last executing test programs:

3.568559953s ago: executing program 4 (id=985):
r0 = creat(&(0x7f00000005c0)='./file0\x00', 0x0)
close(r0)
r1 = socket$xdp(0x2c, 0x3, 0x0)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000340)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

3.192092386s ago: executing program 2 (id=990):
r0 = socket$inet(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x8c, 0x24, 0xf0b, 0x70bd2b, 0x0, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x5c, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x2, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x0, 0x0, 0x1], 0x0, [0x5, 0x4, 0x22, 0x1, 0x8, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3], [0x0, 0x8]}}]}}]}, 0x8c}}, 0x0)

3.012095572s ago: executing program 2 (id=995):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000005d40)='./file0\x00', 0x14040, &(0x7f0000001e40)=ANY=[], 0xff, 0x5e92, &(0x7f0000018400)="$eJzs3U1vHVf9B/DfffD1Q/9No+qvKkQs3BRKS2nzHChPTVl0AQuQUNckct0qkAJKAqJVRFxlgdgALwE23bDoW+AF9DUgXgCRbFZdUAaNfU4yHl/nOiS+c6/P5yM5M785d3zP5Ovx3OuZuScAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPj+Wz8+24uIK79OC45H/F8MIvoRy3W9GvXM5fz4YUSciO3meC4iBosR9frb/zwTcSEiPj0Wsbl1e61efO6A/bh45taNz3/wvb//7o93T/z0nZ983G7/0f+f/+T3dyKO//D1Tz6/82S2HQAAAEpRVVXVS2/zT6b39/2uOwUATEU+/ldJXq5Wq9XqJ1r/oT9b/VEXWjdV491pFhGx0Vynfs3gdDwAzJmN+KzrLtAh+RdtGBFPdd0JYKb1uu4Ah2Jz6/ZaL+Xbax4PVnfa898pd+W/0bt/f8d+00na15hM6+frbgzi2X36szylPsySnH+/nf+VnfZRetxh5z8t++U/2rn1qTg5/0E7/5Zd+f8pIuY2//7Y/EuV8x8+Sv4bgzne/+UPAAAAAMDRl//+f7zj87+Lj78pB/Kw87+rU+oDAAAAAAAAADxpjzv+333G/wMAAICZVb9Xr/352INl+30WW7387V7E063HA4VZbXw4IAAAAAAAAAAAAAAwHcOIlXRd/0JEPL2yUlVV/dXUrh/V464/70rffihZ17/kAQBgx6fHWvfy9yKWIuLt9Fl/CysrK1W1tLxSrVTLi/n17GhxqVpuvK/N03rZ4ugAL4iHo6r+ZkuN9ZomvV+e1N7+fvVzjarBATo2HR0GDgARsXM02nREOmKq6pno+lUO88H+f/TY/zmIrn9OAQAAgMNXVVXVSx/nfTKd8+933SkAYCry8b99XkCtVqvVavXRq5uq8e40i4jYaK5Tv2YwHD8AzJmN+KzrLtAh+RdtGBEnuu4EMNN6XXeAQ7G5dXutl/LtNY8Hqzvt+VqQXflv9LbXy+uPm07SvsZkWj9fd2MQz+7Tn+em1IdZkvPvt/O/stOeh/g/7PynZb/86+083kF/upbzH7Tzbzk6+ffH5l+qnP/wkfIfyB8AAAAAAGZY/vv/ced/8yYDAAAAAAAAwNzZ3Lq9lu97zef/vzjmcb3mnPs/j4ycf+/A+bv/9yjJ+ffb+bcuyBk05u+9+SD/f23dXvv41j+/kKczn//CYFQ/90KvPxima36qhXfjWlyP9Tiz5/HDXe1n97Qv7Go/N6H9/J72Ud2+vN3+Vl2vxS/ierxzv31xwoVRSxPaqwntOf+B/b9IOf9h46vOfyW191rT2r2P+nv2++Z03PNc/uu/X9y7d03f3Rjc37amevtOddCf7f+Tp0bxq5vrN177zdVbt26cjTTZtfRcpMkTlvNfSF85/5de2GnPv/eb++u9j0aPnP+suBvDffN/oTFfb+/LU+5bF3L+o/SV889HoPH7/zznv//+/0oH/QEAAAAAAAAAAAAAAICHqapq+xbRyxFxKd3/09W9mQDAdOXjf5Xk5erp1Usz1h+1Wq1WH926qRrvjWYREX9rrlO/ZvjtuG8GAMyy/0TEP7ruBJ2Rf8Hy5/3V0y913Rlgqm5+8OHPrl6/vn7jZtc9AQAAAAAAAAD+V3n8z9XG+M/b1wG1xo3eNf7rm7E6t+N/9keD7bHO0wY9Hw8f//tUPHz87+GE51uY0D6a0L44oX1pQvvYGz0acv7Pp4xz/ifThpU0/utLHfSnazn/U2ms55z/V1qPa+Zf/WWe8+/vyv/0rfd/efrmBx++eu39q++tv7f+87NnLl04f/HC+YsXT7977fr6mZ1/O+zx4cr557GvXQdalpx/zlz+Zcn5fznV8i9Lzv/FVMu/LDn//HpP/mXJ+ef3PvIvS87/5VTLvyw5/6+mWv5lyfm/kmr5lyXn/7VUy78sOf9XUy3/suT8X0u1/MuS8z+davmXJeefz3DJvyw5/3xlg/zLkvM/l2r5lyXnfz7V8i9Lzv9CquVflpz/xVTLvyw5/0upln9Zcv5fT7X8y5Lz/0aq5V+WnP/rqZZ/WXL+30y1/MuS8/9WquVflpz/t1Mt/7Lk/L+TavmXJef/3VTLvyw5/zdSLf+yPPj8fzNmzJjJM13/ZgIAAAAAAAAAAAAA2qZxOXHX2wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/JcdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWHvXmPkKu/7gZ+92WtDgv+BcIsDtrkZWNhd38AhBpOE/CnphZKQNi2pcbxrs4lv9e5yEyqbQluiIBWpVUVfNE2iNIrUVqAqaqlEIqRGat81rxrxJmqlvPALqByUVEoV2OrMPM+zM7Ozc9aXsWfO+XyQ/fPunJl55syZ2fku+s4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Gjzx6f/ZCDLsvxP7a8NWXZx/u912d78y4VdF3qFAAAAwNl6t/b3312SvrF3FWdq2OZfr/n37y4uLi5mX3jn5Ht/triYTtiUZUNrs6x2WvRvv/j5YuM2wXPZ6MBgw9eDBVc/VHD6cMHpIwWnryk4fW3B6aMFpy/bAcusq/8+pnZh19f+uaG+S7PLspHaade3OddzA2sHB+PvcmoGaudZHDmYzWSHs+lsYtl5Bmr/Zdnrm/Pruj+L1zXYcF0bsyw79dNnDsQ1DIR9fH3WdGU1jffd2/dmm9756TMHvj331lXtZuFuWLbSLNu6JV/n81m29OuqbCBbm/ZJXOdgwzo3tlnnUNM6B2rny//dus5Tq1xnvN2jYZ0/7LDOjeF7T16XZdlCtuI2rZ7LBrP1Ldea9vdo/YjILyO/Kz+QDZ/WcbJ5FcdJfp6fXNd8nLQek3H/bw77ZHiFNTTeHW9/ec2y/X6mx0l+q3vhWM0v+8H8SkdHG3+12nSs5ts8c8PKx0Db+67NMZCO5YZjYEvRMTC4Zqh2DAwurXlL0zEwuew8g9lA7bpO3tD5GBifO3J8fPapp2+bObL/0PSh6aOTE7t2bN+5Y/vOneMHZw5PT9T/Pr1d2kfWZ4PpGNwSnmviMXhTy7aNh+TiN87d42C0Rx4H+W3/zI35gi4ezFY4xvNtnt969o+D9HO/4XEw3PA4aPuc2uZxMLyKx0G+zamtq/uZOdzwp90auvVcuKHhGLiQPw/z63zk5pWfCzeGdb1wy+n+PBxadgzEmzUQHnv5d9LrvdE7w35ZflxcnZ9w0Zpsfnb6xO1P7p+bOzGZhXFeXNpwX7UeL+sbblO27HgZPO3jZe/f/vLGq9t8f0PYV6O3dr6v8m12jHW+r2rP7u33Z9N3t2VhnGPne3+2+2mW78+UJTrsz3yb5287+9eCKZc0PP+NFD3/DY0M15//htLeGGl6/lt+1wzVVpZlp25b3fPfSPhzvp//LuuR5798Xz1ye+djIN/mhfHTPQaGOz7/XRfmQFjPzSExjDbk/vdqpy/UD9OG+7LwuBkeHgnHzXC8xubjZvuy8+SXll/31okzO262Xtd8XzW9binhcZPvqz+f6Hzc5Nu8MXn2zx3r4j8bnjvWFB0DI0Nr8vWOpIOg/ny3uC4eA7dnB7Jj2eFsKp0nv5fz6xrbtrpjYE34c76fO67skWMg31cvb+t8DOTb/GD7uX3ttDV8J23T8Nqp9fcLK2X+q4eXLq91t53rzJ+v8xM7Ov9uKN/mrR2nmzM676dbw3cuarOfWh8/Kx3TU9n52U9XhnUe3tn5d1P5NpftWuXxtDfLsjcn36z9viv8fvcf5v/ju02/9233O+U3J998YPyhH53O+gEAOHPv1f5eWFN/rdnwf6xX8///AQAAgL4Qc/9gmIn8DwAAAKURc/9QmIn8DwAAAKURc/9wmElF8v9jd+5+5d1ns/RugItBPD3uhgfvrm8XO94L4etNi0vy73/sWyOvfOXZ1V33YJZlv3zgQ223f+zuuK6643GdH2n+/jJXXruq63/04aXtGt8/4dTu+uXH27PawyB2lV8f31a73E1PTdbmGw9ktfnQwgvP1S+//nXc/uT2+vZ/Fd60ZO/Bgabzbw3ruT7MTeE9ZR7cu7Qf8hnP98rGa/7l0s8uXV8838CW99du5st/UL/c+B5RL11a3z7e7pXW/72vfueVfPsnb2i//mcH26//ZLjcn4T5iz317Rv3+Vca1v9HYf3x+uL5bv/m99uu/9Ur6tu/Go6Lr4fZuv57//TD77a7v+L17L2rfr54/RP/s6N2vnh58fJb1z/67GTT/mi9/DfeqV/Onsd/NtS4ffx+vJ7o0buaj++BcP829cizLPvOH2dN+zn7aP18/9yy/nh5x+9qv/5bW9Z5fODa2vmXbs+Gptv1tb/Z1vb2xvXs/fsNTbfnpfvC/ntn/Af55Z58KByP4fT//WH98lrfy/TV+5qfb+L2X99Qf9zGyxtvWf9LLetfuDbfd8Xrv/+d+vpfvWdt0/r3fjIcT/fXZ9H6D/31JU3n/8a36/fHiSfGjh6bnZ+ZatirjY/jtaPr1l908fvef0l4Lm39et+xucemT2ya2DSRZZv68C0Du73+b4b53/WxcO6voe5HP6sfdy9+qv5z66af179+KXz/0XB/xp+PX/vLkabjtfV+X7inPs92/beEdazWFV/9r2tXteHJz78+/09/+Fbr64J4e45/cLR2+17efHnttIE36qe3Pl8V+c8PNj+ufzw8UZuvhf26GN6Zecvl9etrvfz43iQvfrr++I2v5OL5s5b3E9kw1Hw7znb9Pw6vY75/ZfPzXzw+Xnu25d2cN2QD+RIWwvNDtlA/PW4V9/eLpy5ve33xfXiyhatOZ5krmn1qdvzwzNH5J8fnpmfnxmefenrfkWPzR+f21d67dN8Xi86/9PheX3t8T03v2pHVHu3H6qPLLvT6jz98YOqOiRunpg/unz849/Dx6ROHDszOHpiemr1x/8GD008UnX9mas/ktt3b79g2dmhmas+du3dv3z02c/RYvoz6ogrsmvjS2NET+2pnmd2zY/fkzp07JsaOHJua3nPHxMTYfNH5az+bxvJzPz52Yvrw/rmZI9NjszNPT++Z3L1r17bCd388cvzg7KbxE/NHx+dnp0+M12/Lprnat/OffUXnpxpmj4XnuxYD4dX5527dld4fN/etL694UfVNml+eZm+H94KKP9+Kvo65fyTMpCL5HwAAAKog5v7wxv9LJ8j/AAAAUBox968NM5H/AQAAoDRi7h8NM6lI/tf/1//X/1+h//+P39P/1//X/z8H9P/1/zvR/9f/7+f16//r/1Os1/r/Mfevy7JK5n8AAACogpj714eZyP8AAABQGjH3XxRmIv8DAABAacTcf3GYSTXy/0jrP/X/9f/1/xs//z9uq/+f6f/r/58h/X/9/070/0vc/39v8Jys8YKtvz/7/+v0/+k1vdb/j7n/fWEm1cj/AAAAUAkx978/zET+BwAAgNKIuf+SMBP5HwAAAEoj5v4NYSYVyf8+/1//X/+/U//f5/830v/X/z8T+v/6/53o/5e4/+/z/33+P/Rg/z/m/v8XZlKR/A8AAABVEHP/B8JM5H8AAAAojZj7Lw0zkf8BAACgNGLuvyzMpCL5X/9f/1//X/9f/1//v5v0//X/O9H/1//v5/Xr/+v/U6zX+v8x938wzKQi+R8AAACqIOb+y8NM5H8AAAAojZj7rwgzkf8BAACgNGLuvzLMpCL5X/9f/1//X/9f/1//v5v0//X/O9H/1//v5/Xr/+v/U6zX+v8x918VZlKR/A8AAABVEHP/1WEm8j8AAACURsz9Hwozkf8BAACgNGLu3xhmUpH8r/+v/6//r/+v/6//30391f8fXPEU/f86/f9m+v/6/+es/5+/FNf/p4R6rf8fc/+Hw0wqkv8BAACgCmLuvybMRP4HAACA0oi5/9owE/kfAAAASiPm/k1hJhXJ//r/+v/6/73c/6/f0mr2/1/7i9b9qf+v/9+Oz//X/8/0/8/Yhe7P9/v6ff6//j/Feq3/H3P/5jCTiuR/AAAAqIKY+7eEmcj/AAAAUBox918XZiL/AwAAQGnE3H99mElF8r/+v/6//n8v9/99/n+m/6//X0D/X/8/0/8/Yxe6P9/v69f/X13/f03RBVFq57H/P5ytov8fc/8NYSYVyf8AAABQBTH33xhmIv8DAABAacTcf1OYifwPAAAApRFz/9Ywk4rkf/1//X/9f/1//X/9/27S/9f/70T/X/+/n9ev/+/z/ynWa5//H3P/zWEmFcn/AAAAUAUx998SZiL/AwAAQGnE3H9rmIn8DwAAAKURc/9YmElF8r/+v/6//r/+v/6//n83lbX/n55H9f/1//X/9f/1//X/WVGv9f9j7r8tzKQi+R8AAACqIOb+28NM5H8AAAAojZj7x8NM5H8AAAAojZj7J8JMKpL/9f/1//X/9f/1//X/u6ms/X+f/6//n+n/6//r/+v/U6jX+v8x90+GmVQk/wMAAEAVxNy/LcxE/gcAAIDSiLl/e5iJ/A8AAAClEXP/jjCTiuR//X/9f/1//X/9f/3/btL/1//vRP9f/7+f16//r/9Ps8E23+u1/n/M/TvDTCqS/wEAAKAKYu7fFWYi/wMAAEBpxNx/R5iJ/A8AAAClEXP/nWEmFcn/+v/6//r/+v/6//r/3aT/r//fif6//n8/r1//X/+fYr3W/4+5f3eYSUXyPwAAAFRBzP0fCTOR/wEAAKA0Yu6/K8xE/gcAAIC+0u5zCKOY+z8aZlKR/K//X/b+/+Ja/X/9f/3/zuvX/+8u/X/9/070//X/+3n9+v/6/xTrtf5/zP17wkwqkv8BAACgCmLuvzvMRP4HAACA0oi5/54wE/kfAAAASiPm/r1hJhXJ//r/Ze//+/x//X/9/6L16/93l/6//n8n+v/92f8PL1v0/3uo/58fQ/r/9KJe6//H3H9vmElF8j8AAABUQcz9Hwszkf8BAACgNGLu/3iYifwPAAAApRFz/yfCTCqS//X/9f/1//X/9f/1/7tJ/1//vxP9//7s/0f6/73T//f5//SqXuv/x9x/X5hJRfI/AAAAVEHM/Z8MM5H/AQAAoDRi7v//YSbyPwAAAJRGzP33h5lUJP/r/+v/6//r/+v/6/93k/6//n8n+v/6//28fv1//X+K9Vr/P+b+XwkzqUj+BwAAgCqIuf+BMBP5HwAAAEoj5v5PhZnI/wAAAFAaMff/aphJRfK//v/56f8PpsvX/9f/1//X/9f/P5f0//X/M/3/M3ah+/P9vn79f/1/ivVa/z/m/l8LM6lI/gcAAIAqiLn/18NM5H8AAAAojZj7fyPMRP4HAACA0oi5/8Ewk4rkf/1/n/+v/6//r/+v/99N+v/6/53o/+v/9/P69f/1/ynWa/3/mPt/M8ykIvkfAAAAqiDm/ofCTOR/AAAAKI2Y+z8dZiL/AwAAQGnE3P+ZMJOK5H/9f/1//X/9f/1//f9u0v/X/+9E/1//v5/Xr/+v/0+xXuv/x9z/cJhJRfI/AAAAVEHM/Z8NM5H/AQAAoDRi7v+tMBP5HwAAAEoj5v7fDjOpSP7X/9f/1//X/9f/1//vJv3/5f3//DnsQvb/16xmQ/3/VdH/1//X/9f/p7Ne6//H3P+5MJOK5H8AAACogpj7fyfMRP4HAACA0oi5/3fDTOR/AAAAKI2Y+x8JM6lI/tf/1//X/9f/1//vdv//Df1//X+f/78C/X/9/35ev/6//j/Feq3/H3P/58NMKpL/AQAAoApi7v+9MBP5HwAAAEoj5v59YSbyPwAAAJRGzP2PhplUJP/r/+v/X7D+fziP/v/S+fT/w/1auv6/z//X/9f/X4n+v/5/P69f/1//n2K91v+PuX9/mElF8j8AAABUQcz9Xwgzkf8BAACgNGLuPxBmIv8DAABAacTcPxVmUpH8r/+v/+/z//X/9f/1/7tJ/1//vxP9f/3/fl6//r/+P8V6rf8fc/90mElF8j8AAABUQcz9B8NM5H8AAAAojZj7D4WZyP8AAABQGjH3PxZmUpH8r/+v/6//r/+v/6//3036//r/nej/6//38/r1//X/KdZr/f+Y+2fCTCqS/wEAAKAKYu7/YpiJ/A8AAAClEXP/l8JM5H8AAAAojZj7D4eZVCT/6//r/+v/6/+36//XD0n9f/3/s6f/r//fif6//n8/r1//X/+fYr3W/4+5/0iYSUXyPwAAAFRBzP1Hw0zkfwAAACiNmPuPhZnI/wAAAFAaMfcfDzOpSP7X/9f/1//X//f5//r/3aT/r//fif6//n8/r1//X/+fYr3W/4+5//fDTCqS/wEAAKAKYu4/EWYi/wMAAEBpxNw/G2Yi/wMAAEBpxNw/F2ZSmP/XdXFV54/+v/6//r/+v/6//n836f/r/3ei/6//38/r1//X/6dYr/X/Y+6fDzPx//8BAACgNGLufzzMRP4HAACA0oi5/4kwE/kfAID/Y++udwW7qjiO35a0JSGEZ+EJeASegbfA3Yq7u7u7u7u7OxSKa1ICd601ZTrdZ+xw99nr8/lnBTrt7Mz965fJNweAZeTuv2fc0mT/6//1//r/afr/085P/6//1/9fEv2//v9E/3/ZzrqfP/r79f/6f7bN1v/n7r9X3NJk/wMAAEAHufvvHbfY/wAAALCM3P33iVvsfwAAAFhG7v77xi1N9r/+X/+v/5+m//f9//y56v/1/5dA/6//P9H/X7az7ueP/n79v/6fbbP1/7n77xe3NNn/AAAA0EHu/vvHLfY/AAAALCN3/wPiFvsfAAAAlpG7/4FxS5P9r//X/+v/9f/6f/3/nvT/+v8R/b/+/8jv1//r/9k2W/+fu/9BcUuT/Q8AAAAd5O5/cNxi/wMAAMAycvc/JG6x/wEAAGAZufsfGrc02f/6f/2//l//r//X/+9J/6//H9H/6/+P/H79v/6fbbP1/7n7Hxa3NNn/AAAA0EHu/ofHLfY/AAAALCN3/yPiFvsfAAAAlpG7/5FxS5P9r//X/+v/9f/6f/3/nvT/+v8R/b/+/8jv1//r/9m2e/9/9xv/ey+2/8/df2Pc0mT/AwAAQAe5+x8Vt9j/AAAAsIzc/Y+OW+x/AAAAWEbu/sfELU32v/5f/3+u/7/lGv2//l//f+7/1/9fHfp//f+I/n/W/v/i/iT0//p//T9bdu//N3r/8/937v7Hxi1N9j8AAAB0kLv/cXGL/Q8AAADLyN3/+LjF/gcAAIBl5O5/QtzSZP/r//X/vv+v/9f/6//3pP/X/4/o/2ft/33//0r7/7tdxPv1/3QwW/+fu/+JcUuT/Q8AAAAd5O5/Utxi/wMAAMAycvc/OW6x/wEAAGAZufufErc02f/6f/2//l//r//X/+9J/6//H9H/6/+P/H7f/9f/s222/j93/1Pjlib7HwAAADrI3f+0uMX+BwAAgGXk7n963GL/AwAAwDJy9z8jbmmy//X/+n/9v/7/ivr/O+j/9f9j+n/9/4j+X/9/5PdfYv9/w/n/vv6fDmbr/3P3PzNuabL/AQAAoIPc/c+KW+x/AAAAWEbu/mfHLfY/AAAALCN3/3Pilib7X/+v/9f/6/99/1//vyf9/3L9/zX6/3P0//p/3//X/zM2W/+fu/+5cUuT/Q8AAAAd5O5/Xtxi/wMAAMAycvc/P26x/wEAAGAZuftfELc02f/6f/2//l//r//X/+9J/79c/+/7/7ei/9f/6//1/4zN1v/n7n9h3NJk/wMAAEAHuftfFLfY/wAAALCM3P0vjlvsfwAAAFhG7v6XxC1N9v+U/f91+v9j9P/Xn5yc6P/1//p//f+Y/l//P6L/v3D/f8fb+f30/3O9X/+v/2fbbP1/7v6Xxi1N9j8AAAB0kLv/ZXGL/Q8AAADLyN3/8rjF/gcAAIBl5O5/RdzSZP/fXv9/851O/7nv/1+cnv2/7//r///3Pfp//f+F6P/1/yP6f9//P/L79f/6f7bN1v/n7n9l3NJk/wMAAEAHuftfFbfY/wAAALCM3P2vjlvsfwAAAFhG7v7XxC1N9v+U3//X/+v/9f/139H/6//1/2P6f/3/if7/sp11P3/09+v/9f9sm63/z93/2rilyf4HAACADnL3vy5usf8BAABgGbn7Xx+32P8AAACwjNz9b4hbmux//b/+/8z7/2v1/0n/Hz9X/b/+/xLo//X/J/r/y3bW/fzR36//1/+zbbb+P3f/G+OWJvsfAAAAOsjd/6a4xf4HAACAZeTuf3PcYv8DAADAMnL3vyVuabL/9f/6/zPv/33/v+j/4+e6Q///nz9D/f/Z0P/r/0f0//r/I79f/6//Z9ts/X/u/rfGLU32PwAAAHSQu/9tcYv9DwAAAMvI3f/2uMX+BwAAgGXk7n9H3NJk/+v/9f/6f/1/h/5/9H79/770//r/Ef2//v/I79f/6//ZNlv/n7v/nXFLk/0PAAAAHeTuf1fcYv8DAADAMnL3vztusf8BAABgGbn73xO3NNn/+v+j9//3uCleoP/X/+v/9f9T0v/r/0f0//r/I79f/6//Z9ts/X/u/vfGLU32PwAAAHSQu/99cYv9DwAAAMvI3f/+uMX+BwAAgGXk7v9A3NJk//fo/6+7zS9bp//3/X/9v/5f/z83/b/+f0T/r/8/8vv1//p/ts3W/+fu/2Dc0mT/AwAAQAe5+z8Ut9j/AAAAsIzc/R+OW+x/AAAAWEbu/o/ELU32f4/+/7b0/6euev9/y130//r/ov/X/5/o//X/G/T/+v8jv1//r/9n22z9f+7+j8YtTfY/AAAAdJC7/2Nxi/0PAAAAy8jd//G4xf4HAACAZeTu/0TccNc7n92T/q/0//p/3//X/+v/9f970v/r/0f0//r/I79f/6//Z9ts/X/u/k/GLf7+HwAAAJaRu/9TcYv9DwAAAMvI3f/puMX+BwAAgGXk7v9M3NJk/+v/9f/6/2P3/9fq//X/k9P/6/9H9P/6/yO/X/+v/2fbbP1/7v7Pxi1N9j8AAAB0kLv/c3GL/Q8AAADLyN3/+bjF/gcAAIBl5O7/QtzSZP/r//X/+v9j9/++/6//n53+X/8/ov/X/x/5/fp//T/bZuv/c/d/MW5psv8BAACgg9z9X4pb7H8AAABYRu7+L8ct9j8AAAAsI3f/V+KWJvtf/6//1//r//X/+v896f/1/yP6f/3/kd+v/9f/s222/j93/1fjlib7HwAAADrI3f+1uMX+BwAAgGXk7v963GL/AwAAwDJy938jbmmy/1fu/0e/TP9/Sv+v/z/R/+v/d6b/1/+P6P/1/0d+v/5f/8+22fr/3P3fjFua7H8AAADoIHf/t+IW+x8AAACWkbv/23GL/Q8AAADLyN3/nbilyf5fuf8f0f+f0v/r/0/0//r/nen/9f8j+n/9/5Hfr//X/7Nttv4/d/9345Ym+x8AAAA6yN3/vbjF/gcAAIBl5O7/ftxi/wMAAMAycvf/IG5psv/1//p//b/+X/+v/9+T/l//P6L/1/8f+f36f/0/22br/3P3/zBuabL/AQAAoIPc/T+KW+x/AAAAWEbu/h/HLfY/AAAALCN3/0/ilib7X/+v/9f/6//1//r/Pen/9f8j+n/9/5Hfr//X/7Nttv4/d/9P45Ym+x8AAAA6yN3/s7jF/gcAAIBl5O7/edxi/wMAAMAycvf/Im5psv/1//p//b/+X/+v/9+T/l//P6L/1/8f+f36f/0/22br/3P3/zJuabL/AQAAoIPc/b+KW+x/AAAAWEbu/l/HLfY/AAAALCN3/2/ilib7X/+v/9f/6/8b9v/X3/r30//vS/+v/x/R/+v/j/x+/b/+n21Xrf/PX3CF/X/u/pvilib7HwAAADrI3f/buMX+BwAAgGXk7v9d3GL/AwAAwDJy998ctzTZ//p//f+S/f8N+n/9v+//z0L/r/8f0f/r/4/8fv2//p9ts33/P3f/7+OWJvsfAAAAOsjd/4e4xf4HAACAZeTu/2PcYv8DAADAMnL3/yluabL/9f/6/yX7f9//1//r/6eh/9f/j+j/9f9Hfr/+X//Pttn6/9z9f45bmux/AAAA6CB3/1/iFvsfAAAAlpG7/69xi/0PAAAAy8jd/7e45cL7//xs9PD0//p//b/+X/+v/9+T/l//P6L/1/8f+f36f/0/22br/3P3/z1u8ff/AAAAsIzc/f+IW+x/AAAAWEbu/n/GLfY/AAAALCN3/7/ilib7X/+v/9f/6//1//r/Pen/9f8j+n/9/5Hfr//X/7Nttv4/d/+/AwAA//+foDTn")
r0 = creat(&(0x7f0000000400)='./bus\x00', 0x0)
lsetxattr$security_ima(&(0x7f00000002c0)='./bus\x00', &(0x7f0000000380), &(0x7f0000000640)=@ng={0x4, 0x13}, 0x2, 0x0)
mmap$xdp(&(0x7f0000ff5000/0x9000)=nil, 0x9000, 0x2000004, 0x12, r0, 0x180000000)

