last executing test programs:

3m21.644458428s ago: executing program 32 (id=312):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x1018ed8, &(0x7f0000000280)={[{@sysvgroups}, {@noload}, {@mblk_io_submit}, {@noload}, {@discard}, {@usrjquota}, {@grpquota}, {@quota}]}, 0x6, 0x659, &(0x7f00000013c0)="$eJzs3c9rXFsdAPDvvZPkJWl86RMRX1AMuHgP5KVJffjUjW1d2EXBgl2IuGhokho6/UGTgq2FJuBCQUHEbZFu/Ae6l+5dCCKoO9dCFalY0NKR+2OayWQmM/k10+R+PjCZc+85N+d8c+fknjt3ztwAKms2+5FGvB/x+moSMd2SNxVF5mxZ7sW/Hl7LHkk0Gt/9ZxJJua5ZPimfT5UL4xHxxwsRn67trHft/oMbi/VG4VHEmfWbd86s3X/w0erNxevL15dvLZz92sefzH994eOFlobu36ny+eKl73z+Fz/54VdX/lT/KIlzcWX0x0vRFsdhmY3ZeF2G2Lp+JCI+yRId/i7HzQkIodJq5etxNCI+G9NRy5cK07H686E2DjhSjVpEY3dJrwLAcaV7Q1U1xwHNc/v+zoOvHPGoZHCeny9OgHbGP1K+5TCenxtNvkhazoyK9zZOH0L9WR2vHo4/fvVw5nFsex/i5Zu9M3II9XSzsRkRn+sUf5K37XQeaRZ/uu1cP4mI+YgYK9v3rQO0IWlJH8X7MLvpM/5aFn/rfkgj4lz5nK2/sM/629/WGnT8AFTTs/PlgXwjW9o6/mVjj+b4J7bGP4+a200d/JJMbtjHv+7jv+bxfjwf96Rt47BszHK5868cbV/xt59d/FW3+ovx38zj5iOrvzkWHITnmxEzbfH/NAu2HP9k8Scdxr9Zkavn+qvj23/+x8VuecOOv/Ek4oOO5z9bo9Istcv1yTMrq/Xl+eJnxzp+9/sf/LZb/Z3jf+cIIu0s2/+TXeJv2f9p+3bZ3+RO51+52b7i6eUnN7vVP9Vz/6d/H0uK882xcs2PNtfX7y5EjCWXyiLl+sX19btnd4+3KPOykT8vFPF/+KXO/X/b678tqonmv8w+3PnejRfd8vbz+m+5mPy60WcbusniX+q9/7f6/0QzN+KXfdbxn+/f+0K3vM7xJweMCgAAAAAAAKopza/BJuncm3Sazs0V82U/E5Np/fba+pdXbt+7tRTxYf55yNE00iT/yMh0sZysrNaXF8rPwzaXz7YtfyUi3ouIX9cm8uW5a7frS8MOHgAAAAAAAAAAAAAAAAAAAN4Sp8r5/837VP+7Vsz/Byqi9w3mdtz/ATghjvIGk8DbLe//ux3i3x1cW4DBcvyH6tL/obr0f6gu/R+qS/+H6tL/obr0f6gu/R8AAAAATqT3vvjsr0lEbHxjIn9kxso8k37hZBvdU+nakbUDGDw9GqrrzaV/g32onL7G//8tvxzw6JsDDEHSaWU+OGjs3vmfddxyy+bB2wYAAAAAAAAAAAAAFD54v/v8/73NDQaOG9P+oLoOMP/fVwfAMbfvr/4fO9x2AIPnHB/oMYs/xrtl9Jr/DwAAAAAAAAAAAAAcmqn8kaRz5VzgqUjTubmIT0XE6RhNVlbry/MR8W5E/KU2+k62vDDsRgMAAAAAAAAAAAAAAAAAAMAJs3b/wY3Fen35bmvifzvWnOxE8y6ovQs3+iiza+KbscetIhn8n2UiIoa+U7Ylnpa3m93z5n8oX+ctWSMtZZKIjSx76AEWiXg7mpEnhvUfCQAAAAAAAAAAAAAAAAAAqqtl7nFnM78ZcIsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYPC27v/fI7E0WWzQV+HtiWHHCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcT/8PAAD//4RxNqU=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xa1)
quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000005bc0)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000140)={0x0, 0x0, 0x6, 0x7e9, 0x2000000000, 0x4002000000000002, 0x3, 0x100000000003, 0x7fffffff})
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0xc)

2m54.62217863s ago: executing program 33 (id=551):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000010000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000011540)=ANY=[@ANYBLOB="bf16000000000000b7070000000100004070000000800000500000000000000095000000000000002ba728041598fbd30cb599e83d24a3aa81d36bb3019c13bd23212fb56fa54f2641d8b02c3815e79c1414eb07eae6f0711e6bd917487960717142fa9ea4318123f602000000000080de89e661168c1886d0d4dd4f204e345c65c26e278ef5b915395b19284a1a4bc72fbc1626e3a2a2ad358061d0ae0209e62f51ee988e6ea604ce974a22a550d6f97080980400003e05df3ceb9f1feae5737ecaa80a666963c474c2a100c788b277beee1cbf9b0a4d3881dcc7b1b85f3c3d44aeaccd3641110bec4e90a6341965c39e4b3431abe802f5ab3e89cf6c662ed4048d3b3e22278d00ce00000000d3a02762c2951257b85802189d74005d2a1bcf9436e192e23fd255985bf31b714f000bcab6fcd610f25f5888000000003f11afc9bd08c6ebfbb89432fb465bc52f49129b9b6150e320c9901de2ebb9000000018e3095c4c5c7a156cec33a667dccaff950ca1e5efdd4c968dacf81baa3a509b1041d06f6b0097c430481824a3f4fddd3c643f630ba175d876defd3541772f26e27c44cfdb2d85d6d29983e830a9cdd79837b3468e8c67a571d0a017c100344c52a6f387a1340bdc8889464f90cc4cd1f570dd39877dfb2ff1ae66e1ce917474b2e650ae630afd014a337ac5d58bcb5e51723257c872c5255f20100000000000000f041b665ab21372c8d8b7bac5b5c784d20a4a24d8dbd75062e1daef9dead619cc6e7baa72707157791c3d2a286ffb8d35452bb5d36c2a8682bf7ecbd53f950ef4709ec01e230d2f53594ef4839c6130c4c13a0cca84b9935f771fd49e480cd9d48aeb12b1d6acabd38a817bcd222614d1f62734d679039a97d2b74f9e8e997ccd314000f7477137f4e8e7025123e783df8b8a17e3aa9fe1f662aef87a065b03cfb65b4dfe4f1b56e1f23128d743753a1de172d683d5892ce9414a1d98ea93e3d35dbb6c23b90cf36e83b8a434a97d09343d7f83079ccb02e69c584146056d125cfa788237874dd42dae334bda042819a2aa24dba1c25be2794448b4f63483026b5e34d44705b76ef29241adab0dd7d68bf975e02069f6f2425e1bc97a3d588085f16bef63a06578d4f5de7bfb6aaa75f16996d536256c02284cb1d3a6fb8cae87691fae365a70c3fc69e1565bba8dd8a8c7049f798abe646f738bebd69413afc9d8a5edd7aaa000000000000001e6c2f2a287c5278a218dbfaffffff00a14db5cfa6819eb1d39c48cfdc80d215c9e16e0c4736c819363154cca4e2f89800d18c89d7f46f679df6c9e2952ae1ebfd0ca88368ee6ce139e8b5822c22cf2e9dde943d34c432e1001171792c65986146666a5490928441f47e0fe5eac41824ca1fd0eb71aa243c88d5480efd8329d9a733d8f9ffffff5f912ac4e34bf6ea8a86da707b03bddb491ba0cc98f6be92c50008a2b50025419d1476c73132ca7ca26ce8a7e3ffb700f09e157f9b844051f1a642aca9ff98c9036471ccff0522903e7bcf62e18f7696bbc280b95e8e0d6fd5644b0ebde3a95b06548862de809d3dae3cccf109f7c78e8479a345e800000000000000000000009455bf417627ce723a5d9103706aba69239500bb82f6b5a3ddc0bd9856712945b70c75ce5b722578820820d010d7a3cffc99fc647d0b82ef26ab708c0b19ed144be51c3b398f0e6bb7a30006000000cba12953d58cff0f0378740fe6662f377b97d8e7cdb047acd083d3cd3856476a60a49ad127ba6570bafc2bbcf9ee721fd9cb467ff071e5604fbf0491245c0000007d932d7a64de4c4aa433fc0840aff7c47da3a4c6966d0000000000000000f6bfbae29e8a6e2a889f6ef6869d82d6bd73eb76b65c7a35a54a4a6b8ad4600e3a972a0bb5971a5f16590b0a03dafa3fd1118765cc8ab9fccf3b51c41a339f200f2fa33006910a679a9ae0187b4d750c4bd244cb0cbfd23b265f4d4da448a7a0d19c5e43eae50a31609dfa2dde267551467eb6475293dd7012cc449009981f22820e57a0eff234ccfe21d7a2302e000669753d3c3432cc14ee1abe724adb6b5431befedd3e22971118f0e21aed1823cb7dde8212a8531bd9691dd4cc6a370e9eb56b3d790b98f2bd0db1e5de6a146597b2cbb7103040d2a39d7965d34df524b760ab92efcce7dd1574052c735935bf6a752c015c7f5ffee9ff66e5dd2866b15b6e0d17618cb1f5c1ee4b05ebf1445ea110f499f840a5c965443d725556351ee25fe09f69494b053678dcadcf02e063dff2fa4bef1ac3bbbebe6c74d71ec3b23e29895eff1d1017024fe3e8cc759b05785adc346b7ffd05963f92c1d0d7d90ba878ad89e490f3e29ac51d30632869a534418f916bf6fe8167827a8e6c8f8b391c822805cb0adf1b8bd6947ff208753eb0d208ce14f7b206b2e02c21e963abc5ceb735c1b3c46b0a843de52a903375dfb663a8d8ee9c2b2705c1a81d9d3b9656b219c8cd99c9cafcd0d0540884d97aecb19983fc6af29ab44a82aff9cba921192c665b877af6539bdb1b567f481ba07982e7ad758f4e1eac69e7e88a63960975f490e161e371ec8534791e3b61c685d900a9c0839208356b53750e76fcc3c2d1bddcbd83897921414d0c02e8188f3df79ea2a5c5444004830e6cb227ca1bdafb977c00000000003a417193b8c5d793687335a930867094fd6a78218218e04b705ec62f1608cb569b81914e68f175b392af6bc4fd2121d7fd276af2c97a441b56e7a0687d98b8e76d8d0d231e4fe00be1de76bd19cc12e2bd938eb681ed6bc951c1b4f7c51af59eea4d40c6000000000200778a677b72786311153271a3313da02645e11761699e4d04ac86dd14ff7b9a10d3fa74696fe3953a5b7706bf5d1faba4b18808d9cb0e9db696dec4e0820ee4028d7225a2c9c427cf64cbde6fba056b2006b7a37c1181070000005e235cd302f3b4071ee5237ada986b9e5e3144bf479f277f10656ad3744037ccc9c63685a6f1109d2ea73773d3635f61497f1fa1ea4a16f601800bf3e59141fbf05a96113320c445f9ba8504000000000000004fbd99ccefb7c09269dd2c5c25e56e169ac15980f3f85f7ca36dd5950ef5b64fd46f123311829534a82940994199b3cf7a8fabea9930952f5da9b909c1946e55289f668c423fcbb31ae91864c882313151741a67538c9689dc8ecc9903c7041e5c0704e2fa55a756487517a7445cbd9e3f5175e41c00000000000000000000000000bf98efd587fffe326f474b0b089c017b16c0062cbce96f5adebec52a79f9363909842f79c50a1520be46d87003137e4c5031f00123e812a5e37cd52c9eb7336281cb8c6ce9934b157d7875a70eaf103cb3d99e3568c51cd1eab8a26b232ac46bf0ab829c26dab637538b2eb1420d812d2b80c777710ba0f18e4661681aa218d9ba54023ab4305d77eb15611ae2545835e9d30e9f6d4fb43a291c69545a1eea0f8720431132d89f99bf6c5cb060da70cbb59d0a000000000034d083fc37d2449f72de0cbea4bc1dc89c136cdbc504f849d5502d77a95c7bfff4cd9c03058d0d4d07ea64824f1acf2b39389f675f39d01719cdbab3f1ce10609c8d7b3e37cb99b41da5e485a441b6a103549f55ab09dc98767763d1f2fafd45bb7d2b40050d1f8292f4d9ec6d0000000000003932062290c7536fdd55b06023437e9e2072daf7f5d82f6f1b5b89a41134f4dc2e65bb11272fdf8c8141f41d6160b3d8b6ecd16d14267f61b4881adee7f07f3d6af5ae79e16fe2c3f55ac7a6392d2e1d9b4286b6c3e1f5a76b85ed6e1f0000c67e6c5fcdc8c39381be4799b8cb2d08b8262c807dd755e22b801162381aa9d1af2bbc9cfd497585337eac408b8475b47a392a10cae349160f128e5f873a58064eb400c36a90624f6aed398a215e9ce64522ab249f67c38a656d32ecff5cdb2b039c4abf349d2c0f88a42e9189bbfa7f5cf35b6e7ef8f9d33163b7ea87550fb1ba334c83e3aec4714c9c4ca3ecb04f2720237615a28bf310b58ffa2a103216fdcc8c2d8f5d55e5e7ebf147105272aaae56e86d856b3cf79a3f7306436762dd1a08ce873e07cebc7892ec6f9f696da38feed3dc0001500e34adae1ba89a32bad2af9030f840f1ba4664f35547cdadd5cbacc59352c290f55d971b65953533668c25f21d8d62d849e9058eaa97c63491568887548f668cdbca2abf01a361a0b64d8b523e669da350e3ec7445dfbf366b0b3bc5e76824a1e43eaaeca70db90f2fa39596443447671933079a24fe3681ad9ac361f71ac279a688f10a1cc4df1112105edebc5e3bbc394c8305ab129ca2dfb9b7c5e9d097bd01b495cccefddce569117f7f5d6a6270ff0f0f4c371029ca8489571b55841bf3dd003bc81460fcfcbb616c2070237881afdb314cecd1623f3e55ab8b7627fa1be349145a8d6313cbc790eefe2020138e82fb9d351be4ddcbcc9bc048dd3db5828d16baec6e07a007f0030f34ea3cfd524d6fa1d45da5641d6c94e1d3ae7fba1c85035d2a60ef0a96e0d96aa1c60019f73ae0aa6113cd66ef26b5777337c26e1461405d86fdf091edd526f25cada439bb3609ed5c35ab60a539ade786bd6004d0ea3edbd6c4da0d8e8be8c771c8c8a0b07d9859e04adb18964dcce9bce546074c26dffbc2df372a016e8c845d4257000000000000000000000000000000000000f29657697d9c2b132b2dc2f5ea5122836582a7e85fe2bc166f17aefd9d861de0191f5277d4a3b5afb6f23d9eea2459f7844606e1202768d83c24cc791bde44a448022bbfa571fe029a7b2d5152639ee283894ab6168992ff0acc01b39a078f285ce615351f262019586eb9447bb3eaffd7b53d8f37ca6c5f1027dd5b7592996c8a7789ba108979cc9ad07ed86682843e2eaa855dd01443ee6ffde1811f10039d5d14458177096e15cc4d8f2582a1bea5cc98d992f3de7d1cdfb24384b9f10f615c87c441dc970ec896a5af6bf69b50a244bc138a1cae9868c3079bafe69769000000000000000000e99b63029d219cd3545a8426b56554a9f265d3557eefb3602894507c256cb8ee9ebadfecb6afeb84ba757bfa8d00a5af0dd6aa1e8144ef8ef04410d52204c335408941b8eccc5c734cc6a05247142ed647f89bcb5c043acfb382b9cc918bc3cdc368983157851cdf678800aa7eb2a6cbc12c7ae23bc88b8f10223ab2a093429f3f6965bc5af0114cf6f246bae0b04bec8e30b6772b8950f32e87beda060f9af2a0ccd4a8eab8e395ee3628eb976b7fff835e6c1bdc4a6e00acd0fe63ba8425b21845db903b38c80148e6aa497dbf0e2baf938d3ecbd433527602d89f10aca419ff54e47354194f75e343d4c75227448530b0d8d59b9f94a3fa0ca9210177926c58ef46dcd09e79c343d35aa954d12f89410c47ac29c881f8a6bda8dd40df0d1e5881338d2c5a01bf1ee6b28169fef18df13c759e767d3442ae6598106496f42b73074bb804e8763915c3e04400ad44e9f3130e904062d204d385c026722a094255db1572d66e7a4917bba2a0f6a1a57482cdb4070de8dd60fd65dacb9ec5003fb1cca05ce1c9f924cc2ec45e8d5adf7c89e3b0b8da35c1aa7fbbee6f839a8f05294a6c02281afb7601252611583408f1"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xfffffffffffffe89}, 0x48)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000040)=r2, 0x4)
sendmsg$inet(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000340)="25b096f681cd731c3f3a9badc4e3cf5edeae1f3b5082d7ab3a97c053df68744e7c7e24d0b59997bab4bccff8363b275de3510b0ebe4275d8d2f153395668e3d608e358fc2294263c03f8dc4f8bf194e4fde4600a2dec2f483a914e2fde0cbc344a2b9fc18dd198966045a6d4d4eb8571e8bb69e6724e37fcbaa6e4c64050b47256b9bb17f5c0aa5101e015ecdcb62fec46fc0205512535", 0x97}, {&(0x7f0000000280)="d3a88bea5916e313729a3989393caca70c74cd74e62e524bdd37be131ad827f911027e70ccf679d8e7c0cd3333095f83d6d473db345ded2ac8acaa87503de74c82431758e8e11e3ecb7bce02d6cd65f4eb88cc49ceb9e39f7117eb0f62323dc9b80dea447b0c96a383f14281bb87b09de0a6153ceeaae2b50a2b0f0f41810f379f9c3a1f3938461829d716a4bda86ab11b41f754bc15d71b", 0xfed0}], 0x2}, 0x0)

2m54.609068519s ago: executing program 3 (id=558):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r0, 0xc01864c6, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, <r1=>0xffffffffffffffff})
dup3(r1, r0, 0x0)
ioctl$DRM_IOCTL_SET_MASTER(r1, 0x641e)

2m54.388387666s ago: executing program 3 (id=560):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x28bd, 0x74, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xc0, 0x40, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x9, 0x0, 0x1, {0x22, 0xa0}}, {{{0x9, 0x5, 0x81, 0x3, 0x400}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000000c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="0000d2"], 0x0, 0x0, 0x0, 0x0}, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)

2m52.134665927s ago: executing program 3 (id=570):
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = inotify_init1(0x800)
inotify_add_watch(r0, &(0x7f0000000040)='./file0\x00', 0x40000000)
inotify_add_watch(r0, &(0x7f0000000240)='./file0\x00', 0x21000230)

2m51.844316476s ago: executing program 3 (id=572):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x3008000, &(0x7f0000000000)={[{@quota}, {@resgid={'resgid', 0x3d, 0xee00}}, {@bh}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xfe, 0x452, &(0x7f0000000980)="$eJzs3M1vFOUfAPDvzG7L+6/8EF9A0CoaiS8tLS9y8ILRxIMmJnrAeKptIchCDa2JEKLoAY+GxLvxaOJf4EkvRj2ZeNW7ISGGC+hpzezOlKXdbbvtlq3M55MMPM/Os3me78w8u888z04DKK3h7J8kYntE/B4RQ83s3QWGm//dvnl58u+blyeTqNff+itplLt18/JkUbR437Zmpl7P85va1Hv13YiJWm36Qp4fnTv3wejsxUsvnDk3cXr69PT58ePHjxzeP3hs/GhP4sziurX345l9e15759obkyevvffzt1l7t+f7W+NYkXT5IsPNo9vW011VtvHtaEkn1T42hK5UIiI7XQON/j8Uldgyv28oXv2sr40D1lW9Xq+3+37OXakD97Ek+t0CoD+KL/rs/rfY7tHQY0O4caJ5A5TFfTvfmnuq87f4Awvub3tpOCJOXvnnq2yL1cxDAAB06fts/PN8u/FfGg+1lPtfvoayMyL+HxG7IuKBiNgdEQ9GNMo+HBGPdFn/whWSxeOf9PqqAluhbPz3Ur62dff4L22M+7KQK/lyz45G/APJqTO16UP5MTkYA5uy/NgSdfzwym9fdNrXOv7Ltqz+YiyYt+N6dcEE3dTE3MTaor7jxqcRe6vt4k+iWMZJImJPROxdZR1nnv1mX6d9y8e/hB6sM9W/jnimef6vxIL4C0nH9cmxF4+NHx3dHLXpQ6PFVbHYL79efbNT/WuKvwey87+17fU/H//OZHPE7MVLZxvrtbPd13H1j8873tOs9vofTN5upAfz1z6amJu7MBYxmLy++PXxO+8t8kX5LP6DB9r3/13VO0fi0YjILuL9EfFYRDyet/2JiHgyIg4sEf9PLz/1fvfxLzEr30NZ/FPLnf9oPf/dJypnf/yu+/gL2fk/0kgdzF9ZyeffShu4lmMHAAAA/xVp4zfwSToyn07TkZHmb/h3x9a0NjM799ypmQ/PTzV/K78zBtJipmuoZT50LJ8bLvLjC/KH83njLytbGvmRyZnaVL+Dh5Lb1qH/Z/6s9Lt1wLrzvBaUl/4P5aX/Q3np/1Be+j+UV7v+/0kf2gHce77/obz0fygv/R/KS/+HUur4bHy6pkf+1z1RfGRtlPbcD4kTXb0r0o3Q5hIkqiv+YxarTGxqu6vPH0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA98m8AAAD//0Fo4Oc=")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
r0 = openat2$dir(0xffffff9c, &(0x7f00000000c0)='./file0/file1\x00', &(0x7f0000000140)={0x40, 0x110, 0x2}, 0x18)
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f00000001c0)=ANY=[])

2m51.33048644s ago: executing program 3 (id=575):
r0 = socket$kcm(0x2, 0x200000000000001, 0x106)
setsockopt$sock_attach_bpf(r0, 0x1, 0x7, &(0x7f0000000340), 0x4)
sendmsg$inet(r0, &(0x7f0000000080)={&(0x7f0000000000)={0x2, 0x4001, @local}, 0x10, 0x0}, 0x30004001)
sendmsg(r0, &(0x7f0000000880)={0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000780)="a9", 0xfffffdef}], 0x1}, 0x0)

2m50.046481834s ago: executing program 3 (id=583):
setsockopt$MRT_ADD_MFC_PROXY(0xffffffffffffffff, 0x0, 0xd2, &(0x7f0000000040)={@dev={0xac, 0x14, 0x14, 0x15}, @empty, 0x2, "4f6fb4d1af0f724e6118ecfbac0200843af29708e2355d0e7ea0c543011a00", 0xfffffffc, 0x4, 0x81, 0x81}, 0x3c)
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd000280080003"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)

2m49.148954791s ago: executing program 34 (id=583):
setsockopt$MRT_ADD_MFC_PROXY(0xffffffffffffffff, 0x0, 0xd2, &(0x7f0000000040)={@dev={0xac, 0x14, 0x14, 0x15}, @empty, 0x2, "4f6fb4d1af0f724e6118ecfbac0200843af29708e2355d0e7ea0c543011a00", 0xfffffffc, 0x4, 0x81, 0x81}, 0x3c)
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000040900010073797a30000000009c000000090a010400000000000000000700000308000a40000000000900020073797a30000000000900010073797a3000000000080005400000000d58001280200001800e000100636f6e6e6c696d69740000000c0002800800014000000008200001800e000100636f6e6e6c696d69740000000c00028008000140000000001400017b090001006cdbf80789f3f947dd000280080003"], 0xe4}, 0x1, 0x0, 0x0, 0x8001}, 0x20050840)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f030041000b05d25a806c8c6394f90324fc60100000000a000200053582c137153e3704020180fc5409000c00", 0x33fe0}], 0x1}, 0x0)

1m42.78182834s ago: executing program 1 (id=1100):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000040)={[{@nobh}, {@abort}]}, 0xff, 0x258, &(0x7f0000000780)="$eJzs3T9oHmUcB/Df3fu+xiQvEnURxD8gIhoIcRNc4qIQkBBEBBUiIi5KIsQEt8TJxUFnLZm6hNKtaceSJXRpKXRK2wzpUmhDh4YO7XDlfS+BJG/6J33f3pXc5wPH3SV393uO3Pe5G3L3BFBZQxExFhG1iBiOiEZEJHs3eDefhnZWl/rXpiKy7Ks7SXu7fD23u99gRCxGxCcRsZom8Us9Yn7lu81761988Pdc4/2TK9/2F3qSO7Y2N77cPjHx15nxj+cvXbk1kcRYNPedV+8lh/ysnkS89jyKvSCSetkt4GlM/nH6aiv3r0fEe+38NyKN/I/3z+xLq4346P9H7fvv7ctvFtlWoPeyrNG6By5mQOWkEdGMJB2JiHw5TUdG8mf4a7WB9NeZ2d+Hf56Zm/6p7J4K6JVmxMbn5/rODh7I/81ann/g+Grl/+vJ5eut5e1a2a0BCvFWPmvlf/iHhQ9D/qFy5B+qS/6huo6Yf//RAceI+z9U12Py/3JZbQKK0Zn/RtlNAgri+R8qKcuyTP6hwuQfqmtv/gGAasn6yn4DGShL2f0PAAAAAAAAAAAAAAAAAADQaal/bWp3Kqrmhf8itj7LRxfprF9rj0e8+znygbvJvkFIkh4MSvL9O10eoEunSn77+pUb5da/+Ha59RemIxb/jIjRer3z+kt2rr9n9+oTft/4scsCR5QcWP/0m2LrH/Rgudz64+sR51v9z+hh/U8ab7Tnh/c/zR58Mf23+10eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMI8DAAA//84UXFU")
syz_mount_image$ext4(0x0, &(0x7f0000000080)='./file0\x00', 0x18808, 0x0, 0xf7, 0x0, 0x0)
r0 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', &(0x7f0000000080), 0x18)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000100)=@v1={0x2, @aes128, 0x4, @auto="0900000300"})

1m41.193315473s ago: executing program 1 (id=1110):
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
r1 = socket(0x2, 0x3, 0xff)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x4e26, @loopback}, 0x10)
sendfile(r1, r0, 0x0, 0xffba83)

1m39.775200441s ago: executing program 1 (id=1125):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x7, &(0x7f00000001c0)=0x8, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r1=>0x0})
sendmsg$can_raw(r0, &(0x7f0000000140)={&(0x7f0000000000)={0x1d, r1}, 0x10, &(0x7f00000005c0)={&(0x7f0000000100)=@can={{}, 0x80, 0x3, 0x4, 0x2, "07000000008000"}, 0x210}}, 0x0)

1m39.427059483s ago: executing program 1 (id=1130):
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x88, &(0x7f0000000240)={[{@nogrpid}, {@min_batch_time}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@nobarrier}, {@nodiscard}, {@test_dummy_encryption}]}, 0x3, 0x45c, &(0x7f0000000580)="$eJzs282PU1UbAPDndlq+eWdegh98qKNoJH7MMAMiCzcaTVxoYqILdDfODAQpjGHGRAjR0RhcGhIX7ojuTPwLXOnGKCsTt7o3JMSwAVnV3PbeoS1tKbW0YH+/pPSc3nNznod7T++590wDGFmT6T9JxJaI+D0ixmvVxgaTtbdrV87O/33l7HwSlcqbfyXVdlevnJ3Pm+b7bc4rxYjCZ0nsatHv8ukzx+fK5cVTWX165cT708unzzx77MTc0cWjiydnDx06sH/m+YOzz/UlzzSvqzs/Wtq949W3z78+f/j8u798l+T5N+XRJ5OdNj5RqfS5u+HaWldOivHNV0OMhe6N1YZplKrjfzzGqrWa8Xjl06EGB9xRlUqlcn/7zasV4D8siWFHAAxHfqFP73/z14CmHneFyy/WboDSvK9lr9qWYhSyNqWm+9t+moyIw6vXL6SvuDPPIQAAGvyQzn+eaTX/K0T9c6H/ZWsoExHx/4jYFhEHI2J7RNwXUW37QEQ8eJv9Ny+S3Dz/KVzqKbEupfO/F7K1rcb5Xz77i4mxrLa1mn8pOXKsvLgv+z/ZG6X1aX2mQx8/vvzbF+22Ved/payyev1C2n8+F8ziuFRc37jPwtzKXK/5Nrv8ScTOYqv8k7WVgCQidkTEzh77OPbUt7vbbauf/x5umX8HxR4DqlP5OuLJ2vFfjab8c0nn9cnpDVFe3DednxU3u/jruTfa9f+v8u+D9Phvann+r5lI6tdrl2+/j3N/fN72nubW+bc+/9clb1XL+VH6cG5l5dRMxLrktVrQ9Z/P3tg3r+ft0/z37mk9/rdl+6R97IqI9CR+KCIejohHstgfjYjHImJPh/x/funx93rPv8GGDt30JM1/oeXxXzv/m47/jcK6aP6kdWHs+E/fN3Q6cTv5p8f/QLW0N/ukm++/buLq7WwGAACAe08hIrZEUphaKxcKU1O1v+HfHpsK5aXllaePLH1wcqH2G4GJKBXyJ13jdc9DZ7Lb+rw+21Tfnz03/nJsY7U+Nb9UXhh28jDiNrcZ/6k/x4YdHXDH9WEdDbhHGf8wuox/GF3GP4yuFuN/Y/Z+cdCxAIPV6vr/8RDiAAavafxb9oMR4v4fRlc34/+dAcQBDJ7rP4yk5Y1x6x/JKyjcVIhCN42T7Npyd8Ss0H1h2N9MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/fFPAAAA//8eWuDl")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f0000020240)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000040)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x130)

1m38.583876944s ago: executing program 1 (id=1139):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
setsockopt$inet_tcp_int(r0, 0x6, 0x18, &(0x7f0000000100)=0xfefffff9, 0x4)

1m37.884892744s ago: executing program 1 (id=1144):
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f00000002c0)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
lchown(&(0x7f00000000c0)='./file1\x00', 0xee01, 0x0)
fchownat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xee00, 0x0, 0x100)

1m36.984902811s ago: executing program 35 (id=1144):
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f00000002c0)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota')
lchown(&(0x7f00000000c0)='./file1\x00', 0xee01, 0x0)
fchownat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xee00, 0x0, 0x100)

1m19.112507628s ago: executing program 0 (id=1277):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x44}, 0x1, 0x0, 0x0, 0x20040000}, 0x2000800)
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_ifreq(r0, 0x8910, &(0x7f0000000000)={'veth0_vlan\x00', @ifru_ivalue=0x4})
ioctl$sock_netdev_private(r0, 0x89f4, &(0x7f0000000000))

1m18.824755373s ago: executing program 0 (id=1281):
openat$rfkill(0xffffffffffffff9c, &(0x7f0000000400), 0x101800, 0x0)
syz_io_uring_setup(0x239, &(0x7f0000000680)={0x0, 0x405e5, 0x10100, 0x0, 0x2dd}, 0x0, 0x0)
pselect6(0x40, &(0x7f0000000100)={0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x0, 0x800, 0x0, 0x4, 0x10000000}, 0x0, &(0x7f0000001340)={0x1f, 0x0, 0x0, 0x0, 0x0, 0x6, 0xfffffffffffffffe}, 0x0, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x5400, 0x0)

1m17.81880944s ago: executing program 0 (id=1295):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f0000000400000004"], 0x48)
recvmsg$unix(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000001780)=""/4071, 0xfe7}], 0x12, 0x0, 0x0, 0x406}, 0x40020000)
sendmsg$inet(r1, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0xfffe}], 0x1}, 0x0)

