnet_virtio: no channels available for device GPL [ 152.510561][ T5845] ocfs2: Unmounting device (7,3) on (node local) [ 152.919906][ T7677] netlink: 8 bytes leftover after parsing attributes in process `syz.3.575'. [ 152.953243][ T7680] loop1: detected capacity change from 0 to 64 [ 153.183832][ T7678] loop6: detected capacity change from 0 to 4096 [ 153.388205][ T7695] CUSE: info not properly terminated [ 153.458317][ T7678] ntfs3(loop6): failed to convert "0080" to cp852 [ 153.500809][ T7678] ntfs3(loop6): Mark volume as dirty due to NTFS errors [ 153.570689][ T7678] ntfs3(loop6): failed to convert name for inode 1e. [ 153.590284][ T7678] ntfs3(loop6): failed to convert "ffff" to cp852 [ 153.678189][ T7710] netlink: 20 bytes leftover after parsing attributes in process `syz.2.595'. [ 153.845369][ T5929] usb 1-1: new high-speed USB device number 6 using dummy_hcd [ 154.040646][ T5929] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 154.051889][ T5929] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 154.083198][ T5929] usb 1-1: New USB device found, idVendor=1038, idProduct=12b6, bcdDevice= 0.00 [ 154.092319][ T5929] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 154.110026][ T5929] usb 1-1: config 0 descriptor?? [ 154.424553][ T7724] IPv6: NLM_F_CREATE should be specified when creating new route [ 154.441729][ T7724] netlink: 'syz.2.602': attribute type 1 has an invalid length. [ 154.556119][ T5929] steelseries 0003:1038:12B6.0004: unbalanced collection at end of report description [ 154.559181][ T7729] loop3: detected capacity change from 0 to 256 [ 154.585872][ T5929] steelseries 0003:1038:12B6.0004: probe with driver steelseries failed with error -22 [ 154.666903][ T7729] exfat: Deprecated parameter 'utf8' [ 154.700673][ T7729] exfat: Deprecated parameter 'namecase' [ 154.706498][ T7729] exfat: Deprecated parameter 'utf8' [ 154.735195][ T7729] exFAT-fs (loop3): failed to load upcase table (idx : 0x00012153, chksum : 0xc3dffc2e, utbl_chksum : 0xe619d30d) [ 154.756994][ T5929] usb 1-1: USB disconnect, device number 6 [ 154.798815][ T7736] netlink: 'syz.2.606': attribute type 1 has an invalid length. [ 154.806705][ T7736] netlink: 236 bytes leftover after parsing attributes in process `syz.2.606'. [ 154.862127][ T7733] loop1: detected capacity change from 0 to 4096 [ 154.876326][ T7733] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512). [ 155.010704][ T7744] bridge0: port 2(bridge_slave_1) entered disabled state [ 155.018044][ T5906] usb 5-1: new full-speed USB device number 4 using dummy_hcd [ 155.018325][ T7744] bridge0: port 1(bridge_slave_0) entered disabled state [ 155.262895][ T5906] usb 5-1: config 4 has an invalid interface number: 44 but max is 0 [ 155.272465][ T5906] usb 5-1: config 4 has no interface number 0 [ 155.292476][ T7750] loop2: detected capacity change from 0 to 2048 [ 155.334342][ T5906] usb 5-1: New USB device found, idVendor=1044, idProduct=7001, bcdDevice=80.20 [ 155.344039][ T5906] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 155.362139][ T7750] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 155.372883][ T5906] usb 5-1: Product: syz [ 155.398740][ T5906] usb 5-1: Manufacturer: syz [ 155.419290][ T5906] usb 5-1: SerialNumber: syz [ 155.732486][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 155.942021][ T7771] loop0: detected capacity change from 0 to 1024 [ 155.953698][ T5906] dvb-usb: found a 'Gigabyte U7000' in warm state. [ 155.966927][ T7771] EXT4-fs: Ignoring removed orlov option [ 155.973951][ T5906] dvb-usb: will use the device's hardware PID filter (table count: 32). [ 155.984908][ T5906] dvbdev: DVB: registering new adapter (Gigabyte U7000) [ 155.992477][ T5906] usb 5-1: media controller created [ 156.006058][ T5906] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered. [ 156.018749][ T7771] EXT4-fs (loop0): Test dummy encryption mode enabled [ 156.055715][ T7771] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 156.073169][ T5906] DVB: Unable to find symbol dib7000p_attach() [ 156.079873][ T5906] dvb-usb: no frontend was attached by 'Gigabyte U7000' [ 156.278967][ T5906] rc_core: IR keymap rc-dib0700-rc5 not found [ 156.285816][ T5906] Registered IR keymap rc-empty [ 156.302061][ T5906] dvb-usb: could not initialize remote control. [ 156.338591][ T5906] dvb-usb: Gigabyte U7000 successfully initialized and connected. [ 156.400075][ T5906] usb 5-1: USB disconnect, device number 4 [ 156.438767][ T7771] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 156.459521][ T7765] loop3: detected capacity change from 0 to 32768 [ 156.467636][ T5906] dvb-usb: Gigabyte U7000 successfully deinitialized and disconnected. [ 156.615664][ T7794] bridge0: port 2(bridge_slave_1) entered disabled state [ 156.623242][ T7794] bridge0: port 1(bridge_slave_0) entered disabled state [ 156.663503][ T7769] loop6: detected capacity change from 0 to 32768 [ 156.727551][ T7771] fscrypt (loop0): Missing crypto API support for AES-256-XTS (API name: "xts(aes)") [ 156.737335][ T7765] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,degraded,no_splitbrain_check,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,nocow [ 156.737712][ T7765] bcachefs (loop3): recovering from clean shutdown, journal seq 10 [ 156.770385][ T7765] bcachefs (loop3): Version upgrade required: [ 156.770385][ T7765] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 156.770385][ T7765] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots [ 156.770385][ T7765] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 156.841995][ C0] vkms_vblank_simulate: vblank timer overrun [ 156.865879][ T7769] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.621 (7769) [ 156.915406][ T7769] BTRFS info (device loop6): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 156.928896][ T7769] BTRFS info (device loop6): using blake2b (blake2b-256-generic) checksum algorithm [ 156.933216][ T7765] bcachefs (loop3): dropping and reconstructing all alloc info [ 156.938948][ T7769] BTRFS info (device loop6): using free-space-tree [ 156.957519][ T5846] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.225456][ T7765] bcachefs (loop3): check_topology... done [ 157.267490][ T7765] bcachefs (loop3): accounting_read... done [ 157.285446][ T7765] bcachefs (loop3): alloc_read... done [ 157.291422][ T7765] bcachefs (loop3): stripes_read... done [ 157.297145][ T7765] bcachefs (loop3): snapshots_read... done [ 157.303911][ T7765] bcachefs (loop3): check_allocations... [ 157.322051][ T7831] loop4: detected capacity change from 0 to 2048 [ 157.385601][ T7765] done [ 157.412206][ T7765] bcachefs (loop3): going read-write [ 157.454779][ T7765] bcachefs (loop3): done starting filesystem [ 157.476872][ T7831] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 157.620275][ T7846] loop1: detected capacity change from 0 to 2048 [ 157.673788][ T5838] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 157.705139][ T7846] UDF-fs: error (device loop1): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0 [ 157.749229][ T7846] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found [ 157.756936][ T7846] UDF-fs: Scanning with blocksize 512 failed [ 157.812381][ T7846] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 157.855851][ T7822] loop0: detected capacity change from 0 to 32768 [ 157.902318][ T5845] bcachefs (loop3): shutting down [ 157.907639][ T5845] bcachefs (loop3): going read-only [ 157.919119][ T5845] bcachefs (loop3): finished waiting for writes to stop [ 157.992929][ T6176] BTRFS info (device loop6): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 158.019734][ T5845] bcachefs (loop3): flushing journal and stopping allocators, journal seq 14 [ 158.051534][ T5845] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 14 [ 158.079120][ T7855] vlan2: entered promiscuous mode [ 158.084244][ T7855] vlan2: entered allmulticast mode [ 158.191463][ T5845] bcachefs (loop3): unshutdown complete, journal seq 15 [ 158.199782][ T7849] loop2: detected capacity change from 0 to 32768 [ 158.199975][ T5845] bcachefs (loop3): done going read-only, filesystem not clean [ 158.207081][ T7849] XFS: ikeep mount option is deprecated. [ 158.306398][ T7822] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): filesystem UUID already open [ 158.337627][ T7822] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutdown complete [ 158.422392][ T7822] bcachefs: bch2_fs_get_tree() error: EINVAL [ 158.515340][ T7849] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 158.577148][ T5845] bcachefs (loop3): shutdown complete [ 158.731740][ T7875] netlink: 4 bytes leftover after parsing attributes in process `syz.6.640'. [ 158.844640][ T7849] XFS (loop2): Ending clean mount [ 158.857917][ T7849] XFS (loop2): Quotacheck needed: Please wait. [ 158.934544][ T7849] XFS (loop2): Quotacheck: Done. [ 159.104544][ T5840] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 159.392092][ T7882] CUSE: info not properly terminated [ 159.562433][ T7886] loop1: detected capacity change from 0 to 256 [ 159.645406][ T7880] loop6: detected capacity change from 0 to 32768 [ 159.663888][ T7880] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.645 (7880) [ 159.685127][ T7880] BTRFS info (device loop6): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 159.735955][ T7880] BTRFS info (device loop6): using sha256 (sha256-ni) checksum algorithm [ 159.752823][ T7880] BTRFS info (device loop6): using free-space-tree [ 159.868572][ T7901] netlink: 48 bytes leftover after parsing attributes in process `syz.2.653'. [ 160.073362][ T7880] BTRFS info (device loop6): rebuilding free space tree [ 160.124353][ T29] audit: type=1800 audit(1731104370.910:189): pid=7880 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.645" name="bus" dev="loop6" ino=263 res=0 errno=0 [ 160.228320][ T6176] BTRFS info (device loop6): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 160.229547][ T5906] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 160.289982][ T7929] loop0: detected capacity change from 0 to 1024 [ 160.356536][ T46] usb 3-1: new high-speed USB device number 4 using dummy_hcd [ 160.364449][ T5908] usb 2-1: new high-speed USB device number 6 using dummy_hcd [ 160.416369][ T29] audit: type=1800 audit(1731104371.190:190): pid=7929 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.663" name="file1" dev="loop0" ino=20 res=0 errno=0 [ 160.467761][ T5906] usb 5-1: Using ep0 maxpacket: 32 [ 160.505895][ T5906] usb 5-1: config 0 has an invalid interface number: 250 but max is 0 [ 160.527240][ T5906] usb 5-1: config 0 has no interface number 0 [ 160.538625][ T5908] usb 2-1: Using ep0 maxpacket: 8 [ 160.546588][ T46] usb 3-1: Using ep0 maxpacket: 8 [ 160.560390][ T5908] usb 2-1: New USB device found, idVendor=0c2e, idProduct=0720, bcdDevice=9b.f7 [ 160.586091][ T5908] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 160.588813][ T5906] usb 5-1: New USB device found, idVendor=04f1, idProduct=1001, bcdDevice=19.63 [ 160.599229][ T46] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 160.630164][ T5908] usb 2-1: config 0 descriptor?? [ 160.645683][ T46] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 160.648721][ T5906] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 160.676209][ T5906] usb 5-1: Product: syz [ 160.690752][ T5908] metro_usb 2-1:0.0: required endpoints missing [ 160.698842][ T5906] usb 5-1: Manufacturer: syz [ 160.712663][ T46] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 160.712737][ T5906] usb 5-1: SerialNumber: syz [ 160.743591][ T46] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 160.749831][ T5906] usb 5-1: config 0 descriptor?? [ 160.777926][ T46] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 160.800963][ T46] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 160.813778][ T5906] gspca_main: sunplus-2.14.0 probing 04f1:1001 [ 160.913730][ T5908] usb 2-1: USB disconnect, device number 6 [ 160.924840][ T7935] netlink: 'syz.6.665': attribute type 3 has an invalid length. [ 160.933803][ T7935] netlink: 130984 bytes leftover after parsing attributes in process `syz.6.665'. [ 161.040072][ T46] usb 3-1: GET_CAPABILITIES returned 0 [ 161.050797][ T46] usbtmc 3-1:16.0: can't read capabilities [ 161.241508][ T7939] netlink: 104 bytes leftover after parsing attributes in process `syz.0.667'. [ 161.281316][ T7941] loop6: detected capacity change from 0 to 1024 [ 161.292020][ T46] usb 3-1: USB disconnect, device number 4 [ 161.317572][ T7941] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 161.642423][ T5906] gspca_sunplus: reg_w_riv err -71 [ 161.649123][ T5906] sunplus 5-1:0.250: probe with driver sunplus failed with error -71 [ 161.688095][ T5906] usb 5-1: USB disconnect, device number 5 [ 161.873426][ T7959] loop6: detected capacity change from 0 to 4096 [ 161.969735][ T7967] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 162.382532][ T7974] loop4: detected capacity change from 0 to 128 [ 162.412148][ T7974] VFS: Found a Xenix FS (block size = 512) on device loop4 [ 162.543268][ T5838] sysv_free_block: trying to free block not in datazone [ 162.591763][ T5838] sysv_free_inode: inode 0,1,2 or nonexistent inode [ 162.762805][ T7962] loop1: detected capacity change from 0 to 32768 [ 162.821516][ T29] audit: type=1326 audit(1731104373.610:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7981 comm="syz.4.