2.684562411s ago: executing program 4 (id=996):
syz_mount_image$iso9660(&(0x7f0000000380), &(0x7f00000000c0)='./file0\x00', 0x204818, &(0x7f0000000180)={[{@map_off}, {@overriderock}, {@cruft}, {@utf8}, {@unhide}, {@check_strict}, {@map_off}, {@mode={'mode', 0x3d, 0x483}}]}, 0xff, 0x55a, &(0x7f0000000940)="$eJzs3V1v01gawPHHpV2irFShZYVQVeBQdqUileAkEBRx5XVO0gOJHdkOaq9QRVNUkcKKstK2Nyw37K40czv3zOV8iPlGaD7BaEa2k77QJJ6+0un8fxGcE/vY5zlu5KdO4xMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABiuTXbLlrSNF5nSY3m1gK/tfu0v/WBBXJ3XzGmXxEr/ie5nFxPF13/6+7qa/F/czKbPpuVXFzkZPvP1648vjo5Mdh+TMCH8v0R97S5tf1qpdfrvj2pQM6hG5dHr2toz4S+aTkNrUzoq2qlYt9frIeqbpo6XA4j3VJuoJ3ID9S8e1cVq9Wy0oVlv+M1ak5TDxY+uley7Yp6UmhrJwh97/6TQugummbTeI2kTbw6bvMofiE+NZGKtNNSam291y1nDSBuVPwtjUpZjUp2qVQslkrFysPqw0e2PXlggf0FOdDi5F60+H06wbM3cDwT/fwvTTHiSUeWRA19uFKTQHxpjVjfN8j/f7+vx/a7N/8Psvz13dUzkuT/m+mzm6Py/4hYzu6xKVuyLa9kRXrSk668HdbKGozq8Ps/2lZn92iIFk+MhOKLkZY4yRLVX6KkKhWpiC3PZVHqEoqSuhhpipZQliWUSHTyinIlEC2OROJLIErmxZW7oqQoValKWZRoKciy+NIRTxpSEyfZy5qsJ8e9LMoaeQzX5ErSqDhyGPnBT6grpTGjJf/j+E7mxA2cgF8G+R8AAAAAAFxYVvLue3z9PyU3klrdNLX9tcMCAAAAAAAnKPnL/2xcTMW1G2Jx/Q8AAAAAwEVjJffYWSKSl1tpbU2s5HYp3gQAAAAAAOCCSP7+fzMukjlQbom1M6cK1/8AAAAAAFwQ/8ucYz9sX7Z+/EmCYMr60F76m7WRzM3rbFxKt7v05R6j+ow13d9JUlTSYnLS1bNWLm20Mwnm536xlhWHtRuAsxPAfw4TwNVJ+UZup21ur6bl6mBN2ku+bpq64PrNx0VxnOmJSC9F/3q9/m9Jhv9/rzVt5WS91y28eNNbTWL5EO/lw0Z/AsUD8yiOieVdMt9Ccs/F0BFPJTdi9PvNW7K23uvae8c/kW4+sb/H99Nj+vwoc2mruf6Mt/n948/FfRYLo0bfj6J4zJF/lDtpmzvzd9JiSBSlrChKe6MYfiyOH0U5K4ryMaMAgK9lLSMLWXIg7x7hLHe07C6HzO4fZT5tMz+TnFgnZ4ac0e2sM7p9zOz2w4HvQBqVY+N+v/0iq36KN/g0st+wWbLiQ3jp3cY/5drm1va99Y2Vl92X3delUrliP7DthyWZSobRL8g9AIAh9n7HjjU0/w9a/Pxd2vBg7n6QcVX9l52PFBTkhbyRnqzKQnK3QfKJg6G/EeT3fAxhIeOqNZ+kyfQbXhbGXNX9KbnLYbDf0ti2+2Mon/4PAgCAMzSXkYet7G/hsxYyrrv35/LxV8e7bYtnfCQAAPjj0MFnKx/91woC035erFaLTrSoVeC7T1Vgag2tjBfpwF10vIZW7cCPfNdvxpVnpqZDFXbabT+IVN0PVNsPzVIyfaDqf/V7qFuOFxl38Da263uR40aqZkJXtTv/aJpwUQfJxmFbu6ZuXCcyvqdCvxO4uqBUqPWehqamvcjUTVz1VDswLSfIqWd+s9PSqqZDNzDtyE93OOjLeHU/aCW7LXzlYw0AwHmxubX9aqXX6749xcrQjnNnPlQAANCXkaUBAAAAAAAAAAAAAAAAAAAAAMA5cBb3/1G54JXBVNDnJR4qJ1DJPHW8P/WTE4BT9WsAAAD//3nnTbg=")
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000080)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0xffffffffffffff08, [@ptr, @type_tag={0xc, 0x0, 0x0, 0x12, 0x3}, @func_proto]}, {0x0, [0x2e, 0x30, 0x5f, 0x2e, 0x2e, 0x2e]}}, 0x0, 0x44, 0x0, 0x8000001}, 0x28)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
openat$full(0xffffffffffffff9c, &(0x7f00000000c0), 0x1000, 0x0)

2.507324417s ago: executing program 4 (id=997):
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r0, 0x8910, &(0x7f0000000000)={'vlan1\x00', @ifru_map={0x80000000000004, 0xffffffffffffffff}})
ioctl$sock_netdev_private(r0, 0x89f4, &(0x7f0000000000))

2.505180227s ago: executing program 2 (id=1007):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000080)='./file2\x00', 0x10, &(0x7f00000001c0)={[{@nodiscard}, {@nocheckpoint_merge}, {@fault_type={'fault_type', 0x3d, 0x7fff}}, {@background_gc_off}, {@noflush_merge}, {@fault_injection={'fault_injection', 0x3d, 0x4ee}}, {@acl}, {@noacl}, {@acl}, {@disable_ext_identify}, {@noinline_xattr}, {@grpjquota}, {@checkpoint_diasble}]}, 0x4, 0x5510, &(0x7f00000020c0)="$eJzs3M1rI2UYAPAn7Xa/XYt48LYDi9DKJjT9WPRWdRc/sEtZ9eBJ0yQN2U0ypUnT2pMHj+LB/0QUPHn0b/Dg2Zt4ULwJSmYmuvUDhKaN3f5+MHnmffPmmecNy8IzUxLAuTWf/PJTKW7ElYiYjYjrEdl5qTgy63l4LiJuRsTMY0epmP9j4mJEXI2IG6Pkec5S8dZnt4e31n588+evv7104drnX303vV0D0/Z8RHR38vP9bh7TVh4fFvO1YTuL3dVhEfM3uo+KcZrH/eZWlmG/Nl5Xy+JKK1+f7uz1R3G7U6uPYqu9nc3v9PIL9oetcZ7sAw9ru9m40dzKYrufZrF1mNd1cJj/33bYH+R5GkW+D7P0MRiMYz7fPGjm+9l5lMV6b1DM53nTRvNgFIdFLC4X9bTTyOrYOs43/f/2Vru3d5AMm7v9dtpL1irVFyvVO+XqbtpoDpqr5Vq3cWc1WWh1RsvKg2atu95K01anWamn3cVkoVWvl6vVZOFuc6td6yXVamWlslReWyzObiev3X836TSShVF8pd3bG7Q7/WQ73U3yTywmy5WVlxaTW9Xk7Y3NZPPBvXsbm++8f/e9+y9vvPFqsehvZb0Qy0vLy+XqUnm5uniO9v9xUXSyMLH9w7GUpl0AwNmj/wem4eT6/90HESff/4f+fyLOVP87LmuC/e953z8ci/4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODc+n7ui9ezk/l8fK2Yf6qYeqYYlyJiJiJ++wezcfFIztkiz9y/rJ/7Sw3flCLLMLrGpeK4GhHrxfHr0yf9LQAAAMCT68uPbn6ad+v5y/y0C+I05TdtZq5/MKF8pYiYm/9hQtlmRi/PTihZ9u/7QhxMKFt2A+vyhJLlt9wuTCrbfzJ7JFx+LJTyMHOq5QAAAKfiaCdwul0IAAAAp+mTaRfAdJRi/Chz/Cw4+8v7Px8IXjkyAgAAAM6g0rQLAAAAAE5c1v/7/T8AAAB4suW//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzOzv3cqA1EcQB+NjiQfwqKck8ruUEZKSHHHCMKSBMUkANpIQ1QA7ltCStY4RlYWKG9eIy1q++TzDCW+fGM8GFmpAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA+/W/Wi7+/vv7umrPbd1PmbgAAAIBrts160b6Zpf77fP5jPvU596uIqCPi2th9FG8uMkc5p3m8/s/59c2TGv5FtAmH75jk411EfMvH/ae+fwUAAAB4vTbL1TyN1tPLbOiCuKU0aVN/+F4or4qIZnZXKK0+5H0pFNb+v8fxs1BaO4E1LRSWptzGuVMs9Vnt436atZueNVVq6qsfOxZ5oyoBAICyRhfNeNBaAAAA6NOPoQtgGFUclzJPS4GT1OTlvbcXPQAAAOAFqoYuAAAAAOhdO/6/0f5/e/v/AQAAwDDS/n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0adusF5vlat41Z7fvpszdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwwP68o0AIhEEY7F3fmcz9DysNmpqaVIHw8TcGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALz53V/+T0yNM8nca2PpeSRZOzW2To29c+PoD+Pr1wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX+/OSAiEQBFEwZ/zvpO9/WEnQM4gQAQ2PKmrRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX/S7X/5PTI0zydxpY+l4JFm7amxdNfYeNI4ejLd/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXO/fv20YVBwD8nc/n0ALCBOQhCIHEAAt13dLSDTGAIgb+BESUuiXU5UebgVYVIgsbytwFwYgQEihs/R86J1KWsGXwECTmoDvf2ZcfUsyvO5N8PtK79/XpdO/7nqUo33uXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBh+PYkjtNDexQ38nObew+W037rUJ96tL69kLY0jqpM+v/hxfKHqDMO9+pIBgAAgLMhLur7EMJOsrGY9o12Vv8nxTVpzf/d06O4qOcP1/1FX9T+afv1l93nxwO1R+OkN72xMuhfPJpK87+b5Wx75sQrmtnKZ89e4uwLaby39twwydYz+ubx43daWThXRbYAwN9xoejzoPh9KO17dSYGwJnRLBXeRf0ft+vNCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAKw7XwZBFHIYSF5iRObe09WD6uf7S+vVC0qw8froevJvdMb5GEEG6sDPoXK53NbLt77/6tpcGgf6f64KUQQl2jv5VP/9YHU1wcQi3rI/h3gv25/MuekXxmIPgwOnk1avyhBADAqZTkLa3rd5KNxfRcNB/C/vcH6/9XS3GYsv7f/ejqZnmscv3fq2yGs6+7evuz7t17919fub10s3+z/8kbl3pv9i5fu3LlWjd7VtL1xAQAAIB/ppW3cv3fmD+6/3++FIcp6//Pv+19WR4rVv8fa7LpV3cmAAAAZ9uzL//xe3TM+ajVCl8sra7e6Y2O48+XRscaUv3L5vJWrv/j+bqzAgAAAKowXIsO7P9fL8Vhyv3/p3544afyPeMQwrl8///C8qeD69VNZ6ZV8SfHdc8RAACAep3LW3n/P8ne/2+MX3lohBBee2UU5/8GcKr6P3736x/LY5Xf/79c3RRnUqMzWo+s74TQ7NSdEQAAAKfZE3lLi/3fko3Fj38+/37L+/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAVfszAAD//z3MPqM=")
ioctl$MEDIA_IOC_G_TOPOLOGY(0xffffffffffffffff, 0xc0487c04, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x13, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x2, 0x1, 0x70}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
syz_mount_image$msdos(&(0x7f0000000180), &(0x7f0000000100)='.\x00', 0xe1, &(0x7f00000001c0)=ANY=[], 0x1, 0x0, &(0x7f0000000000))

2.434908283s ago: executing program 4 (id=998):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000080))
ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f0000000100)=0x6)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000500)={0xa00, 0x18, 0xfa00, {0x100000000000000, 0x0}}, 0xfc36)

2.271136908s ago: executing program 1 (id=1000):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000021c0), 0x181000)
ioctl$SNDRV_SEQ_IOCTL_SET_PORT_INFO(r0, 0xc0a85320, &(0x7f0000000c40)={{0x80}, 'port0\x00', 0x41, 0xfe8ee28a1d9fac77, 0x8, 0x6, 0x2, 0x40, 0x3, 0x0, 0x6, 0x5})
ioctl$SNDRV_SEQ_IOCTL_DELETE_PORT(r0, 0xc0a85320, &(0x7f00000007c0)={{0x80}, 'port0\x00', 0x3c, 0x141000, 0xd, 0x2, 0x107, 0x6, 0x5, 0x0, 0x0, 0x3})
close(r0)

2.202932574s ago: executing program 1 (id=1002):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f00000000c0)="7841c4", 0x3, 0x1, &(0x7f000005ffe4)={0xa, 0x4e20, 0x7, @private0}, 0x1c)
shutdown(r0, 0x1)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000540), &(0x7f0000000580)=0x4)

1.937178478s ago: executing program 1 (id=1004):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file0\x00', 0x8c0, &(0x7f0000000080)=ANY=[@ANYBLOB='acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noacl,\x00'/119], 0x5, 0x4451, &(0x7f0000008900)="$eJzs3T9sVPcdAPDfe3aLTYHalIFKlXpSUVu1lWUz0RqpxhiMDS4VLQxdjrN9gJuzD9nnKAODoyxImSJliDKgRMrmCXnLRJZIGbNkJDNSMmSJFAnlort7Z99758MX4sMBfT4S/t37/be/9373e8PxixOVO0truaW1XGElV164tXY693q5tL5cDHHWp205+6Lr8TlQvYiT2B+cq+cv/ufG6RA+WfziSbVarYaa/rCrsZbX335zb6E1bYpbL95q9Lt7b/vlfyGEE23zqukLIQwkr88l6WSSDoYQjoUQohDCjXtv38zt02wePi6ezT+du781fmp288FW5989CuH90m//dnv5qz/0jX/5l30aHgAAAAAAAAAAAAAAAACAl9z0tavX/z06Fh5FoX8zav++7nSSdvp+bHXf/L73vywAAAAAAAAAAAAAAAAAAAD8TO18/z8XHd/l+/9TSTrRoX31n92N88efOE96Y+ZfV6cujI4l579HbeVnkqyvz/WF4eb56p91Pv/9XKb97ue/t4/zvJrza447FKJ4JHUdxyMjIXyYHPx+Mjocl8prlb/eKq+vLO7bNF5a6fg3Tu9PRSc50D8V/2ec/z+Z6b/35///pu3dVLu+uX9vsVdaOv59Het99Gb0jPj/crve+Uy7FxF/nl86/v31vMHWChONBaAW/3f6977/pzL99yr+x0IIuag211xqBajtYWr5nfYrpKXj/4t6XmrpTP6Qne7/7zLxv5Dp/6DW/43sBxG7Sse/sY4PpGrs3P/D8d73/8VM/wcR/9r8N3z+dyUd/0ONzP5Ulfpfstv1fzrTf6/ifz1O5nksSr0DNqNGfqf/r460dPwH2sp3nv/irvb/lzLtX9TzX3Pc5vNfc/n/c9R4/mN32/HfCk+q1cGO9bq9/2cy7Xq9/k/U939tzpzo5aCvkPT9f7iel947D9V/dop/NRP/2Uz/zxH/jzs/he6o70oGmvHfWU++P9TI/8D+ryvp+P+qkRm31tio/6zv/6K99/+XM/0fxP6vNv+NuLejvirS8T/SsV4t/p938fl/JdOu9/EPYbT5BmjfvrCHdPyPdqxXv/8H9o7/XKZdr+P/p152DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPASmEzSoRDFI6nrOB4ZCeF8cn0yHI7mC4v5+VJ54bW1EKaS/Fw4Ht0ulecLpfzSSnmxmC+USuWFEC4k5SfCQLRWKlfyy4W7F7f7GozuFAurlflioRJCmE7yfxeONvuaX6osF+6GEC5tl/06Lq/evVNYyS8urf5jdHR0NMxsz2E4Kr5RKa5UGqM3SkOY3W47FLVMrl58eXsuR6L/l9dXVwqlev6Vljal8kKh1NJmLil7NwxHldX1lYVCpZgvlW83xztIE0k6NXPtv9eujLWV34wa6eSLnRYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP9Kj8b+/F0Lob1zFIYRclLyIkn8pDx8Xz+afzt3fGj81u/lg68ludQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4gR04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirs0j9KA0EUB+A3Y6Glx7BadjvbFUW0cEXwBHoMD6NH8RLewSJF2hQhkMxC2D+wTVJ9X/Ngfsy8B/MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACWe3zr3l/rJiLF1fYy4vfz7/84fy71+276/sUZZuR0nl66+4e6Kf+eRvltOVq1eZ9u1l8fMVF7P4M9Ge7TwbjP0Ny+zc3X972OlKuIaEt+k3KuqmVvAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAsAAAAACPO3jqJvAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//9HQIRk=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000540)='./file7\x00', 0x1c0)
rmdir(&(0x7f0000000300)='./file7\x00')
renameat2(0xffffffffffffff9c, &(0x7f0000000780)='./file7\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)

1.619526356s ago: executing program 0 (id=1008):
r0 = socket$kcm(0x2, 0x200000000000001, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000140)={0x2, 0x4001, @dev}, 0x10, 0x0}, 0x30004081)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000001f00)="89000000120081ae08060cdc030000017f03e3f7000000006ee2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec00120c0001000c080c00bdad01409bfc68ad639a8ace8680210bc28b805508bc7a46e39a8285dcdf12176679df069163ce955fed0009d78f0a947ee2b49e33", 0x89}], 0x1}, 0xff0f000020000080)

1.536639413s ago: executing program 4 (id=1009):
keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000000)=""/21, 0xfffffe0d)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600002, 0x600002, 0x7, &(0x7f0000a00000/0x600000)=nil)
mremap(&(0x7f0000f1a000/0x3000)=nil, 0x3000, 0xa000, 0x3, &(0x7f0000aa9000/0xa000)=nil)
migrate_pages(0x0, 0x3, &(0x7f0000000040)=0x7f, &(0x7f0000000300)=0xa)

1.387323737s ago: executing program 0 (id=1010):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000280)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x80000)
sendmmsg$inet6(r1, &(0x7f0000006880)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000500)="b91aba1afa37865dda23d7e61ce9b8e5f95cae1645bffb39", 0x18}, {&(0x7f0000000b00)="3d82ac17a110f6895f9718972179bd52f848c4ad7d162ae5386c609a1188562c8e65272589e06327f4da6fbd427ce665fdd8a1a3a3875738ecbf501940b5a933b217757166e7402128c7051e6d6effbf5934b9ffaa6fd815ffae82d0c916b86e832d9a39b208f16b074f82d809527602f49ab75cd6404a94f6e17d2a403968c15d6fd83a8636e692f06bd5c7ca236fc07695a8f137e30ce8f2e4c30c44f87f467e513e9a35c6591b00cf5494b772519731c01d2ede919d0fb2b31593b0e3ceb0f969e284494d1be649505307dcd220a45d8cfadefd340ead61cb013cb2b351631849b334d3b94a17b0b0279a14ff1cd9be6c8045d465070da6679049ef2c2b3312099adf7d7836adf38ab0c242d23f5a89c68286a1615460f425047155a2f660d637b1669f930ac007", 0x129}, {&(0x7f0000000240)="ddbb", 0x2}], 0x3}}], 0x1, 0x0)

1.331538802s ago: executing program 0 (id=1011):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
close_range(r0, r0, 0x2)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
writev(r0, 0x0, 0x0)

1.331233672s ago: executing program 2 (id=1012):
rseq(&(0x7f0000000080), 0x20, 0x0, 0x0)
r0 = syz_open_dev$evdev(&(0x7f00000002c0), 0x0, 0x0)
readv(r0, &(0x7f0000001380)=[{&(0x7f0000001340)=""/29, 0x1d}], 0x1)
ioctl$EVIOCGABS20(r0, 0x40044591, 0x0)