1m17.5488436s ago: executing program 0 (id=1298):
syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000a80)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x7, 0xef2, &(0x7f0000000f00)="$eJzs3U9sHFf9APA363+p7cbrtr9f3ZYmoaWkDeAEJ4dyS6UIpKqqeuHeKo3bCDdEpBxaJYrLKUgcClEvRRyKmhtSOCDRCglFSEj86YEzpwouIBSkSLkQKTay8569fvGw67E9u979fKSv3755s/P9jjdyZmZn3wZgYDVWf544MVOE8MGnV0996/LSr1eWHVxb49DqzyL2miGEkZZ+kW3v87jg7q2Lp1fapawtwtzqzzQeXr659tyJEMJiOBRuhGY4eKR5+8rQS/PXPvzs8KXzL765S7sPAAAD5fqfFv763D/++NXpO9cPnAxja8vT8Xkz9ificf+xeHyfjvsbYWO/aIlWo9l6QzEa2XpD2XrDWZ7hknwj2XZGStYbbZNvqGXZZvsJAAAAe1E6r22GojG7od9ozM7eO+9f8fnUaDF77uzC/IUuFQoAAABUdvvy6k23QgghhBBCCCGE6ONYnur2FQgAAABg0KR5B9bmB8st5jMLbM/a1pqd5b/5QmPz58MOqPvfv/x7K//H7/mLAwBAdf16NJn2Kx1Hp3kM8nkEh7LnbfX4v5FtZ3iLdZbNK7hX5hssqzP/vfaqsvq3+jp2S1n9+XyYvaqs/nyezl5VVv9YzXVUVVb/vprrqKqs/gdqrqOqsvrHa66jqrL6J2quo6qy+idrrqOqsvofrLmOqsrq319zHVWV1b9Xbqstq79Zcx1VldU/XXMdVZXV/1DNdVRVVv/DNddRVVn9j9RcR7c8Gdv0eziQjbeeP+fndHvlHA8AAAAG3X/M/yd2Ja70QA07G6vv6fZAHUIIIYQQQghRJS5v/ZKBt/0BAACgz6TPBaRPvS9HaXyozfhwm/GRNuOjbcbH2owDAAAAIfzmyvxj7xfrn/Pf7nx4ad6oNP/SVucxyucj3Gr+7c57tt38e2XeMgAAAAZL8c0bS0dOffT29J3rB062nP0uxfPdNA/ocLw28Ensp/sCJrN+kc6hT27M0yhZL78+8GDZ9l7Z5o4CAADAAJuMd+g3Q9GYbTnvboZGY3Z2/Xx8JowU82cXzhyL/fT9LH+YGhlbWf712isHAAAAOrV+vr/5+X/6Ht+ZMFrMnju7MH/hXn9ybflIo/W6wNT68qL1ukAzWz5Xsvx47Kfv73xz6oHV5bOnv7vw+k7vPAAAAAyIC++8+53XFhbOfK+HH9ztjTI88GCAHnT7LxMAALDTrv396p+/f3zyt/c+/78+/136/P+h2G/Guf3+EldI9wmkzwHc93n9VzfmmSpb7/zG9ZrZekMxxrK697VsJ7TMN5ieN12Wr7lxO6Ml+SayfJNZvnyeguFs/ZRvf7Y8n58wrTeVLc/nYRzOchRZ/qcCAAAAlDv69lvnj154592vnX3rtTfOvHHm3PFjc9+Ye35u7sTc0dX7+o+23t0PAAAA7EXrN/12uxIAAAAAAAAAAAAAAAAAAAAYXHV8nVi39xEAAAAG3b8vhxAWhRBCCCFEt2M8dL8GIboaF4e7X0OPxXgP1CD6J5aX82+aBwAAANhdd29dPN3a3mex2NF8a1tr3muWYt7U/v6Znz2zEmm1my9svF4yvqPVMOjq/vcv/97K//F7O5t/X3rQ8d+/xsYNnKyW98s//uezrfkfH+4wf77/r1TLfzjLfzh0ln/5oyz/q9XyP5vlH+8w/337f75a/udi/plUz9Od5t/4+o/FNu3HAx3mP5Lt/+uh0/zZ/jc7TJj5SswPAIOo0e0Cdkk6SkjH0ROxn/Y3Hm6G/O6HrR7/N7LtDG+78o3bTcdBj8Z+Ol6azPImW61/ItvegxXrzO2Vu0rK6t+p13G3ldU/UnMdVZXVP1pzHVWV1T9Wcx1VldW/r+Y6qiqrv9Pz0G4rq3+vXFcuq3+i5jqqKqt/suY6qiqrf6v/j3dLWf37a66jqrL6p2quo6qy+iteVqtdWf3TNddRVVn9D9VcR1Vl9T9ccx1VldX/SM11dMsTsS07H07nn1NxLPWbWX9sk99lv15bAAAAgL3mXy3z/62+Z9gDcxIIIYQYvPhJD9QghOiViO9Mdb0OIYTor1he7vIFCLpqdz/NDECv8vd/sHn9B5vXf7B5/flf0j38RdZPhtqMD7cZH2kzPpqN5/9ex9qMP5xtdzlK44+0Gf+/NuP724w/uun4+qdTZ9o8/7E244+3GX+izTgAAACD4f9j6/wQAAAA+telX3zyo18dfvXW9J3rB06G0fvmnT8W+2PxvfUrsZ/Pe5+MxPf8fxD7P4/t72L7t2x9958AAADA7kvfE+P9fwAAAOhf6XtKnf8DAABA/5qOrfN/AAAA6F8Pxdb5PwAAAPSxYt/mi2Obrgs8FdtO5/UDAHrfF2L7ZGwPxPZgbL8Y23Qc8HRsv1RTfQDAzvnpt3/4/PvF+nz/x7Pxu3F5au+zeO9KQdHYOJN/+ob78dg+02E9+fcBdJo/2d9hnt3KP7XN/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA/2is/jxxYqYI4YNPr56aunTqjZVlB9fWOLT6s4i9ZghhZO15aXS9/8u44t1bF0+vtEuxXY5tEeZCEYq18fDyzbVMEyGExXAo3AjNcPBI8/aVoZfmr3342eFL5198cxd/BQAAAND3/hsAAP//MSgn5A==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20400, 0x38)
getdents64(r0, 0x0, 0x0)

1m16.854311371s ago: executing program 0 (id=1303):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f00000059c0)=ANY=[@ANYBLOB="6e6f646973636172642c6e6f636865636b706f696e745f6d657267652c616c6c6f635f6d6f64653d64656661756c742c6163746976655f6c6f67733d362c666c7573685f6d657267652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303030303235362c646973636172642c6e6f61636c2c6673796e635f6d6f64653d706f7369782c616c6c6f635f6d6f64653d64656661756c742c6e6f657874656e745f63616368652c6163746976655f6c6f67733d322c6661756c745f747970653d30303030303030303030303031363737373231342c0002d1c71f8348abae1fff96ec907a723dca530cf5aea9622c1169c27c91b4d703f02da55a70e4108d30dd0a1b6e467d05c6c0237e3772dfb37da0e9705c62c7f6dc21ef782f52303a65f3196af86a3d58c8bfb0ef60c974b0e0b44af5ce33f407facb3838bd4bf9b7a99d612518ac3ddddf95b10ead9f78580da79051b5011a94bc44336ebf9378b479860af435366b6d4cdb9c5ffd949b52f82ac9c92de853"], 0x5, 0x5505, &(0x7f0000000340)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000540)='mounts\x00')
read$FUSE(r0, &(0x7f0000000b00)={0x2020}, 0x2020)

1m15.728435107s ago: executing program 0 (id=1311):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7910109800f37538e486dd6317ce8102033a00fe08000e40000200875a65969ff57b00ff"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x4, &(0x7f0000000000)='%', 0x0, 0xd01, 0x80040000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1m15.277914812s ago: executing program 36 (id=1311):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x94)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000000)=ANY=[@ANYBLOB="8fedcb7910109800f37538e486dd6317ce8102033a00fe08000e40000200875a65969ff57b00ff"], 0xfdef)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x5, 0xb68, 0x4, &(0x7f0000000000)='%', 0x0, 0xd01, 0x80040000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

50.926243863s ago: executing program 8 (id=1527):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB="0b0000008000000001000000ffff000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, 0x0, &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0xca, r0}, 0x38)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000005c0)={r0, &(0x7f0000000080), &(0x7f00000004c0)=""/234}, 0x20)

50.618461855s ago: executing program 8 (id=1529):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$cramfs(&(0x7f00000001c0), &(0x7f0000000180)='./file2\x00', 0x10080, &(0x7f00000006c0)=ANY=[@ANYRES16=0x0], 0x2, 0x15c, &(0x7f0000000440)="$eJzskL9rGmEch5/Xu2p/aD2oBduhLXToUbHqCd1K0VKpUHvQ4tKhFOqVFrSKQnE0gWwZ8gc4JBEyiUPImCExWQwKIfk7hAyBjAnvvZeQrJnfZznu+Xx4v9/3/fhuZmOBgeJDs9Fqe52OV3vx1a2Uvm1ubT+UPoLFXb/RaLVluab6OwX4I78mzBeU3ovB7791782vZl3+zwtgA8UH0ofIorr3pUuorgic/RLGj5VzrpyAnpxW9/KBe2pCMa568rzzNXgFZgjlcsAp0O2nRsODL9NJOf1644fBUjn1/JEAOe/SP/OWndKTQTRpUPX21/1rdvvHmUn6MDMaHs2mlc9uxZ3lHedtPpvL3gueqreC+Sn6H76Lm3PCYaAKiwL6AoZ+Pt+Nx4Dx6pnbiEcSwMk/C4RMRJDAtUTu8TN5Z/A+YYUwbH9ljUaj0Wg0Go1Go9FobsVFAAAA//+2gWAw")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

50.020032037s ago: executing program 8 (id=1531):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x118)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x2, &(0x7f0000000140)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
utime(&(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)={0x6, 0x1})