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2699f7e719 code=0x7ffc0000 [ 162.821727][ T7962] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.674 (7962) [ 162.898805][ T29] audit: type=1326 audit(1731104373.610:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7981 comm="syz.4.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2699f7e719 code=0x7ffc0000 [ 163.011646][ T29] audit: type=1326 audit(1731104373.670:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7981 comm="syz.4.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=240 compat=0 ip=0x7f2699f7e719 code=0x7ffc0000 [ 163.028551][ T7962] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 163.143923][ T7972] loop6: detected capacity change from 0 to 40427 [ 163.144745][ T29] audit: type=1326 audit(1731104373.670:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7981 comm="syz.4.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2699f7e719 code=0x7ffc0000 [ 163.150702][ T7962] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm [ 163.185749][ T7962] BTRFS info (device loop1): using free-space-tree [ 163.194241][ T7972] F2FS-fs (loop6): Small segment_count (9 < 1 * 24) [ 163.205440][ T7972] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock [ 163.226730][ T7965] loop0: detected capacity change from 0 to 32768 [ 163.244339][ T7972] F2FS-fs (loop6): Found nat_bits in checkpoint [ 163.297867][ T29] audit: type=1326 audit(1731104373.670:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7981 comm="syz.4.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2699f7e719 code=0x7ffc0000 [ 163.373737][ T29] audit: type=1326 audit(1731104373.690:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7981 comm="syz.4.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=242 compat=0 ip=0x7f2699f7e719 code=0x7ffc0000 [ 163.487491][ T7962] BTRFS info (device loop1): rebuilding free space tree [ 163.531389][ T29] audit: type=1326 audit(1731104373.690:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7981 comm="syz.4.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2699f7e719 code=0x7ffc0000 [ 163.586945][ T7972] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0 [ 163.617712][ T7972] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 163.623401][ T8016] nicvf0: renamed from bridge_slave_1 (while UP) [ 163.632547][ T29] audit: type=1326 audit(1731104373.690:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7981 comm="syz.4.686" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2699f7e719 code=0x7ffc0000 [ 163.692612][ T8016] netlink: 'syz.0.692': attribute type 2 has an invalid length. [ 163.693478][ T7972] bio_check_eod: 10 callbacks suppressed [ 163.693497][ T7972] syz.6.680: attempt to access beyond end of device [ 163.693497][ T7972] loop6: rw=2049, sector=53248, nr_sectors = 8 limit=40427 [ 163.701135][ T8016] A link change request failed with some changes committed already. Interface nicvf0 may have been left with an inconsistent configuration, please check. [ 163.758932][ T8019] syz.6.680: attempt to access beyond end of device [ 163.758932][ T8019] loop6: rw=0, sector=53248, nr_sectors = 8 limit=40427 [ 163.889604][ T5839] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d [ 163.927127][ T6176] syz-executor: attempt to access beyond end of device [ 163.927127][ T6176] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 163.964638][ T6176] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 164.099047][ T8027] loop2: detected capacity change from 0 to 512 [ 164.128413][ T8027] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode [ 164.207737][ T8027] EXT4-fs (loop2): 1 truncate cleaned up [ 164.251150][ T8027] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 164.548838][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 164.566640][ T8041] netlink: 'syz.1.703': attribute type 4 has an invalid length. [ 165.040505][ T8054] loop4: detected capacity change from 0 to 2048 [ 165.074692][ T8057] netlink: 4 bytes leftover after parsing attributes in process `syz.1.709'. [ 165.098774][ T8057] netlink: 20 bytes leftover after parsing attributes in process `syz.1.709'. [ 165.120922][ T8059] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds [ 165.396172][ T8021] loop0: detected capacity change from 0 to 32768 [ 165.427496][ T8021] BTRFS: device fsid 3a492a15-ac49-4ce6-945e-cef7a687c6c9 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.694 (8021) [ 165.516851][ T8021] BTRFS info (device loop0): first mount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9 [ 165.532827][ T8059] NILFS (loop4): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3) [ 165.566983][ T8021] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 165.576648][ T8059] NILFS error (device loop4): nilfs_bmap_propagate: broken bmap (inode number=4) [ 165.595152][ T8071] loop1: detected capacity change from 0 to 256 [ 165.615786][ T8021] BTRFS info (device loop0): using free-space-tree [ 165.638230][ T8071] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d) [ 165.658709][ T8059] Remounting filesystem read-only [ 165.684109][ T5838] NILFS (loop4): disposed unprocessed dirty file(s) when stopping log writer [ 166.106532][ T5846] BTRFS info (device loop0): last unmount of filesystem 3a492a15-ac49-4ce6-945e-cef7a687c6c9 [ 166.148834][ T8100] loop2: detected capacity change from 0 to 1024 [ 166.376608][ T8061] loop6: detected capacity change from 0 to 40427 [ 166.419229][ T8061] F2FS-fs (loop6): invalid crc value [ 166.455843][ T8061] F2FS-fs (loop6): Found nat_bits in checkpoint [ 166.568748][ T5841] usb 4-1: new high-speed USB device number 3 using dummy_hcd [ 166.679931][ T8061] F2FS-fs (loop6): Start checkpoint disabled! [ 166.717866][ T8061] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6 [ 166.770821][ T5841] usb 4-1: Using ep0 maxpacket: 8 [ 166.785275][ T5841] usb 4-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a [ 166.829910][ T5841] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 166.838069][ T5841] usb 4-1: Product: syz [ 166.878700][ T5841] usb 4-1: Manufacturer: syz [ 166.883591][ T5841] usb 4-1: SerialNumber: syz [ 166.908276][ T5841] usb 4-1: config 0 descriptor?? [ 166.944396][ T5841] gspca_main: sq930x-2.14.0 probing 2770:930c [ 167.206410][ T79] kworker/u8:4: attempt to access beyond end of device [ 167.206410][ T79] loop6: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 167.286752][ T79] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 167.306155][ T79] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 167.678395][ T8119] loop2: detected capacity change from 0 to 32768 [ 167.794582][ T5841] gspca_sq930x: ucbus_write failed -71 [ 167.867967][ T8128] loop1: detected capacity change from 0 to 16 [ 167.906522][ T8128] erofs: (device loop1): mounted with root inode @ nid 36. [ 167.949194][ T8124] loop4: detected capacity change from 0 to 32768 [ 167.955929][ T8128] overlayfs: failed to get redirect (-117) [ 167.963139][ T8123] loop0: detected capacity change from 0 to 40427 [ 167.991816][ T29] kauditd_printk_skb: 4 callbacks suppressed [ 167.991846][ T29] audit: type=1800 audit(1731104378.780:203): pid=8124 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.731" name="file1" dev="loop4" ino=4 res=0 errno=0 [ 168.028781][ T5841] gspca_sq930x: Sensor ov9630 not yet treated [ 168.047841][ T5841] sq930x 4-1:0.0: probe with driver sq930x failed with error -22 [ 168.059950][ T8123] F2FS-fs (loop0): invalid crc value [ 168.081520][ T8123] F2FS-fs (loop0): Found nat_bits in checkpoint [ 168.086334][ T5841] usb 4-1: USB disconnect, device number 3 [ 168.145278][ T8131] loop1: detected capacity change from 0 to 512 [ 168.192360][ T8131] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 168.223170][ T8136] loop6: detected capacity change from 0 to 512 [ 168.232222][ T8131] ext4 filesystem being mounted at /129/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 168.275015][ T8123] F2FS-fs (loop0): Start checkpoint disabled! [ 168.302736][ T8123] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6 [ 168.322672][ T8136] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem [ 168.405683][ T8136] EXT4-fs (loop6): invalid journal inode [ 168.422041][ T8136] EXT4-fs (loop6): can't get journal size [ 168.453239][ T8136] EXT4-fs (loop6): 1 truncate cleaned up [ 168.457207][ T8123] syz.0.722: attempt to access beyond end of device [ 168.457207][ T8123] loop0: rw=2049, sector=45096, nr_sectors = 96 limit=40427 [ 168.470193][ T8136] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 168.666102][ T8142] syz.0.722: attempt to access beyond end of device [ 168.666102][ T8142] loop0: rw=2049, sector=45192, nr_sectors = 48 limit=40427 [ 168.751850][ T6176] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 168.940343][ T12] kworker/u8:1: attempt to access beyond end of device [ 168.940343][ T12] loop0: rw=2049, sector=45240, nr_sectors = 8 limit=40427 [ 168.959816][ T12] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 169.134900][ T8131] EXT4-fs warning (device loop1): ext4_group_add:1716: Can't resize non-sparse filesystem further [ 169.181769][ T5839] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 169.188300][ T8154] netlink: 8 bytes leftover after parsing attributes in process `syz.4.743'. [ 169.507662][ T8166] netlink: 'syz.6.746': attribute type 4 has an invalid length. [ 169.788021][ T8180] vlan0: entered promiscuous mode [ 169.818396][ T8180] vlan0: left promiscuous mode [ 170.083467][ T8197] sch_tbf: burst 5729 is lower than device lo mtu (65550) ! [ 170.599941][ T8214] loop3: detected capacity change from 0 to 1024 [ 170.618039][ T8216] loop2: detected capacity change from 0 to 1024 [ 170.669920][ T8220] netlink: 'syz.6.772': attribute type 29 has an invalid length. [ 170.680360][ T8220] netlink: 'syz.6.772': attribute type 29 has an invalid length. [ 170.713593][ T8216] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 170.769901][ T8224] netlink: 'syz.6.772': attribute type 29 has an invalid length. [ 170.937955][ T8236] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 170.947657][ T8236] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 170.957214][ T8236] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 170.966674][ T8236] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 171.007894][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 171.091670][ T8242] netlink: 8 bytes leftover after parsing attributes in process `syz.0.780'. [ 171.131113][ T8242] netlink: 8 bytes leftover after parsing attributes in process `syz.0.780'. [ 171.491805][ T8257] loop0: detected capacity change from 0 to 2048 [ 171.651681][ T8262] loop4: detected capacity change from 0 to 4096 [ 171.698942][ T8245] loop2: detected capacity change from 0 to 32768 [ 171.706303][ T8245] XFS: ikeep mount option is deprecated. [ 171.858812][ T8245] XFS (loop2): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 171.884410][ T8257] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 171.957128][ T8262] ntfs3(loop4): Failed to initialize $Extend/$ObjId. [ 172.068652][ T8245] XFS (loop2): Ending clean mount [ 172.082097][ T8245] XFS (loop2): Quotacheck needed: Please wait. [ 172.147617][ T8245] XFS (loop2): Quotacheck: Done. [ 172.212340][ T8252] loop1: detected capacity change from 0 to 32768 [ 172.220434][ T8252] XFS: ikeep mount option is deprecated. [ 172.259915][ T8252] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 172.282019][ T5840] XFS (loop2): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 172.360865][ T8252] XFS (loop1): Ending clean mount [ 172.378921][ T8252] XFS (loop1): Quotacheck needed: Please wait. [ 172.443711][ T8252] XFS (loop1): Quotacheck: Done. [ 172.470551][ T46] usb 5-1: new high-speed USB device number 6 using dummy_hcd [ 172.646313][ T5839] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d [ 172.672227][ T46] usb 5-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 172.692292][ T46] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 172.709714][ T46] usb 5-1: Product: syz [ 172.718872][ T46] usb 5-1: Manufacturer: syz [ 172.742421][ T46] usb 5-1: SerialNumber: syz [ 172.754791][ T46] usb 5-1: config 0 descriptor?? [ 173.029097][ T46] usb 5-1: USB disconnect, device number 6 [ 173.159312][ T8296] loop2: detected capacity change from 0 to 32768 [ 173.217349][ T8302] loop1: detected capacity change from 0 to 1024 [ 173.256183][ T8302] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled [ 173.345418][ T8302] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 173.414729][ T8296] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,degraded,no_splitbrain_check,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,nocow [ 173.439398][ T8296] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 173.445431][ T8302] EXT4-fs error (device loop1): ext4_expand_extra_isize_ea:2793: inode #2: comm syz.1.798: corrupted in-inode xattr: bad e_name length [ 173.447528][ T8296] bcachefs (loop2): Version upgrade required: [ 173.447528][ T8296] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 173.447528][ T8296] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots [ 173.447528][ T8296] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 173.615338][ T8296] bcachefs (loop2): dropping and reconstructing all alloc info [ 173.647322][ T5839] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 173.675775][ T8296] bcachefs (loop2): check_topology... done [ 173.699232][ T8296] bcachefs (loop2): accounting_read... done [ 173.716235][ T8296] bcachefs (loop2): alloc_read... done [ 173.748782][ T8296] bcachefs (loop2): stripes_read... done [ 173.754606][ T8296] bcachefs (loop2): snapshots_read... done [ 173.778699][ T8296] bcachefs (loop2): check_allocations... done [ 173.915977][ T8296] bcachefs (loop2): going read-write [ 173.963986][ T8296] bcachefs (loop2): done starting filesystem [ 174.001907][ T8300] loop3: detected capacity change from 0 to 32768 [ 174.039452][ T8300] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.800 (8300) [ 174.094565][ T8300] BTRFS info (device loop3): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 174.108852][ T8300] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm [ 174.119004][ T8300] BTRFS info (device loop3): using free-space-tree [ 174.237208][ T5840] bcachefs (loop2): shutting down [ 174.254940][ T5840] bcachefs (loop2): going read-only [ 174.267624][ T5840] bcachefs (loop2): finished waiting for writes to stop [ 174.308087][ T8340] loop6: detected capacity change from 0 to 1024 [ 174.542896][ T8340] EXT4-fs (loop6): warning: mounting unchecked fs, running e2fsck is recommended [ 174.552615][ T5840] bcachefs (loop2): flushing journal and stopping allocators, journal seq 14 [ 174.578774][ T5840] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 14 [ 174.591395][ T8340] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 174.684532][ T5840] bcachefs (loop2): unshutdown complete, journal seq 15 [ 174.692922][ T5840] bcachefs (loop2): done going read-only, filesystem not clean [ 174.738039][ T5840] bcachefs (loop2): shutdown complete [ 174.747556][ T8340] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro. Quota mode: writeback. [ 174.783584][ T8326] loop4: detected capacity change from 0 to 32768 [ 174.898225][ T8359] netlink: 40 bytes leftover after parsing attributes in process `syz.1.812'. [ 174.909992][ T6176] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 174.982228][ T5845] BTRFS info (device loop3): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6 [ 175.362492][ T5906] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 175.539020][ T5906] usb 7-1: Using ep0 maxpacket: 32 [ 175.548237][ T5906] usb 7-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f [ 175.568734][ T5906] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 175.588554][ T5906] usb 7-1: Product: syz [ 175.595702][ T5906] usb 7-1: Manufacturer: syz [ 175.603176][ T5906] usb 7-1: SerialNumber: syz [ 175.614197][ T5906] usb 7-1: config 0 descriptor?? [ 175.639991][ T46] usb 2-1: new high-speed USB device number 7 using dummy_hcd [ 175.831247][ T46] usb 2-1: config index 0 descriptor too short (expected 23569, got 27) [ 175.861117][ T46] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 175.930581][ T46] usb 2-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 175.983044][ T46] usb 2-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 176.022463][ T46] usb 2-1: Manufacturer: syz [ 176.035803][ T46] usb 2-1: config 0 descriptor?? [ 176.159289][ T5906] airspy 7-1:0.0: Board ID: 00 [ 176.164224][ T5906] airspy 7-1:0.0: Firmware version: [ 176.168557][ T46] rc_core: IR keymap rc-hauppauge not found [ 176.181857][ T46] Registered IR keymap rc-empty [ 176.199082][ T8389] loop4: detected capacity change from 0 to 256 [ 176.206925][ T46] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0 [ 176.251057][ T46] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input16 [ 176.293873][ T46] usb 2-1: USB disconnect, device number 7 [ 176.579038][ T5906] airspy 7-1:0.0: usb_control_msg() failed -71 request 0e [ 176.649078][ T5906] airspy 7-1:0.0: Registered as swradio24 [ 176.654974][ T5906] airspy 7-1:0.0: SDR API is still slightly experimental and functionality changes may follow [ 176.677732][ T5906] usb 7-1: USB disconnect, device number 3 [ 176.944815][ T8386] loop3: detected capacity change from 0 to 40427 [ 176.967518][ T8386] F2FS-fs (loop3): invalid crc value [ 177.001509][ T8386] F2FS-fs (loop3): Found nat_bits in checkpoint [ 177.123403][ T8386] F2FS-fs (loop3): Start checkpoint disabled! [ 177.161126][ T8386] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6 [ 177.233427][ T8386] syz.3.824: attempt to access beyond end of device [ 177.233427][ T8386] loop3: rw=2049, sector=45096, nr_sectors = 96 limit=40427 [ 177.298095][ T8405] syz.3.824: attempt to access beyond end of device [ 177.298095][ T8405] loop3: rw=2049, sector=45192, nr_sectors = 128 limit=40427 [ 177.339781][ T5929] kernel write not supported for file /vcs (pid: 5929 comm: kworker/1:6) [ 177.359217][ T8396] netdevsim netdevsim0 netdevsim0: entered allmulticast mode [ 177.411202][ T8396] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 177.684069][ T8415] loop0: detected capacity change from 0 to 512 [ 177.696709][ T79] kworker/u8:4: attempt to access beyond end of device [ 177.696709][ T79] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 177.733016][ T79] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 177.742698][ T79] F2FS-fs (loop3): Stopped filesystem due to reason: 3 [ 177.747927][ T8417] netlink: 4 bytes leftover after parsing attributes in process `syz.1.837'. [ 177.760892][ T8415] EXT4-fs error (device loop0): ext4_orphan_get:1388: inode #15: comm syz.0.836: casefold flag without casefold feature [ 177.809559][ T8423] netlink: 4 bytes leftover after parsing attributes in process `syz.2.838'. [ 177.826115][ T8415] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.836: couldn't read orphan inode 15 (err -117) [ 177.866889][ T8415] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 178.005672][ T8415] EXT4-fs warning (device loop0): ext4_empty_dir:3098: inode #2: comm syz.0.836: directory missing '.' [ 178.109553][ T8427] input: syz0 as /devices/virtual/input/input17 [ 178.133344][ T5846] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 178.499979][ T8440] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 178.509423][ T8440] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 178.518538][ T8440] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 178.528129][ T8440] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 178.538846][ T5929] usb 4-1: new high-speed USB device number 4 using dummy_hcd [ 178.654441][ T8445] loop4: detected capacity change from 0 to 64 [ 178.699797][ T5929] usb 4-1: Using ep0 maxpacket: 8 [ 178.716956][ T8448] loop6: detected capacity change from 0 to 128 [ 178.726955][ T5929] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 178.740341][ T5929] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 178.753328][ T8448] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 178.765737][ T5929] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 178.776296][ T5929] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 178.788953][ T8448] ext4 filesystem being mounted at /97/mnt supports timestamps until 2038-01-19 (0x7fffffff) [ 178.789792][ T5929] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 178.809742][ T5929] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 178.900675][ T8451] loop0: detected capacity change from 0 to 16 [ 178.924352][ T8451] erofs: (device loop0): mounted with root inode @ nid 36. [ 178.959495][ T6176] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 179.042378][ T29] audit: type=1800 audit(1731104390.828:204): pid=8451 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.860" name="file1" dev="loop0" ino=86 res=0 errno=0 [ 179.064822][ T5929] usb 4-1: GET_CAPABILITIES returned 0 [ 179.089222][ T5929] usbtmc 4-1:16.0: can't read capabilities [ 179.358700][ T5929] usb 4-1: USB disconnect, device number 4 [ 179.783769][ T8453] loop4: detected capacity change from 0 to 40427 [ 179.797715][ T8453] F2FS-fs (loop4): invalid crc value [ 179.812775][ T8453] F2FS-fs (loop4): Found nat_bits in checkpoint [ 179.840186][ T8481] loop1: detected capacity change from 0 to 512 [ 179.928969][ T8481] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256 [ 180.127736][ T8453] F2FS-fs (loop4): Start checkpoint disabled! [ 180.173404][ T8453] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6 [ 180.230071][ T8483] loop3: detected capacity change from 0 to 4096 [ 180.255211][ T8483] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512). [ 180.271384][ T8453] syz.4.848: attempt to access beyond end of device [ 180.271384][ T8453] loop4: rw=2049, sector=45096, nr_sectors = 96 limit=40427 [ 180.305953][ T8483] ntfs3(loop3): Failed to initialize $Extend/$Reparse. [ 180.359847][ T8489] syz.4.848: attempt to access beyond end of device [ 180.359847][ T8489] loop4: rw=2049, sector=45192, nr_sectors = 128 limit=40427 [ 180.483990][ T5845] ntfs3(loop3): ino=1a, ntfs_sync_fs failed, -22. [ 180.521469][ T8496] netlink: 'syz.1.867': attribute type 29 has an invalid length. [ 180.552977][ T8497] vlan0: entered promiscuous mode [ 180.561195][ T8495] loop6: detected capacity change from 0 to 256 [ 180.588663][ T8495] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256 [ 180.599198][ T8497] vlan0: left promiscuous mode [ 180.648931][ T8495] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=512, location=512 [ 180.665103][ T8495] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found [ 180.672660][ T12] kworker/u8:1: attempt to access beyond end of device [ 180.672660][ T12] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427 [ 180.675659][ T8495] UDF-fs: Scanning with blocksize 512 failed [ 180.701035][ T8495] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256 [ 180.711236][ T8496] netlink: 'syz.1.867': attribute type 29 has an invalid length. [ 180.718684][ T12] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 180.719096][ T12] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 180.735767][ T8495] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 180.745349][ T8498] netlink: 'syz.1.867': attribute type 29 has an invalid length. [ 180.805917][ T29] audit: type=1800 audit(1731104392.588:205): pid=8495 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.865" name="file1" dev="loop6" ino=64 res=0 errno=0 [ 180.910077][ T5929] usb 4-1: new full-speed USB device number 5 using dummy_hcd [ 181.089452][ T8512] loop2: detected capacity change from 0 to 256 [ 181.097051][ T8510] netlink: 36 bytes leftover after parsing attributes in process `syz.6.873'. [ 181.105836][ T8512] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d) [ 181.149890][ T5929] usb 4-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 181.160154][ T5929] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config [ 181.186884][ T5929] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 181.209086][ T5929] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40 [ 181.218512][ T5929] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 181.226554][ T5929] usb 4-1: Product: syz [ 181.325210][ T5929] usb 4-1: Manufacturer: syz [ 181.336341][ T5929] usb 4-1: SerialNumber: syz [ 181.392349][ T8521] loop1: detected capacity change from 0 to 2048 [ 181.454867][ T8521] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 181.568588][ T29] audit: type=1800 audit(1731104393.318:206): pid=8521 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.878" name="file2" dev="loop1" ino=16 res=0 errno=0 [ 181.589010][ C0] vkms_vblank_simulate: vblank timer overrun [ 181.613709][ T8525] loop6: detected capacity change from 0 to 1024 [ 181.621351][ T8525] EXT4-fs: Ignoring removed nobh option [ 181.636317][ T8500] program syz.3.868 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 181.672908][ T5929] usb 4-1: 0:2 : does not exist [ 181.725376][ T5929] usb 4-1: USB disconnect, device number 5 [ 181.768673][ T8525] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled [ 181.812368][ T5839] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 181.831485][ T8504] loop0: detected capacity change from 0 to 32768 [ 181.873408][ T8525] EXT4-fs error (device loop6): ext4_ext_check_inode:524: inode #11: comm syz.6.879: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512) [ 181.911769][ T8525] EXT4-fs error (device loop6): ext4_orphan_get:1393: comm syz.6.879: couldn't read orphan inode 11 (err -117) [ 181.922790][ T8504] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 181.950037][ T8525] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 182.006760][ T8544] vlan0: entered promiscuous mode [ 182.037600][ T8504] XFS (loop0): Ending clean mount [ 182.044738][ T8544] vlan0: left promiscuous mode [ 182.055137][ T8504] XFS (loop0): Quotacheck needed: Please wait. [ 182.076669][ T8525] EXT4-fs error (device loop6): ext4_read_block_bitmap_nowait:483: comm syz.6.879: Invalid