1.261885608s ago: executing program 0 (id=1013):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000c40)=@delchain={0x170, 0x65, 0x100, 0x170bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x1, 0x2}, {0x0, 0xe}, {0xc, 0xb}}, [@filter_kind_options=@f_route={{0xa}, {0xa0, 0x2, [@TCA_ROUTE4_ACT={0x8c, 0x6, [@m_connmark={0x88, 0x19, 0x0, 0x0, {{0xd}, {0x58, 0x2, 0x0, 0x1, [@TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x8, 0x101, 0x4, 0x3, 0x9}, 0x40}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0xfffff01c, 0xfffffff9, 0x3, 0x6, 0x7}, 0xfad6}}, @TCA_CONNMARK_PARMS={0x1c, 0x1, {{0x3, 0x6, 0x1, 0xfffffffc, 0x1}, 0xd}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}]}, @TCA_ROUTE4_POLICE={0x10, 0x5, [@TCA_POLICE_PEAKRATE64={0xc, 0x9, 0x6}]}]}}, @TCA_RATE={0x6, 0x5, {0x8, 0x81}}, @filter_kind_options=@f_bpf={{0x8}, {0x90, 0x2, [@TCA_BPF_ACT={0x8c, 0x1, [@m_ife={0x88, 0xd, 0x0, 0x0, {{0x8}, {0x4}, {0x5d, 0x6, "cd8b70710081a2bd2bcd34a15aeb07de37e896a00285639cdc83392aaab21f9b8781c2d75029e98c225fd3410c8930e0c7e0dd4e176f35f724d0e392e7e74c4cc3082781f85348890568548d9f4efd81b5448397c14ae2b58d"}, {0xc}, {0xc, 0x8, {0x3, 0x1}}}}]}]}}]}, 0x170}, 0x1, 0x0, 0x0, 0x80}, 0x8030)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

1.075360294s ago: executing program 0 (id=1014):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
llistxattr(&(0x7f0000000240)='./file0\x00', &(0x7f0000000400)=""/67, 0x43)

1.075161615s ago: executing program 0 (id=1015):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b362f"], 0x0)
r1 = syz_open_dev$midi(&(0x7f0000000100), 0x3ff, 0x2000)
read(r1, &(0x7f0000000040)=""/36, 0x24)
syz_usb_disconnect(r0)

985.036873ms ago: executing program 3 (id=1016):
r0 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffd, {0x0, 0x0, 0x0, r1, {0x0, 0x1}, {0xffff, 0xffff}, {0xffe0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=@newtfilter={0x4c, 0x2c, 0xf3f, 0x70bd2c, 0x25dfdbfd, {0x0, 0x0, 0x0, r1, {0xb, 0xfff3}, {}, {0x7, 0xffff}}, [@filter_kind_options=@f_flow={{0x9}, {0x1c, 0x2, [@TCA_FLOW_PERTURB={0x8, 0xc, 0x7e5}, @TCA_FLOW_MODE={0x8}, @TCA_FLOW_KEYS={0x8, 0x1, 0x1}]}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x20041090}, 0xd0)

968.918344ms ago: executing program 4 (id=1017):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x0, &(0x7f00000069c0)=ANY=[@ANYBLOB="6c617a7974696d652c6e6f696e6c696e655f78617474722c6c617a7974696d652c6e6f626172726965722c6163746976655f6c6f67733d342c757365725f78617474722c6d6f64653d6c66732c616c6c6f635f6d6f64653d64656661756c742c00be9ee044c45511e65887f6fac9eba6d787c3684a836f23dbf8ad3dd5931c08b4d8bde7e8acbbf3bf3326f2faa5952a332ad2ced40c98a2affa2dad4d623f9ff3ffa81e45095548ab6200f069d0f63d20fd71d3043b0dd5c4cf9785f3f531abc19bc1678f5e0b33006bd1049ca45fd8500d67a5aa6e1c23d900000000007867738729e703bb122283fb2fae9813a0cfefcdf3dc968af1cf80e96649d943198a96d9b1af9c91506b30922be8537f54e65cf60c6b6a5798955796aea325770d6ccc93a95fad93b2c7bad114fcbc55036a301c23b07073c71555791db8919235022bb0ee4294211ab9b43f3fbedecd223722d937aa22b31e2e9c97e5ea94e4ab83d4e5811c7556813c334aec856af0a0c12b3c93ba5aa906c6e2268a0c6cbbb13f496d87c608604eb02b2c031d5ae40c75"], 0x1, 0x5531, &(0x7f0000000b00)="$eJzs3EtvG1UUAODrpOmbEiEW7DpShZRItVWnSQW7AK14iFQRjwUr6tiO5db2RLHjhKxYsEQs+CcIJFYs+Q0sWLNDLEDskIo89wY1PCpQHJsk3ydNz8yd6zPnjqpEZyZyAM6s+ezXn0vhWrgUQpgNIVwNodgvpa2wGsMLIYTrIYSZJ7ZSGv9j4HwI4XII4dooecxZSqc+vzm8sfLTW798892Fc1e++Pr76a0amLYXQwjdrbi/240xb8X4MI3Xhu0idpeHKcYT3UfpOI9xt7lRZNitHcyrFfF2K87Pt3b6o7jZqdVHsdXeLMa3evGC/WHrIE/xgYe17eK40dwoYrufF7G1H+va248/2/b7g5inkfJ9VKQPg8FBjOPNvWZcz9ajItZ7gzQe8+aN5t4oDlNMlwv1vNMo6tg4yp3+f3u73dvZy4bN7X4772UrlepLleqdcnU7bzQHzeVyrdu4s5wttDqjaeVBs9ZdbeV5q9Os1PPuYrbQqtfL1Wq2cLe50a71smq1crtyq7yymPZuZq/ffz/rNLKFUXy13dsZtDv9bDPfzuInFrOlyu2XF7Mb1ezdtfVs/Z1799bW3/vw7gf3X1l787U06S9lZQtLt5aWytVb5aXq4sld/+h3/X9a/yep6DGuH46k9LSTDyZXB8AJov8HpmGi/f9cGHv/H/T/Y6H/P7Prf5wc7QZytj21/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4DT7Ye7LN4qd+Xh8JY0/k4aeS8elEMJMCOHx35gN5w/lnE155v5h/tyfavi2FIoMo2tcSNvlEMJq2n579rjvAgAAAJxeX318/bPYrcd/5qddEJMUH9rMXH0wpnylEMLc/I9jyBLSw6bw/NGrikb/v8+FvTFlKx5gXRxTsvjI7dy4sv0rs4fCxSdCKYaZg5nnJ1oXAABwnA53ApPtQgAAAJikT6ddANNRvGlNf4ufXvNdiCG9ELx06AgAAAA4gUrTLgAAAAA4dkX/7/v/AAAA4HSL3/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL+zcze5aQNRAICfDS609AdV3fcq3cExeoQuu4y4CkcgV8gFOAPZZZtdBBH2JAoRhBAbE6Lvk+xhbOvxjPDijUcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABzTdTEbX1787teNs1zV08zdAAAAANssitm4/DCs+oN0/Fs69DP1s4jII2Jb7d6JTxsxOylOseP64lkOVxFlhPV39NL2JSL+pO3ux7F/BQAAAPi45pPpqKrWq93w1AnRpmrQJv/6t6F4WUQUw5uGouXr3a9XXbraPz60/n934/+Os9lhqZUDW1F7ysyDcsit21S0/TrpcX9s+k+arGry9tIBAADaslkJtFiFAAAA0LJ/p06A0yjfeqa5+GkCf69q0gvBzxs9AAAA4AwdOusZAAAAeI8GL54t6/8zWP/v+631/wAAAODNqvX/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOKZFMRvPJ9NR3TjLVT3N3A0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAPfvzjsIwDAZhcJMor07oAr7/Lc2C3bp1MwOCj38rAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABceRwvzzNejZlso9eZ5N3zSvLp1Ph2avw6N/5Jxrr7NwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7+/OSAiEQBFEwZ/zvpO9/WEnQM4gQAQ2PKmrRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAF/3ul/8TU+NMMnfaWDoeSdauGltXjb0HjaMH4+3fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXO/fvGzcVBwD8e+fzlRYQIaAMQYhKDLDQ9FpaujKAIgb+BKQovZbAlR9tBlpVoCxsKHMXBCNCSKCw9X/o3EpdytbhhiIxMYDss5PXo4iDKvaRfD7S8/vacvy+z4mifP2cAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA2fnMvzorNwiTuVsduP7i+XvR3pvrCze27y0Ur4s7fXP+L/Up8/r2Y7nSW2ksEAACAwyOr6/uIfuQ7q0XQXSjr/7w+p6j5v3l6Etf1/HTdX/d17V+0n3+6//zuQAuTcYqLXtgYDU/+NZVeto/znGfP/OMZvfLOl89esvIb0n1n67lxXt7Pzle3br3VL8MjTWQLAPwXJ+q+Cuq/h4p+0GZiABwavaoV7lX1f7bQbk4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATehvxZN13ImI5d5eXLjz4Pp62U/t39y+u1y3szdubKfXLC6RR8SFjdHwZFMT+R+4cvXah2uj0fBy88FLEdHe6FXw3gznRLSZoeBxg271sz7bVx2PiPZzbj9o+RcTAAAHTl61oq6/l++sFsc6ixF/fPtw/f9KEkda/0/1af1///2zt9Ox0vp/0NgM59/K5qVPVq5cvfbaxqW1i8OLw49ePzV4Y3D63Jkz51bKZyUrnpgAAADwePpVS+v/7mLEeGr9/1gSx4z1/6dfDz5Px8rU/4+0t+jXdiYAAACH27PHf/u184jjnX4/Plvb3Lw8mGx3909Nti2k+q8dqVpa/2eLbWcFAAAANGG81Xlo/f98EseM6/9PfffCD+k1s4g4Wq3/n1j/eHS+uem05PeZzmri34n3faoAAADMtaNVS9f/8/L9/+7uKw/diHj15UlcfQzgTPV/9vaX36djpe//n25uinOpuzS5H2W/FNFbajsjAAAADrInqlYU+7/kO6sf/Hjs3b73/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACa9mcAAAD//6vIRLE=")
io_setup(0x1, &(0x7f00000004c0)=<r0=>0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x56633bd1cf1d94b2)
io_submit(r0, 0x1, &(0x7f0000000480)=[&(0x7f0000000280)={0xffffff7f00000000, 0x0, 0x0, 0x1, 0x3, r1, 0x0, 0x0, 0x400a00}])

887.393711ms ago: executing program 3 (id=1018):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000040)='hugetlb.2MB.rsvd.failcnt\x00', 0x2, 0x0)
sendfile(r1, r1, 0x0, 0x9c)

826.049136ms ago: executing program 3 (id=1019):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="4400000010004b0400000000000000007a000000", @ANYRES32=r1, @ANYBLOB="0000000000000000240012800b0001006272696467650000140002800800080088a8"], 0x44}}, 0x0)

756.244573ms ago: executing program 1 (id=1020):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x3c, r0, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x30}], @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x9b4}, @NL80211_ATTR_WIPHY_CHANNEL_TYPE={0x8, 0x27, 0x1}, @NL80211_ATTR_CENTER_FREQ2={0x8}]]}, 0x3c}}, 0x0)

663.223551ms ago: executing program 3 (id=1021):
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
io_setup(0x8, &(0x7f0000004200)=<r0=>0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
io_submit(r0, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x2}])

661.361311ms ago: executing program 2 (id=1022):
unshare(0x8040480)
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x2a0471a, &(0x7f0000000a00)={[{@dioread_lock}, {@bsdgroups}, {@nouid32}, {@errors_remount}, {@jqfmt_vfsv1}, {@oldalloc}, {@stripe={'stripe', 0x3d, 0x5}}]}, 0x2, 0x46b, &(0x7f0000000580)="$eJzs3M1vFOUfAPDvzLbw+/HWivgColaJsfGlpQWVgxeNJh4wmugB9VTbQgiFGloTIUSqMXgxMSR6Vo8m/gXevBj1ZGLiSe+GhCgX0FPNzM5Ad9ltt3TZrd3PJxl4nn2e7TzfPvPMPDPPbgPoWUPZP0nEtoj4LSIGqtnaCkPV/65dOTf595Vzk0ksLr72Z5LXu3rl3GRZtXzf1iIznEakHyXFTmrNnTl7YmJmZvp0kR+dP/nO6NyZs08ePzlxbPrY9KnxQ4cOHhh75unxp9oSZxbX1T3vz+7d/dIbF1+ePHLx7R+/ydq7rShfGsct2XTzS0NZ4H8t5urLHon/r2l36832Jemkr4sNYVUqEZF1V38+/geiEjc6byBe/LCrjQNuq+zatLl58cIisIEl0e0WAN1RXuiz+99y69DUY124/Fz1BiiL+1qxVUv6Ii3q9Nfd37bTUEQcWfjni2yLdjyHAABYwSeTnx+OJxrN/9K4e0m9HcUaymBE3BEROyPizojYFRF3ReR174mIe1e5//qloZvnP+mlWwqsRdn879libat2/lfO/mKwUuS25/H3J0ePz0zvL34nw9G/OcuPLbOP71745dNmZUvnf9mW7b+cCxbtuNRX94BuamJ+Ip+UtsHlDyL29DWKP7m+EpBExO6I2LO6H72jTBx/7Ou9zSqtHP8y2rDOtPhVxKPV/l+IuvhLyfLrk6P/i5np/aPlUXGzn36+8Gqz/a8p/jbI+n9L7fFflHx5pkgMvrV0vXYuVr1yeeH3j5ve09zq8b8peT0/H5XLru9NzM+fHovYlBzO8zWvj994b5kv62fxD+9rPP53Fu/J+v++iMgO4vsj4oGIeLBo+0MR8XBE7Fsm/h+eb162Hvp/quH57/rxP5jU9P/qE5UT33/bbP+t9f/BPDVcvJKf/1bQagPX8rsDAACA/4o0/wx8ko5cT6fpyEj1M/y7Yks6Mzs3//jR2XdPTVU/Kz8Y/Wn5pGtgyfPQsWSh+InV/HjxrLgsP1A8N/6sEnl+ZHJ2ZqrLsUOv29pk/Gf+qHS7dcBt12gdbbzBF9qAjad+/Ke12fOvdLIxQEf5vjb0rhXGf9qpdgCd5/oPvavR+D9fl7cWABuT6z/0LuMfepfxD72rbvxX4tdutQTooLV8r1+ilxORrotmtJRo/e9B3O7Em+ujGS0kun1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaI9/AwAA//9sbvBf")
r0 = openat$6lowpan_enable(0xffffff9c, &(0x7f0000000100), 0x2, 0x0)
fallocate(r0, 0x40, 0x6, 0x101)

554.609311ms ago: executing program 3 (id=1023):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000080)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x13f, 0x9}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f00000004c0)={0x3, 0x40, 0xfa02, {{0x6000000, 0x4e23, 0xfffffffc, @mcast2, 0x40000000}, {0xa, 0x4e23, 0x7, @dev={0xfe, 0x80, '\x00', 0x2d}, 0x12}, r1}}, 0x48)
write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f00000001c0)={0x13, 0x10, 0xfa00, {&(0x7f0000000640), r1, 0x2}}, 0x75)

472.200438ms ago: executing program 1 (id=1024):
syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000300)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[], 0x1, 0xac3, &(0x7f0000000e00)="$eJzs3U2MW0cBAOCxd73ZTVPilIQuaWgTCm356abZLOEngqRKhETUVIhLpYpLlKYlIgSJIgFVJZKcuNGqChInfsSpl6ogJHpBUU9cKtFIFVJPhQMHoiAqcSiBxCj2jNee2Hn2/j07/j7p7XjejD0z3ufn5/fezARgYlWbf5eW5ishXHzjlaP/eOjvczfXHGrnqDf/TnfEaiGESoxPZ6/33lQrvP7+iyd7hZWw2Pyb4uHJq+3n3hVCOBd2h0uhHnZevPzyW4tPHD9/7MKet189eGV9Wg8AAJPl65cOLu3465/v23bttfsPh03t9en4vB7jW+Jx/+F44J+O/6uhO17pWDrNZPmm41Kd68431SNfZzm1LN90n/JnsvJrffJtCrcvf6pjXa92wzhL23E9VKoLXfFqdWGh9Zs8NH/Xz1QWzp4+8+zzJVUUWHP/fiCEsLtjOXKhOz5qy6ERqMMKl8YI1GEsl8MbV9a1Rkvpbd6gpbG17D0QQEt+vfAW5/IzC6vTfrXpwcq/+ni19/NhDWz09j9U+TMllx+U/5vz9jisnTt1a0rtSp+jLTGeX0fI71/q//nLr3R0r82vR9QGrGe/6wjjcn2hXz2nNrgeK9Wv/vl2caf6cgzT+/CVrtQHuj4/+f90XP7HQG8f5Of/LRbLaC+hK15bzWs1Wq82V+Y+CBhN+X1zjXR9NMrv68vTNxWkzxakzxWkby5Iv6sgHSbZ777/0/BSZfl8V/6bftjz4ek8290x/NCQ9cnPRw5bfn7f77BWW35+PzGMsj+ceOrUF555+nLr/v9Ke/u/Ebf39HOjHj9bl2KGdL4wP6/evve/3l1OtU++e7L63N0jf/Px9u58le3LrxM69jO31GO++3lb++Xb1Z2vnuWbi8tsVt/8+GRz9rx0/JH2q+n9ms7aW8vaMZPVI+1XtsUwrwesRNoe+93/n7bP+VCrPHv6zKnHYjxtp3+aqm26uX7fBtcbWL1B+//Mh+7+P1va62vVzv3C1uX1ldZ+4fX4et3rF9vldKzv+FJL33Pfmppr5l84+d0zz6xx22HSPf+jF7594syZU9/zYMUPvjoa1RjmQfrZMir18WDYB7vXu4iSd0zAutv749ZBwKOnv3PiuVPPnTq7/8CB/YuLB764f2lv87h+b+fRfadzJdQWWEvLX/pl1wQAAAAAAAAAAAAY1A+OHb38zpuff7fV/3+5/1/q/5/u/E39/3+S9f/P+8mnfvCpH+C2HunNPNkAqzNZvlpcPpzVd3tWzo7seR+JYXsev9j/PxWXj+ua6nNvtr7WJ5oNJ3DLeCkz2Rgk+XyBH4/hhRj+OkCJKr2H/su32x7jW1c+6NjW0/gUs8vPahgfeHykrtfNraFjSKPU/7vnuE49+mszXjaix2LZbQR6++dEjf/9r+WGl14XS/9lemPL+/nkbhONvkfpg85gA7A2yp7/M533TOHZP35t9uaSsl19vHt/mY9fCsP4yzvd8VGff3K9y8/n7dvo8stu/0bP/9me/27g/V82Y159ZeX+5xdX3u0oNuwctPy8/Wkc6O3DlX8tlp9a83AYrPzGr7Ly8wtCA/pvVv7mAcu/pf27Vlb+/2L56W175MFBy2/VuFLtrsdc1o50/S8/b5xcz9qfxva8TfnfeKFX+1c4UeONWD5MsnGZZ3ZY2XFE+6B95fP/RufWdv7fdmWz3Vp+H8bnYjztiNN9Dvl8J8PWP91fkb4HdmSvXyn4fjP/73j7UgyLPg9p/t+0PdbjV35HvPlepnitx3t7p+5rYFy9N0rX/5Ky67Hq5crmVbRjtvz6r90yNQJ1WKtltvf/tLGSNm4akW290Wis7wmtAqUWTunvf9m/E8ouv+z3v0g+/29+DJ/P/5un5/P/5un5/L95+lz8D/VLz+f/zd/PfP7fPP3e7HXz+YHnC9I/WpC+s3d6+2f7fQXP31WQ/rGC9D3t9ENdOVL6/bd9/nK+fq9/T0H6gwXpnyhI/2RB+kMF6Y90pHfOAZ3SP1Xw/Dtd6o8yqe2HSZb3z/P5h8mRrv/0+/xvL0gHxtfPXtt35OnffrPe6v8/0z4fkq7jHY7xWvz99MMYz697h474zbQ3Y/xvWfqon++ASZKPn5F/vz9ckA6Mr3Sfl883TKDKbO/VMSwat6rfcT7j5dMx/EwMPxvDR2O4EMO9MdwXw8UNqh/r48jrvz/4UmX59/7WLH3Q+8nz/kBd40SFEPYPWJ/8/MCw97Pn4/gNa7Xlr7A7GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQGmqzb9LS/OVEC6+8crRp46f3ntzzaF2jnrz73RHrNZ+XgiPxXAqhr+MD66//+LJzvBGDCthMVRCpb0+PHm1XdJdIYRzYXe4FOph58XLL7+1+MTx88cu7Hn71YNX1u8dAAAAgDvf/wMAAP//Nj4Q1g==")
unlinkat(0xffffffffffffff9c, &(0x7f0000000c40)='./file1\x00', 0x0)
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000080)='./file1\x00', 0x9c93, 0x0, 0x1, 0x0, &(0x7f0000000640))
truncate(&(0x7f0000000080)='./file2\x00', 0x0)

371.604777ms ago: executing program 3 (id=1025):
r0 = socket$kcm(0x10, 0x2, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r1, &(0x7f00000000c0)="ad57877f678615cea5858470ef9a9ce63f4388845b68d100479307c5d3db3216b7807206e76d92cff1013bd30a2e69ed768a65bc12b293c353", &(0x7f0000000000)=""/3, 0x2}, 0x20)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0)

267.342346ms ago: executing program 2 (id=1026):
syz_mount_image$reiserfs(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0x8488, &(0x7f0000000780), 0xfe, 0x10fd, &(0x7f0000001140)="$eJzs2T9rFEEYBvBnds8/3cqmXwQtLCQknF8ghcK1ttqIpDJVrlL8OH4cTWUf0msRsF9Zb/dO5UTwTm1+PzjmvYd9Z2fKmQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMZsmnkhxUSTtlVZKSdN3F4ipJN+V33tdVSp6eLpaPz+dPlknqb4+XZ0kZuoa2tMf3brfzdt4et48OTu5/WL5+8+rF2dnp+ThNSZfL6/1vpYzrAQAAAH7U76z5z+8HAAAAfmdvFwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf6hvNnU7FVWSknTdxeIqSbel78Y/Wh8AAACwu5Iqz5tt+eoaYONhPjZlnQ/jlzLUR3m3pR8AAAD4pf7WWHz/fb3c3JzHH2S2PpcP2d3Mcni4+j8O+XyS1EmOfpr88vrty+lX+vpv7wUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK/swLEAAAAAgDB/6zQ6NgAAAAAAAAAAAAAAAAAAAPYKAAD///F61s8=")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
getdents(r0, 0x0, 0x54)
ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa03, 0x0)

0s ago: executing program 1 (id=1027):
setsockopt$IP_VS_SO_SET_ADDDEST(0xffffffffffffffff, 0x0, 0x487, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f00000004c0), r0)
sendmsg$ETHTOOL_MSG_LINKINFO_GET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)={0x2c, r1, 0x1, 0x70bd2b, 0x25dfdbfb, {0x1a}, [@HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_1\x00'}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000801}, 0x0)

kernel console output (not intermixed with test programs):