48.888400302s ago: executing program 8 (id=1536):
syz_mount_image$xfs(&(0x7f0000009700), &(0x7f0000009740)='./file0\x00', 0x4000000, &(0x7f00000000c0)={[{@filestreams}, {@usrquota}, {@noalign}, {@pquota}, {@inode32}, {@discard}, {@prjquota}, {@usrquota}, {@gquota}, {@nolargeio}]}, 0x1, 0x975c, &(0x7f000001c600)="$eJzs/QWcbXWhuP/PgUM3giBSUmKSEqJIhyJKihKCtKSACCgdSqigCCjd3d2d0t3d3R3/14EDKj5wvd/f/V+8Ps/zYmbPjlnz2Z/3Wou9Z83Ze6n5FptrYGDMgfd6//RvXbTbvcstPtpC6528y+Bb9t5x4SeGXjz8eydjzTH0dM6hp3MNDAwMGrqcQe9dNnj2k04eZmDwwJD//taoI408zKgDAyMPPTt0OQMzv3cyyiHv3+6dD8UDnXTIj9vhvY93G23IQoZ8sczyb609MDAw4t99/5BxTftPd1TaUnPOP9/frD5wG2bo1YP+dt27p4Pf+xjlgIGBUfYb+Oj1Y8hth/u77/3fbMjPHHPygSXu/QR+9v+5lppz/gU/5D9kWxx26GUzD9nGP7wNGvvwer7jYms8NnQKBw2duMF/t718Euv9/1NLzTnfQgMfvR0PLDzvpo++8+5+c/A8AwOD5x0YGDzfwMDg+T9pj/qf6RNd+aqqquoTac65ZhjynH2YDz0eGPH9x7X0uPCyN6d7cGBg8MLvPU8cvPz7zwWrqqqqqqqq6t+zOeeaYW54/j/mxz3/n/TMbcbq+X9VVVVVVVXV/50WnHOuGYY81//Q8//xP+75/7OPH33we3/7P8fM733X25/snaiqqqqqqqqqj22+BfH5/6Qf9/z/ipMmvbrn/1VVVVVVVVX/d1r0nXfe2fzvXmdv6MVTv389Pf8/+5G7l/3EBlxVVVVVVVVV/+3efuqMc/72mu8TD3zo9d7fbejvBQYdd961135iA/33aNA//z5ki096TP9fG+I84hGTDgysvcQnPZT6BPo/81r19f+X8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/cR9x/P+D1/8/+4QV338v+M9POcOtZ/ztO9997//BCy/41Jaf0NA/if5Tj/8PrD5oYGCo75irDwwMLDznootPPTAwcMatM0w5xcAH180y5LrZxh723TeIf/+ficw7Fi94i8neOx2yogyM88Eyjnt3+Qu+s/+wgz40iL9rrFMOPni1pV6Z8cOnU330/Rjmg69GO/nx9/8tyzAfutGIH/HN7y///fvyYeehY596yNin2WCtdadZf+NNvrL6WiusuvKqK6896/QzTTfjrLPONNM0q6y+5srTvvf5o+Zs0nc/z/2vzNmoH56zp+b8+zn78H37qDmb9OPn7N0l7nr5iN96f84G/zfnbO6Pn7NJVx/6g8aaY7iB5d+dm0EDA2PNM9zARkPOTDfCwMBY8w697fhDbvuNsYcZGNj5b3d0yFcjfLAODtpiyG2Wmm+xud7bTQ0M/O30b33E+9kPP3Tkcww9nXPo6Vzv/ZgxB/62Kg6e/aSThxkyF/8wHaOONPIwow4MjDz07NDlDMz63snIZ75/u494n/UPDfTdl1nZ4b2PdxttYGBglCFfTLzC2dsOmfr/hfdp/3/6//8/ec0y6IP1cdDQj6G3ec9rzvkX/NvPencahszdsEMvm3mIyf/wW9v/Q/803klHHJj0Y8b7Ma+L8260fq15xrhb/U+9Lg6Nd/yPGe/HvI7vR453yQf3eOy9Rf2PjfdD+7qF3v08x7+yrxv4+H3dsLSAla+a6MP7uu989BD/YXf5/hyN8KEbfdS+bvy9JtliyPLn+Ph93UJDxj7cP+zrhhkYGGvu9/d1Q3Z88w03sPOQM9MPOTP/cAOHDTkzw7tnRho4b8iZr664zporDblggX9eD6Ye9A9/oAnb2Xwf2s4G/d19H/Shv+8c/N7pKAe8/x5OH7HfHDT0bv2X+wpab8f8mPF+zPtP4TwPuWyl40cc93/q/adovCN+/Hg/6v2yP3K8O7189r3/w+P9YDsb7u+ma4F/ZTub9B+3syF3cdi/2zL+1cdhK8Ht3/t6/A+WtuFmj3/wmGK4Dy33v3pMscDHb2djrv6h79t+v4FBHzc38/8rczPhP+2Dtvz7uflXH29NPfl71w/7MXMzwqzLTfX+3Az/35yb+f+7czPHwLD/ODeDB+YdGBiYYuj+Yb5/ZW7G//i5+VfXm5Hh9u99vfIHF82z4xGXvD83H56L/2pu5vvvzs2kH6w3U7x73WTDDAw//MBGK2ywwXrTvff5/bPTv/f547fBef6VuRzzf2YuJxj8UXP5t1V11AevPuC/2Ab/aZ/+/vLn+e/O5cAHczmw+oc3lvp3rd//ucvfXf7u8neXv7v83eUv7iOO/3/w+v+7jznbLkN/uTHc1ZOMt90nPd5PuP/o4/9Dff/h+P92401y9TADH1z3scdn37vNv+Xx2ZnfOxnlkPdv9+HjgzzQjz4+u9+sM2/zv3R89v+p97fVf+H3cO3/3eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/uI+4vj/tO//HcAj0y3y/NADocM9sfXSi3zS4/2E+48+/j/U9x+O/y+y9NZPDDPwwXUfe/z/vds4jv/f/8Z8O/07H/9/f1vt+H/9F+XvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/uI+4vj/HO//HcDRR++xyft/D3DjWDuc8UmP9xPuP/X4f+//7639v7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y1/c0OP/Ax96e8vvt15gcPz//3Yf4b9I/pjFf9H8MYv/YvljFv/F88cs/kvkj1n8l8wfs/j/IH/M4r9U/pjF/4f5Yxb/H+WPWfyXzh+z+C+TP2bxXzZ/zOK/XP6Yxf/H+WMW/+Xzxyz+K+SPWfx/kj9m8V8xf8ziv1L+mMV/5fwxi/8q+WMW/1Xzxyz+q+WPWfxXzx+z+P80f8ziv0b+mMV/zfwxi/9a+WMW/7Xzxyz+6+SPWfzXzR+z+P8sf8ziv17+mMV//fwxi/8G+WMW/5/nj1n8N8wfs/j/In/M4r9R/pjFf+P8MYv/JvljFv9f5o9Z/H+VP2bx3zR/zOK/Wf6YxX/z/DGL/xb5Yxb/LfPHLP5b5Y9Z/LfOH7P4b5M/ZvHfNn/M4r9d/pjF/9f5Yxb/3+SPWfy3zx+z+O+QP2bx3zF/zOK/U/6Yxf+3+WMW/9/lj1n8f58/ZvHfOX/M4r9L/pjF/w/5Yxb/P+aPWfx3zR+z+P8pf8ziv1v+mMV/9/wxi/8e+WMW/z/nj1n8/5I/ZvHfM3/M4r9X/pjFf+/8MYv/PvljFv9988cs/vvlj1n8988fs/gfkD9m8T8wf8zif1D+mMX/4Pwxi/8h+WMW/0Pzxyz+h+WPWfwPzx+z+B+RP2bxPzJ/zOJ/VP6Yxf/o/DGL/zH5Yxb/Y/PHLP7H5Y9Z/I/PH7P4n5A/ZvE/MX/M4n9S/pjF/+T8MYv/KfljFv9T88cs/qflj1n8T88fs/ifkT9m8T8zf8zif1b+mMX/7Pwxi/85+WMW/3Pzxyz+5+WPWfzPzx+z+F+QP2bxvzB/zOJ/Uf6Yxf/i/DGL/yX5Yxb/S/PHLP6X5Y9Z/C/PH7P4X5E/ZvH/a/6Yxf/K/DGL/1X5Yxb/q/PHLP7X5I9Z/K/NH7P4X5c/ZvG/Pn/M4n9D/pjF/8b8MYv/TfljFv+b88cs/rfkj1n8b80fs/jflj9m8b89f8zif0f+mMX/zvwxi/9d+WMW/7vzxyz+9+SPWfzvzR+z+N+XP2bxvz9/zOL/QP6Yxf/B/DGL/0P5Yxb/h/PHLP6P5I9Z/B/NH7P4P5Y/ZvF/PH/M4v9E/pjF/8n8MYv/U/ljFv+n88cs/s/kj1n8n80fs/g/lz9m8X8+f8zi/0L+mMX/xfwxi/9L+WMW/5fzxyz+r+SPWfxfzR+z+L+WP2bxfz1/zOL/Rv6Yxf/N/DGL/1v5Yxb/t/PHLP7v5I9J/AcN5I9Z/Aflj1n8h8kfs/gPmz9m8R+cP2bxHy5/zOI/fP6YxX+E/DGL/4j5Yxb/kfLHLP4j549Z/EfJH7P4j5o/ZvEfLX/M4j96/pjFf4z8MYv/mPljFv+x8scs/mPnj1n8P5U/ZvEfJ3/M4j9u/pjF/9P5Yxb/8fLHLP7j549Z/D+TP2bxnyB/zOL/2fwxi/+E+WMW/4nyxyz+E+ePWfwnyR+z+E+aP2bx/1z+mMV/svf9R/yExvVvmsV/8rZ/zOI/Rf6YxX/K/DGL/1T5Yxb/z+ePWfynzh+z+H8hf8zi/8X8MYv/l/LHLP5fzh+z+H8lf8zi/9X8MYv/NPljFv9p88cs/tPlj1n8p88fs/jPkD9m8Z8xf8zi/7X8MYv/TPljFv+Z88cs/rPkj1n8Z80fs/h/PX/M4j9b/pjF/xv5Yxb/b+aPWfxnzx+z+H8rf8ziP0f+mMV/zvwxi/9c+WMW/7nzxyz+8+SPWfznzR+z+M+XP2bxnz9/zOK/QP6YxX/B/DGL/7fzxyz+38kfs/gvlD9m8f9u/pjFf+H8MYv/9/LHLP7fzx+z+C+SP2bxXzR/zOK/WP6YxX/x/DGL/xL5Yxb/JfPHLP4/yB+z+C+VP2bx/2H+mMX/R/ljFv+l88cs/svkj1n8l80fs/gvlz9m8f9x/pjFf/n8MYv/CvljFv+f5I9Z/FfMH7P4r5Q/ZvFfOX/M4r9K/pjFf9X8MYv/avljFv/V88cs/j/NH7P4r5E/ZvFfM3/M4r9W/pjFf+38MYv/OvljFv9188cs/j/LH7P4r5c/ZvFfP3/M4r9B/pjF/+f5Yxb/DfPHLP6/yB+z+G+UP2bx3zh/zOK/Sf6Yxf+X+WMW/1/lj1n8N80fs/hvlj9m8d88f8ziv0X+mMV/y/wxi/9W+WMW/63zxyz+2+SPWfy3zR+z+G+XP2bx/3X+mMX/N/ljFv/t88cs/jvkj1n8d8wfs/jvlD9m8f9t/pjF/3f5Yxb/3+ePWfx3zh+z+O+SP2bx/0P+mMX/j/ljFv9d88cs/n/KH7P475Y/ZvHfPX/M4r9H/pjF/8/5Yxb/v+SPWfz3zB+z+O+VP2bx3zt/zOK/T/6YxX/f/DGL/375Yxb//fPHLP4H5I9Z/A/MH7P4H5Q/ZvE/OH/M4n9I/pjF/9B/9H/4f31c/6ZZ/A9r+8cs/ofnj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/mPwxi/+x+WMW/+Pyxyz+x+ePWfxPyB+z+J+YP2bxPyl/zOJ/cv6Yxf+U/DGL/6n5Yxb/0/LHLP6n549Z/M/IH7P4n5k/ZvE/K3/M4n92/pjF/5z8MYv/ufljFv/z8scs/ufnj1n8L8gfs/hfmD9m8b8of8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+T+L9b/v+cxH/QlfljFv+r8scs/lfnj1n8r8kfs/hfmz9m8b8uf8zif33+mMX/hvwxi/+N+WMW/5vyxyz+N+ePWfxvyR+z+N+aP2bxvy1/zOJ/e/6Yxf+O/DGL/535Yxb/u/LHLP53549Z/O/JH7P435s/ZvG/L3/M4n9//pjF/4H8MYv/g/ljFv+H8scs/g/nj1n8H8kfs/g/mj9m8X8sf8zi/3j+mMX/ifwxi/+T+WMW/6fyxyz+T+ePWfyfyR+z+D+bP2bxfy5/zOL/fP6Yxf+F/DGL/4v5Yxb/l/LHLP4v549Z/F/JH7P4v5o/ZvF/Lf/h6UKL/+v5Yxb/N/LHLP5v5o9Z/N/KH7P4v50/ZvF/J39M4v/ul/n/cxb/QfljFv9h8scs/sPmj1n8B+ePWfyHyx+z+A+fP2bxHyF/zOI/Yv6YxX+k/DGL/8j5Yxb/UfLHLP6j5o9Z/EfLH7P4j54/ZvEfI3/M4j9m/pjFf6z8MYv/2PljFv9P5Y9Z/MfJH7P4j5s/ZvH/dP6YxX+8/DGL//j5Yxb/z+SPWfwnyB+z+H82f8ziP2H+mMV/ovwxi//E+WMW/0nyxyz+k+aPWfw/lz9m8Z8sf8ziP3n+mMV/ivwxi/+U+WMW/6nyxyz+n88fs/hPnT9m8f9C/pjF/4v5Yxb/L+WPWfy/nD9m8f9K/pjF/6v5Yxb/afLHLP7T5o8Numi34QYGBv7j/afLH7Ns/9Pnj1n8Z8gfs/jPmD9m8f9a/pjFf6b8MYv/zPljFv9Z8scs/rPmj1n8v54/ZvGfLX/M4v+N/DGL/zfzxyz+s+ePWfy/lT9m8Z8jf8ziP2f+mMV/rvwxi//c+WMW/3nyxyz+8+aPWfznyx+z+M+fP2bxXyB/zOK/YP6Yxf/b+WMW/+/kj1n8F8ofs/h/N3/M4r9w/pjF/3v5Yxb/7+ePWfwXyR+z+C+aP2bxXyx/zOK/eP6YxX+J/DGL/5L5Yxb/H+SPWfyXyh+z+P8wf8zi/6P8MYv/0vljFv9l8scs/svmj1n8l8sfs/j/OH/M4r98/pjFf4X8MYv/T/LHLP4r5o9Z/FfKH7P4r5w/ZvFfJX/M4r9q/pjFf7X8MYv/6vljFv+f5o9Z/NfIH7P4r5k/ZvFfK3/M4r92/pjFf538MYv/uvljFv+f5Y9Z/NfLH7P4r58/ZvHfIH/M4v/z/DGL/4b5Yxb/X+SPWfw3yh+z+G+cP2bx3yR/zOL/y/wxi/+v8scs/pvmj1n8N8sfs/hvnj9m8d8if8ziv2X+mMV/q/wxi//W+WMW/23yxyz+2+aPWfy3yx+z+P86f8zi/5v8MYv/9vljFv8d8scs/jvmj1n8d8ofs/j/Nn/M4v+7/DGL/+/zxyz+O+ePWfx3yR+z+P8hf8zi/8f8MYv/rvljFv8/5Y9Z/HfLH7P4754/ZvHfI3/M4v/n/DGL/1/yxyz+e+aPWfz3yh+z+O+dP2bx3yd/zOK/b/6YxX+//DGL//75Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bxPyV/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/hfmj1n8L8ofs/hfnD9m8b8kf8zif2n+mMX/svwxi//l+WMW/yvyxyz+f80fs/hfmT9m8b8qf8zif3X+mMX/mvwxi/+1+WMW/+vyxyz+1+ePWfxvyB+z+N+YP2bxvyl/zOJ/c/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/O/IH7P435k/ZvG/K3/M4n93/pjF/578MYv/vfljFv/78scs/vfnj1n8H8gfs/g/mD9m8X8of8zi/3D+mMX/kfwxi/+j+WMW/8fyxyz+j+ePWfyfyB+z+D+ZP2bxfyp/zOL/dP6Yxf+Z/DGL/7P5Yxb/5/LHLP7P549Z/F/IH7P4v5g/ZvF/KX/M4v9y/pjF/5X8MYv/q/ljFv/X8scs/q/nj1n838gfs/i/mT9m8X8rf8zi/3b+mMX/nfwxif+wA/ljFv9B+WMW/2Hyxyz+w+aPWfwH549Z/IfLH7P4D58/ZvEfIX/M4j9i/pjFf6T8MYv/yPljFv9R8scs/qPmj1n8R8sfs/iPnj9m8R8jf8ziP2b+mMV/rPwxi//Y+WMW/0/lj1n8x8kfs/iPmz9m8f90/pjFf7z8MYv/+PljFv/P5I9Z/CfIH7P4fzZ/zOI/Yf6YxX+i/DGL/8T5Yxb/SfLHLP6T5o9Z/D+XP2bxnyx/zOI/ef6YxX+K/DGL/5T5Yxb/qfLHLP6fzx+z+E+dP2bx/0L+mMX/i/ljFv8v5Y9Z/L+cP2bx/0r+mMX/q/ljFv9p8scs/tPmj1n8p8sfs/hPnz9m8Z8hf8ziP2P+mMX/a/ljFv+Z8scs/jPnj1n8Z8kfs/jPmj9m8f96/pjFf7b8MYv/N/LHLP7fzB+z+M+eP2bx/1b+mMV/jvwxi/+c+WMW/7nyxyz+c+ePWfznyR+z+M+bP2bxny9/zOI/f/6YxX+B/DGL/4L5Yxb/b+ePWfy/kz9m8V8of8zi/938MYv/wvljFv/v5Y9Z/L+fP2bxXyR/zOK/aP6YxX+x/DGL/+L5Yxb/JfLHLP5L5o9Z/H+QP2bxXyp/zOL/w/wxi/+P8scs/kvnj1n8l8kfs/gvmz9m8V8uf8zi/+P8MYv/8vljFv8V8scs/j/JH7P4r5g/ZvFfKX/M4r9y/pjFf5X8MYv/qvljFv/V8scs/qvnj1n8f5o/ZvFfI3/M4r9m/pjFf638MYv/2vljFv918scs/uvmj1n8f5Y/ZvFfL3/M4r9+/pjFf4P8MYv/z/PHLP4b5o9Z/H+RP2bx3yh/zOK/cf6YxX+T/DGL/y/zxyz+v8ofs/hvmj9m8d8sf8ziv3n+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfy3yR+z+G+bP2bx3y5/zOL/6/wxi/9v8scs/tvnj1n8d8gfs/jvmD9m8d8pf8zi/9v8MYv/7/LHLP6/zx+z+O+cP2bx3yV/zOL/h/wxi/8f88cs/rvmj1n8/5Q/ZvHfLX/M4r97/pjFf4/8MYv/n/PHLP5/yR+z+O+ZP2bx3yt/zOK/d/6YxX+f/DGL/775Yxb//fLHLP77549Z/A/IH7P4H5g/ZvE/KH/M4n9w/pjF/5D8MYv/ofljFv/D8scs/ofnj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/mPwxi/+x+WMW/+Pyxyz+x+ePWfxPyB+z+J+YP2bxPyl/zOJ/cv6Yxf+U/DGL/6n5Yxb/0/LHLP6n549Z/M/IH7P4n5k/ZvE/K3/M4n92/pjF/5z8MYv/ufljFv/z8scs/ufnj1n8L8gfs/hfmD9m8b8of8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+z+P81f8zif2X+mMX/qvwxi//V+WMW/2vyxyz+1+aPWfyvyx+z+F+fP2bxvyF/zOJ/Y/6Yxf+m/DGL/835Yxb/W/LHLP635o9Z/G/LH7P4354/ZvG/I3/M4n9n/pjF/678MYv/3fljFv978scs/vfmj1n878sfs/jfnz9m8X8gf8zi/2D+mMX/ofwxi//D+WMW/0fyxyz+j+aPWfwfyx+z+D+eP2bxfyJ/zOL/ZP6Yxf+p/DGL/9P5Yxb/Z/LHLP7P5o9Z/J/LH7P4P58/ZvF/IX/M4v9i/pjF/6X8MYv/y/ljFv9X8scs/q/mj1n8X8sfs/i/nj9m8X8jf8zi/2b+mMX/rfwxi//b+WMW/3fyxyT+gwfyxyz+g/LHLP7D5I9Z/IfNH7P4D84fs/gPlz9m8R8+f8ziP0L+mMV/xPwxi/9I+WMW/5Hzxyz+o+SPWfxHzR+z+I+WP2bxHz1/zOI/Rv6YxX/M/DGL/1j5Yxb/sfPHLP6fyh+z+I+TP2bxHzd/zOL/6fwxi/94+WMW//Hzxyz+n8kfs/hPkD9m8f9s/pjFf8L8MYv/RPljFv+J88cs/pPkj1n8J80fs/h/Ln/M4j9Z/pjFf/L8MYv/FPljFv8p88cs/lPlj1n8P58/ZvGfOn/M4v+F/DGL/xfzxyz+X8ofs/h/OX/M4v+V/DGL/1fzxyz+0+SPWfynzR+z+E+XP2bxnz5/zOI/Q/6YxX/G/DGL/9fyxyz+M+WPWfxnzh+z+M+SP2bxnzV/zOL/9fwxi/9s+WMW/2/kj1n8v5k/ZvGfPX/M4v+t/DGL/xz5Yxb/OfPHLP5z5Y9Z/OfOH7P4z5M/ZvGfN3/M4j9f/pjFf/78MYv/AvljFv8F88cs/t/OH7P4fyd/zOK/UP6Yxf+7+WMW/4Xzxyz+38sfs/h/P3/M4r9I/pjFf9H8MYv/YvljFv/F88cs/kvkj1n8l8wfs/j/IH/M4r9U/pjF/4f5Yxb/H+WPWfyXzh+z+C+TP2bxXzZ/zOK/XP6Yxf/H+WMW/+Xzxyz+K+SPWfx/kj9m8V8xf8ziv1L+mMV/5fwxi/8q+WMW/1Xzxyz+q+WPWfxXzx+z+P80f8ziv0b+mMV/zfwxi/9a+WMW/7Xzxyz+6+SPWfzXzR+z+P8sf8ziv17+mMV//fwxi/8G+WMW/5/nj1n8N8wfs/j/In/M4r9R/pjFf+P8MYv/JvljFv9f5o9Z/H+VP2bx3zR/zOK/Wf6YxX/z/DGL/xb5Yxb/LfPHLP5b5Y9Z/LfOH7P4b5M/ZvHfNn/M4r9d/pjF/9f5Yxb/3+SPWfy3zx+z+O+QP2bx3zF/zOK/U/6Yxf+3+WMW/9/lj1n8f58/ZvHfOX/M4r9L/pjF/w/5Yxb/P+aPWfx3zR+z+P8pf8ziv1v+mMV/9/wxi/8e+WMW/z/nj1n8/5I/ZvHfM3/M4r9X/pjFf+/8MYv/PvljFv9988cs/vvlj1n8988fs/gfkD9m8T8wf8zif1D+mMX/4Pwxi/8h+WMW/0Pzxyz+h+WPWfwPzx+z+B+RP2bxPzJ/zOJ/VP6Yxf/o/DGL/zH5Yxb/Y/PHLP7H5Y9Z/I/PH7P4n5A/ZvE/MX/M4n9S/pjF/+T8MYv/KfljFv9T88cs/qflj1n8T88fs/ifkT9m8T8zf8zif1b+mMX/7Pwxi/85+WMW/3Pzxyz+5+WPWfzPzx+z+F+QP2bxvzB/zOJ/Uf6Yxf/i/DGL/yX5Yxb/S/PHLP6X5Y9Z/C/PH7P4X5E/ZvH/a/6Yxf/K/DGL/1X5Yxb/q/PHLP7X5I9Z/K/NH7P4X5c/ZvG/Pn/M4n9D/pjF/8b8MYv/TfljFv+b88cs/rfkj1n8b80fs/jflj9m8b89f8zif0f+mMX/zvwxi/9d+WMW/7vzxyz+9+SPWfzvzR+z+N+XP2bxvz9/zOL/QP6Yxf/B/DGL/0P5Yxb/h/PHLP6P5I9Z/B/NH7P4P5Y/ZvF/PH/M4v9E/pjF/8n8MYv/U/ljFv+n88cs/s/kj1n8n80fs/g/lz9m8X8+f8zi/0L+mMX/xfwxi/9L+WMW/5fzxyz+r+SPWfxfzR+z+L+WP2bxfz1/zOL/Rv6Yxf/N/DGL/1v5Yxb/t/PHLP7v5I9J/IcbyB+z+A/KH7P4D5M/ZvEfNn/M4j84f8ziP1z+mMV/+Pwxi/8I+WMW/xHzxyz+I+WPWfxHzh+z+I+SP2bxHzV/zOI/Wv6YxX/0/DGL/xj5Yxb/MfPHLP5j5Y9Z/MfOH7P4fyp/zOI/Tv6YxX/c/DGL/6fzxyz+4+WPWfzHzx+z+H8mf8ziP0H+mMX/s/ljFv8J88cs/hPlj1n8J84fs/hPkj9m8Z80f8zi/7n8MYv/ZPljFv/J88cs/lPkj1n8p8wfs/hPlT9m8f98/pjFf+r8MYv/F/LHLP5fzB+z+H8pf8zi/+X8MYv/V/LHLP5fzR+z+E+TP2bxnzZ/zOI/Xf6YxX/6/DGL/wz5Yxb/GfPHLP5fyx+z+M+UP2bxnzl/zOI/S/6YxX/W/DGL/9fzxyz+s+WPWfy/kT9m8f9m/pjFf/b8MYv/t/LHLP5z5I9Z/OfMH7P4z5U/ZvGfO3/M4j9P/pjFf978MYv/fPljFv/588cs/gvkj1n8F8wfs/h/O3/M4v+d/DGL/0L5Yxb/7+aPWfwXzh+z+H8vf8zi//38MYv/IvljFv9F88cs/ovlj1n8F88fs/gvkT9m8V8yf8zi/4P8MYv/UvljFv8f5o9Z/H+UP2bxXzp/zOK/TP6YxX/Z/DGL/3L5Yxb/H+ePWfyXzx+z+K+QP2bx/0n+mMV/xfwxi/9K+WMW/5Xzxyz+q+SPWfxXzR+z+K+WP2bxXz1/zOL/0/wxi/8a+WMW/zXzxyz+a+WPWfzXzh+z+K+TP2bxXzd/zOL/s/wxi/96+WMW//Xzxyz+G+SPWfx/nj9m8d8wf8zi/4v8MYv/RvljFv+N88cs/pvkj1n8f5k/ZvH/Vf6YxX/T/DGL/2b5Yxb/zfPHLP5b5I9Z/LfMH7P4b5U/ZvHfOn/M4r9N/pjFf9v8MYv/dvljFv9f549Z/H+TP2bx3z5/zOK/Q/6YxX/H/DGL/075Yxb/3+aPWfx/lz9m8f99/pjFf+f8MYv/LvljFv8/5I9Z/P+YP2bx3zV/zOL/p/wxi/9u+WMW/93zxyz+e+SPWfz/nD9m8f9L/pjFf8/8MYv/XvljFv+988cs/vvkj1n8980fs/jvlz9m8d8/f8zif0D+mMX/wPwxi/9B+WMW/4Pzxyz+h+SPWfwPzR+z+B+WP2bxPzx/zOJ/RP6Yxf/I/DGL/1H5Yxb/o/PHLP7H5I9Z/I/NH7P4H5c/ZvE/Pn/M4n9C/pjF/8T8MYv/SfljFv+T88cs/qfkj1n8T80fs/iflj9m8T89f8zif0b+mMX/zPwxi/9Z+WMW/7Pzxyz+5+SPWfzPzR+z+J+XP2bxPz9/zOJ/Qf6Yxf/C/DGL/0X5Yxb/i/PHLP6X5I9Z/C/NH7P4X5Y/ZvG/PH/M4n9F/pjF/6/5Yxb/K/PHLP5X5Y9Z/K/OH7P4X5M/ZvG/Nn/M4n9d/pjF//r8MYv/DfljFv8b88cs/jflj1n8b84fs/jfkj9m8b81f8zif1v+mMX/9vwxi/8d+WMW/zvzxyz+d+WPWfzvzh+z+N+TP2bxvzd/zOJ/X/6Yxf/+/DGL/wP5Yxb/B/PHLP4P5Y9Z/B/OH7P4P5I/ZvF/NH/M4v9Y/pjF//H8MYv/E/ljFv8n88cs/k/lj1n8n84fs/g/kz9m8X82f8zi/1z+mMX/+fwxi/8L+WMW/xfzxyz+L+WPWfxfzh+z+L+SP2bxfzV/zOL/Wv6Yxf/1/DGL/xv5Yxb/N/PHLP5v5Y9Z/N/OH7P4v5M/JvEffiB/zOI/KH/M4j9M/pjFf9j8MYv/4Pwxi/9w+WMW/+Hzxyz+I+SPWfxHzB+z+I+UP2bxHzl/zOI/Sv6YxX/U/DGL/2j5Yxb/0fPHLP5j5I9Z/MfMH7P4j5U/ZvEfO3/M4v+p/DGL/zj5Yxb/cfPHLP6fzh+z+I+XP2bxHz9/zOL/mfwxi/8E+WMW/8/mj1n8J8wfs/hPlD9m8Z84f8ziP0n+mMV/0vwxi//n8scs/pPlj1n8J88fs/hPkT9m8Z8yf8ziP1X+mMX/8/ljFv+p88cs/l/IH7P4fzF/zOL/pfwxi/+X88cs/l/JH7P4fzV/zOI/Tf6YxX/a/DGL/3T5Yxb/6fPHLP4z5I9Z/GfMH7P4fy1/zOI/U/6YxX/m/DGL/yz5Yxb/WfPHLP5fzx+z+M+WP2bx/0b+mMX/m/ljFv/Z88cs/t/KH7P4z5E/ZvGfM3/M4j9X/pjFf+78MYv/PPljFv9588cs/vPlj1n8588fs/gvkD9m8V8wf8zi/+38MYv/d/LHLP4L5Y9Z/L+bP2bxXzh/zOL/vfwxi//388cs/ovkj1n8F80fs/gvlj9m8V88f8ziv0T+mMV/yfwxi/8P8scs/kvlj1n8f5g/ZvH/Uf6YxX/p/LH/UP9BH7Iefpn8sf9Q/3f7++1/2fwxi/9y+WMW/x/nj1n8l88fs/ivkD9m8f9J/pjFf8X8sUEXDRo6M//Z/ivlj1m2/5Xzxyz+q+SPWfxXzR+z+K+WP2bxXz1/zOL/0/wxi/8a+WMW/zXzxyz+a+WPWfzXzh+z+K+TP2bxXzd/zOL/s/wxi/96+WMW//Xzxyz+G+SPWfx/nj9m8d8wf8zi/4v8MYv/RvljFv+N88cs/pvkj1n8f5k/ZvH/Vf6YxX/T/DGL/2b5Yxb/zfPHLP5b5I9Z/LfMH7P4b5U/ZvHfOn/M4r9N/pjFf9v8MYv/dvljFv9f549Z/H+TP2bx3z5/zOK/Q/6YxX/H/DGL/075Yxb/3+aPWfx/lz9m8f99/pjFf+f8MYv/LvljFv8/5I9Z/P+YP2bx3zV/zOL/p/wxi/9u+WMW/93zxyz+e+SPWfz/nD9m8f9L/pjFf8/8MYv/XvljFv+988cs/vvkj1n8980fs/jvlz9m8d8/f8zif0D+mMX/wPwxi/9B+WMW/4Pzxyz+h+SPWfwPzR+z+B+WP2bxPzx/zOJ/RP6Yxf/I/DGL/1H5Yxb/o/PHLP7H5I9Z/I/NH7P4H5c/ZvE/Pn/M4n9C/pjF/8T8MYv/SfljFv+T88cs/qfkj1n8T80fs/iflj9m8T89f8zif0b+mMX/zPwxi/9Z+WMW/7Pzxyz+5+SPWfzPzR+z+J+XP2bxPz9/zOJ/Qf6Yxf/C/DGL/0X5Yxb/i/PHLP6X5I9Z/C/NH7P4X5Y/ZvG/PH/M4n9F/pjF/6/5Yxb/K/PHLP5X5Y9Z/K/OH7P4X5M/ZvG/Nn/M4n9d/pjF//r8MYv/DfljFv8b88cs/jflj1n8b84fs/jfkj9m8b81f8zif1v+mMX/9vwxi/8d+WMW/zvzxyz+d+WPWfzvzh+z+N+TP2bxvzd/zOJ/X/6Yxf/+/DGL/wP5Yxb/B/PHLP4P5Y9Z/B/OH7P4P5I/ZvF/NH/M4v9Y/pjF//H8MYv/E/ljFv8n88cs/k/lj1n8n84fs/g/kz9m8X82f8zi/1z+mMX/+fwxi/8L+WMW/xfzHxgJLrP4v5Q/ZvF/OX/M4v9K/pjF/9X8MYv/a/ljFv/X88cs/m/kj1n838wfs/i/lT9m8X87f8zi/07+mMR/hIH8MYv/oPwxi/8w+WMW/2Hzxyz+g/PHLP7D5Y9Z/IfPH7P4j5A/ZvEfMX/M4j9S/pjFf+T8MYv/KPljFv9R88cs/qPlj1n8R88fs/iPkT9m8R8zf8ziP1b+QxvxH85Z/MfOH7P4fyp/zOI/Tv6YxX/c/DGL/6fzxyz+4+WPWfzHzx+z+H8mf8ziP0H+mMX/s/ljFv8J88cs/hPlj1n8J84fs/hPkj9m8Z80f8zi/7n8MYv/ZPljFv/J88cs/lPkj1n8p8wfs/hPlT9m8f98/pjFf+r8MYv/F/LHLP5fzB+z+H8pf8zi/+X8MYv/V/LHLP5fzR+z+E+TP2bxnzZ/zOI/Xf6YxX/6/DGL/wz5Yxb/GfPHLP5fyx+z+M+UP2bxnzl/zOI/S/6YxX/W/DGL/9fzxyz+s+WPWfy/kT9m8f9m/pjFf/b8MYv/t/LHLP5z5I9Z/OfMH7P4z5U/ZvGfO3/M4j9P/pjFf978MYv/fPljFv/588cs/gvkj1n8F8wfs/h/O3/M4v+d/DGL/0L5Yxb/7+aPWfwXzh+z+H8vf8zi//38MYv/IvljFv9F88cs/ovlj1n8F88fs/gvkT9m8V8yf8zi/4P8MYv/UvljFv8f5o9Z/H+UP2bxXzp/zOK/TP6YxX/Z/DGL/3L5Yxb/H+ePWfyXzx+z+K+QP2bx/0n+mMV/xfwxi/9K+WMW/5Xzxyz+q+SPWfxXzR+z+K+WP2bxXz1/zOL/0/wxi/8a+WMW/zXzxyz+a+WPWfzXzh+z+K+TP2bxXzd/zOL/s/wxi/96+WMW//Xzxyz+G+SPWfx/nj9m8d8wf8zi/4v8MYv/RvljFv+N88cs/pvkj1n8f5k/ZvH/Vf6YxX/T/DGL/2b5Yxb/zfPHLP5b5I9Z/LfMH7P4b5U/ZvHfOn/M4r9N/pjFf1v0b42w+G+XNmbx/3X+mMX/N/ljFv/t88cs/jvkj1n8d3zP/613Pqlx/Ztm8d+p7R+z+P82f8zi/7v8MYv/7/PHLP47549Z/HfJH7P4/yF/zOL/x/wxi/+u+WMW/z/lj1n8d8sfs/jvnj9m8d8jf8zi/+f8MYv/X/LHLP575o9Z/PfKH7P4750/ZvHfJ3/M4r9v/pjFf7/8MYv//vljFv8D8scs/gfmj1n8D8ofs/gfnD9m8T8kf8zif2j+mMX/sPwxi//h+WMW/yPyxyz+R+aPWfyPyh+z+B+dP2bxPyZ/zOJ/bP6Yxf+4/DGL//H5Yxb/E/LHLP4n5o9Z/E/KH7P4n5w/ZvE/JX/M4n9q/pjF/7T8MYv/6fljFv8z8scs/mfmj1n8z8ofs/ifnT9m8T8nf8zif27+mMX/vPwxi//5+WMW/wvyxyz+F+aPWfwvyh+z+F+cP2bxvyR/zOJ/af6Yxf+y/DGL/+X5Yxb/K/LHLP5/zR+z+F+ZP2bxvyp/zOJ/df6Yxf+a/DGL/7X5Yxb/6/LHLP7X549Z/G/IH7P435g/ZvG/KX/M4n9z/pjF/5b8MYv/rfljFv/b8scs/rfnj1n878gfs/jfmT9m8b8rf8zif3f+mMX/nvwxi/+9+WMW//vyxyz+9+ePWfwfyB+z+D+YP2bxfyh/zOL/cP6Yxf+R/DGL/6P5Yxb/x/LHLP6P549Z/J/IH7P4P5k/ZvF/Kn/M4v90/pjF/5n8MYv/s/ljFv/n8scs/s/nj1n8X8gfs/i/mD9m8X8pf8zi/3L+mMX/lfwxi/+r+WMW/9fyxyz+r+ePWfzfyB+z+L+ZP2bxfyt/zOL/dv6Yxf+d/DGJ/4gD+WMW/0H5Yxb/YfLHLP7D5o9Z/Afnj1n8h8sfs/gPnz9m8R8hf8ziP2L+mMV/pPwxi//I+WMW/1Hyxyz+o+aPWfxHyx+z+I+eP2bxHyN/zOI/Zv6YxX+s/DGL/9j5Yxb/T+WPWfzHyR+z+I+bP2bx/3T+mMV/vPwxi//4+WMW/8/kj1n8J8gfs/h/Nn/M4j9h/pjFf6L8MYv/xPljFv9J8scs/pPmj1n8P5c/ZvGfLH/M4j95/pjFf4r8MYv/lPljFv+p8scs/p/PH7P4T50/ZvH/Qv6Yxf+L+WMW/y/lj1n8v5w/ZvH/Sv6Yxf+r+WMW/2nyxyz+0+aPWfynyx+z+E+fP2bxnyF/zOI/Y/6Yxf9r+WMW/5nyxyz+M+ePWfxnyR+z+M+aP2bx/3r+mMV/tvwxi/838scs/t/MH7P4z54/ZvH/Vv6YxX+O/DGL/5z5Yxb/ufLHLP5z549Z/OfJH7P4z5s/ZvGfL3/M4j9//pjFf4H8MYv/gvljFv9v549Z/L+TP2bxXyh/zOL/3fwxi//C+WMW/+/lj1n8v58/ZvFfJH/M4r9o/pjFf7H8MYv/4vljFv8l8scs/kvmj1n8f5A/ZvFfKn/M4v/D/DGL/4/yxyz+S+ePWfyXyR+z+C+bP2bxXy5/zOL/4/wxi//y+WMW/xXyxyz+P8kfs/ivmD9m8V8pf8ziv3L+mMV/lfwxi/+q+WMW/9Xyxyz+q+ePWfx/mj9m8V8jf8ziv2b+mMV/rfwxi//a+WMW/3Xyxyz+6+aPWfx/lj9m8V8vf8ziv37+mMV/g/wxi//P88cs/hvmj1n8f5E/ZvHfKH/M4r9x/pjFf5P8MYv/L/PHLP6/yh+z+G+aP2bx3yx/zOK/ef6YxX+L/DGL/5b5Yxb/rfLHLP5b549Z/LfJH7P4b5s/ZvHfLn/M4v/r/DGL/2/yxyz+2+ePWfx3yB+z+O+YP2bx3yl/zOL/2/wxi//v8scs/r/PH7P475w/ZvHfJX/M4v+H/DGL/x/zxyz+u+aPWfz/lD9m8d8tf8ziv3v+mMV/j/wxi/+f88cs/n/JH7P475k/ZvHfK3/M4r93/pjFf5/8MYv/vvljFv/98scs/vvnj1n8D8gfs/gfmD9m8T8of8zif3D+mMX/kPwxi/+h+WMW/8Pyxyz+h+ePWfyPyB+z+B+ZP2bxPyp/zOJ/dP6Yxf+Y/DGL/7H5Yxb/4/LHLP7H549Z/E/IH7P4n5g/ZvE/KX/M4n9y/pjF/5T8MYv/qfljFv/T8scs/qfnj1n8z8gfs/ifmT9m8T8rf8zif3b+mMX/nPwxi/+5+WMW//Pyxyz+5+ePWfwvyB+z+F+YP2bxvyh/zOJ/cf6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/K/IH7P4/zV/zOJ/Zf6Yxf+q/DGL/9X5Yxb/a/LHLP7X5o9Z/K/LH7P4X58/ZvG/IX/M4n9j/pjF/6b8MYv/zfljFv9b8scs/rfmj1n8b8sfs/jfnj9m8b8jf8zif2f+mMX/rvwxi//d+WMW/3vyxyz+9+aPWfzvyx+z+N+fP2bxfyB/zOL/YP6Yxf+h/DGL/8P5Yxb/R/LHLP6P5o9Z/B/LH7P4P54/ZvF/In/M4v9k/pjF/6n8MYP/oMEDIz6dP2bwH7L9P5M/ZvF/Nn/M4v9c/pjF//n8MYv/C/ljFv8X88cs/i/lj1n8X84fs/i/kj9m8X81f8zi/1r+mMX/9fwxi/8b+WMW/zfzxyz+b+WPWfzfzh+z+L+TPybxH2kgf8ziPyh/zOI/TP6YxX/Y/DGL/+D8MYv/cPljFv/h88cs/iPkj1n8R8wfs/iPlD9m8R85f8ziP0r+mMV/1Pwxi/9o+WMW/9Hzxyz+Y+SPWfzHzB+z+I+VP2bxHzt/zOL/qfwxi/84+WMW/3Hzxyz+n84fs/iPlz9m8R8/f8zi/5n8MYv/BPljFv/P5o9Z/CfMH7P4T5Q/ZvGfOH/M4j9J/pjFf9L8MYv/5/LHLP6T5Y9Z/CfPH7P4T5E/ZvGfMn/M4j9V/pjF//P5Yxb/qfPHLP5fyB+z+H8xf8zi/6X8MYv/l/PHLP5fyR+z+H81f8ziP03+mMV/2oGBzT+pIf07Z/Gfru0fs/hPnz9m8Z8hf8ziP2P+mMX/a/ljFv+Z8scs/jPnj1n8Z8kfs/jPmj9m8f96/pjFf7b8MYv/N/LHLP7fzB+z+M+eP2bx/1b+mMV/jvwxi/+c+WMW/7nyxyz+c+ePWfznyR+z+M+bP2bxny9/zOI/f/6YxX+B/DGL/4L5Yxb/b+ePWfy/kz9m8V8of8zi/938MYv/wvljFv/v5Y9Z/L+fP2bxXyR/zOK/aP6YxX+x/DGL/+L5Yxb/JfLHLP5L5o9Z/H+QP2bxXyp/zOL/w/wxi/+P8scs/kvnj1n8l8kfs/gvmz9m8V8uf8zi/+P8MYv/8vljFv8V8scs/j/JH7P4r5g/ZvFfKX/M4r9y/pjFf5X8MYv/qvljFv/V8scs/qvnj1n8f5o/ZvFfI3/M4r9m/pjFf638MYv/2vljFv918scs/uvmj1n8f5Y/ZvFfL3/M4r9+/pjFf4P8MYv/z/PHLP4b5o9Z/H+RP2bx3yh/zOK/cf6YxX+T/DGL/y/zxyz+v8ofs/hvmj9m8d8sf8ziv3n+mMV/i/wxi/+W+WMW/63yxyz+W+ePWfy3yR+z+G+bP2bx3y5/zOL/6/wxi/9v8scs/tvnj1n8d8gfs/jvmD9m8d8pf8zi/9v8MYv/7/LHLP6/zx+z+O+cP2bx3yV/zOL/h/wxi/8f88cs/rvmj1n8/5Q/ZvHfLX/M4r97/pjFf4/8MYv/n/PHLP5/yR+z+O+ZP2bx3yt/zOK/d/6YxX+f/DGL/775Yxb//fLHLP77549Z/A/IH7P4H5g/ZvE/KH/M4n9w/pjF/5D8MYv/ofljFv/D8scs/ofnj1n8j8gfs/gfmT9m8T8qf8zif3T+mMX/mPwxi/+x+WMW/+Pyxyz+x+ePWfxPyB+z+J+YP2bxPyl/zOJ/cv6Yxf+U/DGL/6n5Yxb/0/LHLP6n549Z/M/IH7P4n5k/ZvE/K3/M4n92/pjF/5z8MYv/ufljFv/z8scs/ufnj1n8L8gfs/hfmD9m8b8of8zif3H+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+z+P81f8zif2X+mMX/qvwxi//V+WMW/2vyxyz+1+aPWfyvyx+z+F+fP2bxvyF/zOJ/Y/6Yxf+m/DGL/835Yxb/W/LHLP635o9Z/G/LH7P4354/ZvG/I3/M4n9n/pjF/678MYv/3fljFv978scs/vfmj1n878sfs/jfnz9m8X8gf8zi/2D+mMX/ofwxi//D+WMW/0fyxyz+j+aPWfwfyx+z+D+eP2bxfyJ/zOL/ZP6Yxf+p/DGL/9P5Yxb/Z/LHLP7P5o9Z/J/LH7P4P58/ZvF/IX/M4v9i/pjF/6X8MYv/y/ljFv9X8scs/q/mj1n8X8sfs/i/nj9m8X8jf8zi/2b+mMX/rfwxi//b+WMW/3fyxyT+Iw/kj1n8B+WPWfyHyR+z+A+bP2bxH5w/ZvEfLn/M4j98/pjFf4T8MYv/iPljFv+R8scs/iPnj1n8R8kfs/iPmj9m8R8tf8ziP3r+mMV/jPwxi/+Y+WMW/7Hyxyz+Y+ePWfw/lT9m8R8nf8ziP27+mMX/0/ljFv/x8scs/uPnj1n8P5M/ZvGfIH/M4v/Z/DGL/4T5Yxb/ifLHLP4T549Z/CfJH7P4T5o/ZvH/XP6YxX+y/DGL/+T5Yxb/KfLHLP5T5o9Z/KfKH7P4fz5/zOI/df6Yxf8L+WMW/y/mj1n8v5Q/ZvH/cv6Yxf8r+WMW/6/mj1n8p8kfs/hPmz9m8Z8uf8ziP33+mMV/hvwxi/+M+WMW/6/lj1n8Z8ofs/jPnD9m8Z8lf8ziP2v+mMX/6/ljFv/Z8scs/t/IH7P4fzN/zOI/e/6Yxf9b+WMW/znyxyz+c+aPWfznyh+z+M+dP2bxnyd/zOI/b/6YxX++/DGL//z5Yxb/BfLHLP4L5o9Z/L+dP2bx/07+mMV/ofwxi/9388cs/gvnj1n8v5c/ZvH/fv6YxX+R/DGL/6L5Yxb/xfLHLP6L549Z/JfIH7P4L5k/ZvH/Qf6YxX+p/DGL/w/zxyz+P8ofs/gvnT9m8V8mf8ziv2z+mMV/ufwxi/+P88cs/svnj1n8V8gfs/j/JH/M4r9i/pjFf6X8MYv/yvljFv9V8scs/qvmj1n8V8sfs/ivnj9m8f9p/pjFf438MYv/mvljFv+18scs/mvnj1n818kfs/ivmz9m8f9Z/pjFf738MYv/+vljFv8N8scs/j/PH7P4b5g/ZvH/Rf6YxX+j/DGL/8b5Yxb/TfLHLP6/zB+z+P8qf8ziv2n+mMV/s/wxi//m+WMW/y3yxyz+W+aPWfy3yh+z+G+dP2bx3yZ/zOK/bf6YxX+7/DGL/6/zxyz+v8kfs/hvnz9m8d8hf8ziv2P+mMV/p/wxi/9v88cs/r/LH7P4/z5/zOK/c/6YxX+X/DGL/x/yxyz+f8wfs/jvmj9m8f9T/pjFf7f8MYv/7vljFv898scs/n/OH7P4/yV/zOK/Z/6YxX+v/DGL/975Yxb/ffLHLP775o9Z/PfLH7P4758/ZvE/IH/M4n9g/pjF/6D8MYv/wfljFv9D8scs/ofmj1n8D8sfs/gfnj9m8T8if8zif2T+mMX/qPwxi//R+WMW/2Pyxyz+x+aPWfyPyx+z+B+fP2bxPyF/zOJ/Yv6Yxf+k/DGL/8n5Yxb/U/LHLP6n5o9Z/E/LH7P4n54/ZvE/I3/M4n9m/pjF/6z8MYv/2fljFv9z8scs/ufmj1n8z8sfs/ifnz9m8b8gf8zif2H+mMX/ovwxi//F+WMW/0vyxyz+l+aPWfwvyx+z+F+eP2bxvyJ/zOL/1/wxi/+V+WMW/6vyxyz+V+ePWfyvyR+z+F+bP2bxvy5/zOJ/ff6Yxf+G/DGL/435Yxb/m/LHLP43549Z/G/JH7P435o/ZvG/LX/M4n97/pjF/478MYv/nfljFv+78scs/nfnj1n878kfs/jfmz9m8b8vf8zif3/+mMX/gfwxi/+D+WMW/4fyxyz+D+ePWfwfyR+z+D+aP2bxfyx/zOL/eP6Yxf+J/DGL/5P5Yxb/p/LHLP5P549Z/J/JH7P4P5s/ZvF/Ln/M4v98/pjF/4X8MYv/i/ljFv+X8scs/i/nj1n8X8kfs/i/mj9m8X8tf8zi/3r+mMX/jfwxi/+b+WMW/7fyxyz+b+ePWfzfyR+T+I8ykD9m8R+UP2bxHyZ/zOI/bP6YxX9w/pjFf7j8MYv/8PljFv8R8scs/iPmj1n8R8ofs/iPnD9m8R8lf8ziP2r+mMV/tPwxi//o+WMW/zHyxyz+Y+aPWfzHyh+z+I+dP2bx/1T+mMV/nPwxi/+4+WMW/0/nj1n8x8sfs/iPnz9m8f9M/pjFf4L8MYv/Z/PHLP4T5o9Z/CfKH7P4T5w/ZvGfJH/M4j9p/pjF/3P5Yxb/yfLHLP6T549Z/KfIH7P4T5k/ZvGfKn/M4v/5/DGL/9T5Yxb/L+SPWfy/mD9m8f9S/pjF/8v5Yxb/r+SPWfy/mj9m8Z8mf8ziP23+mMV/uvwxi//0+WMW/xnyxyz+M+aPWfy/lj9m8Z8pf8ziP3P+mMV/lvwxi/+s+WMW/6/nj1n8Z8sfs/h/I3/M4v/N/DGL/+z5Yxb/b+WPWfznyB+z+M+ZP2bxnyt/zOI/d/6YxX+e/DGL/7z5Yxb/+fLHLP7z549Z/BfIH7P4L5g/ZvH/dv6Yxf87+WMW/4Xyxyz+380fs/gvnD9m8f9e/pjF//v5Yxb/RfLHLP6L5o9Z/BfLH7P4L54/ZvFfIn/M4r9k/pjF/wf5Yxb/pfLHLP4/zB+z+P8of8ziv3T+mMV/mfwxi/+y+WMW/+Xyxyz+P84fs/gvnz9m8V8hf8zi/5P8MYv/ivljFv+V8scs/ivnj1n8V8kfs/ivmj9m8V8tf8ziv3r+mMX/p/ljFv818scs/mvmj1n818ofs/ivnT9m8V8nf8ziv27+mMX/Z/ljFv/18scs/uvnj1n8N8gfs/j/PH/M4r9h/pjF/xf5Yxb/jfLHLP4b549Z/DfJH7P4/zJ/zOL/q/wxi/+m+WMW/83yxyz+m+ePWfy3yB+z+G+ZP2bx3yp/zOK/df6YxX+b/DGL/7b5Yxb/7fLHLP6/zh+z+P8mf8ziv33+mMV/h/wxi/+O+WMW/53yxyz+v80fs/j/Ln/M4v/7/DGL/875Yxb/XfLHLP5/yB+z+P8xf8ziv2v+mMX/T/ljFv/d8scs/rvnj1n898gfs/j/OX/M4v+X/DGL/575Yxb/vfLHLP57549Z/PfJH7P475s/ZvHfL3/M4r9//pjF/4D8MYv/gfljFv+D8scs/gfnj1n8D8kfs/gfmj9m8T8sf8zif3j+mMX/iPwxi/+R+WMW/6Pyxyz+R+ePWfyPyR+z+B+bP2bxPy5/zOJ/fP6Yxf+E/DGL/4n5Yxb/k/LHLP4n549Z/E/JH7P4n5o/ZvE/LX/M4n96/pjF/4z8MYv/mflj7/sPjDgw8J/sf1b+mGX7Pzt/zOJ/Tv6Yxf/c/DGL/3n5Yxb/8/PHLP4X5I9Z/C/MH7P4X5Q/ZvG/OH/M4n9J/pjF/9L8MYv/ZfljFv/L88cs/lfkj1n8/5o/ZvG/Mn/M4n9V/pjF/+r8MYv/NfljFv9r88cs/tflj1n8r88fs/jfkD9m8b8xf8zif1P+mMX/5vwxi/8t+WMW/1vzxyz+t+WPWfxvzx+z+N+RP2bxvzN/zOJ/V/6Yxf/u/DGL/z35Yxb/e/PHLP735Y9Z/O/PH7P4P5A/ZvF/MH/M4v9Q/pjF/+H8MYv/I/ljFv9H88cs/o/ljzn8k/+oHP4DozzRWoBZ/J/MH7P4P5U/ZvF/On/M4v9M/pjF/9n8MYv/c/ljFv/n88cs/i/kj1n8X8wfs/i/lD9m8X85f8zi/0r+mMX/1fwxi/9r+WMW/9fzxyz+b+SPWfzfzB+z+L+VP2bxfzt/zOL/Tv6YxH/Ugfwxi/+g/DGL/zD5Yxb/YfPHLP6D88cs/sPlj1n8h88fs/iPkD9m8R8xf8ziP1L+mMV/5Pwxi/8o+WMW/1Hzxyz+o+WPWfxHzx+z+I+RP2bxHzN/zOI/Vv6YxX/s/DGL/6fyxyz+4+SPWfzHzR+z+H86f8ziP17+mMV//Pwxi/9n8scs/hPkj1n8P5s/ZvGfMH/M4j9R/pjFf+L8MYv/JPljFv9J88cs/p/LH7P4T5Y/ZvGfPH/M4j9F/pjFf8r8MYv/VPljFv/P549Z/KfOH7P4fyF/zOL/xfwxi/+X8scs/l/OH7P4fyV/zOL/1fwxi/80+WMW/2nzxyz+0+WPWfynzx+z+M+QP2bxnzF/zOL/tfwxi/9M+WMW/5nzxyz+s+SPWfxnzR+z+H89f8ziP1v+mMX/G/ljFv9v5o9Z/GfPH7P4fyt/zOI/R/6YxX/O/DGL/1z5Yxb/ufPHLP7z5I9Z/OfNH7P4z5c/ZvGfP3/M4r9A/pjFf8H8MYv/t/PHLP7fyR+z+C+UP2bx/27+mMV/4fwxi//38scs/t/PH7P4L5I/ZvFfNH/M4r9Y/pjFf/H8MYv/EvljFv8l88cs/j/IH7P4L5U/ZvH/Yf6Yxf9H+WMW/6Xzxyz+y+SPWfyXzR+z+C+XP2bx/3H+mMV/+fwxi/8K+WMW/5/kj1n8V8wfs/ivZPT/F+6wxX9lo/+/kMV/lfwxi/+q+WMW/9Xyxyz+q+ePWfx/mj9m8V8jf8ziv2b+mMV/rfwxi//a+WMW/3Xyxyz+6+aPWfx/lj9m8V8vf8ziv37+mMV/g/wxi//P88cs/hvmj1n8f5E/ZvHfKH/M4r9x/pjFf5P8MYv/L/PHLP6/yh+z+G+aP2bx3yx/zOK/ef6YxX+L/DGL/5b5Yxb/rfLHLP5b549Z/LfJH7P4b5s/ZvHfLn/M4v/r/DGL/2/yxyz+2+ePWfx3yB+z+O+YP2bx3yl/zOL/2/wxi//v8scs/r/PH7P475w/ZvHfJX/M4v+H/DGL/x/zxyz+u+aPWfz/lD9m8d8tf8ziv3v+mMV/j/wxi/+f88cs/n/JH7P475k/ZvHfK3/M4r93/pjFf5/8MYv/vvljFv/98scs/vvnj1n8D8gfs/gfmD9m8T8of8zif3D+mMX/kPwxi/+h+WMW/8Pyxyz+h+ePWfyPyB+z+B+ZP2bxPyp/zOJ/dP6Yxf+Y/DGL/7H5Yxb/4/LHLP7H549Z/E/IH7P4n5g/ZvE/KX/M4n9y/pjF/5T8MYv/qfljFv/T8scs/qfnj1n8z8gfs/ifmT9m8T8rf8zif3b+mMX/nPwxi/+5+WMW//Pyxyz+5+ePWfwvyB+z+F+YP2bxvyh/zOJ/cf6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/K/IH7P4/zV/zOJ/Zf6Yxf+q/DGL/9X5Yxb/a/LHLP7X5o9Z/K/LH7P4X58/ZvG/IX/M4n9j/pjF/6b8MYv/zfljFv9b8scs/rfmj1n8b8sfs/jfnj9m8b8jf8zif2f+mMX/rvwxi//d+WMW/3vyxyz+9+aPWfzvyx+z+N+fP2bxfyB/zOL/YP6Yxf+h/DGL/8P5Yxb/R/LHLP6P5o9Z/B/LH7P4P54/ZvF/In/M4v9k/pjF/6n8MYv/0/ljFv9n8scs/s/mj1n8n8sfs/g/nz9m8X8hf8zi/2L+mMX/pfwxi//L+WMW/1fyxyz+r+aPWfxfyx+z+L+eP2bxfyN/zOL/Zv6Yxf+t/DGL/9v5Yxb/d/LHJP6jDeSPWfwH5Y9Z/IfJH7P4D5s/ZvEfnD9m8R8uf8ziP3z+mMV/hPwxi/+I+WMW/5Hyxyz+I+ePWfxHyR+z+I+aP2bxHy1/zOI/ev6YxX+M/DGL/5j5Yxb/sfLHLP5j549Z/D+VP2bxHyd/zOI/bv6Yxf/T+WMW//Hyxyz+4+ePWfw/kz9m8Z8gf8zi/9n8MYv/hPljFv+J8scs/hPnj1n8J8kfs/hPmj9m8f9c/pjFf7L8MYv/5PljFv8p8scs/lPmj1n8p8ofs/h/Pn/M4j91/pjF/wv5Yxb/L+aPWfy/lD9m8f9y/pjF/yv5Yxb/r+aPWfynyR+z+E+bP2bxny5/zOI/ff6YxX+G/DGL/4z5Yxb/r+WPWfxnyh+z+M+cP2bxnyV/7B/8h1425ic8pv9PfYT/rPljlu3/6/ljFv/Z8scs/t/IH7P4fzN/zOI/e/6Yxf9b+WMW/znyxyz+c+aPWfznyh+z+M+dP2bxnyd/zOI/b/6YxX++/DGL//z5Yxb/BfLHLP4L5o9Z/L+dP2bx/07+mMV/ofwxi/9388cs/gvnj1n8v5c/ZvH/fv6YxX+R/DGL/6L5Yxb/xfLHLP6L549Z/JfIH7P4L5k/ZvH/Qf6YxX+p/DGL/w/zxyz+P8ofs/gvnT9m8V8mf8ziv2z+mMV/ufwxi/+P88cs/svnj1n8V8gfs/j/JH/M4r9i/pjFf6X8MYv/yvljFv9V8scs/qvmj1n8V8sfs/ivnj9m8f9p/pjFf438MYv/mvljFv+18scs/mvnj1n818kfs/ivmz9m8f9Z/pjFf738MYv/+vljFv8N8scs/j/PH7P4b5g/ZvH/Rf6YxX+j/DGL/8b5Yxb/TfLHLP6/zB+z+P8qf8ziv2n+mMV/s/wxi//m+WMW/y3yxyz+W+aPWfy3yh+z+G+dP2bx3yZ/zOK/bf6YxX+7/DGL/6/zxyz+v8kfs/hvnz9m8d8hf8ziv2P+mMV/p/wxi/9v88cs/r/LH7P4/z5/zOK/c/6YxX+X/LH/VP8RP+T/h/yx/1T/gQ/5/zF/zOK/a/6Yxf9P+WMW/93yxyz+u+ePWfz3yB+z+P85f8zi/5f8MYv/nvljFv+98scs/nvnj1n898kfs/jvmz9m8d8vf8ziv3/+mMX/gPwxi/+B+WMW/4Pyxyz+B+ePWfwPyR+z+B+aP2bxPyx/zOJ/eP6Yxf+I/DGL/5H5Yxb/o/LHLP5H549Z/I/JH7P4H5s/ZvE/Ln/M4n98/pjF/4T8MYv/ifljFv+T8scs/ifnj1n8T8kfs/ifmj9m8T8tf8zif3r+mMX/jPwxi/+Z+WMW/7Pyxyz+Z+ePWfzPyR+z+J+bP2bxPy9/zOJ/fv6Yxf+C/DGL/4X5Yxb/i/LHLP4X549Z/C/JH7P4X5o/ZvG/LH/M4n95/pjF/4r8MYv/X/PHLP5X5o9Z/K/KH7P4X50/ZvG/Jn/M4n9t/pjF/7r8MYv/9fljFv8b8scs/jfmj1n8b8ofs/jfnD9m8b8lf8zif2v+mMX/tvwxi//t+WMW/zvyxyz+d+aPWfzvyh+z+N+dP2bxvyd/zOJ/b/6Yxf++/DGL//35Yxb/B/LHLP4P5o9Z/B/KH7P4P5w/ZvF/5MP+W/wvj+vfNIv/o23/mMX/sfwxi//j+WMW/yfyxyz+T+aPWfyfyh+z+D+dP2bxfyZ/zOL/bP6Yxf+5/DGL//P5Yxb/F/LHLP4v5o9Z/F/KH7P4v5w/ZvF/JX/M4v9q/pjF/7X8MYv/6/ljFv838scs/m/mj1n838ofs/i/nT9m8X8nf0ziP/pA/pjFf1D+mMV/mPwxi/+w+WMW/8H5Yxb/4fLHLP7D549Z/EfIH7P4j5g/ZvEfKX/M4j9y/pjFf5T8MYv/qPljFv/R8scs/qPnj1n8x8gfs/iPmT9m8R8rf8ziP3b+mMX/U/ljFv9x8scs/uPmj1n8P50/ZvEfL3/M4j9+/pjF/zP5Yxb/CfLHLP6fzR+z+E+YP2bxnyh/zOI/cf6YxX+S/DGL/6T5Yxb/z+WPWfwnyx+z+E+eP2bxnyJ/zOI/Zf6YxX+q/DGL/+fzxyz+U+ePWfy/kD9m8f9i/pjF/0v5Yxb/L+ePWfy/kj9m8f9q/pjFf5r8MYv/tPljFv/p8scs/tPnj1n8Z8gfs/jPmD9m8f9a/pjFf6b8MYv/zPljFv9Z8scs/rPmj1n8v54/ZvGfLX/M4v+N/DGL/zfzxyz+s+ePWfy/lT9m8Z8jf8ziP2f+mMV/rvwxi//c+WMW/3nyxyz+8+aPWfznyx+z+M+fP2bxXyB/zOK/YP6Yxf/b+WMW/+/kj1n8F8ofs/h/N3/M4r9w/pjF/3v5Yxb/7+ePWfwXyR+z+C+aP2bxXyx/zOK/eP6YxX+J/DGL/5L5Yxb/H+SPWfyXyh+z+P8wf8zi/6P8MYv/0vljFv9l8scs/svmj1n8l8sfs/j/OH/M4r98/pjFf4X8MYv/T/LHLP4r5o9Z/FfKH7P4r5w/ZvFfJX/M4r9q/pjFf7X8MYv/6vljFv+f5o9Z/NfIH7P4r5k/ZvFfK3/M4r92/pjFf538MYv/uvljFv+f5Y9Z/NfLH7P4r58/ZvHfIH/M4v/z/DGL/4b5Yxb/X+SPWfw3yh+z+G+cP2bx3yR/zOL/y/wxi/+v8scs/pvmj1n8N8sfs/hvnj9m8d8if8ziv2X+mMV/q/wxi//W+WMW/23yxyz+2+aPWfy3yx+z+P86f8zi/5v8MYv/9vljFv8d8scs/jvmj1n8d8ofs/j/Nn/M4v+7/DGL/+/zxyz+O+ePWfx3yR+z+P8hf8zi/8f8MYv/rvljFv8/5Y9Z/HfLH7P4754/ZvHfI3/M4v/n/DGL/1/yxyz+e+aPWfz3yh+z+O+dP2bx3yd/zOK/b/6YxX+//DGL//75Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bxPyV/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/hfmj1n8L8ofs/hfnD9m8b8kf8zif2n+mMX/svwxi//l+WMW/yvyxyz+f80fs/hfmT9m8b8qf8zif3X+mMX/mvwxi/+1+WMW/+vyxyz+1+ePWfxvyB+z+N+YP2bxvyl/zOJ/c/6Yxf+W/DGL/635Yxb/2/LHLP63549Z/O/IH7P435k/ZvG/K3/M4n93/pjF/578MYv/vfljFv/78scs/vfnj1n8H8gfs/g/mD9m8X8of8zi/3D+mMX/kfwxi/+j+WMW/8fyxyz+j+ePWfyfyB+z+D+ZP2bxfyp/zOL/dP6Yxf+Z/DGL/7P5Yxb/5/LHLP7P549Z/F/IH7P4v5g/ZvF/KX/M4v9y/pjF/5X8MYv/q/ljFv/X8scs/q/nj1n838gfs/i/mT9m8X8rf8zi/3b+mMX/nfwxif8YA/ljFv9B+WMW/2Hyxyz+w+aPWfwH549Z/IfLH7P4D58/ZvEfIX/M4j9i/pjFf6T8MYv/yPljFv9R8scs/qPmj1n8R8sfs/iPnj9m8R8jf8ziP2b+mMV/rPwxi//Y+WMW/0/lj1n8x8kfs/iPmz9m8f90/pjFf7z8MYv/+PljFv/P5I9Z/CfIH7P4fzZ/zOI/Yf6YxX+i/DGL/8T5Yxb/SfLHLP6T5o9Z/D+X//+PnbsP97qu7zj+454sZ592Xeo122UXGnNtRiKjUQtRUTzenDLRzHuEw01yIzcSYApstFLHpkvdLNjEwjFnq5Y43Fx3KxqWNVsjtlY5xbUwxhwsMmfsOnAOwdnbc+182ffr8v14/ME5v9/x/Ut5Xi9/Py+uq1CW/sP0D2Xpf5z+oSz9j9c/lKX/a/UPZek/XP9Qlv6/oH8oS/8T9A9l6f+L+oey9H+d/qEs/X9J/1CW/r+sfyhL/xP1D2Xp/3r9Q1n6j9A/lKX/G/QPZel/kv6hLP1H6h/K0v9k/UNZ+o/SP5Sl/6/oH8rSf7T+oSz936h/KEv/X9U/lKX/GP1DWfq/Sf9Qlv5v1j+Upf+v6R/K0v8t+oey9B+rfyhL/1P0D2XpP07/UJb+p+ofytL/NP1DWfqfrn8oS//x+oey9D9D/1CW/mfqH8rSf4L+oSz9z9I/lKV/m/6hLP3P1j+Upf85+oey9D9X/1CW/ufpH8rSv13/UJb+b9U/lKX/2/QPZel/vv6hLP3frn8oS/8L9A9l6T9R/1CW/hfqH8rS/yL9Q1n6v0P/UJb+F+sfytL/nfqHsvS/RP9Qlv6X6h/K0v8y/UNZ+l+ufyhL/yv0D2Xpf6X+oSz9r9I/lKX/JP1DWfpfrX8oS//J+oey9J+ifyhL/w79Q1n6T9U/lKX/NP1DWfpP1z+Upf8M/UNZ+r9L/1CW/tfoH8rSf6b+oSz9Z+kfytJ/tv6hLP3n6B/K0v9a/UNZ+s/VP5Sl/zz9Q1n6z9c/lKX/Av1DWfpfp38oS/+F+oey9H+3/qEs/RfpH8rSf7H+oSz9l+gfytL/ev1DWfq/R/9Qlv436B/K0v9G/UNZ+i/VP5Sl/zL9Q1n6L9c/lKX/r+sfytL/N/QPZem/Qv9Qlv7v1T+Upf9v6h/K0v99+oey9H+//qEs/W/SP5Sl/836h7L0v0X/UJb+v6V/KEv/lfqHsvT/bf1DWfr/jv6hLP1v1T+Upf9t+oey9P9d/UNZ+n9A/1CW/rfrH8rS/w79Q1n636l/KEv/39M/lKX/7+sfytL/Lv1DWfp/UP9Qlv4f0j+Upf8q/UNZ+q/WP5Sl/x/oH8rS/w/1D2Xpf7f+oSz91+gfytL/Hv1DWfp/WP9Qlv4f0T+Upf9a/UNZ+t+rfyhL/z/SP5Sl/zr9Q1n6/7H+oSz979M/lKX/n+gfytL/fv1DWfp/VP9Qlv5/qn8oS/+P6R/K0v/j+oey9P+E/qEs/f9M/1CW/p/UP5Sl/wP6h7L0X69/KEv/B/UPZen/5/qHsvTfoH8oS/+H9A9l6f8X+oey9P9L/UNZ+j+sfyhL/7/SP5Sl/6f0D2Xp/2n9Q1n6f0b/UJb+n9U/lKX/5/QPZen/1/qHsvT/vP6hLP2/oH8oS/+N+oey9P+i/qEs/f9G/1CW/pv0D2Xp/4j+oSz9v6R/KEv/L+sfytL/Uf1DWfp/Rf9Qlv5f1T+Upf/f6h/K0v8x/UNZ+n9N/1CW/n+nfyhL/6/rH8rS/+/1D2Xpv1n/UJb+39A/lKX/Fv1DWfr/g/6hLP3/Uf9Qlv7f1D+Upf8/6R/K0v9b+oey9P+2/qEs/b+jfyhL/8f1D2Xp/8/6h7L0f0L/UJb+T+ofytJ/q/6hLP2f0j+Upf+/6B/K0v+7+oey9P9X/UNZ+n9P/1CW/tv0D2Xp/7T+oSz9v69/KEv/7fqHsvT/N/1DWfrv0D+Upf+/6x/K0v8Z/UNZ+v+H/qEs/XfqH8rSf5f+oSz9/1P/UJb+P9A/lKX/bv1DWfr/UP9Qlv7P6h/K0v9H+oey9H9O/1CW/v+lfyhL/+f1D2Xp/2P9Q1n679E/lKT/K1v6h7L076d/KEv//vqHsvQfoH8oS/+B+oey9B+kfyhL/8H6h7L0H6J/KEv/ofqHsvR/mf6hLP0P0z+Upf/L9Q9l6f8K/UNZ+h+ufyhL/5/RP5Sl/xH6h15y/QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6/mb94yTWTZs7smOcb3/jGN/u/ebH/zQQAAPxf+8mH/hf77wQAAAAAAAAAAAAAAAAAAADyauL/TuzF/mcEAAAAAAAAAAAAAICfdm3tp24f0O+gpwYc+ODnH+3Y+3XU7ounr137YOn+2vXjc4KX7H/ggz179uxZ/czY8V0Ph7Rarc7/tVd2PR7a87jz9Zcdu+rofY/KuM/f+fgVEw8/d9762wZ+Y/Ut7U8P2vvsoNZVU2fM7HhD/1arnD6otajzwUn9Wq1y5qDWrZ0PRnY+mDCota7zwcl7H7ys9ZnOB6+fPGfmlM4nzqr8ewYvFW3ty1oDDlps66B/Gxy4/2XHPjG9+2svL9n9agNbXfsftv5LR/X4WbcX2H/365dTe+6/z/+AwAvq2/6f3dL9tZeX/B/v/x/etHtJ9LMX3n/365fT7B/qE3z+P2ijPT/39/j8/5rgJfffnzJ00+2d+2+78L5Xdz018H/z+f8nr19O77n//gd9/u/8HD+++/P/kFarnHGIvx2QSlv78u29vf/3vv+BP9fjpt+B+7/nK1tf0bn/e59rreh6alAf9z++t/f/m3r8vQJ909a+Zk+P9/8+7L81PHjJ/fvftv7wvZ//t94/+cgDftaX/Z/Rc/8jFsy6dsT8xUtOnDFr0rSOaR2zx4wcfdKoMWNGjx6x9xPBvl8P8TcFkji09//WYT1u+rVaHfvvN953y/jO/e94aMVHup4a2sf9n9nr+/9rvP9DaFj/1uDBrUWTFiyYd9K+X7sfjtz3676/LNh/H/77/7gTuv6y7j8z7NdqHb3/fvgVY4Z07v/6uWVD11OD+7j/Cb3uf9zBf1YJ9M0hvv9P6XFz0P5P2Xbjws79H/+DV23teqqv//1/Vq/7v9v7PxyKtvZWrW+infs/ecjys6tdlzZ//gf1aWL/x+68dVe163K2/UN9mtj/xJVvvrradTnH/qE+Tez/wVlXrqx2Xc61f6hPE/t//md3HVPtupxn/1CfJvb/2HefWlvturTbP9Snif1/8K72k6tdl7faP9Snif2feN0Px1a7Lm+zf6hPE/uf+vIL1lW7LufbP9Snif2fvee0I6tdl7fbP9Snif33W/69ZdWuywX2D/VpYv9PTlo5p9p1mWj/UJ8m9r/u2OHPVrsuF9o/1KeJ/a94+o0Tql2Xi+wf6tPE/r96x6rHql2Xd9g/1KeJ/X/isletqnZdLrZ/qE8T+//RsIcOq3Zd3mn/UJ8m9r9587oHql2XS+wf6tPE/levGzCs2nW51P6hPk3sf+lZ0x6tdl0us3+oTxP7HzX6y5dWuy6X2z/Up4n9H/25bz1V7bpcYf9Qnyb2f8HDC+dXuy5X2j/Up4n9Lzzm4z+udl2usn+oTxP7f0vHMdOrXZdJ9g/1aWL/5bbDNle7LlfbP9Snif1fsmPNuGrXZbL9Q32a2P+GI77wsWrXZYr9Q32a2P/OubPHVLsuHfYP9Wli/99579L3VbsuU+0f6tPE/m9/7uul2nWZZv9Qnyb2v23kJZdVuy7T7R/q08T+15z7zCPVrssM+4f6NLH/lRseX1DturzL/qE+Tex/48Zznqh2Xa6xf6hPE/s/fviIw6tdl5n2D/VpYv9zLl7xoWrXZZb9Q32a2P/p99/x2mrXZbb9Q32a2P/Qr439ZLXrMsf+oT5N7P/TY9//qWrX5Vr7h/o0sf9d4447odp1mWv/UJ8m9r/lgZF3Vrsu8+wf6tPE/j/wyF0Vr8t8+4f6NLH/ua97fke167LA/qE+Tez/TRMvWlztulxn/1CfJvZ/5N0Tvljtuiy0f6hPE/u//NvfP7/adXm3/UN9mtj/cUdd/epq12WR/UN9mtj/9Bmbbq52XRbbP9Snif2PX71lVLXrssT+oT5N7P+IJ+ffU+26XG//UJ8m9r99wFHnVbsu77F/qE8T+7/3hoe/We263GD/UJ8m9n/zTR/tqHZdbrR/qE8T+//s7sE7q12XpfYPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/zQ4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAPHAgAAAADC/K2D6N0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICjAAAA//8mu+jL")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x1a1)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000000)={0xd2f0, 0x2000, 0x8, 0xadea})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})