block bitmap block 0 in block_group 0 [ 182.087114][ T8536] loop1: detected capacity change from 0 to 4096 [ 182.106243][ T8525] Quota error (device loop6): write_blk: dquota write failed [ 182.128697][ T8525] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota [ 182.160494][ T8525] EXT4-fs error (device loop6): ext4_acquire_dquot:6879: comm syz.6.879: Failed to acquire dquot type 0 [ 182.175737][ T8504] XFS (loop0): Quotacheck: Done. [ 182.310579][ T8550] sctp: [Deprecated]: syz.2.886 (pid 8550) Use of struct sctp_assoc_value in delayed_ack socket option. [ 182.310579][ T8550] Use struct sctp_sack_info instead [ 182.336958][ T6176] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 182.362036][ T5846] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 182.612494][ T8557] loop3: detected capacity change from 0 to 4096 [ 182.711384][ T8557] ntfs3(loop3): failed to convert "0000" to iso8859-15 [ 182.941746][ T8574] loop0: detected capacity change from 0 to 128 [ 182.956405][ T8574] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive! [ 182.990168][ T8574] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 183.128068][ T3483] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1) [ 184.168555][ T8610] overlayfs: failed to create directory ./file0/work (errno: 13); mounting read-only [ 184.178925][ T8610] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off. [ 184.239884][ T8608] sctp: [Deprecated]: syz.0.912 (pid 8608) Use of struct sctp_assoc_value in delayed_ack socket option. [ 184.239884][ T8608] Use struct sctp_sack_info instead [ 184.490814][ T8617] loop2: detected capacity change from 0 to 4096 [ 184.515588][ T8617] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512). [ 185.183864][ T8643] netlink: 136 bytes leftover after parsing attributes in process `syz.6.930'. [ 185.210346][ T8643] netlink: 89 bytes leftover after parsing attributes in process `syz.6.930'. [ 185.586356][ T8631] loop4: detected capacity change from 0 to 32768 [ 185.656263][ T8648] loop2: detected capacity change from 0 to 32768 [ 185.690136][ T8648] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.932 (8648) [ 185.712966][ T8648] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 185.725658][ T8648] BTRFS info (device loop2): using sha256 (sha256-ni) checksum algorithm [ 185.739402][ T8631] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 185.745112][ T8648] BTRFS info (device loop2): using free-space-tree [ 185.945113][ T8682] loop3: detected capacity change from 0 to 512 [ 186.006363][ T8631] XFS (loop4): Ending clean mount [ 186.015945][ T8682] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256 [ 186.016696][ T8635] loop1: detected capacity change from 0 to 32768 [ 186.040492][ T8631] XFS (loop4): Quotacheck needed: Please wait. [ 186.215435][ T8635] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io [ 186.237188][ T8635] bcachefs (loop1): recovering from clean shutdown, journal seq 10 [ 186.245539][ T8635] bcachefs (loop1): Version upgrade required: [ 186.245539][ T8635] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 186.245539][ T8635] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots [ 186.245539][ T8635] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 186.329065][ T5840] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 186.339816][ T8635] bcachefs (loop1): dropping and reconstructing all alloc info [ 186.367526][ T8635] bcachefs (loop1): check_topology... done [ 186.403345][ T8635] bcachefs (loop1): accounting_read... [ 186.419279][ T8631] XFS (loop4): Quotacheck: Done. [ 186.464941][ T8635] done [ 186.468736][ T8635] bcachefs (loop1): alloc_read... done [ 186.475403][ T8635] bcachefs (loop1): stripes_read... done [ 186.481456][ T8635] bcachefs (loop1): snapshots_read... done [ 186.487600][ T8635] bcachefs (loop1): check_allocations... [ 186.550934][ T8696] loop3: detected capacity change from 0 to 2048 [ 186.668045][ T8635] done [ 186.706145][ T8635] bcachefs (loop1): going read-write [ 186.849231][ T5838] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 186.863224][ T8635] bcachefs (loop1): done starting filesystem [ 186.934188][ T8635] syz.1.925 (8635) used greatest stack depth: 13104 bytes left [ 187.005189][ T8696] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 187.048805][ T8696] ext4 filesystem being mounted at /168/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 187.132141][ T5839] bcachefs (loop1): shutting down [ 187.138311][ T5839] bcachefs (loop1): going read-only [ 187.156256][ T8696] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.940: bg 0: block 288: padding at end of block bitmap is not set [ 187.168590][ T5839] bcachefs (loop1): finished waiting for writes to stop [ 187.328623][ T5839] bcachefs (loop1): flushing journal and stopping allocators, journal seq 11 [ 187.392232][ T11] bcachefs (loop1): bch2_write_super(): fatal error loop1: Superblock write was silently dropped! (seq 0 expected 53) [ 187.412588][ T8714] loop6: detected capacity change from 0 to 256 [ 187.426412][ T5845] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 187.447288][ T8714] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256 [ 187.482250][ T11] bcachefs (loop1): fatal error - emergency read only [ 187.485184][ T8714] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=512, location=512 [ 187.504466][ T5839] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 12 [ 187.544420][ T5839] bcachefs (loop1): unshutdown complete, journal seq 12 [ 187.545845][ T8714] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found [ 187.572991][ T5839] bcachefs (loop1): done going read-only, filesystem not clean [ 187.585567][ T8714] UDF-fs: Scanning with blocksize 512 failed [ 187.600552][ T8714] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256 [ 187.619567][ T8714] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 187.670609][ T8693] loop0: detected capacity change from 0 to 32768 [ 187.697384][ T5839] bcachefs (loop1): shutdown complete [ 187.760231][ T8726] loop2: detected capacity change from 0 to 512 [ 187.827593][ T8693] XFS (loop0): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 187.857929][ T8726] EXT4-fs error (device loop2): ext4_get_branch:178: inode #13: block 1024: comm syz.2.950: invalid block [ 187.877343][ T8726] EXT4-fs (loop2): Remounting filesystem read-only [ 187.884756][ T8726] EXT4-fs (loop2): 1 truncate cleaned up [ 187.961730][ T8726] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 188.019455][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 188.114052][ T8693] XFS (loop0): Ending clean mount [ 188.276739][ T8742] netdevsim netdevsim2 netdevsim0: entered promiscuous mode [ 188.397441][ T5846] XFS (loop0): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab [ 188.881694][ T8754] loop6: detected capacity change from 0 to 4096 [ 189.041965][ T8768] loop4: detected capacity change from 0 to 256 [ 189.267332][ T8778] tap0: tun_chr_ioctl cmd 1074025677 [ 189.278754][ T8778] tap0: linktype set to 821 [ 189.295864][ T8775] No such timeout policy "syz0" [ 189.482682][ T8787] loop2: detected capacity change from 0 to 47 [ 189.998334][ T8791] loop0: detected capacity change from 0 to 32768 [ 190.086855][ T8791] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 190.212899][ T8791] XFS (loop0): Ending clean mount [ 190.434431][ T8817] loop3: detected capacity change from 0 to 512 [ 190.519156][ T8817] EXT4-fs: Ignoring removed mblk_io_submit option [ 190.550402][ T8817] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 190.572534][ T5846] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 190.658987][ T8817] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002] [ 190.666650][ T8794] loop2: detected capacity change from 0 to 32768 [ 190.689332][ T8817] System zones: 1-12 [ 190.696105][ T8817] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.984: corrupted in-inode xattr: e_value size too large [ 190.724074][ T8794] ERROR: (device loop2): diAllocAG: numfree > numinos [ 190.724074][ T8794] [ 190.736844][ T8794] ialloc: diAlloc returned -5! [ 190.764574][ T8817] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.984: couldn't read orphan inode 15 (err -117) [ 190.821884][ T8817] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 191.032388][ T5845] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 191.376802][ T8840] mmap: syz.0.993 (8840) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 191.444848][ T8842] loop6: detected capacity change from 0 to 1764 [ 191.484361][ T8820] loop1: detected capacity change from 0 to 32768 [ 191.616663][ T8851] loop3: detected capacity change from 0 to 8 [ 191.637996][ T8851] MTD: Attempt to mount non-MTD device "/dev/loop3" [ 191.667533][ T8851] cramfs: Error -3 while decompressing! [ 191.675061][ T8851] cramfs: ffffffff9a5089b8(42)->ffff888011fd1000(4096) [ 191.798552][ T964] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 191.867049][ T8855] pim6reg0: tun_chr_ioctl cmd 1074812118 [ 191.947631][ T8859] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 191.969155][ T964] usb 5-1: Using ep0 maxpacket: 16 [ 191.977600][ T964] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 192.019794][ T964] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 192.048784][ T964] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2c2e, bcdDevice= 0.00 [ 192.074068][ T964] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 192.104684][ T964] usb 5-1: config 0 descriptor?? [ 192.108928][ T8867] netlink: 'syz.2.1005': attribute type 1 has an invalid length. [ 192.117540][ T8867] netlink: 9372 bytes leftover after parsing attributes in process `syz.2.1005'. [ 192.127165][ T8867] netlink: 'syz.2.1005': attribute type 1 has an invalid length. [ 192.293147][ T29] audit: type=1326 audit(1731104404.078:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8876 comm="syz.2.1009" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ffbda17e719 code=0x0 [ 192.387844][ T8884] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1013'. [ 192.557657][ T8891] loop3: detected capacity change from 0 to 64 [ 192.580180][ T964] lua 0003:1E7D:2C2E.0005: hidraw0: USB HID v0.00 Device [HID 1e7d:2c2e] on usb-dummy_hcd.4-1/input0 [ 192.805330][ T5907] usb 5-1: USB disconnect, device number 7 [ 193.208719][ T8909] program syz.3.1024 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 193.387972][ T8916] loop3: detected capacity change from 0 to 64 [ 193.444640][ T8899] loop1: detected capacity change from 0 to 32768 [ 193.655023][ T8899] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,degraded,no_splitbrain_check,norecovery,nojournal_transaction_names,reconstruct_alloc,nocow [ 193.700457][ T8899] bcachefs (loop1): recovering from clean shutdown, journal seq 10 [ 193.719403][ T8899] bcachefs (loop1): Version upgrade required: [ 193.719403][ T8899] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 193.719403][ T8899] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots [ 193.719403][ T8899] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 193.902279][ T1292] ieee802154 phy0 wpan0: encryption failed: -22 [ 193.909168][ T1292] ieee802154 phy1 wpan1: encryption failed: -22 [ 193.937695][ T8899] bcachefs (loop1): dropping and reconstructing all alloc info [ 194.022673][ T8899] bcachefs (loop1): accounting_read... done [ 194.044463][ T8899] bcachefs (loop1): alloc_read... done [ 194.064206][ T8899] bcachefs (loop1): stripes_read... done [ 194.123437][ T8899] bcachefs (loop1): snapshots_read... done [ 194.158590][ T8899] bcachefs (loop1): check_allocations... done [ 194.289917][ T8899] bcachefs (loop1): going read-write [ 194.314450][ T8899] bcachefs (loop1): done starting filesystem [ 194.437784][ T8946] loop6: detected capacity change from 0 to 256 [ 194.507908][ T5839] bcachefs (loop1): shutting down [ 194.513198][ T5839] bcachefs (loop1): going read-only [ 194.518588][ T5839] bcachefs (loop1): finished waiting for writes to stop [ 194.534082][ T8946] FAT-fs (loop6): Directory bread(block 64) failed [ 194.550889][ T8946] FAT-fs (loop6): Directory bread(block 65) failed [ 194.569982][ T5839] bcachefs (loop1): flushing journal and stopping allocators, journal seq 10 [ 194.579190][ T8946] FAT-fs (loop6): Directory bread(block 66) failed [ 194.586130][ T5839] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 10 [ 194.599767][ T8946] FAT-fs (loop6): Directory bread(block 67) failed [ 194.616330][ T5839] bcachefs (loop1): unshutdown complete, journal seq 11 [ 194.630767][ T5839] bcachefs (loop1): done going read-only, filesystem not clean [ 194.648852][ T8946] FAT-fs (loop6): Directory bread(block 68) failed [ 194.655468][ T8946] FAT-fs (loop6): Directory bread(block 69) failed [ 194.674556][ T8946] FAT-fs (loop6): Directory bread(block 70) failed [ 194.698796][ T8946] FAT-fs (loop6): Directory bread(block 71) failed [ 194.705527][ T8946] FAT-fs (loop6): Directory bread(block 72) failed [ 194.725844][ T5839] bcachefs (loop1): shutdown complete [ 194.748212][ T8946] FAT-fs (loop6): Directory bread(block 73) failed [ 194.928206][ T8934] loop4: detected capacity change from 0 to 32768 [ 194.947465][ T8961] loop0: detected capacity change from 0 to 512 [ 195.040049][ T8934] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode. [ 195.059431][ T8961] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 195.079774][ T8961] ext4 filesystem being mounted at /162/bus supports timestamps until 2038-01-19 (0x7fffffff) [ 195.136482][ T8934] (syz.4.1032,8934,0):ocfs2_remove_inode_range:1794 ERROR: status = -22 [ 195.159540][ T8934] (syz.4.1032,8934,1):__ocfs2_change_file_space:2045 ERROR: status = -22 [ 195.214383][ T5846] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 195.276101][ T8954] loop3: detected capacity change from 0 to 40427 [ 195.294203][ T8954] F2FS-fs (loop3): invalid crc value [ 195.303391][ T5838] ocfs2: Unmounting device (7,4) on (node local) [ 195.783387][ T8975] loop4: detected capacity change from 0 to 40427 [ 195.795993][ T8954] F2FS-fs (loop3): Found nat_bits in checkpoint [ 195.894987][ T8975] F2FS-fs (loop4): Found nat_bits in checkpoint [ 196.010583][ T8997] program syz.2.1055 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 196.043093][ T8975] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 196.058573][ T8954] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4 [ 196.297631][ T8995] loop6: detected capacity change from 0 to 32768 [ 196.342527][ T5838] syz-executor: attempt to access beyond end of device [ 196.342527][ T5838] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 196.370156][ T8995] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 196.373503][ T5838] F2FS-fs (loop4): Stopped filesystem due to reason: 3 [ 196.532236][ T8995] XFS (loop6): Ending clean mount [ 196.781867][ T8986] loop0: detected capacity change from 0 to 32768 [ 196.832544][ T6176] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 197.132569][ T9014] loop3: detected capacity change from 0 to 64 [ 197.298492][ T29] audit: type=1326 audit(1731104409.048:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9015 comm="syz.6.1060" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb96457e719 code=0x0 [ 197.416443][ T9014] syz.3.1057: attempt to access beyond end of device [ 197.416443][ T9014] loop3: rw=0, sector=1024, nr_sectors = 2 limit=64 [ 197.427299][ T9023] loop4: detected capacity change from 0 to 128 [ 197.461427][ T9014] Buffer I/O error on dev loop3, logical block 512, async page read [ 197.504137][ T9014] syz.3.1057: attempt to access beyond end of device [ 197.504137][ T9014] loop3: rw=0, sector=113152, nr_sectors = 2 limit=64 [ 197.548406][ T9023] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none. [ 197.577647][ T9014] Buffer I/O error on dev loop3, logical block 56576, async page read [ 197.591916][ T9023] ext4 filesystem being mounted at /177/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff) [ 197.623518][ C1] vkms_vblank_simulate: vblank timer overrun [ 197.758718][ T5838] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09. [ 197.972500][ T9036] loop4: detected capacity change from 0 to 2048 [ 198.029750][ T9036] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 198.042337][ T9036] ext4 filesystem being mounted at /178/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 198.143970][ T5838] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 198.203688][ T9042] loop3: detected capacity change from 0 to 1024 [ 198.354972][ T9042] EXT4-fs: Ignoring removed orlov option [ 198.361888][ T9029] loop0: detected capacity change from 0 to 40427 [ 198.372307][ T9029] F2FS-fs (loop0): build fault injection attr: rate: 690, type: 0x1fffff [ 198.377209][ T9042] EXT4-fs: Ignoring removed nomblk_io_submit option [ 198.389157][ T9029] F2FS-fs (loop0): Image doesn't support compression [ 198.396822][ T9029] F2FS-fs (loop0): Image doesn't support compression [ 198.404429][ T9029] F2FS-fs (loop0): build fault injection attr: rate: 0, type: 0x4 [ 198.443437][ T9042] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 198.458714][ T9029] F2FS-fs (loop0): invalid crc value [ 198.520177][ T9029] F2FS-fs (loop0): Found nat_bits in checkpoint [ 198.736661][ T9029] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 198.920027][ T5845] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 199.225906][ T9059] loop4: detected capacity change from 0 to 32768 [ 199.235679][ T9059] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1074 (9059) [ 199.275055][ T9059] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 199.297483][ T9059] BTRFS info (device loop4): using sha256 (sha256-ni) checksum algorithm [ 199.308095][ T9059] BTRFS info (device loop4): using free-space-tree [ 199.379685][ T9060] loop2: detected capacity change from 0 to 32768 [ 199.426456][ T9060] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 199.438768][ T5929] usb 4-1: new high-speed USB device number 6 using dummy_hcd [ 199.598820][ T5929] usb 4-1: Using ep0 maxpacket: 16 [ 199.621380][ T5929] usb 4-1: config 0 has an invalid interface number: 214 but max is 0 [ 199.666485][ T5929] usb 4-1: config 0 has no interface number 0 [ 199.678095][ T5929] usb 4-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid maxpacket 1023, setting to 64 [ 199.696118][ T5838] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d [ 199.715791][ T5929] usb 4-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5 [ 199.725914][ T5929] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 199.734788][ T5929] usb 4-1: Product: syz [ 199.739069][ T5929] usb 4-1: Manufacturer: syz [ 199.744285][ T5929] usb 4-1: SerialNumber: syz [ 199.766724][ T5929] usb 4-1: config 0 descriptor?? [ 199.907855][ T5840] ocfs2: Unmounting device (7,2) on (node local) [ 199.918749][ T5907] usb 1-1: new high-speed USB device number 7 using dummy_hcd [ 200.191251][ T5907] usb 1-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36 [ 200.208725][ T5907] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 200.238084][ T5907] usb 1-1: Product: syz [ 200.252502][ T5907] usb 1-1: Manufacturer: syz [ 200.267631][ T5907] usb 1-1: SerialNumber: syz [ 200.277374][ T5907] usb 1-1: config 0 descriptor?? [ 200.281849][ T9069] loop6: detected capacity change from 0 to 40427 [ 200.300417][ T5907] ch341 1-1:0.0: ch341-uart converter detected [ 200.320018][ T9069] F2FS-fs (loop6): build fault injection attr: rate: 690, type: 0x1fffff [ 200.348668][ T9069] F2FS-fs (loop6): heap/no_heap options were deprecated [ 200.366136][ T9069] F2FS-fs (loop6): Image doesn't support compression [ 200.386546][ T9069] F2FS-fs (loop6): invalid crc value [ 200.414249][ T5929] input: syz syz as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.214/input/input18 [ 200.474108][ T9069] F2FS-fs (loop6): Found nat_bits in checkpoint [ 200.545476][ T9105] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1086'. [ 200.564083][ T9096] loop1: detected capacity change from 0 to 32768 [ 200.581952][ T9096] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1083 (9096) [ 200.607991][ T9096] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 200.626469][ T9096] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 200.640136][ T5929] usb 4-1: USB disconnect, device number 6 [ 200.643587][ T9096] BTRFS info (device loop1): using free-space-tree [ 200.654405][ T9069] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5 [ 200.904677][ T9129] bridge0: port 1(bridge_slave_0) entered blocking state [ 200.911853][ T9129] bridge0: port 1(bridge_slave_0) entered forwarding state [ 201.034675][ T9069] syz.6.1080 (9069): drop_caches: 2 [ 201.112943][ T5839] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 201.136958][ T9133] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1092'. [ 201.142901][ T5907] usb 1-1: failed to send control message: -71 [ 201.157012][ T5907] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71 [ 201.176946][ T5907] usb 1-1: USB disconnect, device number 7 [ 201.184143][ T5907] ch341 1-1:0.0: device disconnected [ 201.191219][ T6176] syz-executor: attempt to access beyond end of device [ 201.191219][ T6176] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427 [ 201.205630][ T6176] F2FS-fs (loop6): Stopped filesystem due to reason: 3 [ 201.220775][ T9133] netlink: 160 bytes leftover after parsing attributes in process `syz.2.1092'. [ 201.271530][ T9135] loop3: detected capacity change from 0 to 512 [ 201.327747][ T9135] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 201.359847][ T9135] EXT4-fs (loop3): invalid journal inode [ 201.366724][ T9135] EXT4-fs (loop3): can't get journal size [ 201.445307][ T9135] EXT4-fs (loop3): 1 truncate cleaned up [ 201.467315][ T9139] loop2: detected capacity change from 0 to 1024 [ 201.487083][ T9135] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 201.510046][ T9139] hfsplus: small dir entry [ 201.603146][ T9135] EXT4-fs warning (device loop3): verify_group_input:137: Cannot add at group 27 (only 1 groups) [ 201.914672][ T5845] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 201.933447][ T9113] loop4: detected capacity change from 0 to 32768 [ 201.987231][ T9156] input: syz0 as /devices/virtual/input/input19 [ 202.101063][ T9113] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 202.296254][ T9113] XFS (loop4): Ending clean mount [ 202.304179][ T9113] XFS (loop4): Quotacheck needed: Please wait. [ 202.311423][ T9168] loop6: detected capacity change from 0 to 512 [ 202.379563][ T9168] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback. [ 202.407474][ T9113] XFS (loop4): Quotacheck: Done. [ 202.453564][ T9168] ext4 filesystem being mounted at /150/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 202.501771][ T29] audit: type=1800 audit(1731104414.288:209): pid=9113 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1087" name="bus" dev="loop4" ino=9291 res=0 errno=0 [ 202.508593][ T9113] XFS (loop4): User initiated shutdown received. [ 202.548082][ T9113] XFS (loop4): Log I/O Error (0x6) detected at xfs_fs_goingdown+0xe2/0x160 (fs/xfs/xfs_fsops.c:455). Shutting down filesystem. [ 202.580335][ T9168] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000d40000 ro. Quota mode: writeback. [ 202.587935][ T9113] XFS (loop4): Please unmount the filesystem and rectify the problem(s) [ 202.672096][ T9154] loop0: detected capacity change from 0 to 32768 [ 202.751776][ T9154] XFS (loop0): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 202.763151][ T9163] loop3: detected capacity change from 0 to 32768 [ 202.841712][ T9185] netdevsim netdevsim2 : renamed from netdevsim0 [ 202.856117][ T9185] netdevsim netdevsim2 : left promiscuous mode [ 202.864636][ T6176] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000d40000. [ 202.877700][ T5838] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 203.002348][ T9190] netlink: 80 bytes leftover after parsing attributes in process `syz.2.1110'. [ 203.047556][ T9180] loop1: detected capacity change from 0 to 32768 [ 203.083742][ T9180] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1106 (9180) [ 203.095505][ T9163] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode. [ 203.117010][ T9154] XFS (loop0): Ending clean mount [ 203.119390][ T9180] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 203.132704][ T9180] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm [ 203.141537][ T9180] BTRFS info (device loop1): disk space caching is enabled [ 203.149176][ T9180] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2 [ 203.165793][ T9163] (syz.3.1098,9163,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=0, inode=3298534883393, rec_len=0, name_len=1 [ 203.223216][ T9163] (syz.3.1098,9163,1):ocfs2_prepare_dir_for_insert:4277 ERROR: status = -2 [ 203.237465][ T9154] XFS (loop0): Quotacheck needed: Please wait. [ 203.253400][ T9163] (syz.3.1098,9163,1):ocfs2_mknod:296 ERROR: status = -2 [ 203.261297][ T9163] (syz.3.1098,9163,1):ocfs2_mknod:500 ERROR: status = -2 [ 203.268376][ T9163] (syz.3.1098,9163,1):ocfs2_create:674 ERROR: status = -2 [ 203.542049][ T5845] ocfs2: Unmounting device (7,3) on (node local) [ 203.582717][ T9154] XFS (loop0): Quotacheck: Done. [ 203.597800][ T9180] BTRFS info (device loop1): rebuilding free space tree [ 203.750928][ T9180] BTRFS info (device loop1): disabling free space tree [ 203.757950][ T9180] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1) [ 203.768690][ T9180] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2) [ 203.840552][ T5846] XFS (loop0): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 203.946768][ T9201] loop2: detected capacity change from 0 to 32768 [ 204.366213][ T9201] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 204.446485][ T9226] loop6: detected capacity change from 0 to 32768 [ 204.542307][ T5839] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 204.628635][ T9201] XFS (loop2): Ending clean mount [ 204.756743][ T5840] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 204.913920][ T9253] loop0: detected capacity change from 0 to 32768 [ 204.925795][ T9226] XFS (loop6): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 204.967911][ T9253] BTRFS: device /dev/loop0 (7:0) using temp-fsid 813df832-7bd3-4d63-811c-653a74d1a9db [ 205.012288][ T9253] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1126 (9253) [ 