00000000000 RSI: 0000000000000000 RDI: 0000200000000040
[   75.655535][ T4922] RBP: 00007f32df954b39 R08: 0000000000000000 R09: 0000000000000000
[   75.663491][ T4922] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   75.671446][ T4922] R13: 00007f32dfb38038 R14: 00007f32dfb37fa0 R15: 00007ffc9972f5a8
[   75.679426][ T4922]  </TASK>
[   75.688840][ T2422] pvrusb2: Invalid write control endpoint
[   75.696409][ T4935] EXT4-fs (loop4): Mount option "nouser_xattr" will be removed by 3.5
[   75.696409][ T4935] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[   75.696409][ T4935] 
[   75.766623][ T4935] EXT4-fs (loop4): Ignoring removed orlov option
[   75.775801][ T4922] bread failed!
[   75.778293][    T7] usb 3-1: USB disconnect, device number 3
[   75.779465][ T4922] jfs_unlink: dtDelete returned -5
[   75.810880][ T2422] pvrusb2: Invalid write control endpoint
[   75.825773][ T2422] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[   75.835858][ T4922] ERROR: (device loop0): jfs_unlink: 
[   75.835858][ T4922] 
[   75.855242][ T2422] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[   75.855263][ T4935] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a8158018, mo2=0002]
[   75.857913][ T4922] ERROR: (device loop0): remounting filesystem as read-only
[   75.879465][ T4935] System zones: 0-1, 3-12
[   75.884751][ T4935] EXT4-fs (loop4): mounted filesystem without journal. Opts: resgid=0x000000000000ee00,bsddf,grpquota,nobarrier,nouser_xattr,orlov,debug,noauto_da_alloc,stripe=0x0000000000000002,,errors=continue. Quota mode: writeback.
[   75.906148][ T2422] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[   75.906173][ T2422] pvrusb2: Device being rendered inoperable
[   75.921298][ T2422] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[   75.931044][ T2422] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[   75.958159][ T2422] pvrusb2: Attached sub-driver cx25840
[   75.964467][ T2422] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[   75.983946][ T2422] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[   76.410639][ T4962] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[   76.460035][ T1111] cfg80211: failed to load regulatory.db
[   76.485093][ T4962] EXT4-fs error (device loop4): mb_free_blocks:1876: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[   76.606302][ T4962] EXT4-fs error (device loop4): ext4_do_update_inode:5222: inode #11: comm syz.4.282: corrupted inode contents
[   76.632650][ T4980] set_capacity_and_notify: 4 callbacks suppressed
[   76.632663][ T4980] loop3: detected capacity change from 0 to 256
[   76.670555][ T4962] EXT4-fs error (device loop4): ext4_dirty_inode:6058: inode #11: comm syz.4.282: mark_inode_dirty error
[   76.731487][ T4962] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.282: invalid indirect mapped block 1 (level 1)
[   76.787634][ T4962] EXT4-fs error (device loop4): ext4_do_update_inode:5222: inode #11: comm syz.4.282: corrupted inode contents
[   76.822397][ T4985] netlink: 1 bytes leftover after parsing attributes in process `syz.0.291'.
[   76.831379][ T4962] EXT4-fs error (device loop4) in ext4_orphan_del:303: Corrupt filesystem
[   76.833922][ T4962] EXT4-fs error (device loop4): ext4_do_update_inode:5222: inode #11: comm syz.4.282: corrupted inode contents
[   76.853415][ T4962] EXT4-fs error (device loop4): ext4_truncate:4279: inode #11: comm syz.4.282: mark_inode_dirty error
[   76.869958][ T4962] EXT4-fs error (device loop4) in ext4_process_orphan:345: Corrupt filesystem
[   76.880491][ T4962] EXT4-fs (loop4): 1 truncate cleaned up
[   76.886620][ T4962] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   76.987986][ T4989] netlink: 'syz.2.293': attribute type 1 has an invalid length.
[   77.001703][ T4989] netlink: 'syz.2.293': attribute type 2 has an invalid length.
[   77.112071][ T4995] device macsec1 entered promiscuous mode
[   77.154263][ T4995] device macvlan1 entered promiscuous mode
[   77.189528][ T4995] device macvlan1 left promiscuous mode
[   77.306742][ T5003] input: syz0 as /devices/virtual/input/input12
[   77.583325][ T5017] loop3: detected capacity change from 0 to 1024
[   77.646904][ T5024] capability: warning: `syz.4.310' uses deprecated v2 capabilities in a way that may be insecure
[   77.758383][ T5026] device team_slave_0 entered promiscuous mode
[   77.765012][ T5026] device team_slave_1 entered promiscuous mode
[   77.778331][ T5026] 8021q: adding VLAN 0 to HW filter on device macvlan2
[   77.856410][ T1111] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   77.979951][ T5033] loop4: detected capacity change from 0 to 64
[   78.093172][   T26] audit: type=1804 audit(1771529997.542:10): pid=5033 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.314" name="/newroot/66/bus/file1" dev="loop4" ino=21 res=1 errno=0
[   78.125745][ T1326] kernel read not supported for file /dsp (pid: 1326 comm: kworker/0:3)
[   78.146392][ T1111] usb 3-1: Using ep0 maxpacket: 8
[   78.244770][ T5036] device macsec1 entered promiscuous mode
[   78.250794][ T5036] device macvlan1 entered promiscuous mode
[   78.262294][ T5036] device macvlan1 left promiscuous mode
[   78.276517][ T1111] usb 3-1: config index 0 descriptor too short (expected 1307, got 27)
[   78.288136][ T1111] usb 3-1: config 0 has an invalid interface number: 0 but max is -1
[   78.296883][ T1111] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 0
[   78.320841][ T1111] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[   78.356045][ T1111] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[   78.364123][ T5040] input: syz0 as /devices/virtual/input/input13
[   78.556520][ T5050] netlink: 32 bytes leftover after parsing attributes in process `syz.1.322'.
[   78.566153][ T1111] usb 3-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=c3.de
[   78.585939][ T1111] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   78.599272][ T5050] netlink: 32 bytes leftover after parsing attributes in process `syz.1.322'.
[   78.613890][ T1111] usb 3-1: Product: syz
[   78.619327][ T1111] usb 3-1: Manufacturer: syz
[   78.624129][ T1111] usb 3-1: SerialNumber: syz
[   78.647167][ T1111] usb 3-1: config 0 descriptor??
[   78.707083][ T1111] hub 3-1:0.0: bad descriptor, ignoring hub
[   78.713070][ T1111] hub: probe of 3-1:0.0 failed with error -5
[   78.762038][ T1111] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input14
[   78.911081][ T1111] usb 3-1: USB disconnect, device number 4
[   78.979606][ T5082] loop3: detected capacity change from 0 to 128
[   79.035008][ T5082] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[   79.089900][ T5082] hpfs: filesystem error: improperly stopped
[   79.097102][ T5082] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[   79.126953][ T5082] hpfs: You really don't want any checks? You are crazy...
[   79.144563][ T5082] hpfs: hpfs_map_sector(): read error
[   79.189820][ T5082] hpfs: code page support is disabled
[   79.195282][ T5082] hpfs: hpfs_map_4sectors(): unaligned read
[   79.233071][ T5082] hpfs: hpfs_map_4sectors(): unaligned read
[   79.250766][ T5082] hpfs: filesystem error: unable to find root dir
[   79.364580][ T5098] loop0: detected capacity change from 0 to 2048
[   79.412209][ T5098] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[   79.453173][ T5098] NILFS (loop0): mounting unchecked fs
[   79.512833][ T4177] udevd[4177]: incorrect nilfs2 checksum on /dev/loop0
[   79.522840][ T5098] NILFS (loop0): recovery complete
[   79.565568][ T5108] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   79.855761][ T1326] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[   79.953546][ T5102] loop1: detected capacity change from 0 to 32768
[   79.963468][ T5116] loop0: detected capacity change from 0 to 4096
[   80.012646][ T5116] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512)
[   80.234008][ T1326] usb 4-1: config 0 interface 0 altsetting 3 endpoint 0x81 has invalid wMaxPacketSize 0
[   80.246646][ T1326] usb 4-1: config 0 interface 0 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[   80.260229][ T1326] usb 4-1: config 0 interface 0 has no altsetting 0
[   80.293132][ T1326] usb 4-1: New USB device found, idVendor=045e, idProduct=009d, bcdDevice= 0.00
[   80.325568][ T1326] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   80.362535][ T1326] usb 4-1: config 0 descriptor??
[   80.835525][ T4227] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[   80.838806][ T1326] microsoft 0003:045E:009D.0001: item fetching failed at offset 2/5
[   80.859180][ T1326] microsoft 0003:045E:009D.0001: parse failed
[   80.865420][ T1326] microsoft: probe of 0003:045E:009D.0001 failed with error -22
[   81.066796][ T4229] usb 4-1: USB disconnect, device number 3
[   81.265661][ T4227] usb 5-1: config 0 interface 0 altsetting 69 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[   81.282767][ T4227] usb 5-1: config 0 interface 0 altsetting 69 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[   81.303336][ T4227] usb 5-1: config 0 interface 0 has no altsetting 0
[   81.310183][ T4227] usb 5-1: New USB device found, idVendor=17ef, idProduct=61ae, bcdDevice= 0.00
[   81.352664][ T5167] loop2: detected capacity change from 0 to 2048
[   81.364185][ T4227] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   81.374006][ T4227] usb 5-1: config 0 descriptor??
[   81.415825][ T5134] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[   81.449158][ T5167] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   81.503414][ T5172] loop1: detected capacity change from 0 to 512
[   81.645746][ T5134] loop4: detected capacity change from 0 to 64
[   81.692395][ T5172] EXT4-fs error (device loop1): ext4_validate_block_bitmap:429: comm syz.1.377: bg 0: block 5: invalid block bitmap
[   81.739559][ T5134] hfs: keylen 9474 too large
[   81.744471][ T5134] hfs: get root inode failed
[   81.789502][ T5172] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6194: Corrupt filesystem
[   81.802527][ T5172] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #11: comm syz.1.377: invalid indirect mapped block 3 (level 2)
[   81.814687][ T5168] loop0: detected capacity change from 0 to 40427
[   81.837800][ T5172] EXT4-fs (loop1): 1 orphan inode deleted
[   81.843585][ T5172] EXT4-fs (loop1): 1 truncate cleaned up
[   81.852457][ T5182] netlink: 4 bytes leftover after parsing attributes in process `syz.3.380'.
[   81.856072][ T5172] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   81.926854][ T5168] F2FS-fs (loop0): invalid crc value
[   81.944598][ T5168] F2FS-fs (loop0): Found nat_bits in checkpoint
[   82.145264][ T5168] F2FS-fs (loop0): Start checkpoint disabled!
[   82.169647][ T4227] hid-generic 0003:17EF:61AE.0002: hidraw0: USB HID v0.04 Device [HID 17ef:61ae] on usb-dummy_hcd.4-1/input0
[   82.195660][ T5168] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[   82.207290][ T5195] netlink: 8 bytes leftover after parsing attributes in process `syz.1.386'.
[   82.360067][ T4227] usb 5-1: USB disconnect, device number 2
[   82.391312][ T5203] netlink: 'syz.1.388': attribute type 15 has an invalid length.
[   82.483274][ T5199] fido_id[5199]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[   82.505291][  T154] attempt to access beyond end of device
[   82.505291][  T154] loop0: rw=2049, want=40984, limit=40427
[   82.887904][ T5223] loop2: detected capacity change from 0 to 512
[   82.976436][ T5223] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   83.017997][ T5223] EXT4-fs (loop2): 1 truncate cleaned up
[   83.038425][ T5223] EXT4-fs (loop2): mounted filesystem without journal. Opts: quota,resuid=0x000000000000ee01,barrier=0x0000000000000003,debug_want_extra_isize=0x0000000000000080,block_validity,jqfmt=vfsv1,,errors=continue. Quota mode: writeback.
[   83.107957][ T5235] loop0: detected capacity change from 0 to 16
[   83.140039][ T5223] syz.2.398 (5223) used greatest stack depth: 21072 bytes left
[   83.146288][ T5235] MTD: Attempt to mount non-MTD device "/dev/loop0"
[   83.191990][ T5233] mkiss: ax0: crc mode is auto.
[   83.403744][ T5245] loop4: detected capacity change from 0 to 512
[   83.598077][ T5228] loop3: detected capacity change from 0 to 40427
[   83.681208][ T5228] F2FS-fs (loop3): invalid crc value
[   83.690268][ T5228] F2FS-fs (loop3): Found nat_bits in checkpoint
[   83.778278][ T5267] loop4: detected capacity change from 0 to 128
[   83.843045][ T5228] F2FS-fs (loop3): Start checkpoint disabled!
[   83.862158][ T5228] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[   83.889395][ T5267] VFS: Found a Xenix FS (block size = 512) on device loop4
[   83.931158][ T5267] sysv_free_block: trying to free block not in datazone
[   83.986251][ T4196] sysv_free_inode: inode 0,1,2 or nonexistent inode
[   84.071239][ T4251] attempt to access beyond end of device
[   84.071239][ T4251] loop3: rw=2049, want=40984, limit=40427
[   84.104719][   T13] kernel read not supported for file /dsp1 (pid: 13 comm: kworker/0:1)
[   84.423022][ T5276] loop1: detected capacity change from 0 to 8192
[   84.483700][   T26] audit: type=1800 audit(1771530003.932:11): pid=5276 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.421" name="file2" dev="loop1" ino=1048596 res=0 errno=0
[   84.504407][    C0] vkms_vblank_simulate: vblank timer overrun
[   84.532739][ T5276] attempt to access beyond end of device
[   84.532739][ T5276] loop1: rw=0, want=57848, limit=8192
[   84.585611][   T13] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   84.611209][ T5282] nbd0: detected capacity change from 0 to 549764202496
[   84.615174][ T5276] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1)
[   84.647911][ T4197] block nbd0: Receive control failed (result -104)
[   84.660373][ T5276] FAT-fs (loop1): Filesystem has been set read-only
[   84.680317][ T5272] loop4: detected capacity change from 0 to 32768
[   84.682922][ T5276] FAT-fs (loop1): error, invalid access to FAT (entry 0x0000e1b1)
[   84.965703][   T13] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   85.187643][ T5278] JBD2: Ignoring recovery information on journal
[   85.238877][ T5290] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[   85.247580][ T5290] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[   85.257440][   T13] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   85.282221][ T5290] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[   85.290609][   T13] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[   85.303151][   T13] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   85.314261][   T13] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   85.334136][ T1326] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[   85.341642][ T1326] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[   85.399738][ T1326] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 58ms
[   85.423002][ T1326] gfs2: fsid=syz:syz.0: jid=0: Done
[   85.430247][ T5290] gfs2: fsid=syz:syz.0: first mount done, others may mount
[   85.445668][   T13] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   85.454053][ T5278] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[   85.457110][   T13] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   85.476094][   T13] usb 1-1: Product: syz
[   85.480369][   T13] usb 1-1: Manufacturer: syz
[   85.537224][   T13] cdc_wdm 1-1:1.0: skipping garbage
[   85.542926][   T13] cdc_wdm 1-1:1.0: skipping garbage
[   85.556058][   T13] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[   85.569305][   T13] cdc_wdm 1-1:1.0: Unknown control protocol
[   85.690659][ T5290] gfs2: fsid=syz:syz.0: fatal: invalid metadata block
[   85.690659][ T5290]   bh = 2051 (type: exp=14, found=8)
[   85.690659][ T5290]   function = gfs2_quota_init, file = fs/gfs2/quota.c, line = 1406
[   85.711137][ T5290] gfs2: fsid=syz:syz.0: about to withdraw this file system
[   85.718811][ T5290] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[   85.727778][ T5290] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[   85.735725][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
[   85.736653][ T5290] gfs2: fsid=syz:syz.0: File system withdrawn
[   85.744706][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #108!!!
[   85.745487][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #10a!!!
[   85.751111][ T5290] CPU: 0 PID: 5290 Comm: syz.4.427 Not tainted syzkaller #0
[   85.760021][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #18a!!!
[   85.769073][ T5290] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   85.776356][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #18a!!!
[   85.785232][ T5290] Call Trace:
[   85.785242][ T5290]  <TASK>
[   85.795291][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #18a!!!
[   85.804174][ T5290]  dump_stack_lvl+0x188/0x250
[   85.807456][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #18a!!!
[   85.810352][ T5290]  ? kobject_uevent_env+0x371/0x890
[   85.819279][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #18a!!!
[   85.823924][ T5290]  ? show_regs_print_info+0x20/0x20
[   85.832866][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #18a!!!
[   85.838002][ T5290]  ? load_image+0x400/0x400
[   85.846926][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #18a!!!
[   85.852082][ T5290]  ? kobject_uevent_env+0x371/0x890
[   85.879849][ T5290]  gfs2_withdraw+0x1149/0x1490
[   85.884613][ T5290]  ? gfs2_lm+0x240/0x240
[   85.888844][ T5290]  ? gfs2_meta_ra+0x415/0x4d0
[   85.893513][ T5290]  ? gfs2_meta_buffer+0x310/0x310
[   85.898655][ T5290]  ? from_kuid_munged+0x6b0/0x6b0
[   85.903764][ T5290]  gfs2_metatype_check_ii+0x74/0x90
[   85.909042][ T5290]  gfs2_quota_init+0xca5/0xea0
[   85.913822][ T5290]  ? qd_get+0x5f0/0x5f0
[   85.917963][ T5290]  gfs2_make_fs_rw+0x414/0x580
[   85.922702][ T5290]  ? _raw_spin_unlock+0x24/0x40
[   85.927533][ T5290]  ? gfs2_glock_nq+0xcb0/0x1550
[   85.932364][ T5290]  ? gfs2_jdesc_check+0x290/0x290
[   85.937372][ T5290]  gfs2_reconfigure+0x7b1/0xd30
[   85.942210][ T5290]  ? gfs2_get_tree+0x1e0/0x1e0
[   85.946961][ T5290]  ? gfs2_freeze_lock+0x52/0xc0
[   85.951926][ T5290]  ? hook_sb_remount+0x19/0xc0
[   85.956669][ T5290]  reconfigure_super+0x219/0x8a0
[   85.961591][ T5290]  path_mount+0xd54/0x1030
[   85.965991][ T5290]  ? user_path_at_empty+0x13e/0x190
[   85.971169][ T5290]  __se_sys_mount+0x2e3/0x3d0
[   85.975837][ T5290]  ? __x64_sys_mount+0xc0/0xc0
[   85.980587][ T5290]  ? lockdep_hardirqs_on+0x94/0x140
[   85.985768][ T5290]  ? __x64_sys_mount+0x1c/0xc0
[   85.990508][ T5290]  do_syscall_64+0x4c/0xa0
[   85.994928][ T5290]  ? clear_bhb_loop+0x30/0x80
[   85.999581][ T5290]  ? clear_bhb_loop+0x30/0x80
[   86.004236][ T5290]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   86.010108][ T5290] RIP: 0033:0x7efff8770629
[   86.014499][ T5290] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   86.034291][ T5290] RSP: 002b:00007efff69ca028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   86.042781][ T5290] RAX: ffffffffffffffda RBX: 00007efff89e9fa0 RCX: 00007efff8770629
[   86.050737][ T5290] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000000
[   86.058687][ T5290] RBP: 00007efff8806b39 R08: 0000000000000000 R09: 0000000000000000
[   86.066644][ T5290] R10: 0000000002012024 R11: 0000000000000246 R12: 0000000000000000
[   86.074597][ T5290] R13: 00007efff89ea038 R14: 00007efff89e9fa0 R15: 00007ffd5b670df8
[   86.082556][ T5290]  </TASK>
[   86.085598][    C0] vkms_vblank_simulate: vblank timer overrun
[   86.093661][ T5290] gfs2: unable to remount read-write
[   86.115740][   T21] usb 1-1: USB disconnect, device number 3
[   86.126451][ T5274] cdc_wdm 1-1:1.0: Error submitting int urb - -19
[   86.158517][ T4186] ocfs2: Unmounting device (7,2) on (node local)
[   86.924593][ T5338] syz.4.447[5338] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   86.924725][ T5338] syz.4.447[5338] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   87.002252][ T1326] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   87.080173][ T5323] set_capacity_and_notify: 3 callbacks suppressed
[   87.080187][ T5323] loop2: detected capacity change from 0 to 32768
[   87.221045][ T5351] loop0: detected capacity change from 0 to 128
[   87.234380][ T5323] XFS (loop2): Mounting V5 Filesystem
[   87.286586][ T5346] loop4: detected capacity change from 0 to 4096
[   87.295704][ T1326] usb 2-1: Using ep0 maxpacket: 8
[   87.304660][ T5346] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512)
[   87.314505][ T5351] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[   87.343489][ T5351] hpfs: filesystem error: improperly stopped
[   87.349964][ T5351] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[   87.359203][ T5351] hpfs: You really don't want any checks? You are crazy...
[   87.362701][ T5323] XFS (loop2): Ending clean mount
[   87.366957][ T5351] hpfs: hpfs_map_sector(): read error
[   87.377727][ T5351] hpfs: code page support is disabled
[   87.384042][ T5351] hpfs: hpfs_map_4sectors(): unaligned read
[   87.392377][ T5351] hpfs: hpfs_map_4sectors(): unaligned read
[   87.404414][ T5351] hpfs: filesystem error: unable to find root dir
[   87.415786][ T1326] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[   87.450433][ T1326] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[   87.496008][ T1326] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   87.532148][ T1326] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[   87.555375][ T5346] ntfs3: loop4: failed to convert "c46c" to iso8859-5
[   87.715756][ T1326] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   87.724850][ T1326] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   87.742896][ T1326] usb 2-1: Product: syz
[   87.749742][ T1326] usb 2-1: Manufacturer: syz
[   87.754367][ T1326] usb 2-1: SerialNumber: syz
[   87.765057][ T4186] XFS (loop2): Unmounting Filesystem
[   87.841102][ T5364] tap0: tun_chr_ioctl cmd 1074025675
[   87.854728][ T5364] tap0: persist disabled
[   88.069794][ T5371] loop0: detected capacity change from 0 to 512
[   88.120795][ T5371] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[   88.159771][ T5371] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e02c, mo2=0002]
[   88.176652][ T5371] EXT4-fs (loop0): orphan cleanup on readonly fs
[   88.195645][ T5371] EXT4-fs error (device loop0): ext4_orphan_get:1426: comm syz.0.460: bad orphan inode 267
[   88.223942][ T5374] netlink: 4 bytes leftover after parsing attributes in process `syz.2.456'.
[   88.225777][ T1326] usb 2-1: USB disconnect, device number 3
[   88.277277][ T5359] loop3: detected capacity change from 0 to 32768
[   88.302234][ T5371] EXT4-fs (loop0): Remounting filesystem read-only
[   88.335494][ T5359] JBD2: Ignoring recovery information on journal
[   88.377092][ T5371] EXT4-fs (loop0): mounted filesystem without journal. Opts: nojournal_checksum,noblock_validity,discard,errors=remount-ro,inode_readahead_blks=0x0000000001000000. Quota mode: none.
[   88.413588][ T5371] EXT4-fs warning (device loop0): dx_probe:893: inode #2: comm syz.0.460: dx entry: limit 0 != root limit 125
[   88.475159][ T5383] loop2: detected capacity change from 0 to 4096
[   88.519780][ T5359] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[   88.523708][ T5371] EXT4-fs warning (device loop0): dx_probe:966: inode #2: comm syz.0.460: Corrupt directory, running e2fsck is recommended
[   88.649999][   T26] audit: type=1800 audit(1771530008.102:12): pid=5359 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.453" name="file1" dev="loop3" ino=17058 res=0 errno=0
[   88.720340][ T5388] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   88.874917][ T4187] ocfs2: Unmounting device (7,3) on (node local)
[   89.127339][ T5398] loop2: detected capacity change from 0 to 164
[   89.197423][ T5396] loop1: detected capacity change from 0 to 32768
[   89.265541][ T5398] iso9660: Corrupted directory entry in block 2 of inode 1920
[   89.296698][ T5396] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[   89.304998][ T5396] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[   89.318686][ T5396] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[   89.348118][    T7] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[   89.355057][    T7] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[   89.422337][ T5401] loop3: detected capacity change from 0 to 256
[   89.449629][    T7] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 94ms
[   89.470987][    T7] gfs2: fsid=syz:syz.0: jid=0: Done
[   89.476777][ T5396] gfs2: fsid=syz:syz.0: first mount done, others may mount
[   89.514050][ T5385] loop4: detected capacity change from 0 to 32768
[   89.557611][ T5396] gfs2: fsid=syz:syz.0: fatal: invalid metadata block
[   89.557611][ T5396]   bh = 2051 (type: exp=14, found=8)
[   89.557611][ T5396]   function = gfs2_quota_init, file = fs/gfs2/quota.c, line = 1406
[   89.577754][ T5396] gfs2: fsid=syz:syz.0: about to withdraw this file system