46.25841879s ago: executing program 8 (id=1549):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000100)=0x80000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000080)={@my=0x1})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000000)={{@my=0x1, 0xffffffff}, @any, 0x0, 0x1, 0x7ffffff, 0x0, 0x6})

43.117775691s ago: executing program 8 (id=1584):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000006040), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000006080)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000006180)={0x0, 0x0, &(0x7f0000006140)={&(0x7f0000000200)={0x4c, r1, 0x11, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r2}, @val={0xc, 0x99, {0xfffffffb, 0x2d}}}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x6}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'pimreg\x00'}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x8, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_ACTIVE={0x4}]}]]}, 0x4c}, 0x1, 0x0, 0x0, 0x4}, 0x10)

42.496912116s ago: executing program 37 (id=1584):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000006040), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000006080)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f0000006180)={0x0, 0x0, &(0x7f0000006140)={&(0x7f0000000200)={0x4c, r1, 0x11, 0x70bd2b, 0x25dfdbfd, {{}, {@void, @val={0x8, 0x3, r2}, @val={0xc, 0x99, {0xfffffffb, 0x2d}}}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x6}, @NL80211_ATTR_IFNAME={0x14, 0x4, 'pimreg\x00'}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x8, 0x17, 0x0, 0x1, [@NL80211_MNTR_FLAG_ACTIVE={0x4}]}]]}, 0x4c}, 0x1, 0x0, 0x0, 0x4}, 0x10)

22.986684533s ago: executing program 7 (id=1724):
syz_open_dev$sndpcmp(&(0x7f0000000040), 0x0, 0x0)
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESOCT=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])

22.769713308s ago: executing program 7 (id=1726):
syz_mount_image$erofs(&(0x7f0000000440), &(0x7f0000000180)='./file0\x00', 0x410, &(0x7f0000000480)=ANY=[], 0x1, 0x1ec, &(0x7f0000000cc0)="$eJzsmb+LE0EUx78zu7e5HCLY2FoY8ERvs7uncM0hJ9gLp6BlMKtEN0aSFZKAYLCxsbQQbP0HLCxSWdjZ2WqhgmBhSjthZGZns8P+kKxEm3sfuHffffN237zJ7BtIQBDEkeXrl5+fn13eu3YewDG00ND+71YWw434Ty8ennu+f+Xl64+v3t0//mief16jZn6Z5u2BhRhNgBXHW8oyW86ipX3XwXHWiHFK5hmC4abWdw09aGoRhe6tQdS93YtCTxpfmkCaXTO/DWAxY+gC2AQghBDmNEeT6b1OFIXDvNgQaZ7CUF3xp/VT8zvg2NfXwoKQ63Dj6ZMZe5zFecb6+eDwtd4Fw6HWe2jAdd1sSYz6uS5a1m+tUv/ahCWF/Ijr335ip16uS0rIzfbvyikTsroVgpvr2EwkQpb3yL299JxczN8X7/qWeTb/Mjv7b69MTqjGBaAw9GFLClY2tJJIG29ZjJP1J/lCnUHWP2zlTWjH/Qft0WS60+t37oSp94LnXQzaqhElVnnNs+XXsv/ZwIxhy3j+RmW3dDDuxPHQHwPx0HeYvg4Sa3TcwzeDH+oOrvofx/bp5AksPW8qDjqm/7j6L9W2VTkdgiAIgiAIgiAIgiAIgiCIWpwCU9+C6h+qRAXBVRX9OwAA//8PqVGj")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
lseek(r0, 0xfffffffffffffffc, 0x2)
getdents(r0, 0x0, 0x58)

22.145159159s ago: executing program 7 (id=1731):
r0 = epoll_create1(0x80000)
r1 = openat$random(0xffffffffffffff9c, &(0x7f0000000000), 0x80, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000080)={0x20000007})
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000040)={0x60000000})

21.652460133s ago: executing program 7 (id=1736):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x204092, &(0x7f0000000200), 0x6, 0x515, &(0x7f0000000c00)="$eJzs3V1PY3kZAPDnlHYGdtGyu16smziL+xLG6BRY9oV4sS6JL1ebGNd7BqEQQqETKLsDmSjzCTRmoibe6JU3Jn4AEzMfwZhMondeeKWZKONceGNqTns6A6XFTqa0M/D7JYfzP/8/Pc/zFFrOGz0BXFiTEfFRRIxExNsRUcz6c9kUB80p/b4Hh7eW0ymJev2TfyaRZH3t63wxe1jqe9+J+EFyMu7O3v7GUqVS3j7evX9tfXNprbxW3pqbm31//oP59+ZneqwkyZ82+lJEfPjNhz/78W++/eEfvvbZ3xb/cfWHaVrXs/FOdfRDs/RCjB5bPj/S35t8o0IAAJ4Hr0TEyxHxRkR8JYoxEqduRgMAAADPofo3xi+3mgAAAMD5lIuI8Uhypex63/HI5Uql5jW8X4gXcpXqTu2rq9XdrZV0LGIiCrnV9Up5JrtWeCIKSbo822g/Xn6nbXkuuwb3TnEsXW6MAQAAAIOx0Lb//7DY3P8HAAAAzpnOJ+NHBp4HAAAAcHZcjA8AAADnn/1/AAAAONe++/HH6VR/cHircR+AlU/3djeqn15bKe9slDZ3l0vL1e0bpbVqda1SLvXwHwGVavXGu7G1e3O6lt+pTe/s7S9uVne3aouN+3ovll8eQE0AAADAcS+9fvcvSUQcfH2sMaUuZWOFoWYGPEOSfFvH9S8PKROgLzoc0h879QGTu2eXDDBQ7X/TgYvDPj6QtHe0bRiMdttU+GN7x5X/G8s2BwAADMfUF53/h4sqN+wEgKH5yYmeS0PJAxi8no/FT55tHsDgFdzmDy68E+f/24x2Gzhx/r+bev2JEgIAAPpuvDk7iOxc4HjkcqXSo9OCyep6pTwTEZ+PiD8XC5fT5dkh5gsAAAAAAAAAAAAAAAAAAAAAAAAAz6N6PYk6AAAAcK5F5P6eZPf/miq+Nd5+fOBS8p9iZHcF/uyXn/z85lKttj2b9v/rUX/tF1n/O8M4ggEAAAAXUeHU0dZ+ems/HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD66cHhreXWNMi49xdiLCY6xc/HaGM+GoWIeOHfSeSPPC6JiJE+xD+4HRGvdoqfpGnFRJZFe/xcRIwNOf6LfYgPF9ndhYj4qNPrLxeTjXnn118+m57W/YXGi7xj/Nb730iX97/P9RjjtXu/m+4a/3bEa/mT8ccjeRQ/6RL/zR7jX//+/n63sfqvI6Y6/v1JmrNc9o21zRvTO3v719Y3l9bKa+WtubnZ9+c/mH9vfmZ6db1Szr52jPHTL/3+4E7X+psBjsZv1TnRzPBH3ep/q8f6/3vv5uErzWbhZPyIq292/vm/2ph3fv7T34m3s6cnHZ9qtQ+a7aOu/PZPV7rllsZf6fL8N3/+xfrj+Plj9V/trfyjNf+qt4cAAGdpZ29/Y6lSKW8PoPHGu/1bYdJopFtBA0p+2I3WwY5nJZ/R4US/HMOt/VtPvZ7W5vDTrOevfasr3WfoPDTENyUAAOBMPN7oH3YmAAAAAAAAAAAAAAAAAAAAcHE1/v9/5Ak/CPD1J/uksfaYB8MpFQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgVP8LAAD//9WHwV0=")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@xino_on}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80)
getdents64(r0, &(0x7f0000000400)=""/4096, 0x1000)

20.723842126s ago: executing program 7 (id=1741):
syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x800810, &(0x7f00000002c0)={[{@datacow}, {@rescan_uuid_tree}, {@compress_force}, {@space_cache_v2}, {@ssd}, {}, {@clear_cache}, {@nodiscard}]}, 0xfb, 0x50f9, &(0x7f0000005140)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734d2FpAqhUbJJahw38Xptk4daqqwpVSPSNOuGBlURxcZek8ULdmxTYhQiYxPRCEFpg5R8KMIoimo+QK1ARFJAuEhxhMojoioKIFBoDVEQKSWJSBOkUM3ee2bvnLvz8GONl/5+knfOzP887zw859475wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP8Ph75y1d82iz/82/Oefu7Cicv2rrvw5WvOO/3xECZnH+/Iwh3919868fM7z71r731rbrvnyPkf7M3L5fEwUP3Tmd+5LtZ6ZGkI93aE0J0GVg5mgZ78/mCs712DIZwW5gK1ElP9WYm04fD9vhD2h7lArarv9YUwWAhc8MRDD95YTdzSF8KyEEIlbePZStZGXxo4qzcL9KeBbd1Z4FdvZGqB73ZmAThu8c1Qe9EfnKzPMDJ/uQavv54T1rE3Vzq8rpgYaZzvZ+sWuFMFvekDk8f1tJWqY0GU3h6HvNsWwbuttJ1v9rQVv0jl31DemAtVQufmqS0br5zZFR/pDGNjXY1qWqDn+alXv7TpaNKL5nUYOzByQl6HNz227M6uFZ969J6Vy1488KF9Lx1vN39U2KTF9EKrhPw1t2iex2jC58kiePuVviWN+tIVQtjy+d/7dLN4af4/0nz+H1/O8bazLnes9fWhbG4eHxmMiVeGsrk5AAAALBqLYa/ptrEHPlYoPlxJ6ivN/0fbO/4fD/nnk/lstIdCmJhN7BsO4YzZx7PAHbG5S4ZDeO9sarI+sC4JHArhnbOJFbWqkhJLYonRJPCToTwwkQQOx8BkEvhWDNycBK6LgYNJYFMMHEoC58ZAmK4fx+8P5eNoO9AXAxuyjXgwnoXwi6HYWrKtnqlVBQAAcILks8Oe+ruFcx2ON0OcXh7sa5UhnoHdMEMlqSGdwdamVQ1r6G5VQ2erGmrj3tN8+KWaO1rVXDoNo6M+w62//JvPhCZK8//x5vP/yjwd6Sgd/w9h/ezfmLszj8zU4hsm6zIAAAAAx2Hgf5//ZrN4af4/0d75/3GfSFchc3gk7obYOhzCeH0gq/YPy4HsqPdAHgAAAIDFoHY8vnYsfDq/zU7RTufT5fyTR5k/HvifmDd/76H7NzTrb2n+P9ne+f/99bdZJw7HXnxtOIQlhcAPYi+rgVmjMfDjj9cH8vEfjhvghlhVfmJCraobYokNMTCeBPY3KvHDWokz6gP5k1VrfF9tHNN5iUIAAAAATrq4OyAel4/n/7/vN2uualauNP/fcHTn/8/Og0un988MhLCqO4Su9IcBj/RnCwPGwGBHnnigP6urK63q2v4QzqkOLK3q+Xz9/+50jcEn+rKqYuCM9x149axq4pt9IawqBp783O0friZ2JYFa43/ZF8J7qqNNG//OkqzxnrTxry8J4d2FQK2qS5aEUG2sN63qoUp+HYO0qn+uhPC2QqBW1UcqIewOACxS8b/SzcUHd+6+euvGmZmpHQuYiPvw+8KW6ZmpsU3bZjZXGvRpc9LnumWMri2Pqd0r3zyTL1H02bvXD7aTrv1OcLzYVr4fv3TiYH4/fhfqmR3nmp66u2vTIX/g/eUmQuGbVKMhdy7wkPuLlcw9iaX6Y/7eMBCWXLlzasfYFzfu2rVjdfa33exrsr/xMFO2rVan26p/vr618fJouFpW4li31fJiJat2Xb591c7dV6+cvnzjpVOXTl2x+iNrxs8eXzv+0bNXVUc1nv1tMdTl81WdDPWN29sc1wkc6pndhUpOxqeGhITEYktsG1je9P/k0vx/e/P5f/zUiZ/8+foMjY7/j8TD/Nnjc4f5N8TA/naP/480OppfOzFgNAnsiYE9DvMDAADw1hAn+XFvZtwr/dMV33mxWbnS/H9Pe7//P0Hr/9eWrj+/0TL/K2KJ8Ubr/6fL/NfW/9/TaP3/dJn/2vr/+9+E9f+vrAWSTfIL6/8DAABvBSdv/f+Wy/unFwgoZWi5vH96gYBShpbL+Ld7gYCjXv//2f/8q/8OTZTm/ze3N/+3cD8AAACcOr78Z1f9TrN4af6/v735/8lf/y80Ov9/tFFgstHCgNb/AwAAYJFqtP7fyPX9FzcrV5r/H2xv/h9Pu+isyx1rfX0oW9MupGvavTJU+8kAAAAALA6dYWysp828dSujrjv2Np/KlwJtli56/k+OHN35/4fam//X/S7jpseW3dm14lOPvn7PymUvHvjQvpfmjv8DAAAAC6fd/RIAAAAAAAAAAAAAAMCb7/n/2Lu2Wbz0+/+wfvbxRr//j9f9i78veHtd7lhr6/X/8vsXfPKu3bNLFj4yFML7i4Gte7eeFvJr8y8vBh68aMU7qom9aYn7nzv3hWri4jTwiZWnv1ZNnJMENsRFEt+ZBuJVFV9bmgTi8or/ngbi9jiYBnrzwFeXZuPoSLfVTwezbdWRbqunB0MYLgRq2+rewayNjnSAtySB2gC/kAbiAP88D3SmvbprIOtVDAzGorcNZL0CAOCUFb8F9oQt0zNT4/ErfLw9s7v+NqpbsuzacrUdbTb/TL402WfvXj/YTror/S46d63xnlCpDmF16etqMUvH7ChPTC0tNt3bGwy51WpvnQ3KpY520/U2HlFfNqKxTdtmNve0HPja1lnWdLfMsro02Slm6ZzdpG3U0kZf2hhRm9umjS7H+51hbKwryfUHMTgS6rR6RbT7e/3iOn+NXgXFPFcc2ferZvWV5v8j7c3/K8VxvZZfDGBPvLLe3w1b5h8AAAAW1lfX/fob8d9nrn/4yWZ5S/P/0fbm/3EPVn4oONvbcShe/3/fcAizl9YfyQJ3xOYuGQ7hvbOpyVgiu6D++bHEeBa4I+4wWRFLbJisr2pJDBxMAj8ZygOHksDhGMj3UhwI+a6cvx8K4cOzqfX1JbbHEiNJ4NMxMJoExmJgPAksjYGJJPDy0jwwmQT+LQbCdP22untpvq0AAACORj7P6qm/G9J53sHuVhk6WmXob5Whs1WGSqsMjUYR7387ZuhJTl7pKGTqSWvtS2opZYgXwz/qfpUyhB/W50wLlpqO5x/UzjfoqM9w38e6K6GJ0vx/vL35f3/9bdb64Tj/n7v+Xxb4Qeze1+Kp46Mx8OOP1wfyHQOH42T3hlpVk3mJfNJ+QywxEQOjSWB7DEwkgQ3r88D+d9QH8pl2rfF9tcan8xKFAAAAAJx0cQdB3E0T5/+37fzKQLNypfn/RHvz/9jeQLGx62KtR5aGcG/HXG9qgZWDWSDuxxiMP49/12AIpxV2cNRKTPVnJXqThsP3+7JfqPemVX2vL/vxQbx/wRMPPXhjNXFLXwjLCntfam08W8na6EsDZ/Vmgf40sK07C8Q9P7XAdzuzABy32l7B+ILKT3WpGZm/XIPX31vlmqDp8Er7QOfJN99vrhZKaYdrvk+15uietqb7bzlhSm+PQ95ti/HdNuLdVvwilX9DeWMuVAmdm6e2bLxyZld8pPhL1pIFep6Lv1JtJ30CXod7jr23rVXSDownHx/j85eb/3XYEau76bFld3at+NSj96xc9uKBD+17qe1uNBB/KPzQNf86+KPC5l1olZC/5hbd58mkz5NF8d9A8u4e9bSFENa//PUbmsVL8//J9ub/3cntrF/HjblzOIQPFDbuI3Hz//Fw9jlYCGSfkm8rB7JD7v811PCTEwAAAE602u6O2v6C6fw2OyE8nSeX808eZf64v2Ji3vzt9rv/ry9a1ixemv9vaD7/X5J00/F/x/9ZII7/z+tU3xW9JH1gz3Htii5Vx4Jw/H9ep/q7zfH/eTn+7/j/fBz/b8Hx/3md6k9b6VvSdl+6Qggv/tEDTzeLl+b/29ub/1v/b/5F+2rr/21otP7f9kbr/+2x/h8AALCgGiw0l87zSqv3lTKkq/eVMrRcILDlEoPW/zvq9f9eOPPZ34QmSvP/Pe3N/+PLYaDY+mJZ/290fYOqbo6B7RYGBAAA4FTUaAcBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb677/uF/NjeLP/zb855+7sKJy/auu/Dla847/fEQpmcf78jCHf3X3zrx8zvPvWvvfWtuu+fI+R+s5OV68tvfrcsda319KIT9hUcGY+KVoeqducAFn7xrd3c18chQCO8vBrbu3XpaNfGtoRCWFwMPXrTiHdXE3rTE/c+d+0I1cXEa+MTK01+rJs7JAx1pd/9xadbdjrS7Ny4NYbgQqHX3sqX1VdXa+NM80Jm28U+DWRsxMBiLfmMwayMGZmKJ6SUhrOoOoSut6uFKVlVXWtW/VLKqutKqvlwJ4ZwQQnda1XO9WVXd6cgf782qioEz3nfg1bOqif29IawqBp783O0fria+kARqjf9Fbwjvqb5k0sa/3ZM13pM2fktPCO8OIfSmJX7ZnZXoTUs83x3C2wqBWuOf7w5hd+AtIX741H2i7dx99daNMzNTOxYw0Zu31Re2TM9MjW3aNrO5kvSpkY5C+o1rj33sz7z6pU3V28/evX6wnXR3Xq5ntstreururj3Vex/71V+sZO75KNUf8/eGgbDkyp1TO8a+uHHXrh2rs7/tZl+T/e3Ko9m2Wr1YttXyYiWrdl2+fdXO3VevnL5846VTl05dsfoja8bPHl87/tGzV1VHNZ79PRFDvf3kD/XM7kIlJ+MDQEJCYrElOus+3cZP9Q/y0hf9uY72hMrsB3RpWlHM0jE7yhMx6HXHOOJj+Z7SckSrSxOHUpY182S5tj7L2tJkYq6WvizL7Pe60uSw2Fjn7CaN9zvD2FhXo+0wUn+3uHl/dhyb96l807WbBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRg9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHApAAD//7IeJCA=")
r0 = open$dir(&(0x7f0000000100)='./file1\x00', 0x0, 0x146)
truncate(&(0x7f00000001c0)='./file1\x00', 0x42dc)
ioctl$BTRFS_IOC_DEFRAG_RANGE(r0, 0x40309410, 0x0)

19.018255536s ago: executing program 7 (id=1753):
r0 = socket(0x15, 0x5, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
getsockopt(r0, 0x200000000114, 0x2710, 0x0, &(0x7f0000000000))

18.193601636s ago: executing program 38 (id=1753):
r0 = socket(0x15, 0x5, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
getsockopt(r0, 0x200000000114, 0x2710, 0x0, &(0x7f0000000000))