205.092504][ T9265] netlink: 'syz.4.1131': attribute type 12 has an invalid length. [ 205.104761][ T9253] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf [ 205.115155][ T9265] netlink: 'syz.4.1131': attribute type 29 has an invalid length. [ 205.123181][ T9265] netlink: 148 bytes leftover after parsing attributes in process `syz.4.1131'. [ 205.132387][ T9265] netlink: 39 bytes leftover after parsing attributes in process `syz.4.1131'. [ 205.185193][ T9253] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm [ 205.190949][ T9270] loop2: detected capacity change from 0 to 1024 [ 205.194236][ T9253] BTRFS info (device loop0): using free-space-tree [ 205.262315][ T9226] XFS (loop6): Ending clean mount [ 205.441943][ T9270] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 205.531835][ T6176] XFS (loop6): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 205.546770][ T9290] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection. [ 205.754597][ T9303] loop4: detected capacity change from 0 to 512 [ 205.773676][ T9303] EXT4-fs: Ignoring removed orlov option [ 205.811763][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 205.959199][ T9303] EXT4-fs error (device loop4): dx_probe:823: inode #2: comm syz.4.1141: Attempting to read directory block (0) that is past i_size (256) [ 205.999101][ T5846] BTRFS info (device loop0): last unmount of filesystem 813df832-7bd3-4d63-811c-653a74d1a9db [ 206.009520][ T9303] EXT4-fs (loop4): Remounting filesystem read-only [ 206.030690][ T9303] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117 [ 206.042710][ T9303] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 206.147684][ T5838] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 206.223560][ T5859] Bluetooth: hci1: command 0x0406 tx timeout [ 206.229784][ T5859] Bluetooth: hci4: command 0x0406 tx timeout [ 206.235814][ T5859] Bluetooth: hci0: command 0x0406 tx timeout [ 206.240495][ T5856] Bluetooth: hci2: command 0x0406 tx timeout [ 206.242183][ T5859] Bluetooth: hci3: command 0x0406 tx timeout [ 206.535553][ T9326] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check. [ 206.557420][ T9328] netlink: 209844 bytes leftover after parsing attributes in process `syz.4.1150'. [ 207.060265][ T9352] syz.6.1161 uses obsolete (PF_INET,SOCK_PACKET) [ 207.075643][ T9355] Bluetooth: received HCILL_WAKE_UP_ACK in state 2 [ 207.096602][ T9356] loop2: detected capacity change from 0 to 256 [ 207.144996][ T9358] loop4: detected capacity change from 0 to 512 [ 207.163582][ T9358] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem [ 207.175069][ T9358] EXT4-fs (loop4): invalid journal inode [ 207.181297][ T9358] EXT4-fs (loop4): can't get journal size [ 207.232480][ T9358] EXT4-fs (loop4): 1 truncate cleaned up [ 207.248040][ T9358] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 207.560108][ T5838] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 207.767273][ T9362] loop3: detected capacity change from 0 to 32768 [ 207.807798][ T9383] loop4: detected capacity change from 0 to 1024 [ 207.820145][ T9362] find_entry called with index >= next_index [ 207.827057][ T9362] find_entry called with index >= next_index [ 207.856176][ T9362] find_entry called with index >= next_index [ 208.059107][ T9392] netlink: 44 bytes leftover after parsing attributes in process `syz.6.1180'. [ 208.144376][ T9398] loop3: detected capacity change from 0 to 1024 [ 208.167925][ T9400] loop1: detected capacity change from 0 to 16 [ 208.199012][ T9400] erofs: (device loop1): mounted with root inode @ nid 36. [ 208.228808][ T9398] hfsplus: request for non-existent node 3 in B*Tree [ 208.235827][ T9398] hfsplus: request for non-existent node 3 in B*Tree [ 208.250040][ T9400] erofs: (device loop1): z_erofs_read_folio: read error -95 @ 8200 of nid 36 [ 208.256390][ T79] hfsplus: b-tree write err: -5, ino 4 [ 208.368653][ T9398] hfsplus: b-tree write err: -5, ino 3 [ 208.779666][ T9425] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1194'. [ 208.853990][ T29] audit: type=1326 audit(1731104420.638:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9426 comm="syz.6.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb96457e719 code=0x7ffc0000 [ 208.901082][ T29] audit: type=1326 audit(1731104420.658:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9426 comm="syz.6.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb96457e719 code=0x7ffc0000 [ 208.976909][ T9430] loop3: detected capacity change from 0 to 1024 [ 209.046115][ T29] audit: type=1326 audit(1731104420.658:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9426 comm="syz.6.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=292 compat=0 ip=0x7fb96457e719 code=0x7ffc0000 [ 209.109811][ T5849] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 209.188804][ T47] hfsplus: b-tree write err: -5, ino 4 [ 209.212767][ T29] audit: type=1326 audit(1731104420.658:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9426 comm="syz.6.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb96457e719 code=0x7ffc0000 [ 209.242469][ T9404] loop2: detected capacity change from 0 to 32768 [ 209.377321][ T29] audit: type=1326 audit(1731104420.658:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9426 comm="syz.6.1196" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb96457e719 code=0x7ffc0000 [ 209.463584][ T9404] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 209.550457][ T9404] XFS (loop2): Ending clean mount [ 209.563353][ T9404] XFS (loop2): Quotacheck needed: Please wait. [ 209.655434][ T9404] XFS (loop2): Quotacheck: Done. [ 209.933031][ T5840] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb [ 210.116659][ T9431] loop4: detected capacity change from 0 to 131072 [ 210.462896][ T9455] netlink: 209844 bytes leftover after parsing attributes in process `syz.0.1204'. [ 210.553500][ T9431] F2FS-fs (loop4): Found nat_bits in checkpoint [ 210.713791][ T9431] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5 [ 210.789062][ T5841] usb 1-1: new high-speed USB device number 8 using dummy_hcd [ 210.803775][ T9470] loop1: detected capacity change from 0 to 512 [ 210.871197][ T9470] EXT4-fs error (device loop1): ext4_orphan_get:1388: inode #15: comm syz.1.1210: casefold flag without casefold feature [ 210.919573][ T9470] EXT4-fs error (device loop1): ext4_orphan_get:1393: comm syz.1.1210: couldn't read orphan inode 15 (err -117) [ 210.972724][ T5841] usb 1-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=14.d4 [ 210.982240][ T5841] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 210.993306][ T5841] usb 1-1: config 0 descriptor?? [ 210.993428][ T9470] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 211.116291][ T9478] loop6: detected capacity change from 0 to 512 [ 211.142031][ T9478] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem [ 211.170567][ T9478] EXT4-fs (loop6): invalid journal inode [ 211.176340][ T9478] EXT4-fs (loop6): can't get journal size [ 211.229520][ T5839] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 211.249520][ T9478] EXT4-fs (loop6): 1 truncate cleaned up [ 211.265280][ T9475] loop3: detected capacity change from 0 to 32768 [ 211.270984][ T9478] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 211.310846][ T9475] XFS (loop3): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 211.479649][ T6176] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 211.511106][ T9475] XFS (loop3): Ending clean mount [ 211.693426][ T5841] gs_usb 1-1:0.0: Configuring for 1 interfaces [ 211.744863][ T9495] netlink: 'syz.4.1211': attribute type 12 has an invalid length. [ 211.768766][ T5841] gs_usb 1-1:0.0: Couldn't register candev for channel 0 (-EINVAL) [ 211.808831][ T9495] netlink: 'syz.4.1211': attribute type 29 has an invalid length. [ 211.816716][ T9495] netlink: 'syz.4.1211': attribute type 2 has an invalid length. [ 211.862530][ T9495] netlink: 128 bytes leftover after parsing attributes in process `syz.4.1211'. [ 211.899965][ T5841] gs_usb 1-1:0.0: probe with driver gs_usb failed with error -22 [ 211.930586][ T9496] loop6: detected capacity change from 0 to 4096 [ 211.938588][ T9496] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512). [ 211.963956][ T5845] XFS (loop3): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a [ 211.991645][ T5906] usb 1-1: USB disconnect, device number 8 [ 212.162891][ T9496] ntfs3(loop6): Failed to initialize $Extend/$Reparse. [ 212.309496][ T6176] ntfs3(loop6): ino=1a, ntfs_sync_fs failed, -22. [ 212.648595][ T5906] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 212.723396][ T9517] loop0: detected capacity change from 0 to 4096 [ 212.732321][ T9517] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512). [ 212.795368][ T9517] ntfs3(loop0): Mark volume as dirty due to NTFS errors [ 212.819102][ T5906] usb 5-1: Using ep0 maxpacket: 16 [ 212.826475][ T5906] usb 5-1: config 0 has an invalid descriptor of length 101, skipping remainder of the config [ 212.860744][ T5906] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 212.880647][ T5906] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 110, changing to 10 [ 212.891762][ T9522] loop2: detected capacity change from 0 to 1764 [ 212.908914][ T5906] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 212.922324][ T5841] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 212.952034][ T5906] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42 [ 212.962140][ T5906] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0 [ 212.984330][ T5906] usb 5-1: Manufacturer: syz [ 212.995333][ T5906] usb 5-1: config 0 descriptor?? [ 213.093536][ T5841] usb 7-1: config 0 has an invalid interface number: 104 but max is 0 [ 213.103853][ T5841] usb 7-1: config 0 has no interface number 0 [ 213.110530][ T5841] usb 7-1: config 0 interface 104 has no altsetting 0 [ 213.120162][ T5841] usb 7-1: New USB device found, idVendor=0ac8, idProduct=0321, bcdDevice=a1.c9 [ 213.129556][ T5841] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 213.199994][ T5841] usb 7-1: Product: syz [ 213.219887][ T5841] usb 7-1: Manufacturer: syz [ 213.224546][ T5841] usb 7-1: SerialNumber: syz [ 213.248208][ T5841] usb 7-1: config 0 descriptor?? [ 213.293003][ T5841] gspca_main: vc032x-2.14.0 probing 0ac8:0321 [ 213.336057][ T5906] rc_core: IR keymap rc-hauppauge not found [ 213.348867][ T5906] Registered IR keymap rc-empty [ 213.358780][ T5906] mceusb 5-1:0.0: Error: mce write urb status = -71 [ 213.401767][ T5906] mceusb 5-1:0.0: Error: mce write urb status = -71 [ 213.429748][ T5906] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0 [ 213.443584][ T9539] loop4: detected capacity change from 0 to 524287999 [ 213.467181][ T5906] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input20 [ 213.500608][ C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 213.509173][ T5841] gspca_vc032x: reg_r err -71 [ 213.510246][ C1] Buffer I/O error on dev loop4, logical block 0, async page read [ 213.514836][ T5841] gspca_vc032x: I2c Bus Busy Wait 00 [ 213.530731][ C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 213.535909][ T5841] gspca_vc032x: I2c Bus Busy Wait 00 [ 213.540054][ C1] Buffer I/O error on dev loop4, logical block 0, async page read [ 213.555380][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 213.564601][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 213.579638][ T29] audit: type=1800 audit(1731104425.338:215): pid=9542 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1237" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 213.609970][ T5841] gspca_vc032x: I2c Bus Busy Wait 00 [ 213.615653][ T5906] mceusb 5-1:0.0: Error: mce write urb status = -71 [ 213.622791][ C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 213.629809][ T5841] gspca_vc032x: I2c Bus Busy Wait 00 [ 213.632046][ C1] Buffer I/O error on dev loop4, logical block 0, async page read [ 213.646507][ C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 213.648681][ T5841] gspca_vc032x: I2c Bus Busy Wait 00 [ 213.655824][ C1] Buffer I/O error on dev loop4, logical block 0, async page read [ 213.672483][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 213.681718][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 213.689679][ T5906] mceusb 5-1:0.0: Error: mce write urb status = -71 [ 213.700657][ C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 213.709941][ C1] Buffer I/O error on dev loop4, logical block 0, async page read [ 213.717132][ T5906] mceusb 5-1:0.0: Error: mce write urb status = -71 [ 213.724893][ C1] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 213.734162][ C1] Buffer I/O error on dev loop4, logical block 0, async page read [ 213.734805][ T5841] gspca_vc032x: I2c Bus Busy Wait 00 [ 213.753467][ T9539] ldm_validate_partition_table(): Disk read failed. [ 213.790689][ T5906] mceusb 5-1:0.0: Error: mce write urb status = -71 [ 213.819030][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 213.828251][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 213.840262][ T5841] gspca_vc032x: I2c Bus Busy Wait 00 [ 213.840301][ C0] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 213.854795][ C0] Buffer I/O error on dev loop4, logical block 0, async