[   89.584961][ T5396] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[   89.593742][ T5396] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[   89.600466][ T5396] gfs2: fsid=syz:syz.0: File system withdrawn
[   89.606569][ T5396] CPU: 0 PID: 5396 Comm: syz.1.467 Not tainted syzkaller #0
[   89.613835][ T5396] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   89.623878][ T5396] Call Trace:
[   89.627142][ T5396]  <TASK>
[   89.630053][ T5396]  dump_stack_lvl+0x188/0x250
[   89.634803][ T5396]  ? kobject_uevent_env+0x371/0x890
[   89.639992][ T5396]  ? show_regs_print_info+0x20/0x20
[   89.645176][ T5396]  ? load_image+0x400/0x400
[   89.649661][ T5396]  ? kobject_uevent_env+0x371/0x890
[   89.654847][ T5396]  gfs2_withdraw+0x1149/0x1490
[   89.659597][ T5396]  ? gfs2_lm+0x240/0x240
[   89.663818][ T5396]  ? gfs2_meta_ra+0x415/0x4d0
[   89.668481][ T5396]  ? gfs2_meta_buffer+0x310/0x310
[   89.673496][ T5396]  ? from_kuid_munged+0x6b0/0x6b0
[   89.678701][ T5396]  gfs2_metatype_check_ii+0x74/0x90
[   89.684223][ T5396]  gfs2_quota_init+0xca5/0xea0
[   89.688996][ T5396]  ? qd_get+0x5f0/0x5f0
[   89.693144][ T5396]  gfs2_make_fs_rw+0x414/0x580
[   89.697936][ T5396]  ? _raw_spin_unlock+0x24/0x40
[   89.702770][ T5396]  ? gfs2_glock_nq+0xcb0/0x1550
[   89.707601][ T5396]  ? gfs2_jdesc_check+0x290/0x290
[   89.712608][ T5396]  gfs2_reconfigure+0x7b1/0xd30
[   89.717445][ T5396]  ? gfs2_get_tree+0x1e0/0x1e0
[   89.722239][ T5396]  ? gfs2_freeze_lock+0x52/0xc0
[   89.727070][ T5396]  ? hook_sb_remount+0x19/0xc0
[   89.731912][ T5396]  reconfigure_super+0x219/0x8a0
[   89.736836][ T5396]  path_mount+0xd54/0x1030
[   89.741236][ T5396]  ? user_path_at_empty+0x13e/0x190
[   89.746552][ T5396]  __se_sys_mount+0x2e3/0x3d0
[   89.751344][ T5396]  ? __x64_sys_mount+0xc0/0xc0
[   89.756093][ T5396]  ? lockdep_hardirqs_on+0x94/0x140
[   89.761269][ T5396]  ? __x64_sys_mount+0x1c/0xc0
[   89.766013][ T5396]  do_syscall_64+0x4c/0xa0
[   89.770409][ T5396]  ? clear_bhb_loop+0x30/0x80
[   89.775063][ T5396]  ? clear_bhb_loop+0x30/0x80
[   89.779732][ T5396]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   89.785625][ T5396] RIP: 0033:0x7f159458b629
[   89.790020][ T5396] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   89.809605][ T5396] RSP: 002b:00007f15927e5028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   89.818019][ T5396] RAX: ffffffffffffffda RBX: 00007f1594804fa0 RCX: 00007f159458b629
[   89.825979][ T5396] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000000
[   89.833934][ T5396] RBP: 00007f1594621b39 R08: 0000000000000000 R09: 0000000000000000
[   89.841894][ T5396] R10: 0000000002012024 R11: 0000000000000246 R12: 0000000000000000
[   89.849855][ T5396] R13: 00007f1594805038 R14: 00007f1594804fa0 R15: 00007ffeeebdfec8
[   89.857909][ T5396]  </TASK>
[   89.861665][ T5396] gfs2: unable to remount read-write
[   89.906696][ T5385] 
[   89.906696][ T5385]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   89.906696][ T5385] 
[   90.012483][ T5390] XFS (loop0): Mounting V5 Filesystem
[   90.078045][ T5385] ERROR: (device loop4): dbReAlloc: the block is outside the filesystem
[   90.078045][ T5385] 
[   90.131143][ T5385] ERROR: (device loop4): remounting filesystem as read-only
[   90.138749][ T5385] jfs_mkdir: dtInsert returned -EIO
[   90.144878][ T5385] ERROR: (device loop4): jfs_mkdir: 
[   90.144878][ T5385] 
[   90.217428][ T5421] genirq: Flags mismatch irq 4. 00000000 (pcmmio) vs. 00000000 (ttyS0)
[   90.242022][ T5390] XFS (loop0): Ending clean mount
[   90.261023][ T5390] XFS (loop0): Quotacheck needed: Please wait.
[   90.376394][ T5390] XFS (loop0): Quotacheck: Done.
[   90.525196][ T5432] netlink: 8 bytes leftover after parsing attributes in process `syz.1.488'.
[   90.588123][ T4185] XFS (loop0): Unmounting Filesystem
[   91.017231][ T5415] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 scanned by syz.2.473 (5415)
[   91.125978][ T5415] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[   91.174310][ T5415] BTRFS info (device loop2): using free space tree
[   91.199858][ T5415] BTRFS info (device loop2): has skinny extents
[   91.406185][ T5435] XFS: ikeep mount option is deprecated.
[   91.501280][ T5415] BTRFS info (device loop2): enabling ssd optimizations
[   91.504440][ T5433] JBD2: Ignoring recovery information on journal
[   91.520394][ T5437] debugfs: Directory 'B1DE653C5FFC4D88B33B244AAB9EB3E9' with parent 'ocfs2' already present!
[   91.591619][ T5435] XFS (loop3): Mounting V5 Filesystem
[   91.746906][ T5437] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[   91.766494][ T5433] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[   91.791929][ T5435] XFS (loop3): Ending clean mount
[   91.940281][ T4187] XFS (loop3): Unmounting Filesystem
[   91.982765][   T26] audit: type=1800 audit(1771530011.432:13): pid=5433 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.478" name="file1" dev="loop4" ino=17058 res=0 errno=0
[   92.153735][ T4192] ocfs2: Unmounting device (7,1) on (node local)
[   92.164248][ T5482] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   92.201568][ T4196] ocfs2: Unmounting device (7,4) on (node local)
[   92.990799][ T5492] set_capacity_and_notify: 7 callbacks suppressed
[   92.990813][ T5492] loop3: detected capacity change from 0 to 32768
[   93.074232][ T5492] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[   93.084054][ T5492] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[   93.132519][ T5492] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[   93.142760][ T1111] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[   93.153194][ T1111] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[   93.219233][ T1111] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 66ms
[   93.235743][ T1111] gfs2: fsid=syz:syz.0: jid=0: Done
[   93.246388][ T5492] gfs2: fsid=syz:syz.0: first mount done, others may mount
[   93.285609][ T5489] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   93.295867][    T7] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[   93.325955][ T5492] gfs2: fsid=syz:syz.0: fatal: invalid metadata block
[   93.325955][ T5492]   bh = 2051 (type: exp=14, found=8)
[   93.325955][ T5492]   function = gfs2_quota_init, file = fs/gfs2/quota.c, line = 1406
[   93.346043][ T5492] gfs2: fsid=syz:syz.0: about to withdraw this file system
[   93.353250][ T5492] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[   93.362088][ T5492] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[   93.368741][ T5492] gfs2: fsid=syz:syz.0: File system withdrawn
[   93.374999][ T5492] CPU: 1 PID: 5492 Comm: syz.3.486 Not tainted syzkaller #0
[   93.382385][ T5492] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[   93.392471][ T5492] Call Trace:
[   93.395757][ T5492]  <TASK>
[   93.398696][ T5492]  dump_stack_lvl+0x188/0x250
[   93.403390][ T5492]  ? kobject_uevent_env+0x371/0x890
[   93.408712][ T5492]  ? show_regs_print_info+0x20/0x20
[   93.413934][ T5492]  ? load_image+0x400/0x400
[   93.418459][ T5492]  ? kobject_uevent_env+0x371/0x890
[   93.423763][ T5492]  gfs2_withdraw+0x1149/0x1490
[   93.428551][ T5492]  ? gfs2_lm+0x240/0x240
[   93.432810][ T5492]  ? gfs2_meta_ra+0x415/0x4d0
[   93.437498][ T5492]  ? gfs2_meta_buffer+0x310/0x310
[   93.442533][ T5492]  ? from_kuid_munged+0x6b0/0x6b0
[   93.447572][ T5492]  gfs2_metatype_check_ii+0x74/0x90
[   93.452806][ T5492]  gfs2_quota_init+0xca5/0xea0
[   93.457688][ T5492]  ? qd_get+0x5f0/0x5f0
[   93.461949][ T5492]  gfs2_make_fs_rw+0x414/0x580
[   93.466847][ T5492]  ? _raw_spin_unlock+0x24/0x40
[   93.471715][ T5492]  ? gfs2_glock_nq+0xcb0/0x1550
[   93.476643][ T5492]  ? gfs2_jdesc_check+0x290/0x290
[   93.481689][ T5492]  gfs2_reconfigure+0x7b1/0xd30
[   93.486567][ T5492]  ? gfs2_get_tree+0x1e0/0x1e0
[   93.491429][ T5492]  ? gfs2_freeze_lock+0x52/0xc0
[   93.496297][ T5492]  ? hook_sb_remount+0x19/0xc0
[   93.501073][ T5492]  reconfigure_super+0x219/0x8a0
[   93.506111][ T5492]  path_mount+0xd54/0x1030
[   93.510543][ T5492]  ? user_path_at_empty+0x13e/0x190
[   93.515753][ T5492]  __se_sys_mount+0x2e3/0x3d0
[   93.520449][ T5492]  ? __x64_sys_mount+0xc0/0xc0
[   93.525226][ T5492]  ? lockdep_hardirqs_on+0x94/0x140
[   93.530564][ T5492]  ? __x64_sys_mount+0x1c/0xc0
[   93.535348][ T5492]  do_syscall_64+0x4c/0xa0
[   93.535620][    T7] usb 5-1: Using ep0 maxpacket: 16
[   93.539775][ T5492]  ? clear_bhb_loop+0x30/0x80
[   93.549550][ T5492]  ? clear_bhb_loop+0x30/0x80
[   93.554239][ T5492]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   93.560146][ T5492] RIP: 0033:0x7f81b224a629
[   93.564581][ T5492] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[   93.584266][ T5492] RSP: 002b:00007f81b04a4028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[   93.592693][ T5492] RAX: ffffffffffffffda RBX: 00007f81b24c3fa0 RCX: 00007f81b224a629
[   93.600675][ T5492] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000000
[   93.608807][ T5492] RBP: 00007f81b22e0b39 R08: 0000000000000000 R09: 0000000000000000
[   93.616794][ T5492] R10: 0000000002012024 R11: 0000000000000246 R12: 0000000000000000
[   93.624778][ T5492] R13: 00007f81b24c4038 R14: 00007f81b24c3fa0 R15: 00007fff9bbcf1b8
[   93.632870][ T5492]  </TASK>
[   93.638104][ T5492] gfs2: unable to remount read-write
[   93.651633][ T5489] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   93.664535][ T5503] loop0: detected capacity change from 0 to 32768
[   93.677044][ T5489] usb 3-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[   93.695920][    T7] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[   93.743734][ T5489] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   93.757490][    T7] usb 5-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[   93.772147][    T7] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   93.790164][ T5489] usb 3-1: config 0 descriptor??
[   93.791134][ T5503] JBD2: Ignoring recovery information on journal
[   93.810073][ T5516] loop1: detected capacity change from 0 to 32768
[   93.818636][    T7] usb 5-1: config 0 descriptor??
[   93.843145][ T5516] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 scanned by syz.1.498 (5516)
[   93.860528][    T7] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input15
[   93.884621][ T5516] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[   93.895091][ T5516] BTRFS info (device loop1): using free space tree
[   93.904008][ T5516] BTRFS info (device loop1): has skinny extents
[   93.938145][ T5503] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[   94.033593][   T26] audit: type=1800 audit(1771530013.482:14): pid=5503 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.500" name="file1" dev="loop0" ino=17058 res=0 errno=0
[   94.127889][ T3546] bcm5974 5-1:0.0: could not read from device
[   94.138870][ T5538] loop3: detected capacity change from 0 to 1024
[   94.163023][ T4185] ocfs2: Unmounting device (7,0) on (node local)
[   94.185694][    T7] bcm5974 5-1:0.0: could not read from device
[   94.194294][ T5516] BTRFS info (device loop1): enabling ssd optimizations
[   94.215685][ T3546] bcm5974 5-1:0.0: could not read from device
[   94.257904][    T7] input: failed to attach handler mousedev to device input15, error: -5
[   94.312291][ T5489] lg-g15 0003:046D:C222.0003: unbalanced delimiter at end of report description
[   94.339314][    T7] usb 5-1: USB disconnect, device number 3
[   94.371384][ T5489] lg-g15: probe of 0003:046D:C222.0003 failed with error -22
[   94.530030][ T5489] usb 3-1: USB disconnect, device number 5
[   94.668659][ T5545] loop3: detected capacity change from 0 to 4096
[   94.855598][ T5555] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   95.049452][ T5488] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   95.093011][ T5560] loop3: detected capacity change from 0 to 256
[   95.125978][ T5560] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   95.201689][ T5560] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   95.305526][ T5488] usb 1-1: Using ep0 maxpacket: 16
[   95.317826][ T5550] loop4: detected capacity change from 0 to 32768
[   95.385622][ T5556] usb 3-1: new full-speed USB device number 6 using dummy_hcd
[   95.409004][ T5550] XFS (loop4): Mounting V5 Filesystem
[   95.425732][ T5488] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   95.445526][ T5488] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   95.498728][ T5488] usb 1-1: New USB device found, idVendor=056a, idProduct=0084, bcdDevice= 0.00
[   95.518539][ T5488] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.532098][ T5488] usb 1-1: config 0 descriptor??
[   95.532322][ T5550] XFS (loop4): Ending clean mount
[   95.598696][ T4196] XFS (loop4): Unmounting Filesystem
[   95.795717][ T5556] usb 3-1: config 8 has an invalid interface number: 177 but max is 0
[   95.795766][ T5489] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[   95.804458][ T5556] usb 3-1: config 8 has no interface number 0
[   95.817803][ T5556] usb 3-1: config 8 interface 177 altsetting 9 has an invalid endpoint with address 0xE8, skipping
[   95.828557][ T5556] usb 3-1: config 8 interface 177 altsetting 9 endpoint 0x87 has invalid wMaxPacketSize 0
[   95.838495][ T5556] usb 3-1: config 8 interface 177 has no altsetting 0
[   95.845260][ T5556] usb 3-1: New USB device found, idVendor=04d8, idProduct=fd08, bcdDevice=59.b1
[   95.854308][ T5556] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.877070][ T5564] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[   96.024143][ T5488] wacom 0003:056A:0084.0004: hidraw0: USB HID v0.00 Device [HID 056a:0084] on usb-dummy_hcd.0-1/input0
[   96.140610][ T5556] usb 3-1: string descriptor 0 read error: -71
[   96.148981][ T5556] ir_toy 3-1:8.177: required endpoints not found
[   96.169239][ T5556] usb 3-1: USB disconnect, device number 6
[   96.185805][ T5489] usb 4-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[   96.194867][ T5489] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   96.207686][ T5489] usb 4-1: config 0 descriptor??
[   96.223302][ T5488] usb 1-1: USB disconnect, device number 4
[   96.595581][ T5489] usb 4-1: Cannot read MAC address
[   96.601175][ T5489] MOSCHIP usb-ethernet driver: probe of 4-1:0.0 failed with error -71
[   96.617821][ T5489] usb 4-1: USB disconnect, device number 4
[   97.085902][ T5579] loop2: detected capacity change from 0 to 32768
[   97.198466][ T5579] JBD2: Ignoring recovery information on journal
[   97.412530][ T5579] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[   97.463612][ T5605] loop1: detected capacity change from 0 to 1024
[   97.543171][   T26] audit: type=1800 audit(1771530016.992:15): pid=5579 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.511" name="file1" dev="loop2" ino=17058 res=0 errno=0
[   97.579602][ T5591] loop0: detected capacity change from 0 to 32768
[   97.582130][ T5605] EXT4-fs (loop1): inline encryption not supported
[   97.627585][ T5605] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   97.676538][ T4197] Bluetooth: hci4: link tx timeout
[   97.682242][ T4197] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[   97.693143][ T4197] Bluetooth: hci4: link tx timeout
[   97.698811][ T4197] Bluetooth: hci4: killing stalled connection 11:aa:aa:aa:aa:aa
[   97.775293][ T4186] ocfs2: Unmounting device (7,2) on (node local)
[   97.813387][ T5591] XFS (loop0): Mounting V5 Filesystem
[   97.916728][ T5605] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,inlinecrypt,noauto_da_alloc,data_err=ignore,nojournal_checksum,errors=remount-ro,grpquota,noblock_validity,user_xattr,noauto_da_alloc,errors=remount-ro,. Quota mode: writeback.
[   98.036898][ T5623] loop2: detected capacity change from 0 to 1024
[   98.089591][ T5591] XFS (loop0): Ending clean mount
[   98.203366][ T5626] loop3: detected capacity change from 0 to 256
[   98.219382][ T4185] XFS (loop0): Unmounting Filesystem
[   98.304922][ T5626] FAT-fs (loop3): Directory bread(block 64) failed
[   98.345485][ T5626] FAT-fs (loop3): Directory bread(block 65) failed
[   98.352120][ T5626] FAT-fs (loop3): Directory bread(block 66) failed
[   98.395918][ T5626] FAT-fs (loop3): Directory bread(block 67) failed
[   98.425776][ T5626] FAT-fs (loop3): Directory bread(block 68) failed
[   98.432341][ T5626] FAT-fs (loop3): Directory bread(block 69) failed
[   98.500937][ T5626] FAT-fs (loop3): Directory bread(block 70) failed
[   98.528618][ T5626] FAT-fs (loop3): Directory bread(block 71) failed
[   98.557915][ T5626] FAT-fs (loop3): Directory bread(block 72) failed
[   98.572510][ T5626] FAT-fs (loop3): Directory bread(block 73) failed
[   99.115588][ T4274] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   99.495688][ T4274] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   99.505948][ T4274] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[   99.585753][ T4274] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   99.594819][ T4274] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   99.602914][ T4274] usb 1-1: SerialNumber: syz
[   99.735536][ T5554] Bluetooth: hci4: command 0x0406 tx timeout
[   99.888015][ T4274] usb 1-1: 0:2 : does not exist
[   99.930493][ T4274] usb 1-1: USB disconnect, device number 5
[  100.166446][ T4177] udevd[4177]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  100.618806][ T5640] loop2: detected capacity change from 0 to 40427
[  100.631237][ T5643] loop1: detected capacity change from 0 to 128
[  100.681651][ T5646] loop0: detected capacity change from 0 to 32768
[  100.720894][ T5646] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  100.729175][ T5646] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  100.739093][ T5643] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  100.760898][ T5643] ext4 filesystem being mounted at /105/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  100.766395][ T5640] F2FS-fs (loop2): invalid crc value
[  100.794512][ T5646] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  100.810698][ T5488] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  100.834518][ T5488] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  100.891550][ T5640] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  100.932650][ T5488] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 98ms
[  100.943245][ T5640] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0
[  100.949946][ T5640] F2FS-fs (loop2): Cannot turn on quotas: -2 on 2
[  100.957431][ T5640] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  100.961610][ T5488] gfs2: fsid=syz:syz.0: jid=0: Done
[  101.033006][ T5646] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  101.110037][ T5646] gfs2: fsid=syz:syz.0: fatal: invalid metadata block
[  101.110037][ T5646]   bh = 2051 (type: exp=14, found=8)
[  101.110037][ T5646]   function = gfs2_quota_init, file = fs/gfs2/quota.c, line = 1406
[  101.129955][ T5646] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  101.137689][ T5646] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  101.146537][ T5646] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  101.154464][ T5646] gfs2: fsid=syz:syz.0: File system withdrawn
[  101.160637][ T5646] CPU: 0 PID: 5646 Comm: syz.0.529 Not tainted syzkaller #0
[  101.167958][ T5646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  101.178027][ T5646] Call Trace:
[  101.181316][ T5646]  <TASK>
[  101.184257][ T5646]  dump_stack_lvl+0x188/0x250
[  101.188950][ T5646]  ? kobject_uevent_env+0x371/0x890
[  101.194178][ T5646]  ? show_regs_print_info+0x20/0x20
[  101.199394][ T5646]  ? load_image+0x400/0x400
[  101.203915][ T5646]  ? kobject_uevent_env+0x371/0x890
[  101.209138][ T5646]  gfs2_withdraw+0x1149/0x1490
[  101.213931][ T5646]  ? gfs2_lm+0x240/0x240
[  101.218186][ T5646]  ? gfs2_meta_ra+0x415/0x4d0
[  101.222887][ T5646]  ? gfs2_meta_buffer+0x310/0x310
[  101.227047][ T5643] fscrypt: Error allocating hmac(sha512): -4
[  101.227922][ T5646]  ? from_kuid_munged+0x6b0/0x6b0
[  101.227949][ T5646]  gfs2_metatype_check_ii+0x74/0x90
[  101.244109][ T5646]  gfs2_quota_init+0xca5/0xea0
[  101.248911][ T5646]  ? qd_get+0x5f0/0x5f0
[  101.253092][ T5646]  gfs2_make_fs_rw+0x414/0x580
[  101.258039][ T5646]  ? _raw_spin_unlock+0x24/0x40
[  101.262906][ T5646]  ? gfs2_glock_nq+0xcb0/0x1550
[  101.267770][ T5646]  ? gfs2_jdesc_check+0x290/0x290
[  101.272824][ T5646]  gfs2_reconfigure+0x7b1/0xd30
[  101.277703][ T5646]  ? gfs2_get_tree+0x1e0/0x1e0
[  101.282489][ T5646]  ? gfs2_freeze_lock+0x52/0xc0
[  101.287357][ T5646]  ? hook_sb_remount+0x19/0xc0
[  101.292136][ T5646]  reconfigure_super+0x219/0x8a0
[  101.297114][ T5646]  path_mount+0xd54/0x1030
[  101.301552][ T5646]  ? user_path_at_empty+0x13e/0x190
[  101.306773][ T5646]  __se_sys_mount+0x2e3/0x3d0
[  101.311466][ T5646]  ? __x64_sys_mount+0xc0/0xc0
[  101.316249][ T5646]  ? lockdep_hardirqs_on+0x94/0x140
[  101.321454][ T5646]  ? __x64_sys_mount+0x1c/0xc0
[  101.326231][ T5646]  do_syscall_64+0x4c/0xa0
[  101.330659][ T5646]  ? clear_bhb_loop+0x30/0x80
[  101.335346][ T5646]  ? clear_bhb_loop+0x30/0x80
[  101.340035][ T5646]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  101.346033][ T5646] RIP: 0033:0x7f32df8be629
[  101.350459][ T5646] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  101.370086][ T5646] RSP: 002b:00007f32ddb18028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  101.378541][ T5646] RAX: ffffffffffffffda RBX: 00007f32dfb37fa0 RCX: 00007f32df8be629
[  101.386512][ T5646] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000000
[  101.394472][ T5646] RBP: 00007f32df954b39 R08: 0000000000000000 R09: 0000000000000000
[  101.402453][ T5646] R10: 0000000002012024 R11: 0000000000000246 R12: 0000000000000000
[  101.410569][ T5646] R13: 00007f32dfb38038 R14: 00007f32dfb37fa0 R15: 00007ffc9972f5a8
[  101.418570][ T5646]  </TASK>
[  101.424363][ T5646] gfs2: unable to remount read-write
[  101.923551][ T5684] netlink: 4 bytes leftover after parsing attributes in process `syz.0.547'.
[  102.139994][ T5698] loop4: detected capacity change from 0 to 128
[  102.165001][ T5700] loop1: detected capacity change from 0 to 47
[  102.234879][ T5696] loop0: detected capacity change from 0 to 4096
[  102.294875][ T5696] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512)
[  102.429109][ T5704] loop4: detected capacity change from 0 to 128
[  102.645813][ T5701] chnl_net:caif_netlink_parms(): no params data found
[  102.779263][ T5718] netlink: 8 bytes leftover after parsing attributes in process `syz.0.560'.
[  102.860331][ T5701] bridge0: port 1(bridge_slave_0) entered blocking state
[  102.907133][ T5701] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.915391][ T5701] device bridge_slave_0 entered promiscuous mode
[  102.930930][ T5701] bridge0: port 2(bridge_slave_1) entered blocking state
[  102.938337][ T5701] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.946831][ T5701] device bridge_slave_1 entered promiscuous mode
[  102.971799][ T5701] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  102.999336][ T5701] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  103.087866][ T5701] team0: Port device team_slave_0 added
[  103.121603][ T5701] team0: Port device team_slave_1 added
[  103.187781][ T5701] batman_adv: batadv0: Adding interface: batadv_slave_0
[  103.194758][ T5701] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  103.251560][ T5701] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  103.277197][ T5701] batman_adv: batadv0: Adding interface: batadv_slave_1
[  103.294324][ T5701] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  103.322398][ T5714] loop4: detected capacity change from 0 to 32768
[  103.345495][ T5701] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  103.419085][ T5714] add_index: next_index = 0.  Resetting!
[  103.424763][ T5714] find_entry called with index >= next_index
[  103.454487][ T5701] device hsr_slave_0 entered promiscuous mode
[  103.461809][ T5714] find_entry called with index >= next_index
[  103.476133][ T5701] device hsr_slave_1 entered promiscuous mode
[  103.482721][ T5714] find_entry called with index >= next_index
[  103.493770][ T5701] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  103.497045][ T5714] find_entry called with index >= next_index
[  103.511723][ T5701] Cannot create hsr debugfs directory
[  103.521499][ T5729] loop1: detected capacity change from 0 to 32768
[  103.544346][ T5714] non-latin1 character 0x3ff found in JFS file name
[  103.556736][ T5714] mount with iocharset=utf8 to access
[  103.616006][ T5723] loop0: detected capacity change from 0 to 40427
[  103.637676][ T5729] (syz.1.567,5729,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  103.655841][ T5731] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  103.663552][ T5729] (syz.1.567,5729,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  103.684508][ T5723] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  103.709531][ T5723] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  103.722460][ T5731] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  103.794241][ T5729] JBD2: Ignoring recovery information on journal
[  103.811770][ T5723] F2FS-fs (loop0): invalid crc value