18.183317355s ago: executing program 9 (id=1757):
sendmsg$IEEE802154_DISASSOCIATE_REQ(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)={0x14, 0x0, 0x300, 0x70bd2b, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x48004}, 0x4040)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r0 = socket$can_raw(0x1d, 0x3, 0x1)
getsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, &(0x7f00000000c0))

18.022272263s ago: executing program 9 (id=1762):
syz_mount_image$nilfs2(&(0x7f0000000600), &(0x7f0000000100)='./file1\x00', 0x3214206, &(0x7f00000001c0)=ANY=[], 0x7, 0xf11, &(0x7f0000002040)="$eJzs3U1sHNUdAPA368/EJl7zaaCEFFoRKNghidT0FgTqEXHpHRQSGmEoauiBiI/QA6ISokiIU8WBigulUorUSqBKFeqp7alVbz2hXqhUpVKiXhopcWXnvfX62ZNdT9az3t3fT/r77Zs3O///eCNnZnb2bQBGVmPt59GjC0UIH3zx/hOvPVv8bnXZva01Dqz9LGKvGUKYaOsX2fa+iguuXHz1xFZtEQ6v/Uz98OSF1nNnQgjnwoHwZWiGT5eWL33y4eMHP3tr+vZ3zz7/+g7tfku+HwAAMIzO/2X5Hw/+688Pz18+v/94mGotT8fnzdificf9h+KBcjpeboSN/aIt2k1m643FaGTrjWXrjWd5xkvyTWTbmShZb7JDvrG2ZVvtJwAAAAyidF7bDEVjcUO/0VhcvHbev+qrucli8cXTy6fO9KlQAAAAoLL/vrF2060QQgghhBBCiB5G6x7lXVCLEKuxMtff6w8AAADA6MnnC9vkXG9n6mptrdld/guPNbZ+PvRA3f/+5R+s/B+/6S8OAADVDevRZNqvdByd5jHI5xEcy5633eP/Rrad8W3WWTav4KDMN1hWZ/573a3K6t/u69gvZfXn82HuVmX15/N07lZl9U/VXEdVZfVP11xHVWX176m5jqrK6t9bcx1VldU/U3MdVZXVP1tzHVWV1X9TzXVUVVb/vprrqKqs/kG5rbas/mbNdVRVVv98zXVUVVb/zTXXUVVZ/bfUXEdVZfXfWnMd/XJPbNPvYX823n7+nJ/TDco5HgAAAIy6/5n/TwghhBBiCOK2XVCDEEKI3Rxv9PsCBAAAANB36XMB6VPvK1EaH+swPt5hfKLD+GSH8akO4wAAAEAIv3/71J3vFeuf87/R+fDSvFFp/qXtzmOUz0e43fw3Ou9Z2tq1+i9tO/+gzFsGAADAaCm+/+XVh5746OX5y+f3H287+74az3fTPKDj8drA57Gf7guYzfpFOoc+vjFPo2S9/PrATWXbe+oGdxQAAABGWDp/b4Zi7ZS70eo3GouL6+fjC2GiOHV6+eSh2E/fz/KnuYmp1eWP1ls2AAAAsA3r5/tFY3GL8//0Pb4LYbJYfPH08qkz1/qzreUTjfbrAnPry4v26wLNbPnhkuVHYj99f+cP5/asLV888aPlZ3u98wAAADAizrxy9vlnlpdP/njLB+nT7NdbZzsP0ucLtvOsEIrQm+weeOBBtw/6+EcJAADYEV9//f7ET47M/uHa5//X579Ln/8/EPvNOLffX+MK6T6B9DmATZ/Xf3pjnrmy9V7auF4zW28sxlRW93TbdkLbfIPpefNl+ZobtzNZkm8myzeb5cvnKRjP1k/59mXL8/kJ03pz2fJ8HsbxLEeR5b8vAAAAQLmll194aenMK2cfOf3CM8+dfO7ki0cOH/vesWOHHv3uo0tr9/Uvtd/dDwAAAAyi9Zt++10JAAAAAAAAAAAAAAAAAAAAjK46vk6s3/sIAAAAo+4/b4QQzgkhSuLaV2D2frvr30TZ/30Uwxt7dkENQggheh2XrzM2tgvqE0Ls2lhZyb9pHgAAAGBnXbn46on2dpNzRU/ztbYW3429GvOmdvaRv8+vRlrtwmMbr5fs7Wk1jLq6//3LP1j5P36zt/mn04Ou//41Nm7geLW8Dyz9aqE9/13jXebP9/+pavkPZvkfCN3lX/koy/90tfwPZvn3dpl/0/6/VC3/QzH/QuwfvL/b/Btf/6nYpv3Y02X+72T7/2zoNn+2/80uE2YejvkBYBQ1+l3ADklHCek4eib20/7Gw82Q3/2w3eP/Rrad8RuufON203HQHbGfjpdms7zJduufybZ3U8U6c4NyV0lZ/b16HXdaWf0TNddRVVn9kzXXUVVZ/VM111FVWf3TNddRVVn93Z6H9ltZ/YNyXbms/pma66iqrP7Zmuuoqqz+7f4/3i9l9e+ruY6qyuqfq7mOqsrqr3hZrXZl9c/XXEdVZfXfXHMdVZXVf0vNdVRVVv+tNdfRL3fHtux8OJ1/zsWx1G9m/aktfpfDem0BAAAABs2/zf8nBiWOzva/BiGE6Fns2QU1iNGO+O5P3+sQYjhiZeXqyqp+1yHE9WJlpd9XIOinnf00MwC7lb//o83rP9q8/qPN68/1pHv4i6yfjHUYH+8wPtFhfDIbz/+9TnUYvyXb7kqUxm/tMH5bh/F9Hcbv6DC+0GH8zg7jd3UYv7vDOAAAAKPh9tg6PwQAAIDh9dqvP3/ntw88fXH+8vn9x8PkpnnnD8X+VHxv/e3Yz+e9Tybie/4/jf1fxvaPsf1ntr77TwAAAGDnpe+J8f4/AAAADK/0PaXO/wEAAGB4zcfW+T8AAAAMr5tj6/wfAAAAhlgxvfXi2KbrAvfFttt5/QCA3e8bsb0ntvtje29svxnbdBxwf2y/VVN9AEDv/OIHPzv2XrE+3/+RbPxKXJ7aTc5du1JQNDbO5L8ntntj++0u68m/D6Db/Mm+LvPsVP65G8wPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyPxtrPo0cXihA++OL9J34++c7fVpfd21rjwNrPIvaaIYSJ1vPS6Hr/N3HFKxdfPdHeXo1tEQ6HIhSt5eHJC61MMyGEc+FA+DI0w6dLy5c++fDxg5+9NX37u2eff30HfwUb9g8AAACG0f8DAAD//+bVG3I=")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2001413, 0x0, 0x1, 0x0, &(0x7f0000000080))
unlink(&(0x7f0000000100)='./file0/file1\x00')
rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./bus/file0\x00')

17.242802806s ago: executing program 9 (id=1768):
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000980)='cpu.idle\x00', 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000100)=ANY=[], 0x27)

16.734287234s ago: executing program 9 (id=1772):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x404, &(0x7f0000000600)={[{@nogrpid}, {@nobh}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@errors_continue}, {@nombcache}, {@orlov}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
rename(&(0x7f0000000000)='./file2\x00', &(0x7f00000005c0)='./file0/file0\x00')
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})

15.932008641s ago: executing program 9 (id=1774):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'macvtap0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r1, {0x1, 0xfff1}, {0xfff1, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001980)=@newqdisc={0x24, 0x28, 0x4ee4e6a52ff56541, 0x5001, 0xfffffdfc, {0x0, 0x0, 0x0, r1, {0xfff3}, {0x0, 0xfff1}, {0x2, 0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x40098}, 0x4000000)

14.518257042s ago: executing program 9 (id=1782):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newlink={0x2c, 0x10, 0x401, 0x7ffffffb, 0x3, {0x0, 0x0, 0x600, r2, 0x60, 0x880}, [@IFLA_BROADCAST={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2d}}]}, 0x2c}, 0x1, 0xd, 0x0, 0xc885}, 0x44000)

14.070482364s ago: executing program 39 (id=1782):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=@newlink={0x2c, 0x10, 0x401, 0x7ffffffb, 0x3, {0x0, 0x0, 0x600, r2, 0x60, 0x880}, [@IFLA_BROADCAST={0xa, 0x2, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x2d}}]}, 0x2c}, 0x1, 0xd, 0x0, 0xc885}, 0x44000)

5.220085719s ago: executing program 4 (id=1845):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000180)={0x38, r1, 0x1, 0x70bd2d, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x1c, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_HWMP_MAX_PREQ_RETRIES={0x5, 0x8, 0x3}, @NL80211_MESHCONF_CONNECTED_TO_AS={0x5}, @NL80211_MESHCONF_HT_OPMODE={0x6, 0x16, 0x2}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x30048011}, 0x4c000)

3.766605531s ago: executing program 4 (id=1853):
openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x305200, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
r0 = syz_open_dev$sndpcmc(&(0x7f0000004240), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_STATUS64(r0, 0xc0884123, &(0x7f0000000080))

3.517895649s ago: executing program 4 (id=1854):
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x2})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x4c, 0x0, &(0x7f0000001cc0)="e30080670000ec67838717bd86dde148f0630962bb87dd44fe42904bcee14db4241544716b9ea42231ed3373a3e29953e3bb017d9c1fd05dacf5bb80b4b7ee0fae7aea53492b38978defbb39", 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xc}, 0x50)
r0 = syz_open_dev$sg(&(0x7f0000000140), 0x6f5e, 0x1)
ioctl$FIBMAP(r0, 0x1, &(0x7f0000000040)=0x85)

3.422452692s ago: executing program 4 (id=1856):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x3, 0x6, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
creat(&(0x7f00000000c0)='./bus\x00', 0x182)

3.138187908s ago: executing program 6 (id=1858):
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000c00), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r0, 0x4008af00, &(0x7f0000000000)=0x200000000)
write$vhost_msg_v2(r0, &(0x7f00000019c0)={0x2, 0x0, {&(0x7f0000001880)=""/13, 0xd, 0x0, 0x2, 0x2}}, 0x48)
write$vhost_msg_v2(r0, &(0x7f0000000180)={0x2, 0x0, {0x0, 0x0, 0x0, 0x2, 0x3}}, 0x48)

3.007358673s ago: executing program 2 (id=1859):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)=@delchain={0x1c4, 0x65, 0x2, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0x0, 0x9}}, [@TCA_CHAIN={0x8, 0xb, 0x6}, @TCA_CHAIN={0x8, 0xb, 0x6}, @filter_kind_options=@f_bpf={{0x8}, {0x188, 0x2, [@TCA_BPF_ACT={0xd4, 0x1, [@m_gact={0xd0, 0xb, 0x0, 0x0, {{0x9}, {0x4}, {0xa1, 0x6, "3532565adeea82a6d355b04e82cf0d976e9e3d561f7832a2553c4393a1a4d9d755a3ca015b8308cae8430cb3ee720daf513b7d09d45af79089af4ca0f7ae568b98646f301384cfe6ba628a461810b458401b48d92b11c4b84c4fc318de1f6827de4e78cdbcf73ddf84c995030329bc7513206fbbbaff80269acd40d48bee53c5d29ae26ac4f4be644348ff30d97b9cb02360266994fa3a862b1418bc3e"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x1, 0x2}}}}]}, @TCA_BPF_NAME={0xc, 0x7, './file0\x00'}, @TCA_BPF_ACT={0x98, 0x1, [@m_tunnel_key={0x60, 0x5, 0x0, 0x0, {{0xf}, {0x28, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @remote}, @TCA_TUNNEL_KEY_NO_CSUM={0x5}, @TCA_TUNNEL_KEY_NO_CSUM={0x5}]}, {0x9, 0x6, "67a638128a"}, {0xc, 0x7, {0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_connmark={0x34, 0xc05, 0x0, 0x0, {{0xd}, {0x4}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}, @TCA_BPF_OPS={{0x6}, {0x4}}]}}]}, 0x1c4}, 0x1, 0x0, 0x0, 0x4c800}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

2.981582293s ago: executing program 6 (id=1860):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000001840), r1)
sendmsg$IEEE802154_LLSEC_DEL_SECLEVEL(r0, &(0x7f0000001980)={0x0, 0x0, &(0x7f0000001940)={&(0x7f00000018c0)={0x38, r2, 0x1, 0x70bd2b, 0x25dfdbff, {}, [@IEEE802154_ATTR_LLSEC_DEV_OVERRIDE={0x5, 0x36, 0x1}, @IEEE802154_ATTR_LLSEC_SECLEVELS={0x5, 0x35, 0x3}, @IEEE802154_ATTR_LLSEC_FRAME_TYPE={0x5, 0x33, 0x3}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}]}, 0x38}}, 0x40c0)

2.73457024s ago: executing program 6 (id=1862):
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x2})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x142, 0x0, &(0x7f0000001cc0)="e30080670000ec67838717bd86dde148f0630962bb87dd44fe42904bcee14db4241544716b9ea42231ed3373a3e29953e3bb017d9c1fd05dacf5bb80b4b7ee0fae7aea53492b38978defbb39a1ffa8a175e8257c3c5386795f7aaa2b182cc4c3705dc9f253d21fba2eace93b558c750cfba810dc7a19dbb15a5a39c850a7541d5e2765acdedc133065149a3bb764ba84b3305aaecab5141901b2fe9df9b70001000000002e226c0d3da103584e12f876c1ceeb5cde8d693c54260d41d1037995a1cd288118dbf12115ce226253e5a18f67a0e104cc90ab1ffb103d4875d667fab1d2ab0f37a5d7964da187d9829c60360223745ab488c8e0196b6597a1b03a942871abf3c6886302e18a7c98eddb1bff82830721a399c20000000059f2604c0e1d95d9ecd00a24efa3bae14aa15333f8e57bb4bfb9db10e90b01acd295900fee7a6a", 0x0, 0x3ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xc}, 0x50)
r0 = syz_open_dev$sg(&(0x7f0000000140), 0x6f5e, 0x0)
ioctl$FIBMAP(r0, 0x1, &(0x7f0000000040)=0x85)

2.500981116s ago: executing program 2 (id=1865):
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='net/mcfilter\x00')
syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00')
pselect6(0x40, &(0x7f0000000100)={0x2, 0x0, 0xfffffffffffffff8, 0x0, 0x1, 0x10}, 0x0, &(0x7f0000000240)={0x1f, 0xc, 0x715, 0x8000000000000000, 0x0, 0x80000000000000, 0x800, 0x20000}, 0x0, 0x0)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000180)='tmpfs\x00', 0x22008d0, 0x0)

2.427329462s ago: executing program 6 (id=1866):
r0 = socket$kcm(0x11, 0xa, 0x300)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
sendmsg$tipc(r1, &(0x7f0000003a00)={&(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x9}}, 0x10, &(0x7f0000000b40)=[{0x0}, {0x0}, {0x0}, {&(0x7f0000001a00), 0x101d0}], 0x4}, 0x0)
recvmsg(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000bc0)=""/4103, 0x1007}], 0x1}, 0x0)

2.205089676s ago: executing program 2 (id=1867):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000040)='./file0\x00', 0x2000002, &(0x7f0000001140)=ANY=[@ANYBLOB="766f6c756d653d3030303030303030303036332c696f636861727365743d6d6163677265656b2c696f636861727365743d6b6f69382d72752c7569643d666f726765742c756d61736b3d30303030303030303030303030303030303030303030322c6e6f7672732c6e6f7672732c66696c657365743d30303030303030303030303030303030303030342c646d6f64653d30303030303030303030303030303030303030303131362c007732be3442cd163f564b8a695afa1b16eefc0b9d590fbf9ab8391b97ea4c0cf06c797f1a493380ce6975738b912f61be3a342f9b9ee8b8bee4aa2b525fd11b2212573ec6e7f3235ad950c58d6bf8d5318071bd000000004c67990370b984f0b3bf4b8ee680536ebf6c9386b8e46872d639e0de679325aa384473cb1be572c732000000000000000020b00e44de83eb12e1addb51edd821f23ab83af360c42a3a64f4e227479c5dd61952d5fcb0bcfee33d3832a050f83cc04ac5025adbf5d9fc1d72fb565aa4734eec868691025f3a382de96d325d0f56d2859781ea76aea7305d7661f8bd5650b7e9dcc1af8c0daef9686f8a1a5637c77b000b423d659049a769bbd8ac3ec13220fb30c2cbcc5f045b71395d17d76da531a330468bfd2dd4b7f6d9991ec27e0485b36bff71689d333fd4b5b6d8dfabb206dd573227856bdd7661d970d01bf6639b3177b0fd9d80ce94358a17b72a27def19e853c337df0e8a1a8f27d44010f9399f8feae412a6c3d07f8f9e24f8948"], 0xfe, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir")
r0 = open(&(0x7f0000000300)='.\x00', 0x100000, 0x0)
flock(r0, 0x6)
symlink(&(0x7f0000000880)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000b80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

2.147698131s ago: executing program 6 (id=1869):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, &(0x7f0000000480)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x23, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000580)={'dummy0\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000004c0)={r0, r2, 0x25, 0x0, @void}, 0x10)

2.029061094s ago: executing program 4 (id=1870):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
openat$tun(0xffffffffffffff9c, 0x0, 0xc1842, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
ioctl$TUNGETFILTER(r0, 0x801054db, 0x0)

1.85050264s ago: executing program 2 (id=1872):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0xe00, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000480)={{0x14}, [@NFT_MSG_NEWRULE={0x78, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0xfffe}, [@NFTA_RULE_EXPRESSIONS={0x4c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}, @NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x16}, @NFTA_CT_DIRECTION={0x5}]}}}, {0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_CT_SREG={0x8, 0x4, 0x1, 0x0, 0xc}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x5}}}, 0xa0}, 0x1, 0x0, 0x0, 0x840}, 0x0)
close(r0)

1.645791114s ago: executing program 2 (id=1874):
r0 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000180)={'ip6_vti0\x00', &(0x7f0000000000)={'syztnl1\x00', <r1=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @empty, @private2={0xfc, 0x2, '\x00', 0x1}, 0x0, 0x80, 0xfffffffc, 0xdc67}})
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r0, 0x89f1, &(0x7f0000000140)={'syztnl1\x00', &(0x7f0000000240)={'syztnl0\x00', r1, 0x29, 0x0, 0x6, 0x7f, 0x5, @ipv4={'\x00', '\xff\xff', @multicast1}, @mcast1, 0x0, 0x40, 0x6, 0x41}})
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r0, 0x89f3, &(0x7f0000000080)={'syztnl1\x00', &(0x7f00000000c0)={'syztnl1\x00', r1, 0x0, 0x0, 0x0, 0x0, 0xd, @dev={0xfe, 0x80, '\x00', 0x29}, @private0={0xfc, 0x0, '\x00', 0x1}, 0x700, 0x8000, 0xfffffffc}})

1.500135449s ago: executing program 5 (id=1875):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000100)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='net/udp6\x00')
mount(0x0, 0x0, 0x0, 0x2951024, 0x0)
preadv(r0, 0x0, 0x0, 0x29d3, 0x6)

1.206270776s ago: executing program 5 (id=1876):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0xecf86c37d53048d6)
write$binfmt_elf32(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="7f454c4604070003040000000000000002000300030000000903000038000000ce0000000e0000000b00200001000500050000000000000003"], 0x58)
close(r0)
execve(&(0x7f0000000300)='./file0\x00', 0x0, 0x0)

1.154956491s ago: executing program 5 (id=1877):
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x7ffe, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x3}, 0x0)
ioprio_set$pid(0x1, 0x0, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0)
sendfile(r0, r0, 0x0, 0x3fffff)

998.766176ms ago: executing program 5 (id=1878):
mknod(&(0x7f0000000040)='./file0\x00', 0x8001420, 0x0)
r0 = open$dir(&(0x7f0000000140)='./file0\x00', 0x2, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)={0x30000009})

810.120484ms ago: executing program 5 (id=1879):
setsockopt$inet6_group_source_req(0xffffffffffffffff, 0x29, 0x2a, &(0x7f0000000080)={0x8, {{0xa, 0x0, 0x7, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @mcast1, 0x2}}}, 0x108)
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000440)={0x2, 0xfffffffc, 0x6}, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x20, 0x12, 0xa01, 0x0, 0x0, {0x80}}, 0x26}}, 0x0)

103.86156ms ago: executing program 6 (id=1880):
r0 = open(&(0x7f0000000280)='.\x00', 0x80, 0x122)
fcntl$notify(r0, 0x402, 0x8000003d)
fcntl$setown(r0, 0x8, 0xffffffffffffffff)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)

62.886252ms ago: executing program 2 (id=1881):
r0 = socket$inet6(0xa, 0x80003, 0x6)
connect$inet6(r0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg(r0, &(0x7f0000000480), 0x2e9, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x1a, 0x0, 0x0)

1.86879ms ago: executing program 5 (id=1882):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x4, 0x2}, 0x4)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2673004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

0s ago: executing program 4 (id=1883):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
write$FUSE_NOTIFY_STORE(r0, &(0x7f0000000000)=ANY=[@ANYBLOB='(\x00\x00\x00\t'], 0x28)

kernel console output (not intermixed with test programs):