page read [ 213.863152][ T9539] Dev loop4: unable to read RDB block 0 [ 213.868786][ T5841] gspca_vc032x: I2c Bus Busy Wait 00 [ 213.874137][ T5841] gspca_vc032x: I2c Bus Busy Wait 00 [ 213.879882][ T5841] gspca_vc032x: I2c Bus Busy Wait 00 [ 213.885220][ T5841] gspca_vc032x: I2c Bus Busy Wait 00 [ 213.890624][ T5841] gspca_vc032x: I2c Bus Busy Wait 00 [ 213.895990][ T5841] gspca_vc032x: I2c Bus Busy Wait 00 [ 213.901447][ T5841] gspca_vc032x: I2c Bus Busy Wait 00 [ 213.906793][ T5841] gspca_vc032x: I2c Bus Busy Wait 00 [ 213.912201][ T5841] gspca_vc032x: I2c Bus Busy Wait 00 [ 213.917559][ T5841] gspca_vc032x: I2c Bus Busy Wait 00 [ 213.923073][ T5841] gspca_vc032x: I2c Bus Busy Wait 00 [ 213.928407][ T5841] gspca_vc032x: Unknown sensor... [ 213.933452][ T9547] loop3: detected capacity change from 0 to 512 [ 213.933626][ T5841] vc032x 7-1:0.104: probe with driver vc032x failed with error -22 [ 213.955648][ T9539] loop4: unable to read partition table [ 213.961171][ T5906] mceusb 5-1:0.0: Error: mce write urb status = -71 [ 213.973077][ T5841] usb 7-1: USB disconnect, device number 4 [ 213.974190][ T9539] loop_reread_partitions: partition scan of loop4 (3Ÿ ¾x³˜CÖ) failed (rc=-5) [ 213.989576][ T9547] EXT4-fs: Ignoring removed bh option [ 213.994730][ T5906] mceusb 5-1:0.0: Error: mce write urb status = -71 [ 214.003238][ T9547] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem [ 214.020380][ T5906] mceusb 5-1:0.0: Error: mce write urb status = -71 [ 214.032139][ T9547] EXT4-fs (loop3): 1 truncate cleaned up [ 214.039093][ T5906] mceusb 5-1:0.0: Error: mce write urb status = -71 [ 214.058932][ T5906] mceusb 5-1:0.0: Error: mce write urb status = -71 [ 214.065980][ T9547] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 214.092974][ T29] audit: type=1800 audit(1731104425.878:216): pid=9547 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1239" name="file0" dev="loop3" ino=13 res=0 errno=0 [ 214.113213][ T5906] mceusb 5-1:0.0: Error: mce write urb status = -71 [ 214.139678][ T5906] mceusb 5-1:0.0: Registered 424242424242 with mce emulator interface version 1 [ 214.149093][ T5906] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active) [ 214.160514][ T5906] usb 5-1: USB disconnect, device number 8 [ 214.253824][ T5845] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 214.359467][ T9533] loop1: detected capacity change from 0 to 32768 [ 214.368303][ T9550] loop0: detected capacity change from 0 to 1024 [ 214.454294][ T9545] loop2: detected capacity change from 0 to 32768 [ 214.520145][ T9558] loop6: detected capacity change from 0 to 512 [ 214.598308][ T9558] EXT4-fs error (device loop6): ext4_read_inode_bitmap:139: comm syz.6.1243: Invalid inode bitmap blk 4 in block_group 0 [ 214.619754][ T9550] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 214.646344][ T9545] XFS (loop2): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 214.652334][ T9550] ext4 filesystem being mounted at /183/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 214.705454][ T9558] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 214.742416][ T9545] XFS (loop2): Ending clean mount [ 214.765047][ T9545] XFS (loop2): Quotacheck needed: Please wait. [ 214.813453][ T9558] EXT4-fs error (device loop6): ext4_read_inode_bitmap:139: comm syz.6.1243: Invalid inode bitmap blk 4 in block_group 0 [ 214.822425][ T9545] XFS (loop2): Quotacheck: Done. [ 214.900725][ T9558] EXT4-fs error (device loop6) in ext4_free_inode:360: Corrupt filesystem [ 214.937647][ T5840] XFS (loop2): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a [ 214.963805][ T5846] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 215.029965][ T6176] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 215.228990][ T29] audit: type=1326 audit(1731104426.968:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9573 comm="syz.6.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb96457e719 code=0x7ffc0000 [ 215.267375][ T29] audit: type=1326 audit(1731104426.968:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9573 comm="syz.6.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb96457e719 code=0x7ffc0000 [ 215.290927][ T29] audit: type=1326 audit(1731104426.978:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9573 comm="syz.6.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb96457d0b0 code=0x7ffc0000 [ 215.313972][ T29] audit: type=1326 audit(1731104426.978:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9573 comm="syz.6.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fb96457ff47 code=0x7ffc0000 [ 215.336469][ T29] audit: type=1326 audit(1731104426.978:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9573 comm="syz.6.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fb96457e719 code=0x7ffc0000 [ 215.358980][ T29] audit: type=1326 audit(1731104426.978:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9573 comm="syz.6.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fb96457ff47 code=0x7ffc0000 [ 215.381701][ T29] audit: type=1326 audit(1731104426.978:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9573 comm="syz.6.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fb96457d3aa code=0x7ffc0000 [ 215.404547][ T29] audit: type=1326 audit(1731104426.978:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9573 comm="syz.6.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb96457e719 code=0x7ffc0000 [ 215.427828][ T29] audit: type=1326 audit(1731104426.978:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9573 comm="syz.6.1249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb96457e719 code=0x7ffc0000 [ 215.696222][ T9590] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1254'. [ 215.769007][ T5929] usb 7-1: new high-speed USB device number 5 using dummy_hcd [ 215.930634][ T5929] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 215.949705][ T5929] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3 [ 215.965351][ T5906] kernel write not supported for file /input/mice (pid: 5906 comm: kworker/0:5) [ 215.974186][ T5929] usb 7-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00 [ 216.015769][ T5929] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3 [ 216.046435][ T5929] usb 7-1: SerialNumber: syz [ 216.105490][ T9575] loop0: detected capacity change from 0 to 32768 [ 216.167287][ T9608] loop4: detected capacity change from 0 to 1024 [ 216.182708][ T9575] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 216.215886][ T9608] hfsplus: request for non-existent node 3 in B*Tree [ 216.237491][ T9608] hfsplus: request for non-existent node 3 in B*Tree [ 216.273944][ T5929] usb 7-1: 0:2 : does not exist [ 216.308055][ T9608] hfsplus: b-tree write err: -5, ino 3 [ 216.323488][ T5929] usb 7-1: USB disconnect, device number 5 [ 216.350599][ T9575] XFS (loop0): Ending clean mount [ 216.420168][ T5846] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 216.547585][ T9625] program syz.2.1268 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 216.703279][ T9629] process 'syz.2.1269' launched './file0' with NULL argv: empty string added [ 216.765059][ T9630] netlink: 'syz.0.1266': attribute type 1 has an invalid length. [ 216.778673][ T9630] netlink: 168 bytes leftover after parsing attributes in process `syz.0.1266'. [ 216.787968][ T9630] netlink: 'syz.0.1266': attribute type 1 has an invalid length. [ 216.796050][ T9630] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1266'. [ 216.957792][ T9643] bpf: Bad value for 'gid' [ 217.208574][ T5906] usb 5-1: new high-speed USB device number 9 using dummy_hcd [ 217.381082][ T5906] usb 5-1: New USB device found, idVendor=1d50, idProduct=606f, bcdDevice=14.d4 [ 217.404146][ T5906] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 217.438240][ T5906] usb 5-1: config 0 descriptor?? [ 217.591256][ T9648] loop6: detected capacity change from 0 to 32768 [ 217.661195][ T9648] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 217.819275][ T9673] loop3: detected capacity change from 0 to 512 [ 217.826264][ T9659] loop2: detected capacity change from 0 to 32768 [ 217.826630][ T9673] EXT4-fs: Ignoring removed orlov option [ 217.893460][ T5906] gs_usb 5-1:0.0: Configuring for 1 interfaces [ 217.909525][ T9673] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 217.926087][ T9659] find_entry called with index >= next_index [ 217.934190][ T9659] find_entry called with index >= next_index [ 217.944574][ T9648] XFS (loop6): Ending clean mount [ 217.948587][ T9659] find_entry called with index >= next_index [ 217.962946][ T9648] XFS (loop6): Quotacheck needed: Please wait. [ 217.988998][ T9673] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2240: inode #15: comm syz.3.1286: corrupted in-inode xattr: overlapping e_value [ 218.076414][ T9673] EXT4-fs error (device loop3): ext4_orphan_get:1393: comm syz.3.1286: couldn't read orphan inode 15 (err -117) [ 218.155592][ T9660] loop1: detected capacity change from 0 to 32768 [ 218.164367][ T5906] gs_usb 5-1:0.0: Couldn't register candev for channel 0 (-EINVAL) [ 218.165653][ T9673] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 218.289082][ T5906] gs_usb 5-1:0.0: probe with driver gs_usb failed with error -22 [ 218.309558][ T9648] XFS (loop6): Quotacheck: Done. [ 218.332464][ T5906] usb 5-1: USB disconnect, device number 9 [ 218.368333][ T9648] XFS (loop6): User initiated shutdown received. [ 218.375640][ T9648] XFS (loop6): Log I/O Error (0x6) detected at xfs_fs_goingdown+0xe2/0x160 (fs/xfs/xfs_fsops.c:455). Shutting down filesystem. [ 218.382771][ T9673] EXT4-fs error (device loop3): ext4_empty_dir:3105: inode #2: block 13: comm syz.3.1286: bad entry in directory: rec_len is smaller than minimal - offset=268, inode=0, rec_len=0, size=1024 fake=0 [ 218.398268][ T9648] XFS (loop6): Please unmount the filesystem and rectify the problem(s) [ 218.478920][ T9673] EXT4-fs warning (device loop3): ext4_empty_dir:3107: inode #2: comm syz.3.1286: directory missing '..' [ 218.517332][ T9660] add_index: next_index = 0. Resetting! [ 218.527101][ T9660] non-latin1 character 0x3ff found in JFS file name [ 218.551250][ T6176] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 [ 218.578045][ T9660] mount with iocharset=utf8 to access [ 218.652316][ T5845] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 219.095549][ T9682] loop2: detected capacity change from 0 to 32768 [ 219.132003][ T9682] (syz.2.1288,9682,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 219.170578][ T9682] (syz.2.1288,9682,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC. [ 219.185086][ T9680] loop0: detected capacity change from 0 to 40427 [ 219.215408][ T9680] F2FS-fs (loop0): invalid crc value [ 219.220271][ T9693] loop1: detected capacity change from 0 to 2048 [ 219.237793][ T9682] JBD2: Ignoring recovery information on journal [ 219.254311][ T9680] F2FS-fs (loop0): Found nat_bits in checkpoint [ 219.333989][ T9693] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 219.347042][ T9680] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5 [ 219.354925][ T9693] ext4 filesystem being mounted at /207/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 219.393923][ T29] kauditd_printk_skb: 8 callbacks suppressed [ 219.393946][ T29] audit: type=1800 audit(1731104431.178:234): pid=9680 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1289" name="bus" dev="loop0" ino=10 res=0 errno=0 [ 219.417398][ T9682] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode. [ 219.439738][ T9680] syz.0.1289: attempt to access beyond end of device [ 219.439738][ T9680] loop0: rw=2049, sector=45096, nr_sectors = 24 limit=40427 [ 219.495188][ T9693] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.1292: bg 0: block 288: padding at end of block bitmap is not set [ 219.614861][ T5846] syz-executor: attempt to access beyond end of device [ 219.614861][ T5846] loop0: rw=2049, sector=45120, nr_sectors = 8 limit=40427 [ 219.682159][ T5846] F2FS-fs (loop0): Stopped filesystem due to reason: 3 [ 219.717489][ T5839] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 219.953974][ T9716] loop4: detected capacity change from 0 to 512 [ 220.020311][ T5840] ocfs2: Unmounting device (7,2) on (node local) [ 220.095103][ T9716] EXT4-fs error (device loop4): ext4_orphan_get:1388: inode #15: comm syz.4.1303: casefold flag without casefold feature [ 220.151145][ T9716] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.1303: couldn't read orphan inode 15 (err -117) [ 220.218943][ T9724] loop2: detected capacity change from 0 to 128 [ 220.230022][ T9716] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 220.246189][ T9722] tap0: tun_chr_ioctl cmd 35108 [ 220.255066][ T9724] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256 [ 220.284744][ T9724] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000) [ 220.450193][ T9726] loop3: detected capacity change from 0 to 512 [ 220.457859][ T9726] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode [ 220.461039][ T5838] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 220.501849][ T9726] EXT4-fs (loop3): 1 truncate cleaned up [ 220.537298][ T9726] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 220.889605][ T5845] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 221.014467][ T9731] loop2: detected capacity change from 0 to 32768 [ 221.058356][ T9745] loop0: detected capacity change from 0 to 2048 [ 221.110960][ T9745] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 221.149140][ T9745] ext4 filesystem being mounted at /194/file0 supports timestamps until 2038-01-19 (0x7fffffff) [ 221.203155][ T9731] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,norecovery,nojournal_transaction_names,reconstruct_alloc,no_data_io [ 221.224744][ T9731] bcachefs (loop2): recovering from clean shutdown, journal seq 10 [ 221.235972][ T9731] bcachefs (loop2): Version upgrade required: [ 221.235972][ T9731] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete [ 221.235972][ T9731] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.13: inode_has_child_snapshots [ 221.235972][ T9731] running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,set_fs_needs_rebalance [ 221.267248][ T9745] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1313: bg 0: block 288: padding at end of block bitmap is not set [ 221.382258][ T9731] bcachefs (loop2): dropping and reconstructing all alloc info [ 221.426549][ T9766] loop6: detected capacity change from 0 to 512 [ 221.431282][ T9731] bcachefs (loop2): check_topology... done [ 221.449927][ T9731] bcachefs (loop2): accounting_read... [ 221.454777][ T9766] EXT4-fs error (device loop6): ext4_orphan_get:1388: inode #15: comm syz.6.1319: casefold flag without casefold feature [ 221.477658][ T9766] EXT4-fs error (device loop6): ext4_orphan_get:1393: comm syz.6.1319: couldn't read orphan inode 15 (err -117) [ 221.527931][ T9731] done [ 221.562485][ T9731] bcachefs (loop2): alloc_read... done [ 221.574841][ T9731] bcachefs (loop2): stripes_read... done [ 221.586573][ T9771] random: crng reseeded on system resumption [ 221.607576][ T9731] bcachefs (loop2): snapshots_read... done [ 221.620314][ T9773] loop1: detected capacity change from 0 to 1024 [ 221.634386][ T9731] bcachefs (loop2): check_allocations... [ 221.640055][ T9766] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback. [ 221.703737][ T9731] done [ 221.709904][ T9773] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none. [ 221.710928][ T5846] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000. [ 221.723407][ T9773] ext4 filesystem being mounted at /212/file1 supports timestamps until 2038-01-19 (0x7fffffff) [ 221.892473][ T9773] ------------[ cut here ]------------ [ 221.897975][ T9773] Looking for class "&ei->i_data_sem" with key init_once.__key.799, but found a different class "&ei->i_data_sem" with the same key [ 221.911652][ T9773] WARNING: CPU: 1 PID: 9773 at kernel/locking/lockdep.c:939 look_up_lock_class+0xdc/0x170 [ 221.921664][ T9773] Modules linked in: [ 221.925566][ T9773] CPU: 1 UID: 0 PID: 9773 Comm: syz.1.1320 Not tainted 6.12.0-rc6-syzkaller-00225-g50643bbc9eb6 #0 [ 221.936339][ T9773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 221.946474][ T9773] RIP: 0010:look_up_lock_class+0xdc/0x170 [ 221.946513][ T9773] Code: 01 0f 85 8a 00 00 00 c6 05 a8 58 3f 04 01 90 49 8b 16 49 8b 76 18 48 8b 8b b8 00 00 00 48 c7 c7 c0 eb 0a 8c e8 65 63 8e f5 90 <0f> 0b 90 90 eb 61 90 e8 e8 6e f2 f8 e8 33 a2 ad f5 48 c7 c7 00 eb [ 221.946538][ T9773] RSP: 0018:ffffc9000fc6f4f0 EFLAGS: 00010046 [ 221.946563][ T9773] RAX: b3d08f155c7f6500 RBX: ffffffff93cf8798 RCX: 0000000000040000 [ 221.946583][ T9773] RDX: ffffc9000b961000 RSI: 0000000000008ee3 RDI: 0000000000008ee4 [ 221.946601][ T9773] RBP: ffffc9000fc6f600 R08: ffffffff8155d312 R09: fffffbfff1cf9fd0 [ 221.946621][ T9773] R10: dffffc0000000000 R11: fffffbfff1cf9fd0 R12: ffff88806fe6dbb0 [ 221.946643][ T9773] R13: ffff88806fe6dbb0 R14: ffff88806fe6dbb0 R15: ffffffff9a5083e1 [ 221.946667][ T9773] FS: 00007f814a94e6c0(0000) GS:ffff8880b8700000(0000) knlGS:0000000000000000 [ 221.946694][ T9773] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 221.946714][ T9773] CR2: 0000001b30b12ff8 CR3: 000000002fbe4000 CR4: 0000000000350ef0 [ 221.946739][ T9773] Call Trace: [ 221.946749][ T9773] [ 221.946761][ T9773] ? __warn+0x168/0x4e0 [ 221.946792][ T9773] ? look_up_lock_class+0xdc/0x170 [ 221.946828][ T9773] ? report_bug+0x2b3/0x500 [ 221.946857][ T9773] ? look_up_lock_class+0xdc/0x170 [ 221.946894][ T9773] ? handle_bug+0x60/0x90 [ 221.946933][ T9773] ? exc_invalid_op+0x1a/0x50 [ 221.946970][ T9773] ? asm_exc_invalid_op+0x1a/0x20 [ 221.947007][ T9773] ? __warn_printk+0x292/0x360 [ 221.947052][ T9773] ? look_up_lock_class+0xdc/0x170 [ 221.972851][ T9773] register_lock_class+0x102/0x980 [ 221.972905][ T9773] ? srso_alias_return_thunk+0x5/0xfbef5 [ 221.972944][ T9773] ? __asan_memset+0x23/0x50 [ 221.972986][ T9773] ? srso_alias_return_thunk+0x5/0xfbef5 [ 221.973021][ T9773] ? truncate_inode_pages_range+0x51f/0xfc0 [ 221.973056][ T9773] ? __pfx_register_lock_class+0x10/0x10 [ 221.973098][ T9773] ? srso_alias_return_thunk+0x5/0xfbef5 [ 221.973142][ T9773] __lock_acquire+0xf0/0x2050 [ 221.993436][ T9731] bcachefs (loop2): going read-write [ 221.995522][ T9773] lock_acquire+0x1ed/0x550 [ 222.144208][ T9773] ? ext4_ioctl+0x4124/0x5590 [ 222.148925][ T9773] ? __pfx_lock_acquire+0x10/0x10 [ 222.153998][ T9773] ? __pfx___might_resched+0x10/0x10 [ 222.159302][ T9773] ? __pfx___might_resched+0x10/0x10 [ 222.164622][ T9773] ? __pfx___might_resched+0x10/0x10 [ 222.169926][ T9773] down_write_nested+0xa2/0x220 [ 222.174785][ T9773] ? ext4_ioctl+0x4124/0x5590 [ 222.179481][ T9773] ? __pfx_down_write_nested+0x10/0x10 [ 222.185038][ T9773] ? ext4_journal_check_start+0x175/0x250 [ 222.190894][ T9773] ? __ext4_journal_start_sb+0x290/0x600 [ 222.196539][ T9773] ext4_ioctl+0x4124/0x5590 [ 222.201062][ T9773] ? do_syscall_64+0xf3/0x230 [ 222.205748][ T9773] ? srso_alias_return_thunk+0x5/0xfbef5 [ 222.211390][ T9773] ? do_vfs_ioctl+0x1e68/0x2e40 [ 222.216247][ T9773] ? __pfx_ext4_ioctl+0x10/0x10 [ 222.221296][ T9773] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 222.226327][ T9773] ? srso_alias_return_thunk+0x5/0xfbef5 [ 222.231972][ T9773] ? mark_lock+0x9a/0x360 [ 222.236314][ T9773] ? srso_alias_return_thunk+0x5/0xfbef5 [ 222.242057][ T9773] ? tomoyo_path_number_perm+0x208/0x880 [ 222.247700][ T9773] ? __pfx_lock_release+0x10/0x10 [ 222.252828][ T9773] ? lockdep_hardirqs_on+0x99/0x150 [ 222.258040][ T9773] ? srso_alias_return_thunk+0x5/0xfbef5 [ 222.263712][ T9773] ? srso_alias_return_thunk+0x5/0xfbef5 [ 222.269390][ T9773] ? kfree+0x1a0/0x440 [ 222.273486][ T9773] ? tomoyo_path_number_perm+0x68d/0x880 [ 222.279230][ T9773] ? srso_alias_return_thunk+0x5/0xfbef5 [ 222.284884][ T9773] ? tomoyo_path_number_perm+0x71a/0x880 [ 222.290534][ T9773] ? tomoyo_path_number_perm+0x208/0x880 [ 222.296186][ T9773] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 222.302206][ T9773] ? __fget_files+0x29/0x470 [ 222.306816][ T9773] ? __fget_files+0x3f3/0x470 [ 222.311511][ T9773] ? srso_alias_return_thunk+0x5/0xfbef5 [ 222.317208][ T9773] ? __pfx_ext4_ioctl+0x10/0x10 [ 222.322125][ T9773] __se_sys_ioctl+0xfb/0x170 [ 222.326760][ T9773] do_syscall_64+0xf3/0x230 [ 222.331282][ T9773] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 222.337276][ T9773] RIP: 0033:0x7f8149b7e719 [ 222.341816][ T9773] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 222.361475][ T9773] RSP: 002b:00007f814a94e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 222.369908][ T9773] RAX: ffffffffffffffda RBX: 00007f8149d35f80 RCX: 00007f8149b7e719 [ 222.377891][ T9773] RDX: 0000000000000000 RSI: 0000000000006611 RDI: 0000000000000004 [ 222.386107][ T9773] RBP: 00007f8149bf139e R08: 0000000000000000 R09: 0000000000000000 [ 222.394095][ T9773] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 222.402190][ T9773] R13: 0000000000000000 R14: 00007f8149d35f80 R15: 00007fff4bb1a6b8 [ 222.410195][ T9773] [ 222.413214][ T9773] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 222.420498][ T9773] CPU: 1 UID: 0 PID: 9773 Comm: syz.1.1320 Not tainted 6.12.0-rc6-syzkaller-00225-g50643bbc9eb6 #0 [ 222.431218][ T9773] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024 [ 222.441282][ T9773] Call Trace: [ 222.444558][ T9773] [ 222.447489][ T9773] dump_stack_lvl+0x241/0x360 [ 222.452184][ T9773] ? __pfx_dump_stack_lvl+0x10/0x10 [ 222.457396][ T9773] ? __pfx__printk+0x10/0x10 [ 222.461996][ T9773] ? _printk+0xd5/0x120 [ 222.466164][ T9773] ? __init_begin+0x41000/0x41000 [ 222.471210][ T9773] ? srso_alias_return_thunk+0x5/0xfbef5 [ 222.476855][ T9773] ? vscnprintf+0x5d/0x90 [ 222.481201][ T9773] panic+0x349/0x880 [ 222.485108][ T9773] ? __warn+0x177/0x4e0 [ 222.489268][ T9773] ? __pfx_panic+0x10/0x10 [ 222.493691][ T9773] ? show_trace_log_lvl+0x3b2/0x410 [ 222.498904][ T9773] __warn+0x34b/0x4e0 [ 222.502889][ T9773] ? look_up_lock_class+0xdc/0x170 [ 222.508006][ T9773] report_bug+0x2b3/0x500 [ 222.512347][ T9773] ? look_up_lock_class+0xdc/0x170 [ 222.517464][ T9773] handle_bug+0x60/0x90 [ 222.521629][ T9773] exc_invalid_op+0x1a/0x50 [ 222.526144][ T9773] asm_exc_invalid_op+0x1a/0x20 [ 222.531001][ T9773] RIP: 0010:look_up_lock_class+0xdc/0x170 [ 222.536728][ T9773] Code: 01 0f 85 8a 00 00 00 c6 05 a8 58 3f 04 01 90 49 8b 16 49 8b 76 18 48 8b 8b b8 00 00 00 48 c7 c7 c0 eb 0a 8c e8 65 63 8e f5 90 <0f> 0b 90 90 eb 61 90 e8 e8 6e f2 f8 e8 33 a2 ad f5 48 c7 c7 00 eb [ 222.556375][ T9773] RSP: 0018:ffffc9000fc6f4f0 EFLAGS: 00010046 [ 222.562462][ T9773] RAX: b3d08f155c7f6500 RBX: ffffffff93cf8798 RCX: 0000000000040000 [ 222.570442][ T9773] RDX: ffffc9000b961000 RSI: 0000000000008ee3 RDI: 0000000000008ee4 [ 222.578465][ T9773] RBP: ffffc9000fc6f600 R08: ffffffff8155d312 R09: fffffbfff1cf9fd0 [ 222.586450][ T9773] R10: dffffc0000000000 R11: fffffbfff1cf9fd0 R12: ffff88806fe6dbb0 [ 222.594428][ T9773] R13: ffff88806fe6dbb0 R14: ffff88806fe6dbb0 R15: ffffffff9a5083e1 [ 222.602408][ T9773] ? __warn_printk+0x292/0x360 [ 222.607192][ T9773] register_lock_class+0x102/0x980 [ 222.612329][ T9773] ? srso_alias_return_thunk+0x5/0xfbef5 [ 222.617998][ T9773] ? __asan_memset+0x23/0x50 [ 222.622610][ T9773] ? srso_alias_return_thunk+0x5/0xfbef5 [ 222.628253][ T9773] ? truncate_inode_pages_range+0x51f/0xfc0 [ 222.634188][ T9773] ? __pfx_register_lock_class+0x10/0x10 [ 222.639839][ T9773] ? srso_alias_return_thunk+0x5/0xfbef5 [ 222.645489][ T9773] __lock_acquire+0xf0/0x2050 [ 222.650288][ T9773] lock_acquire+0x1ed/0x550 [ 222.654804][ T9773] ? ext4_ioctl+0x4124/0x5590 [ 222.659588][ T9773] ? __pfx_lock_acquire+0x10/0x10 [ 222.664629][ T9773] ? __pfx___might_resched+0x10/0x10 [ 222.669930][ T9773] ? __pfx___might_resched+0x10/0x10 [ 222.675249][ T9773] ? __pfx___might_resched+0x10/0x10 [ 222.680557][ T9773] down_write_nested+0xa2/0x220 [ 222.685418][ T9773] ? ext4_ioctl+0x4124/0x5590 [ 222.690132][ T9773] ? __pfx_down_write_nested+0x10/0x10 [ 222.695596][ T9773] ? ext4_journal_check_start+0x175/0x250 [ 222.701325][ T9773] ? __ext4_journal_start_sb+0x290/0x600 [ 222.707058][ T9773] ext4_ioctl+0x4124/0x5590 [ 222.711582][ T9773] ? do_syscall_64+0xf3/0x230 [ 222.716295][ T9773] ? srso_alias_return_thunk+0x5/0xfbef5 [ 222.722030][ T9773] ? do_vfs_ioctl+0x1e68/0x2e40 [ 222.726909][ T9773] ? __pfx_ext4_ioctl+0x10/0x10 [ 222.731778][ T9773] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 222.736804][ T9773] ? srso_alias_return_thunk+0x5/0xfbef5 [ 222.742448][ T9773] ? mark_lock+0x9a/0x360 [ 222.746785][ T9773] ? srso_alias_return_thunk+0x5/0xfbef5 [ 222.752432][ T9773] ? tomoyo_path_number_perm+0x208/0x880 [ 222.758080][ T9773] ? __pfx_lock_release+0x10/0x10 [ 222.763122][ T9773] ? lockdep_hardirqs_on+0x99/0x150 [ 222.768328][ T9773] ? srso_alias_return_thunk+0x5/0xfbef5 [ 222.773988][ T9773] ? srso_alias_return_thunk+0x5/0xfbef5 [ 222.779637][ T9773] ? kfree+0x1a0/0x440 [ 222.783717][ T9773] ? tomoyo_path_number_perm+0x68d/0x880 [ 222.789451][ T9773] ? srso_alias_return_thunk+0x5/0xfbef5 [ 222.795093][ T9773] ? tomoyo_path_number_perm+0x71a/0x880 [ 222.800734][ T9773] ? tomoyo_path_number_perm+0x208/0x880 [ 222.806373][ T9773] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 222.812378][ T9773] ? __fget_files+0x29/0x470 [ 222.816977][ T9773] ? __fget_files+0x3f3/0x470 [ 222.821668][ T9773] ? srso_alias_return_thunk+0x5/0xfbef5 [ 222.827310][ T9773] ? __pfx_ext4_ioctl+0x10/0x10 [ 222.832177][ T9773] __se_sys_ioctl+0xfb/0x170 [ 222.836790][ T9773] do_syscall_64+0xf3/0x230 [ 222.841307][ T9773] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 222.847209][ T9773] RIP: 0033:0x7f8149b7e719 [ 222.851625][ T9773] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 [ 222.871240][ T9773] RSP: 002b:00007f814a94e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010 [ 222.879667][ T9773] RAX: ffffffffffffffda RBX: 00007f8149d35f80 RCX: 00007f8149b7e719 [ 222.887641][ T9773] RDX: 0000000000000000 RSI: 0000000000006611 RDI: 0000000000000004 [ 222.895699][ T9773] RBP: 00007f8149bf139e R08: 0000000000000000 R09: 0000000000000000 [ 222.903942][ T9773] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 222.911914][ T9773] R13: 0000000000000000 R14: 00007f8149d35f80 R15: 00007fff4bb1a6b8 [ 222.919920][ T9773] [ 222.923192][ T9773] Kernel Offset: disabled [ 222.927515][ T9773] Rebooting in 86400 seconds..