[  103.866417][ T5733] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  103.899588][ T5738] loop4: detected capacity change from 0 to 8
[  103.904854][ T5723] F2FS-fs (loop0): Found nat_bits in checkpoint
[  103.930250][ T5733] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  103.970118][ T5729] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  104.011163][ T5738] SQUASHFS error: Unable to read directory block [249:c]
[  104.016649][ T5723] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  104.041646][ T5723] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  104.204616][ T5701] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.257344][   T26] audit: type=1800 audit(1771530023.712:16): pid=5729 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.567" name="file1" dev="loop1" ino=16979 res=0 errno=0
[  104.295680][ T5556] Bluetooth: hci2: command 0x0409 tx timeout
[  104.425078][ T5729] (syz.1.567,5729,1):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -14
[  104.495662][ T5745] loop4: detected capacity change from 0 to 40427
[  104.529240][ T5701] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.564039][ T5745] F2FS-fs (loop4): invalid crc value
[  104.573578][ T4192] ocfs2: Unmounting device (7,1) on (node local)
[  104.641601][ T5745] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  104.690369][ T5745] F2FS-fs (loop4): Cannot turn on quotas: -2 on 0
[  104.697559][ T5745] F2FS-fs (loop4): Cannot turn on quotas: -2 on 2
[  104.705939][ T5745] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  104.753660][ T5701] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  104.894700][ T5701] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.189266][ T5701] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  105.236196][ T5701] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  105.269570][ T5701] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  105.299653][ T5701] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  105.475290][ T5701] 8021q: adding VLAN 0 to HW filter on device bond0
[  105.541024][ T5701] 8021q: adding VLAN 0 to HW filter on device team0
[  105.581689][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  105.600277][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  105.630337][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  105.646544][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  105.665782][  T154] bridge0: port 1(bridge_slave_0) entered blocking state
[  105.672877][  T154] bridge0: port 1(bridge_slave_0) entered forwarding state
[  105.686348][ T5750] loop1: detected capacity change from 0 to 40427
[  105.728030][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  105.743846][ T5750] F2FS-fs (loop1): build fault injection attr: rate: 690, type: 0x1ffff
[  105.754580][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  105.764083][ T5750] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x4
[  105.773266][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  105.783078][  T154] bridge0: port 2(bridge_slave_1) entered blocking state
[  105.790191][  T154] bridge0: port 2(bridge_slave_1) entered forwarding state
[  105.800075][ T5750] F2FS-fs (loop1): invalid crc value
[  105.805970][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  105.816749][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  105.833868][ T5750] F2FS-fs (loop1): Found nat_bits in checkpoint
[  105.873045][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  105.897953][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  105.927491][ T5754] loop0: detected capacity change from 0 to 32768
[  105.933295][ T5701] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  105.954849][ T5701] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  105.975832][ T5750] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  106.010160][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  106.064219][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  106.099654][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  106.109238][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  106.119437][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  106.129065][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  106.137676][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  106.138315][ T5754] XFS (loop0): Mounting V5 Filesystem
[  106.146091][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  106.164593][ T4192] attempt to access beyond end of device
[  106.164593][ T4192] loop1: rw=2049, want=45104, limit=40427
[  106.183512][ T5769] loop4: detected capacity change from 0 to 256
[  106.236266][ T5770] loop2: detected capacity change from 0 to 2048
[  106.324282][ T5754] XFS (loop0): Ending clean mount
[  106.361549][ T5754] XFS (loop0): Quotacheck needed: Please wait.
[  106.372136][ T5769] FAT-fs (loop4): Directory bread(block 64) failed
[  106.372987][ T5770] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  106.390204][ T5554] Bluetooth: hci2: command 0x041b tx timeout
[  106.420504][ T5769] FAT-fs (loop4): Directory bread(block 65) failed
[  106.450702][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  106.459776][ T5769] FAT-fs (loop4): Directory bread(block 66) failed
[  106.466790][ T5769] FAT-fs (loop4): Directory bread(block 67) failed
[  106.474815][ T5769] FAT-fs (loop4): Directory bread(block 68) failed
[  106.481914][ T5769] FAT-fs (loop4): Directory bread(block 69) failed
[  106.510183][ T5769] FAT-fs (loop4): Directory bread(block 70) failed
[  106.526118][ T5754] XFS (loop0): Quotacheck: Done.
[  106.537567][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  106.548778][ T5770] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1163: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  106.556315][ T5769] FAT-fs (loop4): Directory bread(block 71) failed
[  106.573412][ T5701] 8021q: adding VLAN 0 to HW filter on device batadv0
[  106.591233][ T5769] FAT-fs (loop4): Directory bread(block 72) failed
[  106.602771][ T5769] FAT-fs (loop4): Directory bread(block 73) failed
[  106.613304][ T5770] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 10 with max blocks 23 with error 28
[  106.679512][ T5770] EXT4-fs (loop2): This should not happen!! Data will be lost
[  106.679512][ T5770] 
[  106.732454][ T5770] EXT4-fs (loop2): Total free blocks count 0
[  106.738705][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  106.768068][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  106.782965][ T4185] XFS (loop0): Unmounting Filesystem
[  106.788584][ T5770] EXT4-fs (loop2): Free/Dirty block details
[  106.826654][ T5770] EXT4-fs (loop2): free_blocks=2415919504
[  106.850887][ T5770] EXT4-fs (loop2): dirty_blocks=48
[  106.859965][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  106.876467][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  106.912436][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  106.920471][ T5770] EXT4-fs (loop2): Block reservation details
[  106.940819][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  106.971581][ T5770] EXT4-fs (loop2): i_reserved_data_blocks=3
[  106.983825][ T5701] device veth0_vlan entered promiscuous mode
[  106.995074][ T5779] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  107.032074][ T5701] device veth1_vlan entered promiscuous mode
[  107.035613][ T5779] EXT4-fs (loop2): This should not happen!! Data will be lost
[  107.035613][ T5779] 
[  107.084150][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  107.114264][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  107.139092][ T5701] device veth0_macvtap entered promiscuous mode
[  107.157363][ T5701] device veth1_macvtap entered promiscuous mode
[  107.183730][ T5701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.201132][ T5701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.243147][ T5701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.261510][ T5701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.267174][ T5781] loop1: detected capacity change from 0 to 32768
[  107.271669][ T5701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.294810][ T5701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.344503][ T5701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.391841][ T5781] XFS (loop1): Mounting V5 Filesystem
[  107.393192][ T5701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.445829][ T5701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  107.466825][ T5781] XFS (loop1): Ending clean mount
[  107.535655][ T5701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.566462][ T5701] batman_adv: batadv0: Interface activated: batadv_slave_0
[  107.580223][ T5701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  107.591940][ T5701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.625216][ T5701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  107.641556][ T5785] add_index: next_index = 0.  Resetting!
[  107.649461][ T5785] find_entry called with index >= next_index
[  107.662024][ T5701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.662538][ T5785] find_entry called with index >= next_index
[  107.682791][ T5785] find_entry called with index >= next_index
[  107.691535][ T5785] find_entry called with index >= next_index
[  107.691599][ T5701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  107.720377][ T5785] non-latin1 character 0x3ff found in JFS file name
[  107.729612][ T5701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.740820][ T5785] mount with iocharset=utf8 to access
[  107.775543][ T5701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  107.795185][ T5701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.805843][ T5701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  107.816603][ T5701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  107.816883][ T5796] mmap: syz.4.585 (5796) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  107.828045][ T5701] batman_adv: batadv0: Interface activated: batadv_slave_1
[  107.847706][ T4192] XFS (loop1): Unmounting Filesystem
[  107.929557][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  107.953440][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  108.025329][ T5800] hub 9-0:1.0: USB hub found
[  108.038730][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  108.049192][ T5800] hub 9-0:1.0: 1 port detected
[  108.066353][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  108.097830][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  108.116078][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  108.147691][ T5701] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  108.174041][ T5701] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  108.195842][ T5701] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  108.204627][ T5701] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  108.295769][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.303701][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.342580][  T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  108.357619][  T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  108.424307][ T5802] set_capacity_and_notify: 1 callbacks suppressed
[  108.424323][ T5802] loop0: detected capacity change from 0 to 40427
[  108.443402][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  108.452984][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  108.525119][ T5802] F2FS-fs (loop0): invalid crc value
[  108.530663][ T1111] Bluetooth: hci2: command 0x040f tx timeout
[  108.578341][ T5802] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  108.630048][ T5802] F2FS-fs (loop0): Cannot turn on quotas: -2 on 0
[  108.637169][ T5802] F2FS-fs (loop0): Cannot turn on quotas: -2 on 2
[  108.645244][ T5802] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  109.025331][ T5821] loop3: detected capacity change from 0 to 4096
[  109.065909][ T5821] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512)
[  109.781913][ T5830] loop3: detected capacity change from 0 to 32768
[  109.958578][ T5830] XFS (loop3): Mounting V5 Filesystem
[  110.036851][ T5830] XFS (loop3): Ending clean mount
[  110.047426][ T5834] loop1: detected capacity change from 0 to 4096
[  110.108694][ T5834] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512)
[  110.226225][ T5701] XFS (loop3): Unmounting Filesystem
[  110.243801][ T5848] loop4: detected capacity change from 0 to 128
[  110.277802][ T5849] bridge0: Caught tx_queue_len zero misconfig
[  110.518375][ T5854] lo: Caught tx_queue_len zero misconfig
[  110.617483][ T1111] Bluetooth: hci2: command 0x0419 tx timeout
[  110.793907][ T5865] loop4: detected capacity change from 0 to 8
[  110.997142][ T5872] hub 9-0:1.0: USB hub found
[  111.014599][ T5872] hub 9-0:1.0: 1 port detected
[  111.030347][ T5874] device vlan2 entered promiscuous mode
[  111.068458][ T5880] loop4: detected capacity change from 0 to 256
[  111.085780][ T5874] device wlan0 entered promiscuous mode
[  111.087746][ T5876] loop0: detected capacity change from 0 to 1024
[  111.157070][ T5880] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ab87c, utbl_chksum : 0xe619d30d)
[  111.326987][ T4251] hfsplus: b-tree write err: -5, ino 4
[  111.576872][ T5898] loop2: detected capacity change from 0 to 512
[  111.671580][ T5900] loop0: detected capacity change from 0 to 8
[  111.746366][ T5900] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  111.768600][ T4486] udevd[4486]: incorrect cramfs checksum on /dev/loop0
[  111.808961][ T4177] udevd[4177]: incorrect cramfs checksum on /dev/loop0
[  111.930650][ T5882] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.613 (5882)
[  111.943826][ T5906] skbuff: bad partial csum: csum=65506/2 headroom=162 headlen=65526
[  111.995612][ T5882] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  112.011268][ T5882] BTRFS info (device loop3): turning off barriers
[  112.021489][ T5882] BTRFS info (device loop3): disabling tree log
[  112.042313][ T5882] BTRFS info (device loop3): use zlib compression, level 3
[  112.112022][ T5882] BTRFS info (device loop3): using free space tree
[  112.174234][ T5882] BTRFS info (device loop3): has skinny extents
[  112.223509][ T5886] F2FS-fs (loop1): build fault injection attr: rate: 7, type: 0x1ffff
[  112.249677][    C0] F2FS-fs (loop1) : inject read IO error in f2fs_read_end_io of blk_update_request+0x876/0x1200
[  112.323177][ T5886] F2FS-fs (loop1) : inject kmalloc in f2fs_kmalloc of f2fs_fill_super+0x4480/0x6de0
[  112.342768][ T5886] F2FS-fs (loop1): Failed to initialize F2FS segment manager (-12)
[  112.465527][ T5489] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  112.743714][ T4251] hfsplus: b-tree write err: -5, ino 4
[  112.861306][ T5489] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  112.890125][ T5489] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  112.995906][ T5489] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  113.015221][ T5489] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  113.043066][ T5489] usb 1-1: SerialNumber: syz
[  113.357888][ T5489] usb 1-1: 0:2 : does not exist
[  113.425753][ T5489] usb 1-1: USB disconnect, device number 6
[  113.467320][ T5958] erofs: (device loop3): mounted with root inode @ nid 36.
[  113.502311][ T5958] binder: 5957:5958 ioctl c0306201 200000000240 returned -14
[  113.556642][ T5954] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  113.680307][ T4486] udevd[4486]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  113.822683][ T5962] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  113.870085][ T5960] set_capacity_and_notify: 5 callbacks suppressed
[  113.870101][ T5960] loop1: detected capacity change from 0 to 32768
[  113.932671][ T5960] add_index: next_index = 0.  Resetting!
[  113.962167][ T5960] find_entry called with index >= next_index
[  113.975691][ T5954] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  114.015984][ T5960] find_entry called with index >= next_index
[  114.022006][ T5960] find_entry called with index >= next_index
[  114.031552][ T5954] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  114.063060][ T5954] usb 3-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  114.079029][ T5960] find_entry called with index >= next_index
[  114.094507][ T5954] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.103879][ T5971] loop3: detected capacity change from 0 to 8
[  114.124663][ T5960] non-latin1 character 0x3ff found in JFS file name
[  114.133551][ T5973] hub 9-0:1.0: USB hub found
[  114.134535][ T5954] usb 3-1: config 0 descriptor??
[  114.142440][ T4177] udevd[4177]: incorrect cramfs checksum on /dev/loop3
[  114.147268][ T5960] mount with iocharset=utf8 to access
[  114.158073][ T5971] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  114.175262][ T5973] hub 9-0:1.0: 1 port detected
[  114.250084][ T5975] loop4: detected capacity change from 0 to 8192
[  114.307647][ T5975] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  114.471278][ T5983] netlink: 4 bytes leftover after parsing attributes in process `syz.0.646'.
[  114.659092][ T5954] hid-steam 0003:28DE:1142.0005: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.2-1/input0
[  114.708032][ T5954] hid-steam 0003:28DE:1142.0006: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.2-1/input0
[  114.749750][ T5983] team0 (unregistering): Port device team_slave_0 removed
[  114.805682][ T5954] hid-steam 0003:28DE:1142.0005: Steam wireless receiver connected
[  114.816439][ T5983] team0 (unregistering): Port device team_slave_1 removed
[  114.846430][  T263] block nbd0: Possible stuck request ffff888021358000: control (read@0,4096B). Runtime 30 seconds
[  114.961863][ T5547] usb 3-1: USB disconnect, device number 7
[  115.005271][ T5547] hid-steam 0003:28DE:1142.0005: Steam wireless receiver disconnected
[  115.137659][ T5985] loop1: detected capacity change from 0 to 32768
[  115.159047][ T5985] XFS: attr2 mount option is deprecated.
[  115.250057][ T5981] loop3: detected capacity change from 0 to 40427
[  115.282877][ T5985] XFS (loop1): Mounting V5 Filesystem
[  115.284899][ T5989] loop4: detected capacity change from 0 to 32768
[  115.313550][ T5981] F2FS-fs (loop3): Invalid SB checksum offset: 0
[  115.362273][ T5989] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.649 (5989)
[  115.387573][ T5981] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  115.401178][ T5989] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  115.412867][ T5981] F2FS-fs (loop3): invalid crc value
[  115.413043][ T5989] BTRFS info (device loop4): enabling auto defrag
[  115.426515][ T5989] BTRFS info (device loop4): use no compression
[  115.433474][ T5989] BTRFS info (device loop4): force clearing of disk cache
[  115.445588][ T5985] XFS (loop1): Ending clean mount
[  115.451738][ T5989] BTRFS info (device loop4): max_inline at 4096
[  115.467042][ T5989] BTRFS info (device loop4): disabling free space tree
[  115.475229][ T5985] XFS (loop1): Quotacheck needed: Please wait.
[  115.527817][ T5981] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  115.551027][ T5989] BTRFS info (device loop4): has skinny extents
[  115.618018][ T5981] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[  115.628848][ T5985] XFS (loop1): Quotacheck: Done.
[  115.628880][ T5981] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  115.749215][ T4192] XFS (loop1): Unmounting Filesystem
[  115.765753][ T5989] BTRFS info (device loop4): enabling ssd optimizations
[  115.788816][ T5989] BTRFS info (device loop4): clearing free space tree
[  115.796850][ T5989] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  115.807110][ T5489] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  115.831583][ T5989] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  115.879069][ T5701] attempt to access beyond end of device
[  115.879069][ T5701] loop3: rw=2049, want=45104, limit=40427
[  116.165762][ T5489] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  116.182319][ T4177] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 11 /dev/loop4 scanned by udevd (4177)
[  116.206049][ T5489] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  116.285740][ T5489] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  116.305124][ T5489] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  116.315255][ T5489] usb 3-1: SerialNumber: syz
[  116.627857][ T5489] usb 3-1: 0:2 : does not exist
[  116.674745][ T5489] usb 3-1: USB disconnect, device number 8
[  116.742797][ T6030] loop3: detected capacity change from 0 to 32768
[  116.778676][ T6030] add_index: next_index = 0.  Resetting!
[  116.784477][ T6030] find_entry called with index >= next_index
[  116.790950][ T6030] find_entry called with index >= next_index
[  116.797592][ T6030] find_entry called with index >= next_index
[  116.803719][ T6030] find_entry called with index >= next_index
[  116.814856][ T6030] non-latin1 character 0x3ff found in JFS file name
[  116.821867][ T6030] mount with iocharset=utf8 to access
[  116.925997][ T5956] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  117.224538][ T6040] loop4: detected capacity change from 0 to 4096
[  117.234190][ T6043] loop2: detected capacity change from 0 to 8
[  117.266292][ T6043] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  117.286508][ T6040] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512)
[  117.292669][ T4177] udevd[4177]: incorrect cramfs checksum on /dev/loop2
[  117.317102][ T5956] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  117.349071][ T4177] udevd[4177]: incorrect cramfs checksum on /dev/loop2
[  117.350463][ T5956] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.427843][ T5956] usb 2-1: config 0 descriptor??
[  117.460650][ T6047] loop0: detected capacity change from 0 to 8192
[  117.476820][ T5956] cp210x 2-1:0.0: cp210x converter detected
[  117.555884][ T6047] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  118.023118][ T6049] XFS: attr2 mount option is deprecated.
[  118.048944][ T6053] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.663 (6053)
[  118.078240][ T6053] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  118.087267][ T5950] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  118.095313][ T6053] BTRFS info (device loop4): turning off barriers
[  118.114637][ T6049] XFS (loop3): Mounting V5 Filesystem
[  118.125180][ T6053] BTRFS info (device loop4): disabling tree log
[  118.132005][ T6053] BTRFS info (device loop4): use zlib compression, level 3
[  118.135657][ T5956] cp210x 2-1:0.0: failed to get vendor val 0x000e size 678: -71
[  118.145627][ T6053] BTRFS info (device loop4): using free space tree
[  118.147375][ T5956] cp210x 2-1:0.0: GPIO initialisation failed: -71
[  118.163608][ T5956] usb 2-1: cp210x converter now attached to ttyUSB0
[  118.180899][ T5956] usb 2-1: USB disconnect, device number 4
[  118.183020][ T6053] BTRFS info (device loop4): has skinny extents
[  118.191752][ T5956] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  118.204428][ T5956] cp210x 2-1:0.0: device disconnected
[  118.261990][ T6049] XFS (loop3): Ending clean mount
[  118.274516][ T6049] XFS (loop3): Quotacheck needed: Please wait.
[  118.343202][ T6049] XFS (loop3): Quotacheck: Done.
[  118.396194][ T5701] XFS (loop3): Unmounting Filesystem
[  118.507406][ T5950] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  118.527679][ T5950] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  118.615773][ T5950] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  118.632642][ T5950] usb 1-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  118.651108][ T5950] usb 1-1: Manufacturer: syz
[  118.693020][ T5950] usb 1-1: config 0 descriptor??
[  119.178221][ T6106] input: syz1 as /devices/virtual/input/input19
[  119.210297][ T6108] block nbd4: NBD_DISCONNECT
[  119.388327][ T6112] block nbd3: NBD_DISCONNECT
[  119.586531][ T6119] set_capacity_and_notify: 2 callbacks suppressed
[  119.586546][ T6119] loop4: detected capacity change from 0 to 2048
[  119.656600][ T5950] uclogic 0003:256C:006D.0007: failed retrieving Huion firmware version: -71
[  119.672087][ T5950] uclogic 0003:256C:006D.0007: failed probing parameters: -71
[  119.687839][ T5950] uclogic: probe of 0003:256C:006D.0007 failed with error -71
[  119.709410][ T5950] usb 1-1: USB disconnect, device number 7
[  119.753766][ T6119] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  119.774836][ T6119] ext4 filesystem being mounted at /152/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  119.939225][ T6122] loop3: detected capacity change from 0 to 32768
[  119.981519][ T6122] (syz.3.678,6122,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  120.015824][ T6122] (syz.3.678,6122,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  120.067713][ T6122] JBD2: Ignoring recovery information on journal
[  120.124862][ T6122] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  120.313729][   T26] audit: type=1800 audit(1771530039.762:17): pid=6122 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.678" name="file1" dev="loop3" ino=16979 res=0 errno=0