capacity change from 0 to 512
[  235.862598][ T9372] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  235.923813][ T9368] EXT4-fs error (device loop8): ext4_iget_extra_inode:5073: inode #15: comm syz.8.1111: corrupted in-inode xattr: invalid ea_ino
[  236.007506][ T9368] EXT4-fs error (device loop8): ext4_orphan_get:1396: comm syz.8.1111: couldn't read orphan inode 15 (err -117)
[  236.079085][ T9368] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  236.334250][ T9389] loop7: detected capacity change from 0 to 256
[  236.375250][ T9389] exfat: Deprecated parameter 'utf8'
[  236.411887][ T9389] exfat: Deprecated parameter 'namecase'
[  236.434779][ T9389] exfat: Deprecated parameter 'utf8'
[  236.519039][ T9389] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  236.542370][ T7707] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.798082][   T30] audit: type=1326 audit(1770077930.685:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9395 comm="syz.6.1121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb1b99aeb9 code=0x7ffc0000
[  236.941991][   T30] audit: type=1326 audit(1770077930.685:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9395 comm="syz.6.1121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb1b99aeb9 code=0x7ffc0000
[  237.038796][   T30] audit: type=1326 audit(1770077930.685:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9395 comm="syz.6.1121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb1b99aeb9 code=0x7ffc0000
[  237.105882][ T9406] syz_tun: entered allmulticast mode
[  237.121476][   T30] audit: type=1326 audit(1770077930.685:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9395 comm="syz.6.1121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb1b99aeb9 code=0x7ffc0000
[  237.145735][   T30] audit: type=1326 audit(1770077930.685:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9395 comm="syz.6.1121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb1b99aeb9 code=0x7ffc0000
[  237.172058][   T30] audit: type=1326 audit(1770077930.695:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9395 comm="syz.6.1121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fcb1b99aeb9 code=0x7ffc0000
[  237.201837][   T30] audit: type=1326 audit(1770077930.695:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9395 comm="syz.6.1121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb1b99aeb9 code=0x7ffc0000
[  237.244026][ T9406] syz_tun: left allmulticast mode
[  237.272032][   T30] audit: type=1326 audit(1770077930.695:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9395 comm="syz.6.1121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb1b99aeb9 code=0x7ffc0000
[  237.342555][ T9411] bridge0: port 2(bridge_slave_1) entered disabled state
[  237.350369][ T9411] bridge0: port 1(bridge_slave_0) entered disabled state
[  237.366339][   T30] audit: type=1326 audit(1770077930.695:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9395 comm="syz.6.1121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb1b99aeb9 code=0x7ffc0000
[  237.382864][ T9411] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  237.442902][   T30] audit: type=1326 audit(1770077930.695:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9395 comm="syz.6.1121" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fcb1b99aeb9 code=0x7ffc0000
[  237.473877][ T9417] loop1: detected capacity change from 0 to 512
[  237.533241][ T9417] EXT4-fs (loop1): Test dummy encryption mode enabled
[  237.551786][ T9417] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  237.642597][ T9417] EXT4-fs error (device loop1): xattr_find_entry:337: inode #15: comm syz.1.1130: corrupted xattr entries
[  237.777596][ T9417] EXT4-fs (loop1): 1 orphan inode deleted
[  237.791454][ T9417] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  237.867534][ T9427] loop0: detected capacity change from 0 to 512
[  237.904018][ T9417] EXT4-fs error (device loop1): ext4_lookup:1789: inode #2: comm syz.1.1130: deleted inode referenced: 15
[  237.915885][ T9427] EXT4-fs: Ignoring removed orlov option
[  237.954023][ T9427] EXT4-fs (loop0): Test dummy encryption mode enabled
[  237.981094][ T9427] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  238.028396][ T9427] EXT4-fs (loop0): 1 truncate cleaned up
[  238.061510][ T9427] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  238.096447][ T5821] EXT4-fs error (device loop1): mb_free_blocks:2037: group 0, inode 11: block 54:freeing already freed block (bit 53); block bitmap corrupt.
[  238.160815][ T9427] fscrypt: AES-256-XTS using implementation "xts-aes-vaes-avx2"
[  238.226167][ T5821] EXT4-fs error (device loop1): ext4_lookup:1785: inode #14: comm syz-executor: invalid fast symlink length 39
[  238.245364][ T9427] EXT4-fs (loop0): Online defrag not supported for encrypted files
[  238.286763][ T5821] EXT4-fs error (device loop1): ext4_lookup:1785: inode #14: comm syz-executor: invalid fast symlink length 39
[  238.428924][ T5820] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.428977][ T9424] loop6: detected capacity change from 0 to 32768
[  238.678991][ T5821] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.011107][ T9428] loop7: detected capacity change from 0 to 32768
[  239.061771][ T9428] BTRFS: device fsid c6b85f58-0c7e-41ca-a553-c8d9f94f6663 devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.1134 (9428)
[  239.144978][ T2984] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.232845][ T9428] BTRFS info (device loop7): first mount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663
[  239.285379][ T9428] BTRFS info (device loop7): using blake2b (blake2b-256-lib) checksum algorithm
[  239.471204][ T2984] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  239.629118][ T9428] BTRFS info (device loop7): enabling ssd optimizations
[  239.636171][ T9428] BTRFS info (device loop7): turning on async discard
[  239.727226][ T9428] BTRFS info (device loop7): enabling free space tree
[  239.763450][ T9465] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1148'.
[  239.876127][ T2984] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.081750][ T7593] BTRFS info (device loop7): last unmount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663
[  240.140854][ T5831] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  240.151183][ T5831] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  240.163027][ T5831] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  240.210402][ T5831] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  240.219632][ T2984] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  240.242218][ T5831] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  240.427953][ T9479] loop0: detected capacity change from 0 to 512
[  240.506360][ T9479] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  240.676957][ T5894] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  240.767827][ T9488] UBIFS error (pid: 9488): cannot open "c8:", error -22
[  240.881210][ T5820] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.891888][ T2984] bridge_slave_1: left allmulticast mode
[  240.916525][ T5894] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  240.934122][ T2984] bridge_slave_1: left promiscuous mode
[  240.941353][ T5894] usb 6-1: New USB device found, idVendor=07c0, idProduct=1125, bcdDevice= 0.00
[  240.963482][ T2984] bridge0: port 2(bridge_slave_1) entered disabled state
[  240.977574][ T5894] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  241.017271][ T5894] usb 6-1: config 0 descriptor??
[  241.126330][ T9497] loop6: detected capacity change from 0 to 512
[  241.168176][ T9497] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  241.232618][ T9497] EXT4-fs (loop6): 1 truncate cleaned up
[  241.263090][ T9497] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  241.277827][ T5894] usbhid 6-1:0.0: can't add hid device: -71
[  241.283826][ T5894] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[  241.360252][ T5894] usb 6-1: USB disconnect, device number 8
[  241.416646][ T9497] EXT4-fs error (device loop6): ext4_empty_dir:3118: inode #2: block 13: comm syz.6.1161: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  241.601506][ T6915] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.753978][ T9499] loop0: detected capacity change from 0 to 32768
[  241.769584][ T9507] snd_dummy snd_dummy.0: control 0:0:0:syz0:0 is already present
[  241.811727][ T9499] JBD2: Ignoring recovery information on journal
[  241.991704][ T9499] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  242.310407][ T5820] ocfs2: Unmounting device (7,0) on (node local)
[  242.367110][ T5825] Bluetooth: hci2: command tx timeout
[  242.575668][ T9528] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  242.600141][ T2984] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  242.629546][ T2984] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  242.653031][ T2984] bond0 (unregistering): Released all slaves
[  242.720416][ T9493] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1159'.
[  242.733459][ T9532] loop8: detected capacity change from 0 to 256
[  242.944988][ T9518] loop6: detected capacity change from 0 to 32768
[  242.995804][ T9518] ocfs2: Slot 0 on device (7,6) was already allocated to this node!
[  243.035657][ T9518] JBD2: Ignoring recovery information on journal
[  243.248845][ T9518] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  243.318847][ T5989] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  243.456480][ T9550] loop8: detected capacity change from 0 to 512
[  243.508582][ T5989] usb 8-1: Using ep0 maxpacket: 32
[  243.535799][ T5989] usb 8-1: config 0 has an invalid interface number: 184 but max is 0
[  243.587743][ T5989] usb 8-1: config 0 has no interface number 0
[  243.620716][ T5989] usb 8-1: config 0 interface 184 has no altsetting 0
[  243.646302][ T5989] usb 8-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  243.693051][ T5989] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  243.733172][ T5989] usb 8-1: Product: syz
[  243.749979][ T5989] usb 8-1: Manufacturer: syz
[  243.755559][ T6915] ocfs2: Unmounting device (7,6) on (node local)
[  243.759283][ T5989] usb 8-1: SerialNumber: syz
[  243.828340][ T5989] usb 8-1: config 0 descriptor??
[  243.839775][ T9557] loop5: detected capacity change from 0 to 512
[  243.886685][ T5989] smsc75xx v1.0.0
[  243.952523][ T9557] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  244.168147][ T2984] hsr_slave_0: left promiscuous mode
[  244.226764][ T2984] hsr_slave_1: left promiscuous mode
[  244.242483][ T2984] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  244.255449][ T5824] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.269590][ T2984] batman_adv: batadv0: Removing interface: batadv_slave_0
[  244.290136][ T2984] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  244.314835][ T2984] batman_adv: batadv0: Removing interface: batadv_slave_1
[  244.401876][ T2984] veth1_macvtap: left promiscuous mode
[  244.408510][ T9576] loop0: detected capacity change from 0 to 1024
[  244.415446][ T2984] veth0_macvtap: left promiscuous mode
[  244.422740][ T2984] veth1_vlan: left promiscuous mode
[  244.431251][ T2984] veth0_vlan: left promiscuous mode
[  244.449874][ T5825] Bluetooth: hci2: command tx timeout
[  244.552894][ T9576] hfsplus: walked past end of dir
[  244.680685][ T5989] smsc75xx 8-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -71
[  244.713711][ T5989] smsc75xx 8-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  244.755009][ T5989] smsc75xx 8-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  244.778398][ T5989] smsc75xx 8-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  244.790061][ T5989] smsc75xx 8-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  244.822635][ T5989] smsc75xx 8-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  244.839535][ T5989] smsc75xx 8-1:0.184: probe with driver smsc75xx failed with error -71
[  244.869794][ T5989] usb 8-1: USB disconnect, device number 7
[  245.427363][ T2984] team0 (unregistering): Port device team_slave_1 removed
[  245.523220][ T2984] team0 (unregistering): Port device team_slave_0 removed
[  246.006072][ T9473] chnl_net:caif_netlink_parms(): no params data found
[  246.291789][ T9603] batman_adv: batadv0: Adding interface: dummy0
[  246.298303][ T9603] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  246.325036][ T9603] batman_adv: batadv0: Interface activated: dummy0
[  246.480802][ T9608] loop8: detected capacity change from 0 to 256
[  246.532664][ T9614] loop7: detected capacity change from 0 to 512
[  246.540481][ T5825] Bluetooth: hci2: command tx timeout
[  246.591983][ T9473] bridge0: port 1(bridge_slave_0) entered blocking state
[  246.598688][ T9614] FAT-fs (loop7): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  246.604681][ T9473] bridge0: port 1(bridge_slave_0) entered disabled state
[  246.621221][ T9473] bridge_slave_0: entered allmulticast mode
[  246.647912][ T9473] bridge_slave_0: entered promiscuous mode
[  246.669893][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  246.669915][   T30] audit: type=1800 audit(1770077940.555:37): pid=9608 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.1200" name="file1" dev="loop8" ino=1048656 res=0 errno=0
[  246.690348][ T9608] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  246.718131][ T9473] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.741048][ T9473] bridge0: port 2(bridge_slave_1) entered disabled state
[  246.772348][ T9473] bridge_slave_1: entered allmulticast mode
[  246.796622][ T9608] FAT-fs (loop8): Filesystem has been set read-only
[  246.836087][ T9473] bridge_slave_1: entered promiscuous mode
[  246.882865][ T9608] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  246.934447][ T9621] loop0: detected capacity change from 0 to 128
[  246.972458][ T9619] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  247.027750][ T9623] program syz.5.1205 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  247.030587][ T9473] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  247.130462][ T9473] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  247.322665][ T9473] team0: Port device team_slave_0 added
[  247.409276][ T9473] team0: Port device team_slave_1 added
[  247.601431][ T9473] batman_adv: batadv0: Adding interface: batadv_slave_0
[  247.635962][ T9473] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  247.732109][ T9473] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  247.758091][ T9644] program syz.5.1212 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  247.831930][ T9473] batman_adv: batadv0: Adding interface: batadv_slave_1
[  247.857048][ T9473] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  247.964915][ T9473] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  248.077315][ T5894] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  248.209307][ T9473] hsr_slave_0: entered promiscuous mode
[  248.217208][ T9473] hsr_slave_1: entered promiscuous mode
[  248.223694][ T9473] debugfs: 'hsr0' already exists in 'hsr'
[  248.229570][ T9473] Cannot create hsr debugfs directory
[  248.289223][ T5894] usb 9-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  248.316954][ T5894] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  248.361000][ T5894] usb 9-1: config 0 descriptor??
[  248.438972][ T5894] cp210x 9-1:0.0: cp210x converter detected
[  248.609195][ T5825] Bluetooth: hci2: command tx timeout
[  248.620512][ T9670] loop5: detected capacity change from 0 to 2048
[  248.646275][ T9670] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  248.657852][ T9670] NILFS (loop5): mounting unchecked fs
[  248.764285][ T9670] NILFS (loop5): recovery complete
[  248.802174][ T9678] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  248.989997][ T5894] cp210x 9-1:0.0: failed to get vendor val 0x000e size 678: -71
[  249.035905][ T5894] cp210x 9-1:0.0: GPIO initialisation failed: -71
[  249.067761][ T5894] usb 9-1: cp210x converter now attached to ttyUSB0
[  249.094458][ T5894] usb 9-1: USB disconnect, device number 4
[  249.131067][ T5894] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  249.178435][ T5894] cp210x 9-1:0.0: device disconnected
[  249.452006][ T9473] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  249.531395][ T9473] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  249.573509][ T9473] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  249.676585][ T9473] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  250.095603][ T9473] 8021q: adding VLAN 0 to HW filter on device bond0
[  250.196414][ T9686] loop0: detected capacity change from 0 to 32768
[  250.218009][ T9473] 8021q: adding VLAN 0 to HW filter on device team0
[  250.265058][ T9686] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1226 (9686)
[  250.303195][ T5960] bridge0: port 1(bridge_slave_0) entered blocking state
[  250.310409][ T5960] bridge0: port 1(bridge_slave_0) entered forwarding state
[  250.379905][ T9686] BTRFS info (device loop0): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  250.411534][ T9686] BTRFS info (device loop0): using blake2b (blake2b-256-lib) checksum algorithm
[  250.421254][ T7382] bridge0: port 2(bridge_slave_1) entered blocking state
[  250.428484][ T7382] bridge0: port 2(bridge_slave_1) entered forwarding state
[  250.453694][ T9725] loop6: detected capacity change from 0 to 128
[  250.504315][ T9725] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  250.537024][ T9725] hpfs: filesystem error: improperly stopped
[  250.581481][ T9725] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  250.692629][ T9725] hpfs: You really don't want any checks? You are crazy...
[  250.756754][ T9725] hpfs: hpfs_map_sector(): read error
[  250.769529][ T9725] hpfs: code page support is disabled
[  250.775050][ T9725] hpfs: hpfs_map_4sectors(): unaligned read
[  250.830313][ T9686] BTRFS info (device loop0): enabling ssd optimizations
[  250.877944][ T9725] hpfs: hpfs_map_4sectors(): unaligned read
[  250.883980][ T9725] hpfs: filesystem error: unable to find root dir
[  250.894172][ T9686] BTRFS info (device loop0): turning on async discard
[  250.937588][ T9686] BTRFS info (device loop0): enabling free space tree
[  250.976898][ T9686] BTRFS info (device loop0): use lzo compression, level 1
[  251.027457][ T9697] loop5: detected capacity change from 0 to 32768
[  251.033836][ T9686] BTRFS info (device loop0): max_inline set to 0
[  251.113759][ T9697] 
[  251.113759][ T9697]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  251.113759][ T9697] 
[  251.264027][ T9697] 
[  251.264027][ T9697]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  251.264027][ T9697] 
[  251.285358][ T9754] ialloc: diAlloc returned -5!
[  251.343791][ T9697] 
[  251.343791][ T9697]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  251.343791][ T9697] 
[  251.484973][ T5820] BTRFS info (device loop0): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  251.518693][ T9697] 
[  251.518693][ T9697]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  251.518693][ T9697] 
[  251.608207][ T9697] 
[  251.608207][ T9697]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  251.608207][ T9697] 
[  251.642149][ T9697] 
[  251.642149][ T9697]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  251.642149][ T9697] 
[  251.704194][ T9473] 8021q: adding VLAN 0 to HW filter on device batadv0
[  251.930825][ T5824] 
[  251.930825][ T5824]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  251.930825][ T5824] 
[  251.991796][ T5824] 
[  251.991796][ T5824]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  251.991796][ T5824] 
[  252.885522][ T9756] loop8: detected capacity change from 0 to 32768
[  253.007117][ T9473] veth0_vlan: entered promiscuous mode
[  253.025156][ T9756] XFS (loop8): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  253.134742][ T9473] veth1_vlan: entered promiscuous mode
[  253.222319][   T30] audit: type=1326 audit(1770077947.105:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9808 comm="syz.5.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f384f99aeb9 code=0x7ffc0000
[  253.269232][ T9756] XFS (loop8): Ending clean mount
[  253.327478][   T30] audit: type=1326 audit(1770077947.125:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9808 comm="syz.5.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f384f99aeb9 code=0x7ffc0000
[  253.331896][ T9756] XFS (loop8): Quotacheck needed: Please wait.
[  253.350346][ T9807] loop0: detected capacity change from 0 to 2048
[  253.361414][ T9473] veth0_macvtap: entered promiscuous mode
[  253.419918][ T9807] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  253.433239][ T9473] veth1_macvtap: entered promiscuous mode
[  253.455944][   T30] audit: type=1326 audit(1770077947.125:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9808 comm="syz.5.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f384f99aeb9 code=0x7ffc0000
[  253.567664][ T9473] batman_adv: batadv0: Interface activated: batadv_slave_0
[  253.574859][ T9756] XFS (loop8): Quotacheck: Done.
[  253.586770][ T9813] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  253.589898][ T9807] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1253'.
[  253.626934][   T30] audit: type=1326 audit(1770077947.155:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9808 comm="syz.5.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f384f99aeb9 code=0x7ffc0000
[  253.664668][ T9473] batman_adv: batadv0: Interface activated: batadv_slave_1
[  253.697501][   T30] audit: type=1326 audit(1770077947.155:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9808 comm="syz.5.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f384f99aeb9 code=0x7ffc0000
[  253.757063][ T3008] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  253.807160][ T3008] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  253.862630][   T30] audit: type=1326 audit(1770077947.155:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9808 comm="syz.5.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f384f99aeb9 code=0x7ffc0000
[  253.866633][   T12] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  253.944347][   T30] audit: type=1326 audit(1770077947.155:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9808 comm="syz.5.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f384f99aeb9 code=0x7ffc0000
[  253.968089][   T12] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  254.003403][ T7707] XFS (loop8): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  254.030341][   T30] audit: type=1326 audit(1770077947.165:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9808 comm="syz.5.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f384f99aeb9 code=0x7ffc0000
[  254.053391][   T30] audit: type=1326 audit(1770077947.165:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9808 comm="syz.5.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f384f99aeb9 code=0x7ffc0000
[  254.138523][   T30] audit: type=1326 audit(1770077947.165:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9808 comm="syz.5.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=444 compat=0 ip=0x7f384f99aeb9 code=0x7ffc0000
[  254.169833][ T9794] loop6: detected capacity change from 0 to 32768
[  254.219775][ T9794] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1252 (9794)
[  254.228074][ T9784] loop7: detected capacity change from 0 to 32768
[  254.344182][ T9784] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.1250 (9784)
[  254.377503][ T9794] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  254.437049][ T9794] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm
[  254.437093][ T7382] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  254.473927][ T9784] BTRFS info (device loop7): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  254.485600][ T9822] loop5: detected capacity change from 0 to 512
[  254.498506][ T7382] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  254.520193][ T9822] EXT4-fs (loop5): Test dummy encryption mode enabled
[  254.534736][ T9784] BTRFS info (device loop7): using sha256 (sha256-lib) checksum algorithm
[  254.563277][ T9822] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  254.767182][ T9822] EXT4-fs (loop5): 1 truncate cleaned up
[  254.773095][ T9794] BTRFS info (device loop6): enabling ssd optimizations
[  254.830012][ T9794] BTRFS info (device loop6): turning on async discard
[  254.839375][ T9822] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  254.839819][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  254.880233][ T9794] BTRFS info (device loop6): enabling free space tree
[  254.899564][ T9784] BTRFS info (device loop7): rebuilding free space tree
[  254.968482][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  255.001627][ T9784] BTRFS info (device loop7): disabling free space tree
[  255.027133][ T5825] Bluetooth: hci3: unknown advertising packet type: 0x61
[  255.027191][ T5825] Bluetooth: hci3: unknown advertising packet type: 0x30
[  255.036437][ T5825] Bluetooth: hci3: unknown advertising packet type: 0x75
[  255.043780][ T5825] Bluetooth: hci3: unknown advertising packet type: 0x30
[  255.050885][ T5825] Bluetooth: hci3: unknown advertising packet type: 0x74
[  255.052561][ T9784] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  255.058142][ T5825] Bluetooth: hci3: unknown advertising packet type: 0x30
[  255.074793][ T5825] Bluetooth: hci3: unknown advertising packet type: 0x2c
[  255.218871][ T9784] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  255.367745][ T6915] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  255.393390][ T9784] BTRFS info (device loop7): enabling ssd optimizations
[  255.426989][ T9784] BTRFS info (device loop7): turning on async discard
[  255.440215][ T9784] BTRFS info (device loop7): force clearing of disk cache
[  255.486392][ T9784] BTRFS info (device loop7): enabling auto defrag
[  255.524473][ T9784] BTRFS info (device loop7): max_inline set to 4096
[  255.764955][ T5824] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.777006][ T5913] usb 10-1: new full-speed USB device number 2 using dummy_hcd
[  255.817251][ T7593] BTRFS info (device loop7): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  256.042607][ T5913] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  256.106966][ T5913] usb 10-1: config 0 has no interfaces?
[  256.112609][ T5913] usb 10-1: New USB device found, idVendor=054c, idProduct=8df2, bcdDevice= 0.00
[  256.166920][ T5913] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.228048][ T5913] usb 10-1: config 0 descriptor??
[  256.402379][ T9888] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1268'.
[  256.478622][   T39] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  256.500325][ T5913] usb 10-1: USB disconnect, device number 2
[  256.674094][   T39] usb 8-1: Using ep0 maxpacket: 8
[  256.699892][   T39] usb 8-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  256.757878][   T39] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  256.882142][   T39] pvrusb2: Hardware description: Terratec Grabster AV400
[  256.932094][   T39] pvrusb2: **********
[  256.958591][   T39] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  257.031310][   T39] pvrusb2: Important functionality might not be entirely working.
[  257.085546][   T39] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  257.136405][   T39] pvrusb2: **********
[  257.191225][ T2338] pvrusb2: Invalid write control endpoint
[  257.371560][ T9905] loop5: detected capacity change from 0 to 1024
[  257.399692][   T39] usb 8-1: USB disconnect, device number 8
[  257.458690][ T9905] hfsplus: invalid length 32517 has been corrected to 255
[  257.492064][ T2338] pvrusb2: Invalid write control endpoint
[  257.528886][ T2338] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  257.592189][ T2338] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  257.649747][ T2338] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  257.700381][ T2338] pvrusb2: Device being rendered inoperable
[  257.728510][ T2338] cx25840 1-0044: Unable to detect h/w, assuming cx23887
[  257.753982][ T2338] cx25840 1-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  257.807250][ T2338] pvrusb2: Attached sub-driver cx25840
[  257.813061][ T2338] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  257.894923][ T2338] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  257.961942][ T9919] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1279'.
[  258.046378][ T9924] loop9: detected capacity change from 0 to 1024
[  258.105994][ T9924] EXT4-fs (loop9): invalid inodes per group: 1
[  258.105994][ T9924] 
[  258.268636][ T9935] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1285'.
[  258.470361][ T9940] loop9: detected capacity change from 0 to 64
[  258.636561][ T9947] loop8: detected capacity change from 0 to 512
[  258.707904][ T9947] EXT4-fs: Ignoring removed nobh option
[  258.816241][ T9947] EXT4-fs error (device loop8): ext4_orphan_get:1391: inode #15: comm syz.8.1291: iget: bad i_size value: 38620345925642
[  258.830281][ T9473] hfs: node 4:3 still has 1 user(s)!
[  258.922145][ T9947] EXT4-fs error (device loop8): ext4_orphan_get:1396: comm syz.8.1291: couldn't read orphan inode 15 (err -117)
[  259.001822][ T9947] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  259.110739][ T9953] EXT4-fs error (device loop8): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[  259.430639][ T9962] loop0: detected capacity change from 0 to 4096
[  259.530251][ T9967] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  259.533643][ T9960] loop7: detected capacity change from 0 to 32768
[  259.568584][ T7382] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 4 with error 28
[  259.579827][ T9960] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  259.589103][ T9960] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  259.623891][ T9960] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  259.636167][ T5920] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  259.645806][ T5920] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  259.662661][ T7382] EXT4-fs (loop8): This should not happen!! Data will be lost
[  259.662661][ T7382] 
[  259.677633][ T7382] EXT4-fs (loop8): Total free blocks count 0
[  259.696360][ T7382] EXT4-fs (loop8): Free/Dirty block details
[  259.724680][ T7382] EXT4-fs (loop8): free_blocks=0
[  259.731823][ T7382] EXT4-fs (loop8): dirty_blocks=4
[  259.751278][ T7382] EXT4-fs (loop8): Block reservation details
[  259.768173][ T7382] EXT4-fs (loop8): i_reserved_data_blocks=4
[  259.792818][ T7707] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.048470][ T9943] loop5: detected capacity change from 0 to 32768
[  260.125064][ T5920] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 479ms
[  260.132941][ T9976] loop8: detected capacity change from 0 to 512
[  260.138850][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  260.138931][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  260.197812][ T9943] jfs_rename did not expect dtDelete to return rc = -2
[  260.226722][ T9943] ERROR: (device loop5): jfs_rename: 
[  260.226722][ T9943] 
[  260.246743][ T5920] gfs2: fsid=syz:syz.0: jid=0: Done
[  260.247813][ T9943] ERROR: (device loop5): remounting filesystem as read-only
[  260.254413][ T9960] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  260.282617][ T9976] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  260.745703][ T7707] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.757959][   T39] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  260.918878][   T39] usb 7-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  260.936074][   T39] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  261.027894][   T39] usb 7-1: config 0 descriptor??
[  261.262428][   T39] udl 7-1:0.0: [drm] Unrecognized vendor firmware descriptor
[  261.415212][   T60] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.505926][   T39] [drm:udl_init] *ERROR* Selecting channel failed
[  261.518190][ T9995] loop8: detected capacity change from 0 to 1024
[  261.555916][ T9995] EXT4-fs: inline encryption not supported
[  261.580500][   T39] [drm] Initialized udl 0.0.1 for 7-1:0.0 on minor 2
[  261.609555][   T39] [drm] Initialized udl on minor 2
[  261.643609][   T39] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  261.655500][ T9995] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  261.716331][   T60] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.730215][   T39] udl 7-1:0.0: [drm] Cannot find any crtc or sizes
[  261.773601][ T5832] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9
[  261.827023][   T39] usb 7-1: USB disconnect, device number 5
[  261.845067][ T5832] udl 7-1:0.0: [drm] Cannot find any crtc or sizes
[  261.918318][ T7707] EXT4-fs error (device loop8): ext4_read_inline_dir:1486: inode #12: block 7: comm syz-executor: path /124/file1/file0: bad entry in directory: rec_len is too small for name_len - offset=40, inode=14, rec_len=40, size=80 fake=0
[  261.952925][   T60] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  261.971020][ T5831] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  261.982735][ T7707] EXT4-fs (loop8): Remounting filesystem read-only
[  262.004795][ T5831] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  262.030496][ T5831] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  262.049078][ T5831] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  262.072143][ T5831] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  262.195792][T10013] loop7: detected capacity change from 0 to 16
[  262.198676][ T7707] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.215808][T10013] erofs (device loop7): mounted with root inode @ nid 36.
[  262.329566][   T60] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.200882][   T60] bridge_slave_1: left allmulticast mode
[  263.235242][   T60] bridge_slave_1: left promiscuous mode
[  263.257877][   T60] bridge0: port 2(bridge_slave_1) entered disabled state
[  263.374182][   T60] bridge_slave_0: left allmulticast mode
[  263.408094][   T60] bridge_slave_0: left promiscuous mode
[  263.413928][   T60] bridge0: port 1(bridge_slave_0) entered disabled state
[  263.510020][T10052] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1332'.
[  263.734366][T10023] loop8: detected capacity change from 0 to 32768
[  264.127160][ T5825] Bluetooth: hci1: command tx timeout
[  264.765274][T10084] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  264.798176][ T3008] Bluetooth: hci6: Frame reassembly failed (-84)
[  264.884491][T10064] loop7: detected capacity change from 0 to 32768
[  264.925079][T10064] (syz.7.1335,10064,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  264.940191][T10064] (syz.7.1335,10064,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  264.989860][   T60] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  265.004343][   T60] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  265.008020][T10064] JBD2: Ignoring recovery information on journal
[  265.025028][   T60] bond0 (unregistering): Released all slaves
[  265.059859][T10052] bond0: Unable to set up delay as MII monitoring is disabled
[  265.094940][T10080] loop9: detected capacity change from 0 to 32768
[  265.139396][T10062] syzkaller0: tun_chr_ioctl cmd 1074025677
[  265.150439][T10062] syzkaller0: linktype set to 769
[  265.212257][T10064] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  265.246462][T10080] JBD2: Ignoring recovery information on journal
[  265.342767][T10080] ocfs2: Mounting device (7,9) on (node local, slot 0) with ordered data mode.
[  265.638070][T10006] chnl_net:caif_netlink_parms(): no params data found
[  265.815583][ T7593] ocfs2: Unmounting device (7,7) on (node local)
[  265.822999][ T9473] ocfs2: Unmounting device (7,9) on (node local)
[  266.140522][   T60] hsr_slave_0: left promiscuous mode
[  266.167152][   T60] hsr_slave_1: left promiscuous mode
[  266.177605][   T60] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  266.180025][T10104] netlink: 'syz.6.1347': attribute type 13 has an invalid length.
[  266.207752][ T5833] Bluetooth: hci1: command tx timeout
[  266.209252][   T60] batman_adv: batadv0: Removing interface: batadv_slave_0
[  266.221998][T10104] netlink: 'syz.6.1347': attribute type 4 has an invalid length.
[  266.229861][T10104] netlink: 14565 bytes leftover after parsing attributes in process `syz.6.1347'.
[  266.260785][   T60] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  266.308085][   T60] batman_adv: batadv0: Removing interface: batadv_slave_1
[  266.383949][   T60] veth1_macvtap: left promiscuous mode
[  266.407884][   T60] veth0_macvtap: left promiscuous mode
[  266.417328][   T60] veth1_vlan: left promiscuous mode
[  266.437816][   T60] veth0_vlan: left promiscuous mode
[  266.499895][T10115] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1350'.
[  266.636417][T10117] loop7: detected capacity change from 0 to 8192
[  266.767134][ T5833] Bluetooth: hci6: command 0x1003 tx timeout
[  266.767319][ T5825] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  266.892222][T10102] loop5: detected capacity change from 0 to 32768
[  266.936644][T10102] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1348 (10102)
[  267.047263][T10119] loop7: detected capacity change from 0 to 1024
[  267.062705][T10102] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  267.108593][T10102] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  267.227171][T10121] cgroup: fork rejected by pids controller in /syz8
[  267.330846][ T5825] Bluetooth: hci0: command 0x0406 tx timeout
[  267.436238][T10102] BTRFS info (device loop5): enabling ssd optimizations
[  267.488658][T10102] BTRFS info (device loop5): turning on async discard
[  267.536486][T10102] BTRFS info (device loop5): enabling free space tree
[  267.688777][T10278] loop6: detected capacity change from 0 to 512
[  267.842396][T10278] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  267.907276][ T5824] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  267.924720][T10278] ext4 filesystem being mounted at /166/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  268.168675][ T6915] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.288082][ T5831] Bluetooth: hci1: command tx timeout
[  268.663550][T10591] ieee802154 phy0 wpan0: encryption failed: -22
[  269.130853][T10603] loop8: detected capacity change from 0 to 1024
[  269.196487][T10603] hfsplus: failed to load root directory
[  269.696622][T10600] loop5: detected capacity change from 0 to 32768
[  269.730591][T10600] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1370 (10600)
[  269.826562][T10600] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  269.835496][T10612] loop8: detected capacity change from 0 to 1024
[  269.872813][T10600] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  269.979789][T10594] loop7: detected capacity change from 0 to 40427
[  269.994680][   T60] team0 (unregistering): Port device team_slave_1 removed
[  269.996438][T10600] BTRFS info (device loop5): rebuilding free space tree
[  270.027718][T10600] BTRFS info (device loop5): disabling free space tree
[  270.035572][T10600] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  270.045392][T10600] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  270.056352][T10594] F2FS-fs (loop7): invalid crc value
[  270.066485][T10600] BTRFS info (device loop5): enabling ssd optimizations
[  270.073670][T10600] BTRFS info (device loop5): turning on async discard
[  270.081926][T10600] BTRFS info (device loop5): force clearing of disk cache
[  270.090751][T10600] BTRFS info (device loop5): enabling auto defrag
[  270.099642][T10600] BTRFS info (device loop5): max_inline set to 4096
[  270.319446][   T60] team0 (unregistering): Port device team_slave_0 removed
[  270.377074][ T5831] Bluetooth: hci1: command tx timeout
[  270.420080][T10594] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  270.497242][T10594] F2FS-fs (loop7): Start checkpoint disabled!
[  270.504523][ T5824] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  270.542460][T10594] F2FS-fs (loop7): f2fs_disable_checkpoint() finish, err:0
[  270.582209][T10594] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  271.686744][T10295] netlink: 8 bytes leftover after parsing attributes in process `syz.9.1359'.
[  271.900513][T10650] loop6: detected capacity change from 0 to 2048
[  271.949061][T10006] bridge0: port 1(bridge_slave_0) entered blocking state
[  272.000164][T10006] bridge0: port 1(bridge_slave_0) entered disabled state
[  272.027108][T10006] bridge_slave_0: entered allmulticast mode
[  272.074045][T10006] bridge_slave_0: entered promiscuous mode
[  272.108445][T10006] bridge0: port 2(bridge_slave_1) entered blocking state
[  272.143147][T10006] bridge0: port 2(bridge_slave_1) entered disabled state
[  272.179341][T10006] bridge_slave_1: entered allmulticast mode
[  272.225958][T10006] bridge_slave_1: entered promiscuous mode
[  272.400724][T10006] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  272.410192][   T30] kauditd_printk_skb: 10 callbacks suppressed
[  272.410211][   T30] audit: type=1326 audit(1770077966.285:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.8.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa06959aeb9 code=0x7ffc0000
[  272.489444][T10006] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  272.518477][T10660] loop5: detected capacity change from 0 to 4096
[  272.523750][   T30] audit: type=1326 audit(1770077966.285:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.8.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa06959aeb9 code=0x7ffc0000
[  272.610863][T10660] ntfs3(loop5): Failed to load $Volume (-22).
[  272.626113][   T30] audit: type=1326 audit(1770077966.365:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.8.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=28 compat=0 ip=0x7fa06959aeb9 code=0x7ffc0000
[  272.652789][T10006] team0: Port device team_slave_0 added
[  272.713830][T10006] team0: Port device team_slave_1 added
[  272.747423][   T30] audit: type=1326 audit(1770077966.385:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.8.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa06959aeb9 code=0x7ffc0000
[  272.823545][   T30] audit: type=1326 audit(1770077966.385:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.8.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa06959aeb9 code=0x7ffc0000
[  272.895887][T10669] loop6: detected capacity change from 0 to 1024
[  272.951783][   T30] audit: type=1326 audit(1770077966.405:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.8.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa06959aeb9 code=0x7ffc0000
[  273.095609][   T30] audit: type=1326 audit(1770077966.405:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.8.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa06959aeb9 code=0x7ffc0000
[  273.148867][T10006] batman_adv: batadv0: Adding interface: batadv_slave_0
[  273.155886][T10006] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  273.201134][T10646] loop7: detected capacity change from 0 to 32768
[  273.228719][   T30] audit: type=1326 audit(1770077966.405:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.8.1389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa06959aeb9 code=0x7ffc0000