[  120.348201][ T6122] (syz.3.678,6122,0):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -14
[  120.413430][ T5701] ocfs2: Unmounting device (7,3) on (node local)
[  120.872190][ T6129] loop1: detected capacity change from 0 to 32768
[  120.982926][ T6131] loop0: detected capacity change from 0 to 32768
[  121.017057][ T6129] add_index: next_index = 0.  Resetting!
[  121.022737][ T6129] find_entry called with index >= next_index
[  121.040110][ T6129] find_entry called with index >= next_index
[  121.046332][ T6131] XFS: attr2 mount option is deprecated.
[  121.076305][ T6129] find_entry called with index >= next_index
[  121.082448][ T6129] find_entry called with index >= next_index
[  121.110391][ T6129] non-latin1 character 0x3ff found in JFS file name
[  121.128068][ T6131] XFS (loop0): Mounting V5 Filesystem
[  121.236285][ T6129] mount with iocharset=utf8 to access
[  121.354860][ T6174] loop9: detected capacity change from 0 to 7
[  121.378170][ T6131] XFS (loop0): Ending clean mount
[  121.389025][ T6131] XFS (loop0): Quotacheck needed: Please wait.
[  121.404558][ T6174]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[  121.424787][ T6174] loop9: partition table partially beyond EOD, truncated
[  121.524716][ T6174] loop9: p1 size 2437361653 extends beyond EOD, truncated
[  121.576857][ T6131] XFS (loop0): Quotacheck: Done.
[  121.689984][ T6170] loop4: detected capacity change from 0 to 32768
[  121.752925][ T6185] loop2: detected capacity change from 0 to 128
[  121.761022][ T6170] (syz.4.695,6170,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  121.807228][ T6170] (syz.4.695,6170,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  121.830897][ T6185] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  121.840829][ T4185] XFS (loop0): Unmounting Filesystem
[  121.842853][ T4177] udevd[4177]: inotify_add_watch(7, /dev/loop9p1, 10) failed: No such file or directory
[  121.921747][ T6185] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  121.936758][ T6170] JBD2: Ignoring recovery information on journal
[  122.049204][ T6170] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  122.204062][   T26] audit: type=1800 audit(1771530041.652:18): pid=6170 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.695" name="file1" dev="loop4" ino=16979 res=0 errno=0
[  122.212939][ T6170] (syz.4.695,6170,1):ocfs2_dio_end_io:2428 ERROR: Direct IO failed, bytes = -14
[  122.373630][ T6194] loop2: detected capacity change from 0 to 47
[  122.415538][ T6184] loop1: detected capacity change from 0 to 32768
[  122.419441][ T4196] ocfs2: Unmounting device (7,4) on (node local)
[  122.495947][ T6184] (syz.1.701,6184,1):ocfs2_verify_userspace_stack:855 ERROR: cluster stack passed to mount, but this filesystem does not support it
[  122.536423][ T6184] (syz.1.701,6184,1):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 70
[  122.575897][ T6184] (syz.1.701,6184,1):ocfs2_fill_super:1177 ERROR: status = -22
[  123.022702][ T6191] loop3: detected capacity change from 0 to 40427
[  123.034607][ T6213] team0: Caught tx_queue_len zero misconfig
[  123.080863][ T6191] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x1ffff
[  123.109929][ T6215] hub 1-0:1.0: USB hub found
[  123.126653][ T6191] F2FS-fs (loop3): invalid crc value
[  123.129885][ T6215] hub 1-0:1.0: 1 port detected
[  123.173311][ T6191] F2FS-fs (loop3): Found nat_bits in checkpoint
[  123.346961][ T6191] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  123.496050][ T6218] attempt to access beyond end of device
[  123.496050][ T6218] loop3: rw=2049, want=45112, limit=40427
[  123.695669][ T5950] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  124.031122][ T6235] F2FS-fs (loop1): build fault injection attr: rate: 771, type: 0x1ffff
[  124.073250][ T6235] F2FS-fs (loop1): invalid crc value
[  124.115755][ T5950] usb 1-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32
[  124.139367][ T6235] F2FS-fs (loop1): Found nat_bits in checkpoint
[  124.159021][ T5950] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.171380][ T6252] input: syz1 as /devices/virtual/input/input20
[  124.228791][ T5950] usb 1-1: config 0 descriptor??
[  124.283560][ T5950] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  124.384977][ T6235] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  124.467946][ T6260] exfat: Deprecated parameter 'utf8'
[  124.479474][ T6260] exfat: Deprecated parameter 'utf8'
[  124.486800][ T5950] gp8psk: usb in 128 operation failed.
[  124.488406][ T6247] attempt to access beyond end of device
[  124.488406][ T6247] loop1: rw=2049, want=45112, limit=40427
[  124.525737][ T5950] gp8psk: usb in 137 operation failed.
[  124.531358][ T5950] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  124.562557][ T6260] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  124.576060][ T5950] dvbdev: DVB: registering new adapter (Genpix SkyWalker-1 DVB-S receiver)
[  124.584918][ T5950] usb 1-1: media controller created
[  124.654775][ T5950] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  124.741779][ T5950] gp8psk_fe: Frontend attached
[  124.758344][ T5950] usb 1-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)...
[  124.774313][ T5950] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered.
[  125.225815][ T5950] gp8psk: usb in 137 operation failed.
[  125.231703][ T5950] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully initialized and connected.
[  125.233685][ T6286] set_capacity_and_notify: 3 callbacks suppressed
[  125.233702][ T6286] loop2: detected capacity change from 0 to 2048
[  125.275889][ T5950] gp8psk: found Genpix USB device pID = 203 (hex)
[  125.308452][ T5950] usb 1-1: USB disconnect, device number 8
[  125.339347][ T6286] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  125.469258][ T5950] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully deinitialized and disconnected.
[  125.673576][ T6296] loop2: detected capacity change from 0 to 256
[  125.732132][ T6296] exfat: Deprecated parameter 'utf8'
[  125.764821][ T6296] exfat: Deprecated parameter 'utf8'
[  125.830650][ T6296] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  126.100596][ T6316] loop1: detected capacity change from 0 to 2048
[  126.155580][ T6316] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  126.815505][ T5950] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  127.225697][ T5950] usb 3-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32
[  127.234865][ T5950] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.244831][ T5950] usb 3-1: config 0 descriptor??
[  127.287252][ T5950] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  127.505698][ T5950] gp8psk: usb in 128 operation failed.
[  127.555578][ T5950] gp8psk: usb in 137 operation failed.
[  127.561050][ T5950] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  127.585896][ T5950] dvbdev: DVB: registering new adapter (Genpix SkyWalker-1 DVB-S receiver)
[  127.594554][ T5950] usb 3-1: media controller created
[  127.606263][ T5950] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  127.618750][ T5950] gp8psk_fe: Frontend attached
[  127.624236][ T5950] usb 3-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)...
[  127.632385][ T5950] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered.
[  127.955657][ T5950] gp8psk: usb in 137 operation failed.
[  127.961150][ T5950] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully initialized and connected.
[  127.970700][ T5950] gp8psk: found Genpix USB device pID = 203 (hex)
[  128.003077][ T5950] usb 3-1: USB disconnect, device number 9
[  128.034274][ T5950] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully deinitialized and disconnected.
[  128.521568][ T6372] loop1: detected capacity change from 0 to 512
[  128.577187][ T6372] EXT4-fs (loop1): inline encryption not supported
[  128.691362][ T6372] EXT4-fs (loop1): 1 orphan inode deleted
[  128.701434][ T6372] EXT4-fs (loop1): mounted filesystem without journal. Opts: nombcache,inlinecrypt,usrquota,jqfmt=vfsv1,jqfmt=vfsv0,delalloc,journal_dev=0x000000000000844d,debug_want_extra_isize=0x000000000000005c,i_version,,errors=continue. Quota mode: writeback.
[  128.768603][ T6388] netlink: 64 bytes leftover after parsing attributes in process `syz.3.791'.
[  128.791028][ T6372] EXT4-fs (loop1): shut down requested (2)
[  128.991440][ T6394] netlink: 60 bytes leftover after parsing attributes in process `syz.4.799'.
[  129.009431][ T6394] netlink: 60 bytes leftover after parsing attributes in process `syz.4.799'.
[  129.041583][ T6394] netlink: 60 bytes leftover after parsing attributes in process `syz.4.799'.
[  129.081872][ T6394] netlink: 60 bytes leftover after parsing attributes in process `syz.4.799'.
[  129.154031][ T6398] input: syz1 as /devices/virtual/input/input21
[  129.282974][ T6377] loop2: detected capacity change from 0 to 32768
[  129.322593][ T6404] loop3: detected capacity change from 0 to 128
[  129.330427][ T6377] XFS: attr2 mount option is deprecated.
[  129.376178][ T6405] netlink: 'syz.4.813': attribute type 29 has an invalid length.
[  129.383980][ T6405] netlink: 'syz.4.813': attribute type 29 has an invalid length.
[  129.413668][ T6377] XFS (loop2): Mounting V5 Filesystem
[  129.479738][ T6404] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  129.644468][ T6404] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  129.693231][ T6418] netlink: 4 bytes leftover after parsing attributes in process `syz.1.803'.
[  129.697497][ T6377] XFS (loop2): Ending clean mount
[  129.731892][ T6377] XFS (loop2): Quotacheck needed: Please wait.
[  129.813605][ T6377] XFS (loop2): Quotacheck: Done.
[  129.880589][ T6418] team0 (unregistering): Port device team_slave_0 removed
[  129.896225][ T4265] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  129.974250][ T6418] team0 (unregistering): Port device team_slave_1 removed
[  129.994281][ T4186] XFS (loop2): Unmounting Filesystem
[  130.313892][ T4265] usb 5-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32
[  130.329952][ T4265] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  130.351560][ T4265] usb 5-1: config 0 descriptor??
[  130.389735][ T6433] loop1: detected capacity change from 0 to 1764
[  130.407454][ T4265] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  130.599504][ T6445] loop2: detected capacity change from 0 to 8
[  130.635786][ T4265] gp8psk: usb in 128 operation failed.
[  130.661965][ T6445] SQUASHFS error: Failed to read block 0x636: -5
[  130.675801][ T4265] gp8psk: usb in 137 operation failed.
[  130.681330][ T4265] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  130.690536][ T6445] SQUASHFS error: Unable to read metadata cache entry [634]
[  130.735884][ T4265] dvbdev: DVB: registering new adapter (Genpix SkyWalker-1 DVB-S receiver)
[  130.756046][ T4265] usb 5-1: media controller created
[  130.798903][ T4265] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  130.850315][ T4265] gp8psk_fe: Frontend attached
[  130.855164][ T4265] usb 5-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)...
[  130.879274][ T6454] loop2: detected capacity change from 0 to 128
[  130.892146][ T4265] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered.
[  130.942960][ T6454] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  130.977276][ T6454] hpfs: filesystem error: improperly stopped
[  131.006136][ T6454] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  131.026172][ T6454] hpfs: You really don't want any checks? You are crazy...
[  131.044970][ T6454] hpfs: hpfs_map_sector(): read error
[  131.080245][ T6454] hpfs: code page support is disabled
[  131.091526][ T6454] hpfs: hpfs_map_4sectors(): unaligned read
[  131.114747][ T6454] hpfs: hpfs_map_4sectors(): unaligned read
[  131.130500][ T6454] hpfs: filesystem error: unable to find root dir
[  131.298751][ T6459] netlink: 4 bytes leftover after parsing attributes in process `syz.2.821'.
[  131.300425][ T4265] gp8psk: usb in 137 operation failed.
[  131.333921][ T4265] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully initialized and connected.
[  131.344239][ T4265] gp8psk: found Genpix USB device pID = 203 (hex)
[  131.363218][ T4265] usb 5-1: USB disconnect, device number 4
[  131.417834][ T6451] loop3: detected capacity change from 0 to 32768
[  131.454929][ T6451] XFS: attr2 mount option is deprecated.
[  131.462500][ T6459] team0 (unregistering): Port device team_slave_0 removed
[  131.494242][ T6459] team0 (unregistering): Port device team_slave_1 removed
[  131.542069][ T4265] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully deinitialized and disconnected.
[  131.607138][ T6451] XFS (loop3): Mounting V5 Filesystem
[  131.775847][ T6451] XFS (loop3): Ending clean mount
[  131.787291][ T6451] XFS (loop3): Quotacheck needed: Please wait.
[  131.874088][ T6451] XFS (loop3): Quotacheck: Done.
[  131.983894][ T5701] XFS (loop3): Unmounting Filesystem
[  132.249067][ T6488] loop4: detected capacity change from 0 to 512
[  132.393420][ T6488] EXT4-fs (loop4): mounted filesystem without journal. Opts: noauto_da_alloc,init_itable=0x0000000000000006,barrier=0x000000000000008e,bsddf,errors=remount-ro,init_itable,auto_da_alloc=0x00000000000000eb,quota,. Quota mode: writeback.
[  132.467459][ T6488] ext4 filesystem being mounted at /182/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  132.546126][ T6488] EXT4-fs warning (device loop4): ext4_empty_dir:3156: inode #12: comm syz.4.830: directory missing '..'
[  132.768548][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  132.774876][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  132.873146][ T6509] netlink: 64 bytes leftover after parsing attributes in process `syz.4.836'.
[  132.972443][ T6517] input: syz1 as /devices/virtual/input/input23
[  133.009827][ T6520] loop3: detected capacity change from 0 to 16
[  133.071167][ T6520] erofs: (device loop3): mounted with root inode @ nid 36.
[  133.178363][ T6527] loop4: detected capacity change from 0 to 1024
[  133.251649][ T6531] netlink: 60 bytes leftover after parsing attributes in process `syz.1.850'.
[  133.284210][ T6531] netlink: 60 bytes leftover after parsing attributes in process `syz.1.850'.
[  133.439866][ T6539] loop1: detected capacity change from 0 to 8
[  133.503226][ T6541] loop3: detected capacity change from 0 to 512
[  133.565889][ T6539] SQUASHFS error: Failed to read block 0x636: -5
[  133.572259][ T6539] SQUASHFS error: Unable to read metadata cache entry [634]
[  133.609828][ T6541] EXT4-fs (loop3): inline encryption not supported
[  133.657542][ T6541] EXT4-fs (loop3): 1 orphan inode deleted
[  133.690733][ T6541] EXT4-fs (loop3): mounted filesystem without journal. Opts: nombcache,inlinecrypt,usrquota,jqfmt=vfsv1,jqfmt=vfsv0,delalloc,journal_dev=0x000000000000844d,debug_want_extra_isize=0x000000000000005c,i_version,,errors=continue. Quota mode: writeback.
[  133.726127][ T6550] loop2: detected capacity change from 0 to 64
[  133.753563][ T6541] EXT4-fs (loop3): shut down requested (2)
[  133.870053][   T26] audit: type=1804 audit(1771530053.322:19): pid=6550 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.856" name="/newroot/173/bus/file1" dev="loop2" ino=21 res=1 errno=0
[  133.895761][ T6103] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  134.093901][ T6560] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  134.136209][ T6103] usb 5-1: Using ep0 maxpacket: 8
[  134.140476][ T6560] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1163: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  134.162086][ T6560] EXT4-fs (loop2): 1 truncate cleaned up
[  134.184420][ T6560] EXT4-fs (loop2): mounted filesystem without journal. Opts: min_batch_time=0x0000000000000002,resuid=0x000000000000ee01,debug_want_extra_isize=0x000000000000002e,nombcache,quota,quota,,errors=continue. Quota mode: writeback.
[  134.220550][ T6560] EXT4-fs (loop2): shut down requested (1)
[  134.265786][ T6103] usb 5-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  134.279871][ T6103] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.312079][ T6560] EXT4-fs (loop2): re-mounted. Opts: (null). Quota mode: writeback.
[  134.367934][ T6103] pvrusb2: Hardware description: Terratec Grabster AV400
[  134.393772][ T6103] pvrusb2: **********
[  134.411177][ T6103] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  134.464195][ T6103] pvrusb2: Important functionality might not be entirely working.
[  134.484832][ T6103] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  134.504026][ T6103] pvrusb2: **********
[  134.595867][ T2422] pvrusb2: Invalid write control endpoint
[  134.726483][ T2422] pvrusb2: Invalid write control endpoint
[  134.738638][ T2422] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  134.786581][ T2422] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  134.836757][ T2422] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  134.887862][ T2422] pvrusb2: Device being rendered inoperable
[  134.925651][ T4265] usb 5-1: USB disconnect, device number 5
[  134.932692][ T2422] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[  134.965563][ T2422] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  134.988281][ T2422] pvrusb2: Attached sub-driver cx25840
[  135.027578][ T2422] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  135.056823][ T2422] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  135.156520][ T6583] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  135.283274][ T6587] EXT4-fs (loop0): Mount option "nouser_xattr" will be removed by 3.5
[  135.283274][ T6587] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  135.283274][ T6587] 
[  135.334247][ T6587] EXT4-fs (loop0): Ignoring removed orlov option
[  135.392870][ T6587] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a8158018, mo2=0002]
[  135.431713][ T6587] System zones: 0-1, 3-12
[  135.473249][ T6587] EXT4-fs (loop0): mounted filesystem without journal. Opts: resgid=0x000000000000ee00,bsddf,grpquota,nobarrier,nouser_xattr,orlov,debug,noauto_da_alloc,stripe=0x0000000000000002,,errors=continue. Quota mode: writeback.
[  135.874440][ T6608] set_capacity_and_notify: 4 callbacks suppressed
[  135.874455][ T6608] loop3: detected capacity change from 0 to 512
[  135.923249][ T6608] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  135.928132][ T6607] loop4: detected capacity change from 0 to 1764
[  135.985127][ T6608] EXT4-fs error (device loop3): mb_free_blocks:1876: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  136.007152][ T6608] EXT4-fs error (device loop3): ext4_do_update_inode:5222: inode #11: comm syz.3.881: corrupted inode contents
[  136.039182][ T6608] EXT4-fs error (device loop3): ext4_dirty_inode:6058: inode #11: comm syz.3.881: mark_inode_dirty error
[  136.104026][ T6608] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.881: invalid indirect mapped block 1 (level 1)
[  136.135591][ T4265] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  136.171465][ T6608] EXT4-fs error (device loop3): ext4_do_update_inode:5222: inode #11: comm syz.3.881: corrupted inode contents
[  136.215841][ T6608] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem
[  136.241796][ T6608] EXT4-fs error (device loop3): ext4_do_update_inode:5222: inode #11: comm syz.3.881: corrupted inode contents
[  136.270826][ T6608] EXT4-fs error (device loop3): ext4_truncate:4279: inode #11: comm syz.3.881: mark_inode_dirty error
[  136.297499][ T6608] EXT4-fs error (device loop3) in ext4_process_orphan:345: Corrupt filesystem
[  136.312935][ T6608] EXT4-fs (loop3): 1 truncate cleaned up
[  136.322486][ T6608] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  136.395588][ T4265] usb 1-1: Using ep0 maxpacket: 8
[  136.480228][ T6621] netlink: 'syz.4.884': attribute type 1 has an invalid length.
[  136.488203][ T6621] netlink: 'syz.4.884': attribute type 2 has an invalid length.
[  136.535204][ T4265] usb 1-1: config index 0 descriptor too short (expected 1307, got 27)
[  136.565470][ T4265] usb 1-1: config 0 has an invalid interface number: 0 but max is -1
[  136.573596][ T4265] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 0
[  136.622683][ T4265] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  136.652431][ T4265] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  136.875843][ T4265] usb 1-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=c3.de
[  136.889414][ T4265] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.906457][ T4265] usb 1-1: Product: syz
[  136.913287][ T6623] loop4: detected capacity change from 0 to 32768
[  136.915742][ T4265] usb 1-1: Manufacturer: syz
[  136.934586][ T4265] usb 1-1: SerialNumber: syz
[  136.951558][ T4265] usb 1-1: config 0 descriptor??
[  136.985617][ T6097] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  137.016388][ T4265] hub 1-1:0.0: bad descriptor, ignoring hub
[  137.023593][ T4265] hub: probe of 1-1:0.0 failed with error -5
[  137.050419][ T4265] input: syz syz as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input25
[  137.280935][ T6103] usb 1-1: USB disconnect, device number 9
[  137.346303][ T6097] usb 4-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32
[  137.356629][ T6097] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.376405][ T6097] usb 4-1: config 0 descriptor??
[  137.437191][ T6097] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  137.645588][ T6097] gp8psk: usb in 128 operation failed.
[  137.685663][ T6097] gp8psk: usb in 137 operation failed.
[  137.691171][ T6097] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  137.725288][ T6097] dvbdev: DVB: registering new adapter (Genpix SkyWalker-1 DVB-S receiver)
[  137.746280][ T6097] usb 4-1: media controller created
[  137.822769][ T6097] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  137.881600][ T6097] gp8psk_fe: Frontend attached
[  137.890289][ T6097] usb 4-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)...
[  137.912775][ T6097] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered.
[  138.126099][ T6656] loop0: detected capacity change from 0 to 64
[  138.314791][   T26] audit: type=1804 audit(1771530057.762:20): pid=6665 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.900" name="/newroot/158/bus/file1" dev="loop0" ino=21 res=1 errno=0
[  138.355874][ T6097] gp8psk: usb in 137 operation failed.
[  138.361732][ T6097] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully initialized and connected.
[  138.433335][ T6097] gp8psk: found Genpix USB device pID = 203 (hex)
[  138.455295][ T6667] loop1: detected capacity change from 0 to 64
[  138.483960][ T6097] usb 4-1: USB disconnect, device number 5
[  138.589052][   T26] audit: type=1804 audit(1771530058.042:21): pid=6667 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.916" name="/newroot/177/bus/file1" dev="loop1" ino=21 res=1 errno=0
[  138.667114][ T6097] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully deinitialized and disconnected.
[  138.735956][ T6679] __nla_validate_parse: 2 callbacks suppressed
[  138.735971][ T6679] netlink: 4 bytes leftover after parsing attributes in process `syz.2.909'.
[  139.325584][ T4174] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  139.595514][ T4174] usb 2-1: Using ep0 maxpacket: 8
[  139.715735][ T4174] usb 2-1: config index 0 descriptor too short (expected 1307, got 27)
[  139.724250][ T4174] usb 2-1: config 0 has an invalid interface number: 0 but max is -1
[  139.739631][ T4174] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 0
[  139.751133][ T4174] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  139.766951][ T4174] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  139.935702][ T4174] usb 2-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=c3.de
[  139.948407][ T4174] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.960481][ T4174] usb 2-1: Product: syz
[  139.964676][ T4174] usb 2-1: Manufacturer: syz
[  139.973660][ T4174] usb 2-1: SerialNumber: syz
[  139.985148][ T4174] usb 2-1: config 0 descriptor??
[  140.042368][ T4174] hub 2-1:0.0: bad descriptor, ignoring hub
[  140.055481][ T4174] hub: probe of 2-1:0.0 failed with error -5
[  140.071920][ T4174] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input26
[  140.160524][ T6704] loop3: detected capacity change from 0 to 64
[  140.279299][ T4174] usb 2-1: USB disconnect, device number 5
[  140.312461][   T26] audit: type=1804 audit(1771530059.762:22): pid=6704 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.921" name="/newroot/65/bus/file1" dev="loop3" ino=21 res=1 errno=0
[  140.448558][ T6706] loop3: detected capacity change from 0 to 2048
[  140.512990][ T6706] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  140.541166][ T6706] NILFS (loop3): mounting unchecked fs
[  140.556583][ T4177] udevd[4177]: incorrect nilfs2 checksum on /dev/loop3
[  140.612796][ T6706] NILFS (loop3): recovery complete
[  140.659043][ T6707] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  140.812087][ T6702] loop0: detected capacity change from 0 to 32768
[  140.854194][ T6701] loop2: detected capacity change from 0 to 32768
[  140.876780][ T6702] XFS: ikeep mount option is deprecated.
[  140.990673][ T6701] UFO tlock:0xffffc90002842168
[  141.024515][ T6709] loop1: detected capacity change from 0 to 4096
[  141.051021][ T6709] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512)
[  141.061682][ T6701] MetaData crosses page boundary!!
[  141.076362][ T6701] lblock = 6300000010, size  = -820051968
[  141.082137][ T6701] CPU: 0 PID: 6701 Comm: syz.2.922 Not tainted syzkaller #0
[  141.083767][ T6702] XFS (loop0): Mounting V5 Filesystem
[  141.089430][ T6701] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  141.089448][ T6701] Call Trace:
[  141.089456][ T6701]  <TASK>
[  141.089464][ T6701]  dump_stack_lvl+0x188/0x250
[  141.115773][ T6701]  ? show_regs_print_info+0x20/0x20
[  141.120988][ T6701]  ? load_image+0x400/0x400
[  141.125518][ T6701]  ? unlock_page+0x17c/0x1f0
[  141.130124][ T6701]  ? release_metapage+0x2f7/0xe10
[  141.135194][ T6701]  ? unlock_page+0x17c/0x1f0
[  141.139969][ T6701]  __get_metapage+0xbfa/0x1060
[  141.144751][ T6701]  dtSearch+0x5d5/0x2050
[  141.149004][ T6701]  ? asm_sysvec_apic_timer_interrupt+0x16/0x20
[  141.155202][ T6701]  dtDelete+0x123/0x2a40
[  141.159460][ T6701]  ? jfs_unlink+0x23d/0xa00
[  141.163981][ T6701]  ? preempt_schedule_thunk+0x16/0x18
[  141.169375][ T6701]  ? __mutex_lock_common+0x47c/0x2400
[  141.174764][ T6701]  ? dtInsertEntry+0x1270/0x1270
[  141.179742][ T6701]  ? _raw_spin_unlock+0x24/0x40
[  141.184603][ T6701]  ? txBegin+0x4b2/0x650
[  141.188872][ T6701]  jfs_unlink+0x297/0xa00
[  141.193225][ T6701]  ? jfs_link+0x650/0x650
[  141.197567][ T6701]  ? rwsem_write_trylock+0x135/0x1c0
[  141.202863][ T6701]  ? clear_nonspinnable+0x60/0x60
[  141.207906][ T6701]  ? bpf_lsm_inode_unlink+0x5/0x10
[  141.213025][ T6701]  ? security_inode_unlink+0xcb/0x110
[  141.218416][ T6701]  vfs_unlink+0x385/0x600
[  141.222777][ T6701]  do_unlinkat+0x391/0x710
[  141.227283][ T6701]  ? __virt_addr_valid+0x3c6/0x470
[  141.232411][ T6701]  ? fsnotify_link_count+0xf0/0xf0
[  141.237534][ T6701]  ? strncpy_from_user+0x1fb/0x360
[  141.242658][ T6701]  ? getname_flags+0x1fe/0x500
[  141.247435][ T6701]  __x64_sys_unlink+0x45/0x50
[  141.252126][ T6701]  do_syscall_64+0x4c/0xa0
[  141.256546][ T6701]  ? clear_bhb_loop+0x30/0x80
[  141.261226][ T6701]  ? clear_bhb_loop+0x30/0x80
[  141.265912][ T6701]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  141.271813][ T6701] RIP: 0033:0x7f792bd6d629
[  141.276232][ T6701] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  141.296106][ T6701] RSP: 002b:00007f7929fc7028 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[  141.304538][ T6701] RAX: ffffffffffffffda RBX: 00007f792bfe6fa0 RCX: 00007f792bd6d629
[  141.312525][ T6701] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040
[  141.320503][ T6701] RBP: 00007f792be03b39 R08: 0000000000000000 R09: 0000000000000000
[  141.328489][ T6701] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  141.336476][ T6701] R13: 00007f792bfe7038 R14: 00007f792bfe6fa0 R15: 00007ffeb61aef78
[  141.344574][ T6701]  </TASK>
[  141.361701][ T6701] bread failed!
[  141.366010][ T6701] jfs_unlink: dtDelete returned -5
[  141.375593][ T6701] ERROR: (device loop2): jfs_unlink: 
[  141.375593][ T6701] 
[  141.384080][ T6701] ERROR: (device loop2): remounting filesystem as read-only
[  141.464713][ T6711] loop3: detected capacity change from 0 to 32768
[  141.537896][ T6702] XFS (loop0): Ending clean mount
[  141.681769][ T4174] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  141.713618][ T4185] XFS (loop0): Unmounting Filesystem
[  141.975599][ T6097] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  142.111141][ T4174] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  142.132462][ T4174] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  142.156954][ T4174] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  142.194151][ T4174] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.276584][ T4174] hub 5-1:4.0: USB hub found
[  142.335766][ T6097] usb 2-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.32
[  142.345192][ T6097] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.378125][ T6097] usb 2-1: config 0 descriptor??
[  142.420239][ T6097] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  142.555791][ T4174] hub 5-1:4.0: 13 ports detected
[  142.561061][ T4174] usb 5-1: selecting invalid altsetting 1
[  142.561972][ T6743] loop2: detected capacity change from 0 to 2048
[  142.593064][ T4174] hub 5-1:4.0: Using single TT (err -22)
[  142.621702][ T4174] hub 5-1:4.0: insufficient power available to use all downstream ports
[  142.636327][ T6097] gp8psk: usb in 128 operation failed.
[  142.651459][ T6743] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  142.675842][ T6097] gp8psk: usb in 137 operation failed.
[  142.681417][ T6097] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  142.695618][ T6743] NILFS (loop2): mounting unchecked fs
[  142.705820][ T4178] udevd[4178]: incorrect nilfs2 checksum on /dev/loop2
[  142.735920][ T6097] dvbdev: DVB: registering new adapter (Genpix SkyWalker-1 DVB-S receiver)
[  142.765718][ T4174] hub 5-1:4.0: hub_hub_status failed (err = -71)
[  142.772634][ T4174] hub 5-1:4.0: config failed, can't get hub status (err -71)
[  142.775878][ T6097] usb 2-1: media controller created
[  142.795741][ T6743] NILFS (loop2): recovery complete
[  142.818375][ T6746] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  142.852813][ T6097] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  142.862922][ T6745] loop3: detected capacity change from 0 to 4096
[  142.876499][ T4174] usb 5-1: USB disconnect, device number 6
[  142.924607][ T6097] gp8psk_fe: Frontend attached
[  142.933356][ T6745] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512)
[  142.947041][ T6097] usb 2-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)...
[  142.973920][ T6097] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered.
[  143.057754][ T6748] loop0: detected capacity change from 0 to 1024
[  143.209294][  T144] hfsplus: b-tree write err: -5, ino 4
[  143.395758][ T6097] gp8psk: usb in 137 operation failed.
[  143.405921][ T6097] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully initialized and connected.
[  143.415404][ T6097] gp8psk: found Genpix USB device pID = 203 (hex)
[  143.429470][ T6760] loop4: detected capacity change from 0 to 1024
[  143.444777][ T6097] usb 2-1: USB disconnect, device number 6
[  143.534152][ T6097] dvb-usb: Genpix SkyWalker-1 DVB-S receiver successfully deinitialized and disconnected.
[  143.555051][ T6760] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  143.636874][ T6760] EXT4-fs (loop4): mounted filesystem without journal. Opts: user_xattr,nobarrier,norecovery,errors=remount-ro,grpid,. Quota mode: writeback.
[  143.668524][ T6760] EXT4-fs error (device loop4): htree_dirblock_to_tree:1112: inode #2: block 48: comm syz.4.945: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=16, rec_len=5, size=1024 fake=0
[  143.939167][ T6754] loop3: detected capacity change from 0 to 32768
[  144.019163][ T6754] UFO tlock:0xffffc90002842120
[  144.048914][ T6754] MetaData crosses page boundary!!
[  144.056766][ T6754] lblock = 6300000010, size  = -820051968
[  144.080391][ T6754] CPU: 1 PID: 6754 Comm: syz.3.942 Not tainted syzkaller #0
[  144.087825][ T6754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  144.097896][ T6754] Call Trace:
[  144.101187][ T6754]  <TASK>
[  144.104229][ T6754]  dump_stack_lvl+0x188/0x250
[  144.108928][ T6754]  ? show_regs_print_info+0x20/0x20
[  144.114145][ T6754]  ? load_image+0x400/0x400
[  144.118671][ T6754]  ? unlock_page+0x17c/0x1f0
[  144.123275][ T6754]  ? release_metapage+0x2f7/0xe10
[  144.128345][ T6754]  ? unlock_page+0x17c/0x1f0
[  144.133133][ T6754]  __get_metapage+0xbfa/0x1060
[  144.138109][ T6754]  dtSearch+0x5d5/0x2050
[  144.142401][ T6754]  dtDelete+0x123/0x2a40
[  144.146670][ T6754]  ? jfs_unlink+0x23d/0xa00
[  144.151180][ T6754]  ? __mutex_lock_common+0x465/0x2400
[  144.156556][ T6754]  ? dtInsertEntry+0x1270/0x1270
[  144.161507][ T6754]  ? _raw_spin_unlock+0x24/0x40
[  144.166350][ T6754]  ? txBegin+0x4b2/0x650
[  144.170591][ T6754]  jfs_unlink+0x297/0xa00
[  144.174916][ T6754]  ? jfs_link+0x650/0x650
[  144.179231][ T6754]  ? rwsem_write_trylock+0x135/0x1c0
[  144.184504][ T6754]  ? clear_nonspinnable+0x60/0x60
[  144.189520][ T6754]  ? bpf_lsm_inode_unlink+0x5/0x10
[  144.194618][ T6754]  ? security_inode_unlink+0xcb/0x110
[  144.199983][ T6754]  vfs_unlink+0x385/0x600
[  144.204314][ T6754]  do_unlinkat+0x391/0x710
[  144.208713][ T6754]  ? __virt_addr_valid+0x3c6/0x470
[  144.213814][ T6754]  ? fsnotify_link_count+0xf0/0xf0
[  144.219001][ T6754]  ? strncpy_from_user+0x1fb/0x360
[  144.224110][ T6754]  ? getname_flags+0x1fe/0x500
[  144.229037][ T6754]  __x64_sys_unlink+0x45/0x50
[  144.233799][ T6754]  do_syscall_64+0x4c/0xa0
[  144.238199][ T6754]  ? clear_bhb_loop+0x30/0x80
[  144.242862][ T6754]  ? clear_bhb_loop+0x30/0x80
[  144.247629][ T6754]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  144.253610][ T6754] RIP: 0033:0x7fe99bd92629
[  144.258025][ T6754] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  144.277616][ T6754] RSP: 002b:00007fe999fec028 EFLAGS: 00000246 ORIG_RAX: 0000000000000057
[  144.286017][ T6754] RAX: ffffffffffffffda RBX: 00007fe99c00bfa0 RCX: 00007fe99bd92629
[  144.293975][ T6754] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000040
[  144.301928][ T6754] RBP: 00007fe99be28b39 R08: 0000000000000000 R09: 0000000000000000
[  144.309880][ T6754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  144.317991][ T6754] R13: 00007fe99c00c038 R14: 00007fe99c00bfa0 R15: 00007ffe4edef7c8
[  144.326031][ T6754]  </TASK>
[  144.391746][ T6754] bread failed!
[  144.399572][ T6754] jfs_unlink: dtDelete returned -5
[  144.404870][ T6754] ERROR: (device loop3): jfs_unlink: 
[  144.404870][ T6754] 
[  144.420868][ T6754] ERROR: (device loop3): remounting filesystem as read-only
[  144.505834][ T6778] loop1: detected capacity change from 0 to 2048
[  144.546883][ T6778] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  144.563923][ T6778] NILFS (loop1): mounting unchecked fs
[  144.595353][ T4177] udevd[4177]: incorrect nilfs2 checksum on /dev/loop1
[  144.647461][ T6778] NILFS (loop1): recovery complete
[  144.670051][ T6782] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  144.780573][ T6783] loop2: detected capacity change from 0 to 4096
[  144.869810][ T6783] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512)
[  144.925708][  T263] block nbd0: Possible stuck request ffff888021358000: control (read@0,4096B). Runtime 60 seconds
[  145.043751][ T6789] loop1: detected capacity change from 0 to 128
[  145.092366][ T6793] netlink: 32 bytes leftover after parsing attributes in process `syz.3.952'.
[  145.202059][ T6789] VFS: Found a Xenix FS (block size = 512) on device loop1
[  145.237809][ T6789] sysv_free_block: trying to free block not in datazone
[  145.320434][ T6780] F2FS-fs (loop0): Fix alignment : done, start(4096) end(16896) block(12288)
[  145.329910][ T4192] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  145.355508][ T6780] F2FS-fs (loop0): invalid crc value
[  145.403725][ T6780] F2FS-fs (loop0): Found nat_bits in checkpoint
[  145.536089][ T6815] netlink: 8 bytes leftover after parsing attributes in process `syz.2.978'.
[  145.630440][ T6820] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  145.685966][ T6780] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  145.778310][ T6820] EXT4-fs (loop1): 1 truncate cleaned up
[  145.784010][ T6820] EXT4-fs (loop1): mounted filesystem without journal. Opts: quota,resuid=0x000000000000ee01,barrier=0x0000000000000003,debug_want_extra_isize=0x0000000000000080,block_validity,jqfmt=vfsv1,,errors=continue. Quota mode: writeback.
[  145.867428][ T6780] attempt to access beyond end of device
[  145.867428][ T6780] loop0: rw=2049, want=55304, limit=40427
[  145.912062][ T6780] attempt to access beyond end of device
[  145.912062][ T6780] loop0: rw=0, want=55304, limit=40427
[  146.391673][ T6849] set_capacity_and_notify: 2 callbacks suppressed
[  146.391688][ T6849] loop3: detected capacity change from 0 to 8192
[  146.488260][   T26] audit: type=1800 audit(1771530065.942:23): pid=6849 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.992" name="file2" dev="loop3" ino=1048617 res=0 errno=0
[  146.492430][ T6849] attempt to access beyond end of device
[  146.492430][ T6849] loop3: rw=0, want=57848, limit=8192
[  146.576774][ T6861] mkiss: ax0: crc mode is auto.
[  146.602065][ T6849] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1)
[  146.632587][ T6849] FAT-fs (loop3): Filesystem has been set read-only
[  146.658638][ T6849] FAT-fs (loop3): error, invalid access to FAT (entry 0x0000e1b1)
[  146.797930][ T6869] bond0: Caught tx_queue_len zero misconfig
[  147.150530][ T6103] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  147.266578][ T6880] loop4: detected capacity change from 0 to 164
[  147.273266][ T6876] loop2: detected capacity change from 0 to 32768
[  147.350465][ T6880] iso9660: Corrupted directory entry in block 2 of inode 1920
[  147.538804][ T6103] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  147.562814][ T6103] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  147.584329][ T6103] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  147.603236][ T6103] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  147.632204][ T6103] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  147.768642][ T6103] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  147.784652][ T6103] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  147.806009][ T6103] usb 4-1: Product: syz
[  147.806589][ T6892] sctp: [Deprecated]: syz.1.1002 (pid 6892) Use of int in max_burst socket option.
[  147.806589][ T6892] Use struct sctp_assoc_value instead
[  147.814680][ T6103] usb 4-1: Manufacturer: syz
[  147.843867][ T6897] loop0: detected capacity change from 0 to 256
[  147.886835][ T6103] cdc_wdm 4-1:1.0: skipping garbage
[  147.893532][ T6103] cdc_wdm 4-1:1.0: skipping garbage
[  147.920548][ T6103] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  147.922580][ T6897] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  147.927020][ T6103] cdc_wdm 4-1:1.0: Unknown control protocol
[  148.177223][ T6884] loop2: detected capacity change from 0 to 40427
[  148.219327][ T6884] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x35f7
[  148.244835][ T6884] F2FS-fs (loop2): build fault injection attr: rate: 690, type: 0x1ffff
[  148.284402][ T6884] F2FS-fs (loop2): invalid crc value
[  148.286941][ T6103] usb 4-1: USB disconnect, device number 6
[  148.297748][ T6884] F2FS-fs (loop2): Found nat_bits in checkpoint
[  148.306795][ T6873] cdc_wdm 4-1:1.0: Error submitting int urb - -19
[  148.427242][ T6884] F2FS-fs (loop2): Start checkpoint disabled!
[  148.444397][ T6884] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  148.605281][ T6899] loop1: detected capacity change from 0 to 32768
[  148.688340][ T6899] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[  148.723419][ T6899] JBD2: Ignoring recovery information on journal
[  148.939244][ T6899] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  149.135806][ T6099] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  149.141103][ T6931] netlink: 'syz.3.1019': attribute type 8 has an invalid length.
[  149.167426][ T6931] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1019'.
[  149.184054][ T4192] ocfs2: Unmounting device (7,1) on (node local)
[  149.296619][ T6936] loop2: detected capacity change from 0 to 512
[  149.323027][ T6936] EXT4-fs (loop2): Ignoring removed oldalloc option
[  149.413656][ T6936] EXT4-fs (loop2): 1 truncate cleaned up
[  149.426050][ T6936] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_lock,bsdgroups,nouid32,errors=remount-ro,jqfmt=vfsv1,oldalloc,stripe=0x0000000000000005,. Quota mode: none.
[  149.488164][ T6943] loop1: detected capacity change from 0 to 2048
[  149.515586][ T6099] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  149.535532][ T6099] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  149.555504][ T6099] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  149.575970][ T6945] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  149.586963][ T6099] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.616408][ T6920] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  149.646349][ T6947] netlink: 'syz.3.1025': attribute type 39 has an invalid length.
[  149.730665][ T6925] loop4: detected capacity change from 0 to 40427
[  149.788597][ T6943] NILFS (loop1): error -2 truncating bmap (ino=16)
[  149.797901][ T6925] F2FS-fs (loop4): Invalid SB checksum offset: 0
[  149.815739][ T6925] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  149.878322][ T6925] F2FS-fs (loop4): invalid crc value
[  149.920933][ T6945] ------------[ cut here ]------------
[  149.927030][ T6945] WARNING: CPU: 0 PID: 6945 at fs/nilfs2/dat.c:200 nilfs_dat_commit_end+0x5ac/0x6b0
[  149.936636][ T6945] Modules linked in:
[  149.940546][ T6945] CPU: 0 PID: 6945 Comm: segctord Not tainted syzkaller #0
[  149.942868][ T6949] loop2: detected capacity change from 0 to 8192
[  149.948223][ T6945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  149.948274][ T6945] RIP: 0010:nilfs_dat_commit_end+0x5ac/0x6b0
[  149.948301][ T6945] Code: 8b 34 24 48 83 c4 28 5b 41 5c 41 5d 41 5e 41 5f 5d e9 b8 54 03 00 e8 d3 63 6a fe e8 ae be f1 fd e9 b8 fc ff ff e8 c4 63 6a fe <0f> 0b e9 16 fc ff ff e8 b8 63 6a fe e8 93 be f1 fd e9 74 fe ff ff
[  149.948316][ T6945] RSP: 0018:ffffc9000315f390 EFLAGS: 00010293
[  149.948335][ T6945] RAX: ffffffff830ebe7c RBX: ffff88807adbe1a0 RCX: ffff88801e615940
[  149.948349][ T6945] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 00000000003f0002
[  149.948361][ T6945] RBP: 0000000000000003 R08: ffff888060fd32bf R09: 1ffff1100c1fa657
[  149.948374][ T6945] R10: dffffc0000000000 R11: ffffed100c1fa658 R12: ffff88801e6170c8
[  149.948388][ T6945] R13: ffff88807973e9e0 R14: 00000000003f0002 R15: ffff88807cfde9b0
[  149.948401][ T6945] FS:  0000000000000000(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000
[  149.948417][ T6945] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  149.948430][ T6945] CR2: 000055a3f93abff8 CR3: 000000006479f000 CR4: 00000000003506f0
[  149.948447][ T6945] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  149.948458][ T6945] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  149.948470][ T6945] Call Trace:
[  149.948476][ T6945]  <TASK>
[  149.948489][ T6945]  nilfs_dat_commit_update+0x24/0x40
[  150.064298][ T5956] usb 1-1: USB disconnect, device number 10
[  150.068784][ T6945]  nilfs_btree_commit_update_v+0x93/0x410
[  150.068818][ T6945]  nilfs_btree_propagate+0x95a/0xcf0
[  150.068844][ T6945]  nilfs_bmap_propagate+0x70/0x120
[  150.068869][ T6945]  nilfs_segctor_apply_buffers+0x15d/0x320
[  150.068891][ T6945]  ? nilfs_collect_file_data+0xc0/0xc0
[  150.068911][ T6945]  nilfs_segctor_scan_file+0x7af/0x9d0
[  150.087036][ T6925] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  150.088437][ T6945]  ? trace_nilfs2_collection_stage_transition+0x1a0/0x1a0
[  150.145191][ T6925] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[  150.145481][ T6945]  ? nilfs_segbuf_extend_segsum+0x25d/0x360
[  150.145512][ T6945]  ? rcu_is_watching+0x11/0xa0
[  150.145534][ T6945]  nilfs_segctor_do_construct+0x1c26/0x6ca0
[  150.145594][ T6945]  ? verify_lock_unused+0x140/0x140
[  150.157513][ T6925] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  150.158538][ T6945]  ? nilfs_transaction_unlock+0x220/0x220
[  150.187694][ T6945]  ? nilfs_bmap_test_and_clear_dirty+0x4c/0x70
[  150.193878][ T6945]  ? clear_nonspinnable+0x60/0x60
[  150.198938][ T6945]  ? nilfs_segctor_confirm+0x24d/0x2d0
[  150.204412][ T6945]  ? __lock_acquire+0x7d10/0x7d10
[  150.209471][ T6945]  ? __rwlock_init+0x140/0x140
[  150.214251][ T6945]  ? do_raw_spin_unlock+0x11d/0x230
[  150.219589][ T6945]  ? _raw_spin_unlock+0x24/0x40
[  150.224448][ T6945]  ? nilfs_segctor_confirm+0x24d/0x2d0
[  150.229942][ T6945]  nilfs_segctor_construct+0x17b/0x690
[  150.235469][ T6945]  nilfs_segctor_thread+0x523/0x1180
[  150.240784][ T6945]  ? _raw_spin_unlock_irqrestore+0x82/0x120
[  150.246760][ T6945]  ? nilfs_iput_work_func+0x70/0x70
[  150.251971][ T6945]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  150.257919][ T6945]  ? _raw_spin_unlock+0x40/0x40
[  150.262787][ T6945]  ? _raw_spin_unlock_irqrestore+0x82/0x120
[  150.268728][ T6945]  ? init_wait_entry+0xd0/0xd0
[  150.273501][ T6945]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  150.279440][ T6945]  ? __kthread_parkme+0x157/0x1b0
[  150.284469][ T6945]  kthread+0x436/0x520
[  150.288569][ T6945]  ? nilfs_iput_work_func+0x70/0x70
[  150.293783][ T6945]  ? kthread_blkcg+0xd0/0xd0
[  150.298454][ T6945]  ret_from_fork+0x1f/0x30
[  150.302879][ T6945]  </TASK>
[  150.305958][ T6945] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  150.313241][ T6945] CPU: 0 PID: 6945 Comm: segctord Not tainted syzkaller #0
[  150.320425][ T6945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  150.330648][ T6945] Call Trace:
[  150.334012][ T6945]  <TASK>
[  150.336969][ T6945]  dump_stack_lvl+0x188/0x250
[  150.341650][ T6945]  ? show_regs_print_info+0x20/0x20
[  150.346840][ T6945]  ? load_image+0x400/0x400
[  150.351609][ T6945]  panic+0x2e5/0x810
[  150.355619][ T6945]  ? bpf_jit_dump+0xd0/0xd0
[  150.360280][ T6945]  ? ret_from_fork+0x1f/0x30
[  150.364963][ T6945]  ? nilfs_dat_commit_end+0x5ac/0x6b0
[  150.370433][ T6945]  __warn+0x248/0x2b0
[  150.374439][ T6945]  ? nilfs_dat_commit_end+0x5ac/0x6b0
[  150.379808][ T6945]  report_bug+0x1b7/0x2e0
[  150.384130][ T6945]  handle_bug+0x3a/0x70
[  150.388293][ T6945]  exc_invalid_op+0x16/0x40
[  150.392804][ T6945]  asm_exc_invalid_op+0x16/0x20
[  150.397741][ T6945] RIP: 0010:nilfs_dat_commit_end+0x5ac/0x6b0
[  150.403709][ T6945] Code: 8b 34 24 48 83 c4 28 5b 41 5c 41 5d 41 5e 41 5f 5d e9 b8 54 03 00 e8 d3 63 6a fe e8 ae be f1 fd e9 b8 fc ff ff e8 c4 63 6a fe <0f> 0b e9 16 fc ff ff e8 b8 63 6a fe e8 93 be f1 fd e9 74 fe ff ff
[  150.423390][ T6945] RSP: 0018:ffffc9000315f390 EFLAGS: 00010293
[  150.429458][ T6945] RAX: ffffffff830ebe7c RBX: ffff88807adbe1a0 RCX: ffff88801e615940
[  150.437420][ T6945] RDX: 0000000000000000 RSI: 0000000000000003 RDI: 00000000003f0002
[  150.445377][ T6945] RBP: 0000000000000003 R08: ffff888060fd32bf R09: 1ffff1100c1fa657
[  150.453340][ T6945] R10: dffffc0000000000 R11: ffffed100c1fa658 R12: ffff88801e6170c8
[  150.461318][ T6945] R13: ffff88807973e9e0 R14: 00000000003f0002 R15: ffff88807cfde9b0
[  150.469290][ T6945]  ? nilfs_dat_commit_end+0x5ac/0x6b0
[  150.474691][ T6945]  nilfs_dat_commit_update+0x24/0x40
[  150.479956][ T6945]  nilfs_btree_commit_update_v+0x93/0x410
[  150.485658][ T6945]  nilfs_btree_propagate+0x95a/0xcf0
[  150.490936][ T6945]  nilfs_bmap_propagate+0x70/0x120
[  150.496034][ T6945]  nilfs_segctor_apply_buffers+0x15d/0x320
[  150.501832][ T6945]  ? nilfs_collect_file_data+0xc0/0xc0
[  150.507279][ T6945]  nilfs_segctor_scan_file+0x7af/0x9d0
[  150.512740][ T6945]  ? trace_nilfs2_collection_stage_transition+0x1a0/0x1a0
[  150.519869][ T6945]  ? nilfs_segbuf_extend_segsum+0x25d/0x360
[  150.525771][ T6945]  ? rcu_is_watching+0x11/0xa0
[  150.530524][ T6945]  nilfs_segctor_do_construct+0x1c26/0x6ca0
[  150.536424][ T6945]  ? verify_lock_unused+0x140/0x140
[  150.541608][ T6945]  ? nilfs_transaction_unlock+0x220/0x220
[  150.547313][ T6945]  ? nilfs_bmap_test_and_clear_dirty+0x4c/0x70
[  150.553540][ T6945]  ? clear_nonspinnable+0x60/0x60
[  150.558691][ T6945]  ? nilfs_segctor_confirm+0x24d/0x2d0
[  150.564146][ T6945]  ? __lock_acquire+0x7d10/0x7d10
[  150.569183][ T6945]  ? __rwlock_init+0x140/0x140
[  150.573946][ T6945]  ? do_raw_spin_unlock+0x11d/0x230
[  150.579125][ T6945]  ? _raw_spin_unlock+0x24/0x40
[  150.583957][ T6945]  ? nilfs_segctor_confirm+0x24d/0x2d0
[  150.589412][ T6945]  nilfs_segctor_construct+0x17b/0x690
[  150.594858][ T6945]  nilfs_segctor_thread+0x523/0x1180
[  150.600139][ T6945]  ? _raw_spin_unlock_irqrestore+0x82/0x120
[  150.606018][ T6945]  ? nilfs_iput_work_func+0x70/0x70
[  150.611226][ T6945]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  150.617106][ T6945]  ? _raw_spin_unlock+0x40/0x40
[  150.621990][ T6945]  ? _raw_spin_unlock_irqrestore+0x82/0x120
[  150.627863][ T6945]  ? init_wait_entry+0xd0/0xd0
[  150.632628][ T6945]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  150.638599][ T6945]  ? __kthread_parkme+0x157/0x1b0
[  150.643607][ T6945]  kthread+0x436/0x520
[  150.647657][ T6945]  ? nilfs_iput_work_func+0x70/0x70
[  150.652841][ T6945]  ? kthread_blkcg+0xd0/0xd0
[  150.657410][ T6945]  ret_from_fork+0x1f/0x30
[  150.661939][ T6945]  </TASK>
[  150.665245][ T6945] Kernel Offset: disabled
[  150.669872][ T6945] Rebooting in 86400 seconds..