[  273.260819][T10654] loop9: detected capacity change from 0 to 32768
[  273.274643][   T50] hfsplus: b-tree write err: -5, ino 4
[  273.310817][T10646] ocfs2: Slot 0 on device (7,7) was already allocated to this node!
[  273.319933][T10006] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  273.331218][T10654] debugfs: 'B1DE653C5FFC4D88B33B244AAB9EB3E9' already exists in 'ocfs2'
[  273.343803][T10654] JBD2: Ignoring recovery information on journal
[  273.350996][T10646] JBD2: Ignoring recovery information on journal
[  273.352642][T10006] batman_adv: batadv0: Adding interface: batadv_slave_1
[  273.382278][T10006] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  273.410829][T10006] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  273.469829][T10654] ocfs2: Mounting device (7,9) on (node local, slot 0) with ordered data mode.
[  273.535908][T10654] (syz.9.1385,10654,1):ocfs2_check_dir_entry:338 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=32, inode=17057, rec_len=5, name_len=0
[  273.554482][T10006] hsr_slave_0: entered promiscuous mode
[  273.587401][T10006] hsr_slave_1: entered promiscuous mode
[  273.594265][T10646] ocfs2: Mounting device (7,7) on (node local, slot 0) with ordered data mode.
[  273.857204][T10646] (syz.7.1382,10646,1):ocfs2_check_dir_entry:314 ERROR: directory entry (#65: offset=512) too close to end or out-of-bounds
[  273.857272][T10646] (syz.7.1382,10646,1):ocfs2_find_dir_space_el:3540 ERROR: status = -2
[  273.942962][T10646] (syz.7.1382,10646,1):ocfs2_prepare_dir_for_insert:4336 ERROR: status = -2
[  273.951712][T10698] loop8: detected capacity change from 0 to 16
[  273.970152][T10698] erofs (device loop8): mounted with root inode @ nid 36.
[  274.003446][ T9473] ocfs2: Unmounting device (7,9) on (node local)
[  274.012595][T10646] (syz.7.1382,10646,1):ocfs2_rename:1487 ERROR: status = -2
[  274.052569][T10646] (syz.7.1382,10646,1):ocfs2_rename:1703 ERROR: status = -2
[  274.284724][T10702] loop9: detected capacity change from 0 to 256
[  274.389812][T10702] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x544194fd, utbl_chksum : 0xe619d30d)
[  274.433638][ T7593] ocfs2: Unmounting device (7,7) on (node local)
[  274.967021][  T930] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  275.147551][  T930] usb 7-1: Using ep0 maxpacket: 32
[  275.171094][  T930] usb 7-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  275.185997][  T930] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.249114][   T50] Bluetooth: hci6: Frame reassembly failed (-84)
[  275.255501][T10726] Bluetooth: hci6: Frame reassembly failed (-84)
[  275.256378][  T930] usb 7-1: config 0 descriptor??
[  275.348190][  T930] gspca_main: sunplus-2.14.0 probing 041e:400b
[  276.113687][T10006] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  276.150242][T10006] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  276.162468][  T930] gspca_sunplus: reg_r err -71
[  276.168764][  T930] sunplus 7-1:0.0: probe with driver sunplus failed with error -71
[  276.171914][T10006] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  276.195264][  T930] usb 7-1: USB disconnect, device number 6
[  276.246101][T10006] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  276.488044][T10006] 8021q: adding VLAN 0 to HW filter on device bond0
[  276.550956][T10006] 8021q: adding VLAN 0 to HW filter on device team0
[  276.589474][ T7382] bridge0: port 1(bridge_slave_0) entered blocking state
[  276.596819][ T7382] bridge0: port 1(bridge_slave_0) entered forwarding state
[  276.660290][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  276.667554][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  277.222628][T10792] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1426'.
[  277.252789][ T5831] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  277.310786][T10792] netlink: 'syz.5.1426': attribute type 30 has an invalid length.
[  277.358165][T10792] netlink: 'syz.5.1426': attribute type 29 has an invalid length.
[  277.428955][T10792] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1426'.
[  277.631189][T10006] 8021q: adding VLAN 0 to HW filter on device batadv0
[  277.865712][T10006] veth0_vlan: entered promiscuous mode
[  277.951827][T10006] veth1_vlan: entered promiscuous mode
[  278.112499][T10006] veth0_macvtap: entered promiscuous mode
[  278.153071][T10825] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.160805][T10825] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.232041][T10006] veth1_macvtap: entered promiscuous mode
[  278.278134][ T5928] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  278.322711][T10006] batman_adv: batadv0: Interface activated: batadv_slave_0
[  278.380941][T10006] batman_adv: batadv0: Interface activated: batadv_slave_1
[  278.405226][ T2984] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  278.447947][ T5928] usb 6-1: Using ep0 maxpacket: 32
[  278.462596][ T2984] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  278.474121][ T5928] usb 6-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  278.497453][ T2984] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  278.525752][ T5928] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  278.539154][ T2984] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  278.576208][T10842] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1445'.
[  278.587202][ T5928] usb 6-1: config 0 descriptor??
[  278.659983][T10843] tun0: tun_chr_ioctl cmd 1074025677
[  278.709167][T10843] tun0: linktype set to 780
[  278.856366][ T5928] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  278.869285][ T5928] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  278.918790][ T5928] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  278.956789][ T5928] usb 6-1: media controller created
[  279.003702][ T5928] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  279.023592][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  279.046116][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  279.140582][ T5928] az6027: usb out operation failed. (-71)
[  279.164927][ T5928] az6027: usb out operation failed. (-71)
[  279.178626][ T2984] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  279.186777][ T5928] stb0899_attach: Driver disabled by Kconfig
[  279.198626][ T2984] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  279.207919][ T5928] az6027: no front-end attached
[  279.207919][ T5928] 
[  279.215356][ T5928] az6027: usb out operation failed. (-71)
[  279.224970][ T5928] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  279.275228][ T5928] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input17
[  279.330345][ T5928] dvb-usb: schedule remote query interval to 400 msecs.
[  279.348015][ T5928] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  279.386916][ T5928] usb 6-1: USB disconnect, device number 9
[  279.617214][T10873] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1312'.
[  279.629863][ T5928] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  280.012901][T10884] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1459'.
[  280.390181][T10899] program syz.8.1465 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  280.506946][  T930] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  280.664726][T10864] loop9: detected capacity change from 0 to 32768
[  280.716930][   T10] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  280.716940][  T930] usb 6-1: Using ep0 maxpacket: 16
[  280.777934][  T930] usb 6-1: config 0 has an invalid interface number: 8 but max is 0
[  280.796977][  T930] usb 6-1: config 0 has no interface number 0
[  280.803168][  T930] usb 6-1: config 0 interface 8 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  280.846255][  T930] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  280.855938][T10864] XFS (loop9): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  280.858278][  T930] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  280.879330][  T930] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  280.889110][  T930] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  280.897504][  T930] usb 6-1: Product: syz
[  280.901679][  T930] usb 6-1: SerialNumber: syz
[  280.907187][   T10] usb 7-1: Using ep0 maxpacket: 8
[  280.914069][  T930] usb 6-1: config 0 descriptor??
[  280.920025][T10894] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  280.933725][  T930] cm109 6-1:0.8: invalid payload size 1024, expected 4
[  280.945581][   T10] usb 7-1: New USB device found, idVendor=12d1, idProduct=fae2, bcdDevice=70.8b
[  280.955348][  T930] input: CM109 USB driver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.8/input/input18
[  280.979230][T10913] loop2: detected capacity change from 0 to 1764
[  280.986364][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.053583][   T10] usb 7-1: Product: syz
[  281.096922][   T10] usb 7-1: Manufacturer: syz
[  281.117991][T10864] XFS (loop9): Ending clean mount
[  281.145860][   T10] usb 7-1: SerialNumber: syz
[  281.175799][T10864] XFS (loop9): Quotacheck needed: Please wait.
[  281.204291][   T10] usb 7-1: config 0 descriptor??
[  281.233086][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  281.241324][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  281.246587][   T10] option 7-1:0.0: GSM modem (1-port) converter detected
[  281.249857][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  281.250707][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  281.250990][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  281.251322][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  281.251603][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  281.252194][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  281.301201][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  281.308624][    C1] cm109 6-1:0.8: cm109_urb_ctl_callback: urb status -71
[  281.324161][  T930] usb 6-1: USB disconnect, device number 10
[  281.330391][    C1] cm109 6-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  281.399717][  T930] cm109 6-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  281.484128][T10864] XFS (loop9): Quotacheck: Done.
[  281.492265][   T39] usb 7-1: USB disconnect, device number 7
[  281.519634][   T39] option 7-1:0.0: device disconnected
[  281.729696][ T9473] XFS (loop9): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  282.542403][T10959] loop7: detected capacity change from 0 to 512
[  282.621925][T10959] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[  283.043587][ T2984] FAT-fs (loop7): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[  283.503941][T11003] loop9: detected capacity change from 0 to 256
[  283.685675][T11003] exFAT-fs (loop9): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  283.885080][T11003] exFAT-fs (loop9): error, invalid access to FAT (entry 0xffffffff)
[  283.905526][T11003] exFAT-fs (loop9): Filesystem has been set read-only
[  284.566417][T11042] loop7: detected capacity change from 0 to 8192
[  284.845741][    C0] vcan0: j1939_tp_rxtimer: 0xffff888028593800: rx timeout, send abort
[  285.356110][    C0] vcan0: j1939_tp_rxtimer: 0xffff888028593800: abort rx timeout. Force session deactivation
[  285.844930][T11047] loop9: detected capacity change from 0 to 32768
[  285.861336][T11047] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.1515 (11047)
[  285.926487][T11083] loop2: detected capacity change from 0 to 1024
[  285.941522][T11047] BTRFS info (device loop9): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  285.994288][T11047] BTRFS info (device loop9): using sha256 (sha256-lib) checksum algorithm
[  286.297427][T11047] BTRFS info (device loop9): rebuilding free space tree
[  286.393567][T11047] BTRFS info (device loop9): disabling free space tree
[  286.420609][T11047] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  286.431878][T11105] loop8: detected capacity change from 0 to 8
[  286.467267][T11047] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  286.477904][T11105] MTD: Attempt to mount non-MTD device "/dev/loop8"
[  286.490157][ T2984] hfsplus: b-tree write err: -5, ino 4
[  286.541736][ T5845] udevd[5845]: incorrect cramfs checksum on /dev/loop8
[  286.562527][T11047] BTRFS info (device loop9): setting nodatasum
[  286.609075][T11047] BTRFS info (device loop9): setting nodatacow
[  286.624546][ T6140] udevd[6140]: incorrect cramfs checksum on /dev/loop8
[  286.647054][T11047] BTRFS info (device loop9): turning off barriers
[  286.663455][T11047] BTRFS info (device loop9): force clearing of disk cache
[  287.035416][ T9473] BTRFS info (device loop9): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  287.053408][T11081] loop7: detected capacity change from 0 to 32768
[  287.109268][T11081] BTRFS info: device /dev/loop7 (7:7) using temp-fsid b9880e3f-a152-42b2-9ce9-a2009ae87be0
[  287.137946][T11081] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.1526 (11081)
[  287.146348][T11072] loop6: detected capacity change from 0 to 32768
[  287.258908][T11072] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  287.313665][T11081] BTRFS info (device loop7): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  287.367057][T11081] BTRFS info (device loop7): using sha256 (sha256-lib) checksum algorithm
[  287.574391][T11081] BTRFS info (device loop7): rebuilding free space tree
[  287.621270][T11072] XFS (loop6): Ending clean mount
[  287.644914][T11081] BTRFS info (device loop7): disabling free space tree
[  287.656269][T11072] XFS (loop6): Quotacheck needed: Please wait.
[  287.676937][T11081] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  287.724110][   T30] audit: type=1326 audit(1770077981.605:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11148 comm="syz.2.1535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f961ed9aeb9 code=0x7ffc0000
[  287.759403][T11081] BTRFS info (device loop7): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  287.773264][T11149] loop2: detected capacity change from 0 to 512
[  287.807984][ T5831] Bluetooth: hci5: command 0x0406 tx timeout
[  287.824279][T11072] XFS (loop6): Quotacheck: Done.
[  287.826941][   T30] audit: type=1326 audit(1770077981.635:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11148 comm="syz.2.1535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f961ed9aeb9 code=0x7ffc0000
[  287.849413][T11149] EXT4-fs: Ignoring removed orlov option
[  287.872357][   T30] audit: type=1326 audit(1770077981.645:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11148 comm="syz.2.1535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f961ed9aeb9 code=0x7ffc0000
[  287.895189][   T30] audit: type=1326 audit(1770077981.645:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11148 comm="syz.2.1535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f961ed9ac22 code=0x7ffc0000
[  287.919264][   T30] audit: type=1326 audit(1770077981.645:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11148 comm="syz.2.1535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f961ed5b78e code=0x7ffc0000
[  287.934991][T11081] BTRFS info (device loop7): setting nodatasum
[  287.991542][   T30] audit: type=1326 audit(1770077981.655:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11148 comm="syz.2.1535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f961ed9ace7 code=0x7ffc0000
[  288.007842][T11149] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  288.021660][   T30] audit: type=1326 audit(1770077981.655:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11148 comm="syz.2.1535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f961ed5b78e code=0x7ffc0000
[  288.044514][   T30] audit: type=1326 audit(1770077981.655:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11148 comm="syz.2.1535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f961ed9ab4b code=0x7ffc0000
[  288.067258][   T30] audit: type=1326 audit(1770077981.735:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11148 comm="syz.2.1535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f961ed5b78e code=0x7ffc0000
[  288.089870][   T30] audit: type=1326 audit(1770077981.735:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11148 comm="syz.2.1535" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f961ed5b78e code=0x7ffc0000
[  288.122172][T11081] BTRFS info (device loop7): setting nodatacow
[  288.157109][T11081] BTRFS info (device loop7): turning off barriers
[  288.163586][T11081] BTRFS info (device loop7): force clearing of disk cache
[  288.205071][T11158] loop9: detected capacity change from 0 to 1024
[  288.284914][T11149] EXT4-fs error (device loop2): ext4_iget_extra_inode:5073: inode #15: comm syz.2.1535: corrupted in-inode xattr: e_value size too large
[  288.319188][T11158] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  288.421350][T11149] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.1535: couldn't read orphan inode 15 (err -117)
[  288.435015][T11158] EXT4-fs error (device loop9): ext4_xattr_inode_iget:441: inode #11: comm syz.9.1538: missing EA_INODE flag
[  288.522511][T11149] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  288.544313][ T6915] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  288.547006][T11158] EXT4-fs (loop9): Remounting filesystem read-only
[  288.875039][ T7593] BTRFS info (device loop7): last unmount of filesystem b9880e3f-a152-42b2-9ce9-a2009ae87be0
[  288.918147][ T9473] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.964418][T10006] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  289.565925][T11161] loop8: detected capacity change from 0 to 32768
[  289.710315][T11161] XFS (loop8): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  289.834355][T11161] XFS (loop8): Ending clean mount
[  289.893293][T11196] loop6: detected capacity change from 0 to 512
[  289.914405][T11161] XFS (loop8): Quotacheck needed: Please wait.
[  289.963982][T11196] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  290.022471][T11161] XFS (loop8): Quotacheck: Done.
[  290.080535][T11196] EXT4-fs error (device loop6): ext4_orphan_get:1391: inode #15: comm syz.6.1546: inode has both inline data and extents flags
[  290.152314][T11196] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.1546: couldn't read orphan inode 15 (err -117)
[  290.280687][T11196] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  290.590501][ T6915] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  290.979147][T10820] XFS (loop8): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  291.242061][T11174] loop9: detected capacity change from 0 to 40427
[  291.251908][T11226] tipc: Started in network mode
[  291.256959][T11224] sctp: [Deprecated]: syz.6.1556 (pid 11224) Use of struct sctp_assoc_value in delayed_ack socket option.
[  291.256959][T11224] Use struct sctp_sack_info instead
[  291.287182][T11174] F2FS-fs (loop9): Wrong MAIN_AREA boundary, start(4096) end(12800) block(12288)
[  291.337879][T11174] F2FS-fs (loop9): Can't find valid F2FS filesystem in 1th superblock
[  291.346136][T11174] F2FS-fs (loop9): Image doesn't support compression
[  291.356769][T11226] tipc: Node identity ac14140f, cluster identity 4711
[  291.402102][T11174] F2FS-fs (loop9): build fault injection rate: 690
[  291.422344][T11226] tipc: New replicast peer: 255.255.255.255
[  291.435661][T11174] F2FS-fs (loop9): build fault injection type: 0x35f7
[  291.458374][T11226] tipc: Enabled bearer <udp:syz2>, priority 10
[  291.465445][T11174] F2FS-fs (loop9): invalid crc value
[  291.937223][T11174] F2FS-fs (loop9): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  291.997567][T11174] F2FS-fs (loop9): Start checkpoint disabled!
[  292.034669][T11174] F2FS-fs (loop9): f2fs_disable_checkpoint() finish, err:0
[  292.062253][T11252] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1565'.
[  292.063187][T11174] F2FS-fs (loop9): Try to recover 1th superblock, ret: 0
[  292.117158][T11174] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e6
[  292.129397][T11252] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1565'.
[  292.186513][T11253] loop6: detected capacity change from 0 to 2048
[  292.295732][T11253] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  292.585231][ T5829] tipc: Node number set to 2886997007
[  292.667248][T11267] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1572'.
[  292.688848][T11269] loop6: detected capacity change from 0 to 64
[  292.703370][T11265] [U] 		
[  292.742710][T11273] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1572'.
[  292.931260][ T5825] Bluetooth: hci4: command 0x0406 tx timeout
[  293.387639][T10820] bond0: (slave syz_tun): Releasing backup interface
[  293.794434][   T12] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.046495][   T12] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.222901][T11282] loop7: detected capacity change from 0 to 32768
[  294.285987][T11282] XFS (loop7): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  294.320602][T11325] loop6: detected capacity change from 0 to 256
[  294.349360][   T12] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.590049][T11282] XFS (loop7): Ending clean mount
[  294.638290][T11282] XFS (loop7): Quotacheck needed: Please wait.
[  294.698425][T11334] raw_sendmsg: syz.9.1591 forgot to set AF_INET. Fix it!
[  294.796594][ T5825] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  294.841221][ T5825] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  294.851919][ T5825] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  294.853504][T11282] XFS (loop7): Quotacheck: Done.
[  294.873688][ T5825] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  294.888509][ T5825] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  294.984700][   T12] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  295.030861][   T30] kauditd_printk_skb: 15 callbacks suppressed
[  295.030883][   T30] audit: type=1800 audit(1770077988.915:91): pid=11282 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1574" name="file1" dev="loop7" ino=9286 res=0 errno=0
[  295.094159][T11347] loop9: detected capacity change from 0 to 256
[  295.146966][ T5928] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  295.182862][T11347] exfat: Deprecated parameter 'utf8'
[  295.207447][T11349] loop2: detected capacity change from 0 to 128
[  295.214058][T11347] exfat: Deprecated parameter 'utf8'
[  295.236192][T11347] exfat: Deprecated parameter 'utf8'
[  295.265485][T11347] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d)
[  295.327230][ T5928] usb 7-1: Using ep0 maxpacket: 8
[  295.346339][ T5928] usb 7-1: config index 0 descriptor too short (expected 301, got 45)
[  295.376391][ T5928] usb 7-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  295.419032][   T30] audit: type=1804 audit(1770077989.295:92): pid=11347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.9.1595" name="/newroot/48/file1/cgroup.controllers" dev="loop9" ino=1048672 res=1 errno=0
[  295.428076][ T5928] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  295.503614][ T7593] XFS (loop7): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  295.525751][ T5928] usb 7-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  295.589485][ T5928] usb 7-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  295.604725][ T5928] usb 7-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  295.614303][ T5928] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  295.724755][T11349] loop2: detected capacity change from 0 to 8192
[  295.903656][ T5928] usb 7-1: GET_CAPABILITIES returned 0
[  295.937289][ T5928] usbtmc 7-1:16.0: can't read capabilities
[  295.946183][   T12] bridge_slave_1: left allmulticast mode
[  295.971571][   T12] bridge_slave_1: left promiscuous mode
[  296.012453][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.156573][   T12] bridge_slave_0: left allmulticast mode
[  296.180169][   T12] bridge_slave_0: left promiscuous mode
[  296.221490][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.229667][ T5913] usb 7-1: USB disconnect, device number 8
[  297.007248][ T5825] Bluetooth: hci4: command tx timeout
[  297.028362][T11395] loop7: detected capacity change from 0 to 22
[  297.069024][T11395] MTD: Attempt to mount non-MTD device "/dev/loop7"
[  297.090710][T11395] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  297.543987][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  297.565563][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  297.593547][   T12] bond0 (unregistering): Released all slaves
[  297.752998][T11390] mkiss: ax0: crc mode is auto.
[  297.891752][T11417] loop2: detected capacity change from 0 to 512
[  297.984655][T11417] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  298.001047][T11423] netlink: 12 bytes leftover after parsing attributes in process `syz.9.1616'.
[  298.012633][T11417] ext4 filesystem being mounted at /41/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  298.164254][T10006] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  298.570031][T11335] chnl_net:caif_netlink_parms(): no params data found
[  298.658781][T11444] loop9: detected capacity change from 0 to 128
[  298.690831][   T12] hsr_slave_0: left promiscuous mode
[  298.721773][T11444] UDF-fs: error (device loop9): udf_read_tagged: read failed, block=256, location=256
[  298.731765][   T12] hsr_slave_1: left promiscuous mode
[  298.764514][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  298.805418][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  298.843734][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  298.858932][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  298.937162][ T5913] hid-generic 0005:15C2:0000.000F: hidraw0: BLUETOOTH HID v0.09 Device [syz1] on aa:aa:aa:aa:aa:aa
[  298.995783][   T12] veth1_macvtap: left promiscuous mode
[  299.034762][   T12] veth0_macvtap: left promiscuous mode
[  299.066246][   T12] veth1_vlan: left promiscuous mode
[  299.087190][ T5825] Bluetooth: hci4: command tx timeout
[  299.118597][   T12] veth0_vlan: left promiscuous mode
[  299.746548][T11430] loop7: detected capacity change from 0 to 32768
[  299.773817][T11430] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.1619 (11430)
[  299.829223][T11481] delete_channel: no stack
[  299.877145][T11430] BTRFS info (device loop7): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  299.907588][T11430] BTRFS info (device loop7): using crc32c (crc32c-lib) checksum algorithm
[  300.146389][T11430] BTRFS info (device loop7): allowing degraded mounts
[  300.163364][T11430] BTRFS info (device loop7): enabling ssd optimizations
[  300.181915][T11445] loop6: detected capacity change from 0 to 40427
[  300.185446][T11430] BTRFS info (device loop7): enabling free space tree
[  300.248450][T11445] F2FS-fs (loop6): invalid crc value
[  300.248620][T11430] BTRFS info (device loop7): force zlib compression, level 3
[  300.570553][T11445] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  300.605598][T11445] F2FS-fs (loop6): Start checkpoint disabled!
[  300.641460][T11445] F2FS-fs (loop6): f2fs_disable_checkpoint() finish, err:0
[  300.668449][T11445] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  300.787584][ T7593] BTRFS info (device loop7): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  300.849133][   T36] kworker/u8:2: attempt to access beyond end of device
[  300.849133][   T36] loop6: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  300.881334][   T36] CPU: 1 UID: 0 PID: 36 Comm: kworker/u8:2 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  300.881376][   T36] Tainted: [L]=SOFTLOCKUP
[  300.881386][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  300.881402][   T36] Workqueue: writeback wb_workfn (flush-7:6)
[  300.881447][   T36] Call Trace:
[  300.881457][   T36]  <TASK>
[  300.881467][   T36]  dump_stack_lvl+0xe8/0x150
[  300.881502][   T36]  f2fs_handle_critical_error+0x37c/0x540
[  300.881540][   T36]  f2fs_write_end_io+0xc1d/0xfd0
[  300.881592][   T36]  __submit_merged_bio+0x256/0x650
[  300.881628][   T36]  __submit_merged_write_cond+0x471/0x530
[  300.881662][   T36]  f2fs_sync_node_pages+0x14bf/0x1680
[  300.881719][   T36]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  300.881746][   T36]  ? __percpu_counter_sum+0x1c2/0x1e0
[  300.881808][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  300.881837][   T36]  ? do_raw_spin_lock+0x12b/0x2f0
[  300.881870][   T36]  ? rcu_is_watching+0x15/0xb0
[  300.881893][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  300.881921][   T36]  ? blk_start_plug+0x51/0x1b0
[  300.881950][   T36]  f2fs_write_node_pages+0x312/0x700
[  300.881976][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  300.882013][   T36]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  300.882049][   T36]  ? f2fs_write_inode+0x3fb/0x5f0
[  300.882075][   T36]  ? __pfx_f2fs_balance_fs+0x10/0x10
[  300.882106][   T36]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  300.882132][   T36]  do_writepages+0x32e/0x550
[  300.882174][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  300.882202][   T36]  ? reacquire_held_locks+0x104/0x190
[  300.882224][   T36]  ? writeback_sb_inodes+0x42a/0x1940
[  300.882258][   T36]  __writeback_single_inode+0x133/0x1230
[  300.882285][   T36]  ? do_raw_spin_unlock+0xf5/0x210
[  300.882334][   T36]  writeback_sb_inodes+0x92e/0x1940
[  300.882379][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  300.882419][   T36]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  300.882442][   T36]  ? do_raw_spin_lock+0x12b/0x2f0
[  300.882520][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  300.882548][   T36]  ? rcu_is_watching+0x15/0xb0
[  300.882572][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  300.882612][   T36]  wb_writeback+0x445/0xad0
[  300.882642][   T36]  ? queue_io+0x201/0x450
[  300.882676][   T36]  ? __pfx_wb_writeback+0x10/0x10
[  300.882697][   T36]  ? do_raw_spin_lock+0x12b/0x2f0
[  300.882746][   T36]  wb_workfn+0x3f8/0xef0
[  300.882777][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  300.882805][   T36]  ? look_up_lock_class+0x57/0x110
[  300.882855][   T36]  ? __pfx_wb_workfn+0x10/0x10
[  300.882886][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  300.882919][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  300.882946][   T36]  ? do_raw_spin_lock+0x12b/0x2f0
[  300.882971][   T36]  ? lock_acquire+0x106/0x330
[  300.883008][   T36]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  300.883040][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  300.883072][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  300.883104][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  300.883139][   T36]  ? process_scheduled_works+0xa0f/0x17a0
[  300.883175][   T36]  ? process_scheduled_works+0xa0f/0x17a0
[  300.883216][   T36]  process_scheduled_works+0xaec/0x17a0
[  300.883290][   T36]  ? __pfx_process_scheduled_works+0x10/0x10
[  300.883340][   T36]  ? do_raw_spin_lock+0x12b/0x2f0
[  300.883374][   T36]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  300.883399][   T36]  ? schedule+0x90/0x360
[  300.883427][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  300.883463][   T36]  worker_thread+0xda6/0x1360
[  300.883521][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  300.883548][   T36]  ? __kthread_parkme+0x19c/0x1f0
[  300.883582][   T36]  kthread+0x726/0x8b0
[  300.883615][   T36]  ? __pfx_worker_thread+0x10/0x10
[  300.883653][   T36]  ? __pfx_kthread+0x10/0x10
[  300.883678][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  300.883713][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  300.883752][   T36]  ? __pfx_kthread+0x10/0x10
[  300.883782][   T36]  ret_from_fork+0x51b/0xa40
[  300.883824][   T36]  ? __pfx_ret_from_fork+0x10/0x10
[  300.883860][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  300.883888][   T36]  ? __switch_to+0xc82/0x1410
[  300.883928][   T36]  ? __pfx_kthread+0x10/0x10
[  300.883959][   T36]  ret_from_fork_asm+0x1a/0x30
[  300.884015][   T36]  </TASK>
[  301.298783][   T36] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  301.306412][   T36] CPU: 0 UID: 0 PID: 36 Comm: kworker/u8:2 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  301.306452][   T36] Tainted: [L]=SOFTLOCKUP
[  301.306462][   T36] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  301.306478][   T36] Workqueue: writeback wb_workfn (flush-7:6)
[  301.306523][   T36] Call Trace:
[  301.306533][   T36]  <TASK>
[  301.306543][   T36]  dump_stack_lvl+0xe8/0x150
[  301.306578][   T36]  f2fs_handle_critical_error+0x37c/0x540
[  301.306616][   T36]  f2fs_write_end_io+0xc1d/0xfd0
[  301.306669][   T36]  __submit_merged_bio+0x256/0x650
[  301.306705][   T36]  __submit_merged_write_cond+0x471/0x530
[  301.306740][   T36]  f2fs_sync_node_pages+0x14bf/0x1680
[  301.306790][   T36]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  301.306821][   T36]  ? __percpu_counter_sum+0x1c2/0x1e0
[  301.306880][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  301.306908][   T36]  ? do_raw_spin_lock+0x12b/0x2f0
[  301.306939][   T36]  ? rcu_is_watching+0x15/0xb0
[  301.306962][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  301.306989][   T36]  ? blk_start_plug+0x51/0x1b0
[  301.307017][   T36]  f2fs_write_node_pages+0x312/0x700
[  301.307040][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  301.307076][   T36]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  301.307110][   T36]  ? f2fs_write_inode+0x3fb/0x5f0
[  301.307137][   T36]  ? __pfx_f2fs_balance_fs+0x10/0x10
[  301.307167][   T36]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  301.307193][   T36]  do_writepages+0x32e/0x550
[  301.307235][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  301.307263][   T36]  ? reacquire_held_locks+0x104/0x190
[  301.307286][   T36]  ? writeback_sb_inodes+0x42a/0x1940
[  301.307328][   T36]  __writeback_single_inode+0x133/0x1230
[  301.307355][   T36]  ? do_raw_spin_unlock+0xf5/0x210
[  301.307390][   T36]  writeback_sb_inodes+0x92e/0x1940
[  301.307433][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  301.307472][   T36]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  301.307494][   T36]  ? do_raw_spin_lock+0x12b/0x2f0
[  301.307568][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  301.307596][   T36]  ? rcu_is_watching+0x15/0xb0
[  301.307619][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  301.307655][   T36]  wb_writeback+0x445/0xad0
[  301.307681][   T36]  ? queue_io+0x201/0x450
[  301.307712][   T36]  ? __pfx_wb_writeback+0x10/0x10
[  301.307733][   T36]  ? do_raw_spin_lock+0x12b/0x2f0
[  301.307781][   T36]  wb_workfn+0x3f8/0xef0
[  301.307811][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  301.307839][   T36]  ? look_up_lock_class+0x57/0x110
[  301.307888][   T36]  ? __pfx_wb_workfn+0x10/0x10
[  301.307917][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  301.307949][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  301.307976][   T36]  ? do_raw_spin_lock+0x12b/0x2f0
[  301.308002][   T36]  ? lock_acquire+0x106/0x330
[  301.308038][   T36]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  301.308068][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  301.308100][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  301.308131][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  301.308165][   T36]  ? process_scheduled_works+0xa0f/0x17a0
[  301.308203][   T36]  ? process_scheduled_works+0xa0f/0x17a0
[  301.308242][   T36]  process_scheduled_works+0xaec/0x17a0
[  301.308323][   T36]  ? __pfx_process_scheduled_works+0x10/0x10
[  301.308358][   T36]  ? do_raw_spin_lock+0x12b/0x2f0
[  301.308389][   T36]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  301.308416][   T36]  ? schedule+0x90/0x360
[  301.308443][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  301.308477][   T36]  worker_thread+0xda6/0x1360
[  301.308535][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  301.308562][   T36]  ? __kthread_parkme+0x19c/0x1f0
[  301.308595][   T36]  kthread+0x726/0x8b0
[  301.308627][   T36]  ? __pfx_worker_thread+0x10/0x10
[  301.308664][   T36]  ? __pfx_kthread+0x10/0x10
[  301.308688][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  301.308723][   T36]  ? _raw_spin_unlock_irq+0x23/0x50
[  301.308761][   T36]  ? __pfx_kthread+0x10/0x10
[  301.308791][   T36]  ret_from_fork+0x51b/0xa40
[  301.308834][   T36]  ? __pfx_ret_from_fork+0x10/0x10
[  301.308870][   T36]  ? srso_alias_return_thunk+0x5/0xfbef5
[  301.308898][   T36]  ? __switch_to+0xc82/0x1410
[  301.308938][   T36]  ? __pfx_kthread+0x10/0x10
[  301.308968][   T36]  ret_from_fork_asm+0x1a/0x30
[  301.309023][   T36]  </TASK>
[  301.751484][ T5825] Bluetooth: hci4: command tx timeout
[  301.759454][   T36] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  303.028874][T11544] loop6: detected capacity change from 0 to 1024
[  303.056561][T11544] EXT4-fs: Ignoring removed oldalloc option
[  303.064843][T11544] EXT4-fs: Ignoring removed bh option
[  303.115902][T11544] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  303.303981][   T12] team0 (unregistering): Port device team_slave_1 removed
[  303.344204][T11554] loop2: detected capacity change from 0 to 512
[  303.355580][ T6915] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  303.399772][   T12] team0 (unregistering): Port device team_slave_0 removed
[  303.479183][T11554] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  303.708564][T10006] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  303.809246][ T5825] Bluetooth: hci4: command tx timeout
[  304.200332][T11479] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  304.202431][T11560] netlink: 'syz.6.1648': attribute type 5 has an invalid length.
[  304.568760][T11335] bridge0: port 1(bridge_slave_0) entered blocking state
[  304.607066][T11335] bridge0: port 1(bridge_slave_0) entered disabled state
[  304.614286][T11335] bridge_slave_0: entered allmulticast mode
[  304.668944][T11335] bridge_slave_0: entered promiscuous mode
[  304.695306][T11335] bridge0: port 2(bridge_slave_1) entered blocking state
[  304.729248][T11335] bridge0: port 2(bridge_slave_1) entered disabled state
[  304.757034][T11335] bridge_slave_1: entered allmulticast mode
[  304.798529][T11335] bridge_slave_1: entered promiscuous mode
[  304.956522][T11335] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  305.012872][T11335] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  305.179451][T11335] team0: Port device team_slave_0 added
[  305.218234][T11335] team0: Port device team_slave_1 added
[  305.292750][T11573] loop9: detected capacity change from 0 to 32768
[  305.350813][T11573] 
[  305.350813][T11573]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  305.350813][T11573] 
[  305.420717][T11335] batman_adv: batadv0: Adding interface: batadv_slave_0
[  305.454877][T11335] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  305.462815][T11573] 
[  305.462815][T11573]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  305.462815][T11573] 
[  305.552883][T11335] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  305.568211][T11573] 
[  305.568211][T11573]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  305.568211][T11573] 
[  305.602713][T11573] 
[  305.602713][T11573]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  305.602713][T11573] 
[  305.617532][T11604] loop2: detected capacity change from 0 to 1024
[  305.635672][T11335] batman_adv: batadv0: Adding interface: batadv_slave_1
[  305.649192][T11604] EXT4-fs: Ignoring removed mblk_io_submit option
[  305.672551][T11335] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  305.697729][T11608] vcan0: tx drop: invalid da for name 0x00000000000000f0
[  305.722384][T11573] JFS: metapage_get_blocks failed
[  305.736416][T11604] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  305.767946][T11573] 
[  305.767946][T11573]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  305.767946][T11573] 
[  305.813203][T11573] 
[  305.813203][T11573]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  305.813203][T11573] 
[  305.857813][T11335] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  305.907979][T11604] EXT4-fs (loop2): shut down requested (0)
[  305.916709][T11573] 
[  305.916709][T11573]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  305.916709][T11573] 
[  305.957239][T11602] ERROR: (device loop9): diWrite: ixpxd invalid
[  305.957239][T11602] 
[  306.000465][T11573] 
[  306.000465][T11573]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  306.000465][T11573] 
[  306.019036][T11602] ERROR: (device loop9): txCommit: 
[  306.019036][T11602] 
[  306.062340][T11573] 
[  306.062340][T11573]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  306.062340][T11573] 
[  306.062913][T11602] ERROR: (device loop9): diFree: invalid inoext
[  306.062913][T11602] 
[  306.122419][T10006] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  306.139806][T11335] hsr_slave_0: entered promiscuous mode
[  306.146664][T11335] hsr_slave_1: entered promiscuous mode
[  306.178611][  T112] 
[  306.178611][  T112]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  306.178611][  T112] 
[  306.193125][T11335] debugfs: 'hsr0' already exists in 'hsr'
[  306.223028][T11335] Cannot create hsr debugfs directory
[  306.231466][T11573] 
[  306.231466][T11573]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  306.231466][T11573] 
[  306.316954][T11573] 
[  306.316954][T11573]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  306.316954][T11573] 
[  306.411038][T11573] 
[  306.411038][T11573]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  306.411038][T11573] 
[  306.469890][T11573] 
[  306.469890][T11573]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  306.469890][T11573] 
[  306.499847][T11573] 
[  306.499847][T11573]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  306.499847][T11573] 
[  306.699648][ T7382] ERROR: (device loop9): diWrite: ixpxd invalid
[  306.699648][ T7382] 
[  306.721715][ T7382] ERROR: (device loop9): txCommit: 
[  306.721715][ T7382] 
[  306.750628][ T7382] jfs_write_inode: jfs_commit_inode failed!
[  306.756695][ T9473] 
[  306.756695][ T9473]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  306.756695][ T9473] 
[  306.775920][ T9473] 
[  306.775920][ T9473]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  306.775920][ T9473] 
[  306.956931][   T10] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  307.159723][   T10] usb 8-1: Using ep0 maxpacket: 32
[  307.169392][   T10] usb 8-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  307.196944][   T10] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  307.235524][   T10] usb 8-1: Product: syz
[  307.260758][   T10] usb 8-1: Manufacturer: syz
[  307.265919][   T10] usb 8-1: SerialNumber: syz
[  307.305850][   T10] usb 8-1: config 0 descriptor??
[  307.407565][T11654] misc userio: Can't change port type on an already running userio instance
[  307.786307][   T10] airspy 8-1:0.0: Board ID: 00
[  307.795151][   T10] airspy 8-1:0.0: Firmware version: 
[  308.195518][   T10] airspy 8-1:0.0: usb_control_msg() failed -71 request 0e
[  308.251576][   T10] airspy 8-1:0.0: Registered as swradio24
[  308.259370][   T10] airspy 8-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[  308.324214][   T10] usb 8-1: USB disconnect, device number 9
[  308.717660][T11335] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  308.719198][T11686] loop2: detected capacity change from 0 to 512
[  308.741843][T11335] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  308.777093][T11686] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  308.797151][ T5832] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  308.819399][T11686] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  308.823114][T11335] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  308.902667][T11335] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  308.969295][ T5832] usb 7-1: New USB device found, idVendor=046d, idProduct=c087, bcdDevice= 0.00
[  308.995513][ T5832] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  309.042274][ T5832] usb 7-1: config 0 descriptor??
[  309.092840][T10006] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.264960][ T5832] usbhid 7-1:0.0: can't add hid device: -71
[  309.322918][ T5832] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  309.369706][ T5832] usb 7-1: USB disconnect, device number 9
[  309.443557][T11335] 8021q: adding VLAN 0 to HW filter on device bond0
[  309.478644][T11335] 8021q: adding VLAN 0 to HW filter on device team0
[  309.515398][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[  309.522579][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[  309.637669][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  309.644870][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  310.039363][T11714] loop2: detected capacity change from 0 to 512
[  310.121127][T11714] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  310.396587][T10006] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  310.693994][T11737] loop7: detected capacity change from 0 to 764
[  310.715538][T11335] 8021q: adding VLAN 0 to HW filter on device batadv0
[  310.827091][ T5913] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  311.016922][ T5913] usb 3-1: Using ep0 maxpacket: 32
[  311.066413][ T5913] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  311.106534][ T5913] usb 3-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  311.144298][ T5913] usb 3-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  311.164505][ T5913] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  311.201964][ T5913] usb 3-1: Product: syz
[  311.212084][ T5913] usb 3-1: Manufacturer: syz
[  311.266280][ T5913] hub 3-1:4.0: USB hub found
[  311.451389][ T5913] hub 3-1:4.0: config failed, hub has too many ports! (err -19)
[  311.500709][T11760] loop6: detected capacity change from 0 to 128
[  311.621325][T11760] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  311.732144][T11760] ext4 filesystem being mounted at /231/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  311.806763][ T5832] usb 3-1: USB disconnect, device number 4
[  311.856719][T11335] veth0_vlan: entered promiscuous mode
[  311.874252][T11335] veth1_vlan: entered promiscuous mode
[  311.885039][T11760] fscrypt (loop6, inode 12): Unsupported encryption flags (0xb9)
[  311.973929][T11335] veth0_macvtap: entered promiscuous mode
[  312.011453][T11335] veth1_macvtap: entered promiscuous mode
[  312.042781][T11335] batman_adv: batadv0: Interface activated: batadv_slave_0
[  312.046987][ T6915] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  312.054934][T11335] batman_adv: batadv0: Interface activated: batadv_slave_1
[  312.109094][ T7382] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  312.157438][ T7382] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  312.229595][ T7382] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  312.281442][ T7382] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  312.568637][T11786] loop7: detected capacity change from 0 to 256
[  312.642570][   T60] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  312.663135][T11786] FAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  312.690678][   T60] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  312.817405][   T60] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  312.874421][   T60] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  313.516921][ T5989] usb 10-1: new full-speed USB device number 3 using dummy_hcd
[  313.711846][ T5989] usb 10-1: config 0 has an invalid interface number: 235 but max is 0
[  313.741516][ T5989] usb 10-1: config 0 has no interface number 0
[  313.769476][ T5989] usb 10-1: config 0 interface 235 altsetting 16 endpoint 0x5 has invalid wMaxPacketSize 0
[  313.816941][ T5989] usb 10-1: config 0 interface 235 has no altsetting 0
[  313.849980][ T5989] usb 10-1: New USB device found, idVendor=06cd, idProduct=0112, bcdDevice=3e.18
[  313.859618][ T5989] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  313.879485][ T5989] usb 10-1: Product: syz
[  313.890028][ T5989] usb 10-1: Manufacturer: syz
[  313.909832][ T5989] usb 10-1: SerialNumber: syz
[  313.962312][ T5989] usb 10-1: config 0 descriptor??
[  313.996231][ T5989] keyspan 10-1:0.235: Keyspan 1 port adapter converter detected
[  314.001369][T11793] loop2: detected capacity change from 0 to 32768
[  314.052456][ T5989] keyspan 10-1:0.235: found no endpoint descriptor for endpoint 87
[  314.067245][ T5989] keyspan 10-1:0.235: found no endpoint descriptor for endpoint 7
[  314.093792][T11796] loop6: detected capacity change from 0 to 32768
[  314.097448][ T5989] keyspan 10-1:0.235: found no endpoint descriptor for endpoint 81
[  314.103554][T11793] JBD2: Ignoring recovery information on journal
[  314.108398][ T5989] keyspan 10-1:0.235: found no endpoint descriptor for endpoint 1
[  314.125679][ T5989] keyspan 10-1:0.235: found no endpoint descriptor for endpoint 85
[  314.134226][T11829] loop7: detected capacity change from 0 to 16
[  314.144554][ T5989] usb 10-1: Keyspan 1 port adapter converter now attached to ttyUSB0
[  314.211100][T11829] erofs (device loop7): mounted with root inode @ nid 36.
[  314.235854][ T5989] usb 10-1: USB disconnect, device number 3
[  314.241178][T11796] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  314.242901][T11793] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  314.273949][ T5989] keyspan_1 ttyUSB0: Keyspan 1 port adapter converter now disconnected from ttyUSB0
[  314.288624][ T5989] keyspan 10-1:0.235: device disconnected
[  314.406991][T11829] erofs (device loop7): invalid de[0].nameoff 0 @ nid 36
[  314.418663][T11796] XFS (loop6): Ending clean mount
[  314.470897][T11796] XFS (loop6): Quotacheck needed: Please wait.
[  314.638036][T11796] XFS (loop6): Quotacheck: Done.
[  314.912357][ T6915] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  314.940480][T10006] ocfs2: Unmounting device (7,2) on (node local)
[  315.149257][T11861] loop7: detected capacity change from 0 to 512
[  315.220284][T11861] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  315.379666][T11861] EXT4-fs error (device loop7): ext4_orphan_get:1391: inode #17: comm syz.7.1736: inode has both inline data and extents flags
[  315.515681][T11861] EXT4-fs error (device loop7): ext4_orphan_get:1396: comm syz.7.1736: couldn't read orphan inode 17 (err -117)
[  315.609580][T11861] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  315.728162][T11861] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  315.810601][T11861] overlayfs: failed to look up () for ino (-13)
[  315.945659][ T7593] EXT4-fs error (device loop7): ext4_readdir:264: inode #11: block 4: comm syz-executor: path (unknown): bad entry in directory: inode out of bounds - offset=0, inode=65, rec_len=12, size=4096 fake=1
[  316.224858][ T7593] EXT4-fs error (device loop7): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 65: padding at end of block bitmap is not set
[  316.296558][ T7593] Quota error (device loop7): write_blk: dquota write failed
[  316.319779][ T7593] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota
[  316.361183][ T7593] EXT4-fs error (device loop7): ext4_acquire_dquot:6986: comm syz-executor: Failed to acquire dquot type 0
[  316.406942][   T30] audit: type=1326 audit(1770078010.285:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11894 comm="syz.9.1745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2815f9aeb9 code=0x7ffc0000
[  316.512738][   T30] audit: type=1326 audit(1770078010.285:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11894 comm="syz.9.1745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2815f9aeb9 code=0x7ffc0000
[  316.616254][   T30] audit: type=1326 audit(1770078010.365:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11894 comm="syz.9.1745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=446 compat=0 ip=0x7f2815f9aeb9 code=0x7ffc0000
[  316.726969][   T30] audit: type=1326 audit(1770078010.365:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11894 comm="syz.9.1745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2815f9aeb9 code=0x7ffc0000
[  316.838934][   T30] audit: type=1326 audit(1770078010.365:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11894 comm="syz.9.1745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2815f9aeb9 code=0x7ffc0000
[  316.896910][   T30] audit: type=1326 audit(1770078010.365:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11894 comm="syz.9.1745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=446 compat=0 ip=0x7f2815f9aeb9 code=0x7ffc0000
[  316.906236][T11909] loop2: detected capacity change from 0 to 1024
[  316.962827][T11902] loop6: detected capacity change from 0 to 8192
[  316.978320][T11909] EXT4-fs: Ignoring removed oldalloc option
[  316.984341][T11909] EXT4-fs: Ignoring removed orlov option
[  317.025068][T11909] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  317.028665][   T30] audit: type=1326 audit(1770078010.365:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11894 comm="syz.9.1745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2815f9aeb9 code=0x7ffc0000
[  317.041663][T11902] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  317.180146][T11909] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  317.222564][   T30] audit: type=1326 audit(1770078010.365:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11894 comm="syz.9.1745" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2815f9aeb9 code=0x7ffc0000
[  317.389893][T11528] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  317.464448][T11909] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:4215: comm syz.2.1750: Allocating blocks 449-513 which overlap fs metadata
[  317.615024][T11909] EXT4-fs (loop2): pa ffff888068383d98: logic 256, phys. 385, len 8
[  317.623337][T11909] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:5466: group 0, free 0, pa_free 4
[  317.745467][ T7382] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  317.861122][T10006] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.154855][ T7382] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.166295][T11928] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1754'.
[  318.372210][ T7382] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.483810][ T7382] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  318.829666][   T10] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  318.874922][ T5831] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  318.884262][ T5831] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  318.903616][ T5831] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  318.914555][ T5831] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  318.928624][ T5831] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  318.941474][T11948] sp0: Synchronizing with TNC
[  318.953287][T11946] loop9: detected capacity change from 0 to 4096
[  319.014183][   T10] usb 6-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  319.054759][T11958] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  319.098134][   T10] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  319.169115][   T10] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  319.198291][   T10] usb 6-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  319.234799][T11946] NILFS error (device loop9): nilfs_dotdot: directory #12 missing '.'
[  319.261687][   T10] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  319.301704][T11946] Remounting filesystem read-only
[  319.309569][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.469126][ T9473] NILFS (loop9): disposed unprocessed dirty file(s) when detaching log writer
[  319.504293][   T10] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  319.542817][   T10] usb 6-1: invalid MIDI out EP 0
[  319.665576][ T7382] bridge_slave_1: left allmulticast mode
[  319.688043][ T7382] bridge_slave_1: left promiscuous mode
[  319.693874][ T7382] bridge0: port 2(bridge_slave_1) entered disabled state
[  319.828014][ T7382] bridge_slave_0: left allmulticast mode
[  319.834652][ T7382] bridge_slave_0: left promiscuous mode
[  319.868077][ T7382] bridge0: port 1(bridge_slave_0) entered disabled state
[  320.011377][   T10] snd-usb-audio 6-1:27.0: probe with driver snd-usb-audio failed with error -22
[  320.011585][T11978] loop6: detected capacity change from 0 to 2048
[  320.087855][   T10] usb 6-1: USB disconnect, device number 11
[  320.132282][T11978]  loop6: p1 p2 < > p3 < p5 p6 > p4
[  320.146513][T11980] loop9: detected capacity change from 0 to 512
[  320.163343][T11978] loop6: partition table partially beyond EOD, truncated
[  320.199017][T11980] EXT4-fs: Ignoring removed nobh option
[  320.227512][T11980] EXT4-fs: Ignoring removed orlov option
[  320.227598][T11978] loop6: p1 size 917504 extends beyond EOD, 
[  320.236777][T11980] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  320.249098][T11978] truncated
[  320.322071][T11978] loop6: p2 start 4278190080 is beyond EOD, truncated
[  320.375317][T11980] EXT4-fs (loop9): 1 truncate cleaned up
[  320.390231][T11978] loop6: p4 size 8192 extends beyond EOD, truncated
[  320.421078][T11980] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  320.460556][T11978] loop6: p5 size 917504 extends beyond EOD, truncated
[  320.505299][T11978] loop6: p6 size 8192 extends beyond EOD, truncated
[  320.560375][ T6140] udevd[6140]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  320.653857][ T5188]  loop6: p1 p2 < > p3 < p5 p6 > p4
[  320.660923][ T5188] loop6: partition table partially beyond EOD, truncated
[  320.711525][ T5188] loop6: p1 size 917504 extends beyond EOD, truncated
[  320.740701][ T9473] EXT4-fs error (device loop9): mb_free_blocks:2037: group 0, inode 11: block 54:freeing already freed block (bit 53); block bitmap corrupt.
[  320.758483][ T5188] loop6: p2 start 4278190080 is beyond EOD, truncated
[  320.807113][ T5188] loop6: p4 size 8192 extends beyond EOD, truncated
[  320.828104][ T5188] loop6: p5 size 917504 extends beyond EOD, truncated
[  320.861211][ T5188] loop6: p6 size 8192 extends beyond EOD, truncated
[  320.870885][ T9473] EXT4-fs error (device loop9): ext4_lookup:1785: inode #14: comm syz-executor: invalid fast symlink length 39
[  320.919923][ T9473] EXT4-fs error (device loop9): ext4_lookup:1785: inode #14: comm syz-executor: invalid fast symlink length 39
[  321.007304][ T5825] Bluetooth: hci5: command tx timeout
[  321.582539][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  321.589170][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  321.638095][ T7382] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  321.662106][ T7382] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  321.673026][ T7382] bond0 (unregistering): Released all slaves
[  322.005596][ T7382] tipc: Disabling bearer <udp:syz2>
[  322.023682][ T7382] tipc: Left network mode
[  322.056622][ T9473] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  322.289024][T12009] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1781'.
[  322.685519][ T7382] hsr_slave_0: left promiscuous mode
[  322.711525][ T7382] hsr_slave_1: left promiscuous mode
[  322.729831][ T7382] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  322.752392][ T7382] batman_adv: batadv0: Removing interface: batadv_slave_0
[  322.762041][ T7382] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  322.781582][ T7382] batman_adv: batadv0: Removing interface: batadv_slave_1
[  322.802962][ T7382] batman_adv: batadv0: Interface deactivated: dummy0
[  322.823151][ T7382] batman_adv: batadv0: Removing interface: dummy0
[  322.925924][ T7382] veth1_macvtap: left promiscuous mode
[  322.939881][ T7382] veth0_macvtap: left promiscuous mode
[  322.953501][ T7382] veth1_vlan: left promiscuous mode
[  322.973402][ T5831] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  322.975659][ T7382] veth0_vlan: left promiscuous mode
[  322.987785][ T5831] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  322.996476][ T5831] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  323.009633][ T5831] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  323.020518][ T5831] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  323.087760][ T5825] Bluetooth: hci5: command tx timeout
[  324.096326][T12037] loop2: detected capacity change from 0 to 32768
[  324.619151][T12063] serio: Serial port ptm0
[  325.089478][ T5825] Bluetooth: hci2: command tx timeout
[  325.126950][ T7382] team0 (unregistering): Port device team_slave_1 removed
[  325.141555][T12078] Bluetooth: MGMT ver 1.23
[  325.174743][ T5825] Bluetooth: hci5: command tx timeout
[  325.310195][ T7382] team0 (unregistering): Port device team_slave_0 removed
[  325.443019][T12083] loop2: detected capacity change from 0 to 256
[  325.461419][T12083] exFAT-fs (loop2): failed to test first cluster bit of root dir(5)
[  325.533097][T12083] exFAT-fs (loop2): start_clu is invalid cluster(0x400)
[  326.623151][T12105] loop2: detected capacity change from 0 to 256
[  326.638635][T11949] chnl_net:caif_netlink_parms(): no params data found
[  326.723027][T12105] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000e8a4, chksum : 0x7bc75166, utbl_chksum : 0xe619d30d)
[  326.821079][T12105] exFAT-fs (loop2): error, in sector 160, dentry 11 should be unused, but 0xc1
[  326.836999][T12105] exFAT-fs (loop2): Filesystem has been set read-only
[  326.996168][T12113] loop6: detected capacity change from 0 to 2048
[  327.100263][T12113] UDF-fs: error (device loop6): udf_process_sequence: Primary Volume Descriptor not found!
[  327.167934][ T5825] Bluetooth: hci2: command tx timeout
[  327.251915][ T5825] Bluetooth: hci5: command tx timeout
[  327.440930][T11949] bridge0: port 1(bridge_slave_0) entered blocking state
[  327.482600][T11949] bridge0: port 1(bridge_slave_0) entered disabled state
[  327.511481][T11949] bridge_slave_0: entered allmulticast mode
[  327.529459][T11949] bridge_slave_0: entered promiscuous mode
[  327.602709][T11949] bridge0: port 2(bridge_slave_1) entered blocking state
[  327.633072][T11949] bridge0: port 2(bridge_slave_1) entered disabled state
[  327.646993][ T5894] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  327.675155][T11949] bridge_slave_1: entered allmulticast mode
[  327.689510][T11949] bridge_slave_1: entered promiscuous mode
[  327.835559][ T5894] usb 3-1: Using ep0 maxpacket: 32
[  327.862833][ T5894] usb 3-1: config 232 has an invalid interface number: 126 but max is 0
[  327.893207][ T5894] usb 3-1: config 232 has no interface number 0
[  327.900184][ T5894] usb 3-1: config 232 interface 126 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023
[  327.911059][ T5894] usb 3-1: config 232 interface 126 altsetting 16 endpoint 0x82 has invalid wMaxPacketSize 0
[  327.921920][ T5894] usb 3-1: config 232 interface 126 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 0
[  327.932354][ T5894] usb 3-1: config 232 interface 126 has no altsetting 0
[  327.943565][ T5894] usb 3-1: New USB device found, idVendor=09c4, idProduct=0011, bcdDevice=b0.1c
[  327.953058][ T5894] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  327.968831][ T5894] usb 3-1: Product: syz
[  327.973312][ T5894] usb 3-1: Manufacturer: syz
[  327.983447][ T5894] usb 3-1: SerialNumber: syz
[  327.997807][T11949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  328.018705][T12146] netdevsim netdevsim6 netdevsim0: entered allmulticast mode
[  328.019012][T12131] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  328.090520][T11949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  328.344223][T11949] team0: Port device team_slave_0 added
[  328.362475][T11949] team0: Port device team_slave_1 added
[  328.510752][ T5894] ir_usb 3-1:232.126: IR Dongle converter detected
[  328.631233][ T7382] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.672724][T12025] chnl_net:caif_netlink_parms(): no params data found
[  328.723943][ T5894] usb 3-1: IR Dongle converter now attached to ttyUSB0
[  328.954075][T12181] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1828'.
[  328.963270][T12181] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1828'.
[  328.981260][ T5894] usb 3-1: USB disconnect, device number 5
[  329.010470][ T5894] ir-usb ttyUSB0: IR Dongle converter now disconnected from ttyUSB0
[  329.035445][ T5894] ir_usb 3-1:232.126: device disconnected
[  329.083204][ T7382] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.227001][ T3008] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  329.246973][ T5825] Bluetooth: hci2: command tx timeout
[  329.421877][ T7382] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.513666][T11949] batman_adv: batadv0: Adding interface: batadv_slave_0
[  329.534426][T11949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  329.649206][T11949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  329.688601][T11949] batman_adv: batadv0: Adding interface: batadv_slave_1
[  329.718297][T11949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  329.796269][T11949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  329.840276][ T3008] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  329.901784][ T7382] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.935444][T12195] netlink: 'syz.2.1831': attribute type 12 has an invalid length.
[  330.011878][ T3008] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  330.059490][ T3008] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  330.201113][T11949] hsr_slave_0: entered promiscuous mode
[  330.218046][T11949] hsr_slave_1: entered promiscuous mode
[  330.235564][T11949] debugfs: 'hsr0' already exists in 'hsr'
[  330.256922][T11949] Cannot create hsr debugfs directory
[  330.265042][T12209] loop2: detected capacity change from 0 to 2048
[  330.322693][T12025] bridge0: port 1(bridge_slave_0) entered blocking state
[  330.327995][T12209] UDF-fs: error (device loop2): udf_process_sequence: Primary Volume Descriptor not found!
[  330.355646][T12025] bridge0: port 1(bridge_slave_0) entered disabled state
[  330.383956][T12025] bridge_slave_0: entered allmulticast mode
[  330.402951][T12209] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  330.414960][T12025] bridge_slave_0: entered promiscuous mode
[  330.457045][T12217] netlink: 'syz.6.1837': attribute type 1 has an invalid length.
[  330.493623][T12217] netlink: 96 bytes leftover after parsing attributes in process `syz.6.1837'.
[  330.497170][T12025] bridge0: port 2(bridge_slave_1) entered blocking state
[  330.530487][T12217] netlink: 1 bytes leftover after parsing attributes in process `syz.6.1837'.
[  330.532403][T12025] bridge0: port 2(bridge_slave_1) entered disabled state
[  330.567266][T12025] bridge_slave_1: entered allmulticast mode
[  330.574130][T12217] netlink: 'syz.6.1837': attribute type 1 has an invalid length.
[  330.575795][T12025] bridge_slave_1: entered promiscuous mode
[  330.622504][T12217] netlink: 'syz.6.1837': attribute type 8 has an invalid length.
[  330.712222][T12217] netlink: 582 bytes leftover after parsing attributes in process `syz.6.1837'.
[  330.969276][T12227] usb usb6: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  330.989053][T12192] loop4: detected capacity change from 0 to 32768
[  331.021511][T12025] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  331.058092][T12192] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  331.172164][T12192] XFS (loop4): Ending clean mount
[  331.184077][T12025] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  331.192781][T12192] XFS (loop4): Quotacheck needed: Please wait.
[  331.306687][T12192] XFS (loop4): Quotacheck: Done.
[  331.327005][ T5825] Bluetooth: hci2: command tx timeout
[  331.397373][ T7382] bridge_slave_1: left allmulticast mode
[  331.404161][ T7382] bridge_slave_1: left promiscuous mode
[  331.410998][ T7382] bridge0: port 2(bridge_slave_1) entered disabled state
[  331.414337][T11335] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  331.429829][ T5829] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  331.478348][ T7382] bridge_slave_0: left allmulticast mode
[  331.488381][ T7382] bridge_slave_0: left promiscuous mode
[  331.497955][ T7382] bridge0: port 1(bridge_slave_0) entered disabled state
[  331.587897][ T5829] usb 3-1: Using ep0 maxpacket: 16
[  331.626133][ T5829] usb 3-1: unable to get BOS descriptor or descriptor too short
[  331.659224][ T5829] usb 3-1: unable to read config index 0 descriptor/start: -71
[  331.671701][ T5829] usb 3-1: can't read configurations, error -71
[  331.916958][ T5973] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  332.069493][ T5973] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  332.106995][ T5973] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  332.136996][ T5973] usb 6-1: New USB device found, idVendor=054c, idProduct=0ba0, bcdDevice= 0.00
[  332.155410][ T5973] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  332.188078][ T5973] usb 6-1: config 0 descriptor??
[  332.640601][ T7382] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  332.647931][ T5973] playstation 0003:054C:0BA0.0010: unknown main item tag 0x0
[  332.669819][ T5973] playstation 0003:054C:0BA0.0010: hidraw0: USB HID v0.00 Device [HID 054c:0ba0] on usb-dummy_hcd.5-1/input0
[  332.693356][ T7382] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  332.709240][ T7382] bond0 (unregistering): Released all slaves
[  332.752704][T12025] team0: Port device team_slave_0 added
[  332.842524][ T5973] playstation 0003:054C:0BA0.0010: Invalid reportID received, expected 18 got 146
[  332.876157][ T5973] playstation 0003:054C:0BA0.0010: Failed to retrieve DualShock4 pairing info: -22
[  332.917228][ T5973] playstation 0003:054C:0BA0.0010: Failed to get MAC address from DualShock4
[  332.951186][T12025] team0: Port device team_slave_1 added
[  332.956137][ T5973] playstation 0003:054C:0BA0.0010: Failed to create dualshock4.
[  333.020451][T12266] loop2: detected capacity change from 0 to 64
[  333.043069][ T5973] playstation 0003:054C:0BA0.0010: probe with driver playstation failed with error -22
[  333.130170][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  333.130191][   T30] audit: type=1800 audit(1770078027.015:104): pid=12266 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1851" name="file1" dev="loop2" ino=22 res=0 errno=0
[  333.187459][T12273] program syz.4.1854 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  333.199087][ T5973] usb 6-1: USB disconnect, device number 12
[  333.557006][T12025] batman_adv: batadv0: Adding interface: batadv_slave_0
[  333.586074][T12025] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  333.699413][T12025] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  333.951694][T12025] batman_adv: batadv0: Adding interface: batadv_slave_1
[  333.985795][T12025] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  334.071194][T12301] program syz.6.1862 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  334.080626][T12025] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  334.634088][T12313] loop2: detected capacity change from 0 to 2048
[  334.646222][ T7382] hsr_slave_0: left promiscuous mode
[  334.688241][ T7382] hsr_slave_1: left promiscuous mode
[  334.697667][T12313] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  334.720174][ T7382] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  334.745871][ T7382] batman_adv: batadv0: Removing interface: batadv_slave_0
[  334.783573][ T7382] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  334.801997][ T7382] batman_adv: batadv0: Removing interface: batadv_slave_1
[  334.859174][ T7382] veth1_macvtap: left promiscuous mode
[  334.873205][ T7382] veth0_macvtap: left promiscuous mode
[  334.907970][ T7382] veth1_vlan: left promiscuous mode
[  334.924411][ T7382] veth0_vlan: left promiscuous mode
[  335.990176][ T7382] team0 (unregistering): Port device team_slave_1 removed
[  336.039258][ T7382] team0 (unregistering): Port device team_slave_0 removed
[  336.471349][T12025] hsr_slave_0: entered promiscuous mode
[  336.478019][T12025] hsr_slave_1: entered promiscuous mode
[  336.484265][T12025] debugfs: 'hsr0' already exists in 'hsr'
[  336.491251][T12025] Cannot create hsr debugfs directory
[  336.715409][T12373] 
[  336.717777][T12373] =====================================================
[  336.724691][T12373] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected
[  336.732133][T12373] syzkaller #0 Tainted: G             L     
[  336.738095][T12373] -----------------------------------------------------
[  336.745007][T12373] syz.6.1880/12373 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
[  336.752799][T12373] ffffffff8e20c058 (tasklist_lock){.+.+}-{3:3}, at: send_sigio+0x101/0x370
[  336.761428][T12373] 
[  336.761428][T12373] and this task is already holding:
[  336.768811][T12373] ffff88807666f5a0 (&f_owner->lock){....}-{3:3}, at: send_sigio+0x38/0x370
[  336.777442][T12373] which would create a new lock dependency:
[  336.783312][T12373]  (&f_owner->lock){....}-{3:3} -> (tasklist_lock){.+.+}-{3:3}
[  336.790900][T12373] 
[  336.790900][T12373] but this new dependency connects a SOFTIRQ-irq-safe lock:
[  336.800335][T12373]  (&dev->event_lock#2){..-.}-{3:3}
[  336.800379][T12373] 
[  336.800379][T12373] ... which became SOFTIRQ-irq-safe at:
[  336.813235][T12373]   lock_acquire+0x106/0x330
[  336.817831][T12373]   _raw_spin_lock_irqsave+0x40/0x60
[  336.823114][T12373]   input_event+0x76/0xe0
[  336.827436][T12373]   atp_complete_geyser_3_4+0xf0c/0x1d90
[  336.833112][T12373]   __usb_hcd_giveback_urb+0x376/0x540
[  336.838570][T12373]   dummy_timer+0xbbd/0x45d0
[  336.843168][T12373]   __hrtimer_run_queues+0x527/0xc30
[  336.848441][T12373]   hrtimer_run_softirq+0x182/0x5a0
[  336.853632][T12373]   handle_softirqs+0x22a/0x7c0
[  336.858480][T12373]   __irq_exit_rcu+0x5f/0x150
[  336.863143][T12373]   irq_exit_rcu+0x9/0x30
[  336.867455][T12373]   sysvec_apic_timer_interrupt+0xa6/0xc0
[  336.873161][T12373]   asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  336.879214][T12373]   __kasan_check_write+0xa/0x20
[  336.884147][T12373]   __mutex_unlock_slowpath+0x1b0/0x7d0
[  336.889685][T12373]   input_open_device+0x2ce/0x3b0
[  336.894702][T12373]   mousedev_open_device+0xcc/0x150
[  336.899892][T12373]   mousedev_open+0x2ef/0x4a0
[  336.904562][T12373]   chrdev_open+0x4cd/0x5e0
[  336.909059][T12373]   do_dentry_open+0x7ce/0x1420
[  336.913899][T12373]   vfs_open+0x3b/0x340
[  336.918043][T12373]   path_openat+0x3486/0x3e20
[  336.922721][T12373]   do_filp_open+0x22d/0x490
[  336.927312][T12373]   do_sys_openat2+0x12f/0x220
[  336.932087][T12373]   __x64_sys_openat+0x138/0x170
[  336.937027][T12373]   do_syscall_64+0xe2/0xf80
[  336.941708][T12373]   entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  336.947680][T12373] 
[  336.947680][T12373] to a SOFTIRQ-irq-unsafe lock:
[  336.954684][T12373]  (tasklist_lock){.+.+}-{3:3}
[  336.954718][T12373] 
[  336.954718][T12373] ... which became SOFTIRQ-irq-unsafe at:
[  336.967323][T12373] ...
[  336.967337][T12373]   lock_acquire+0x106/0x330
[  336.974581][T12373]   _raw_read_lock+0x36/0x50
[  336.979164][T12373]   __do_wait+0xde/0x740
[  336.983402][T12373]   do_wait+0x1e7/0x4f0
[  336.987554][T12373]   kernel_wait+0xd6/0x1c0
[  336.991964][T12373]   call_usermodehelper_exec_work+0xbe/0x230
[  336.997945][T12373]   process_scheduled_works+0xaec/0x17a0
[  337.003577][T12373]   worker_thread+0xda6/0x1360
[  337.008342][T12373]   kthread+0x726/0x8b0
[  337.012503][T12373]   ret_from_fork+0x51b/0xa40
[  337.017184][T12373]   ret_from_fork_asm+0x1a/0x30
[  337.022042][T12373] 
[  337.022042][T12373] other info that might help us debug this:
[  337.022042][T12373] 
[  337.032253][T12373] Chain exists of:
[  337.032253][T12373]   &dev->event_lock#2 --> &f_owner->lock --> tasklist_lock
[  337.032253][T12373] 
[  337.045309][T12373]  Possible interrupt unsafe locking scenario:
[  337.045309][T12373] 
[  337.053628][T12373]        CPU0                    CPU1
[  337.058976][T12373]        ----                    ----
[  337.064332][T12373]   lock(tasklist_lock);
[  337.068568][T12373]                                local_irq_disable();
[  337.075303][T12373]                                lock(&dev->event_lock#2);
[  337.082503][T12373]                                lock(&f_owner->lock);
[  337.089347][T12373]   <Interrupt>
[  337.092782][T12373]     lock(&dev->event_lock#2);
[  337.097633][T12373] 
[  337.097633][T12373]  *** DEADLOCK ***
[  337.097633][T12373] 
[  337.105844][T12373] 5 locks held by syz.6.1880/12373:
[  337.111021][T12373]  #0: ffff8880774c8420 (sb_writers#5){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  337.120192][T12373]  #1: ffff888032327738 (&type->i_mutex_dir_key#5/1){+.+.}-{4:4}, at: filename_create+0x200/0x370
[  337.130850][T12373]  #2: ffffffff9a057af8 (&fsnotify_mark_srcu){.+.?}-{0:0}, at: fsnotify+0x74c/0x1ae0
[  337.140352][T12373]  #3: ffff888073a84100 (&mark->lock){+.+.}-{3:3}, at: dnotify_handle_event+0x62/0x440
[  337.150028][T12373]  #4: ffff88807666f5a0 (&f_owner->lock){....}-{3:3}, at: send_sigio+0x38/0x370
[  337.159094][T12373] 
[  337.159094][T12373] the dependencies between SOFTIRQ-irq-safe lock and the holding lock:
[  337.169482][T12373]    -> (&dev->event_lock#2){..-.}-{3:3} {
[  337.175315][T12373]       IN-SOFTIRQ-W at:
[  337.179544][T12373]                           lock_acquire+0x106/0x330
[  337.186220][T12373]                           _raw_spin_lock_irqsave+0x40/0x60
[  337.193592][T12373]                           input_event+0x76/0xe0
[  337.200000][T12373]                           atp_complete_geyser_3_4+0xf0c/0x1d90
[  337.207711][T12373]                           __usb_hcd_giveback_urb+0x376/0x540
[  337.215256][T12373]                           dummy_timer+0xbbd/0x45d0
[  337.221944][T12373]                           __hrtimer_run_queues+0x527/0xc30
[  337.229315][T12373]                           hrtimer_run_softirq+0x182/0x5a0
[  337.236595][T12373]                           handle_softirqs+0x22a/0x7c0
[  337.243518][T12373]                           __irq_exit_rcu+0x5f/0x150
[  337.250271][T12373]                           irq_exit_rcu+0x9/0x30
[  337.256680][T12373]                           sysvec_apic_timer_interrupt+0xa6/0xc0
[  337.264474][T12373]                           asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  337.272619][T12373]                           __kasan_check_write+0xa/0x20
[  337.279648][T12373]                           __mutex_unlock_slowpath+0x1b0/0x7d0
[  337.287286][T12373]                           input_open_device+0x2ce/0x3b0
[  337.294395][T12373]                           mousedev_open_device+0xcc/0x150
[  337.301675][T12373]                           mousedev_open+0x2ef/0x4a0
[  337.308429][T12373]                           chrdev_open+0x4cd/0x5e0
[  337.315015][T12373]                           do_dentry_open+0x7ce/0x1420
[  337.321944][T12373]                           vfs_open+0x3b/0x340
[  337.328174][T12373]                           path_openat+0x3486/0x3e20
[  337.334932][T12373]                           do_filp_open+0x22d/0x490
[  337.341655][T12373]                           do_sys_openat2+0x12f/0x220
[  337.348533][T12373]                           __x64_sys_openat+0x138/0x170
[  337.355544][T12373]                           do_syscall_64+0xe2/0xf80
[  337.362294][T12373]                           entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.370361][T12373]       INITIAL USE at:
[  337.374508][T12373]                          lock_acquire+0x106/0x330
[  337.381099][T12373]                          _raw_spin_lock_irqsave+0x40/0x60
[  337.388385][T12373]                          input_inject_event+0xa5/0x340
[  337.395403][T12373]                          kbd_led_trigger_activate+0xbc/0x100
[  337.403039][T12373]                          led_trigger_set+0x535/0x960
[  337.409891][T12373]                          led_trigger_set_default+0x260/0x2a0
[  337.417435][T12373]                          led_classdev_register_ext+0x787/0x9c0
[  337.425146][T12373]                          input_leds_connect+0x517/0x790
[  337.432263][T12373]                          input_register_device+0xd00/0x1160
[  337.439717][T12373]                          atkbd_connect+0x731/0xa50
[  337.446380][T12373]                          serio_driver_probe+0x82/0xd0
[  337.453315][T12373]                          really_probe+0x267/0xaf0
[  337.459896][T12373]                          __driver_probe_device+0x18c/0x320
[  337.467259][T12373]                          driver_probe_device+0x4f/0x240
[  337.474385][T12373]                          __driver_attach+0x349/0x640
[  337.481231][T12373]                          bus_for_each_dev+0x23b/0x2c0
[  337.488172][T12373]                          serio_handle_event+0x232/0x10d0
[  337.495376][T12373]                          process_scheduled_works+0xaec/0x17a0
[  337.503013][T12373]                          worker_thread+0xda6/0x1360
[  337.509784][T12373]                          kthread+0x726/0x8b0
[  337.515931][T12373]                          ret_from_fork+0x51b/0xa40
[  337.522604][T12373]                          ret_from_fork_asm+0x1a/0x30
[  337.529481][T12373]     }
[  337.532226][T12373]     ... key      at: [<ffffffff9a372b20>] input_allocate_device.__key.7+0x0/0x20
[  337.541505][T12373]   -> (&client->buffer_lock){....}-{3:3} {
[  337.547415][T12373]      INITIAL USE at:
[  337.551468][T12373]                        lock_acquire+0x106/0x330
[  337.557878][T12373]                        _raw_spin_lock+0x2e/0x40
[  337.564288][T12373]                        evdev_pass_values+0xb9/0xbd0
[  337.571057][T12373]                        evdev_events+0x1e6/0x340
[  337.577478][T12373]                        input_pass_values+0x288/0x890
[  337.584329][T12373]                        input_event_dispose+0x330/0x6b0
[  337.591348][T12373]                        input_inject_event+0x1dd/0x340
[  337.598277][T12373]                        evdev_write+0x325/0x4c0
[  337.604609][T12373]                        vfs_write+0x29a/0xb90
[  337.610760][T12373]                        ksys_write+0x150/0x270
[  337.617002][T12373]                        do_syscall_64+0xe2/0xf80
[  337.623405][T12373]                        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.631200][T12373]    }
[  337.633855][T12373]    ... key      at: [<ffffffff9a372dc0>] evdev_open.__key.27+0x0/0x20
[  337.642186][T12373]    ... acquired at:
[  337.646237][T12373]    _raw_spin_lock+0x2e/0x40
[  337.650921][T12373]    evdev_pass_values+0xb9/0xbd0
[  337.655953][T12373]    evdev_events+0x1e6/0x340
[  337.660633][T12373]    input_pass_values+0x288/0x890
[  337.665747][T12373]    input_event_dispose+0x330/0x6b0
[  337.671037][T12373]    input_inject_event+0x1dd/0x340
[  337.676241][T12373]    evdev_write+0x325/0x4c0
[  337.680832][T12373]    vfs_write+0x29a/0xb90
[  337.685248][T12373]    ksys_write+0x150/0x270
[  337.689749][T12373]    do_syscall_64+0xe2/0xf80
[  337.694416][T12373]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.700473][T12373] 
[  337.702782][T12373]  -> (&new->fa_lock){....}-{3:3} {
[  337.707996][T12373]     INITIAL USE at:
[  337.711970][T12373]                      lock_acquire+0x106/0x330
[  337.718296][T12373]                      _raw_write_lock_irq+0x3d/0x50
[  337.725046][T12373]                      fasync_remove_entry+0xf1/0x1c0
[  337.731805][T12373]                      __tty_hangup+0x29b/0x680
[  337.738037][T12373]                      tty_ioctl+0x757/0xde0
[  337.744009][T12373]                      __se_sys_ioctl+0xfc/0x170
[  337.750335][T12373]                      do_syscall_64+0xe2/0xf80
[  337.756569][T12373]                      entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.764189][T12373]     INITIAL READ USE at:
[  337.768596][T12373]                           lock_acquire+0x106/0x330
[  337.775271][T12373]                           _raw_read_lock_irqsave+0x48/0x60
[  337.782633][T12373]                           kill_fasync+0x199/0x4d0
[  337.789224][T12373]                           fuse_abort_conn+0xfda/0x1340
[  337.796249][T12373]                           cuse_process_init_reply+0x8ac/0xe30
[  337.803880][T12373]                           fuse_request_end+0xbe2/0xed0
[  337.810906][T12373]                           fuse_dev_do_write+0x1e8f/0x4200
[  337.818198][T12373]                           fuse_dev_write+0x177/0x220
[  337.825047][T12373]                           vfs_write+0x61d/0xb90
[  337.831474][T12373]                           ksys_write+0x150/0x270
[  337.837974][T12373]                           do_syscall_64+0xe2/0xf80
[  337.844639][T12373]                           entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.852697][T12373]   }
[  337.855267][T12373]   ... key      at: [<ffffffff9a054c80>] fasync_insert_entry.__key+0x0/0x20
[  337.864019][T12373]   ... acquired at:
[  337.867888][T12373]    _raw_read_lock_irqsave+0x48/0x60
[  337.873248][T12373]    kill_fasync+0x199/0x4d0
[  337.877832][T12373]    evdev_pass_values+0x627/0xbd0
[  337.882945][T12373]    evdev_events+0x1e6/0x340
[  337.887617][T12373]    input_pass_values+0x288/0x890
[  337.892730][T12373]    input_event_dispose+0x330/0x6b0
[  337.898009][T12373]    input_inject_event+0x1dd/0x340
[  337.903212][T12373]    evdev_write+0x325/0x4c0
[  337.907805][T12373]    vfs_write+0x29a/0xb90
[  337.912222][T12373]    ksys_write+0x150/0x270
[  337.916723][T12373]    do_syscall_64+0xe2/0xf80
[  337.921389][T12373]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.927446][T12373] 
[  337.929752][T12373] -> (&f_owner->lock){....}-{3:3} {
[  337.934961][T12373]    INITIAL USE at:
[  337.938837][T12373]                    lock_acquire+0x106/0x330
[  337.944907][T12373]                    _raw_write_lock_irq+0x3d/0x50
[  337.951395][T12373]                    __f_setown+0x67/0x370
[  337.957198][T12373]                    tty_fasync+0x2db/0x350
[  337.963085][T12373]                    do_vfs_ioctl+0x1117/0x1530
[  337.969323][T12373]                    __se_sys_ioctl+0x82/0x170
[  337.975475][T12373]                    do_syscall_64+0xe2/0xf80
[  337.981624][T12373]                    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  337.989079][T12373]    INITIAL READ USE at:
[  337.993395][T12373]                         lock_acquire+0x106/0x330
[  337.999895][T12373]                         _raw_read_lock_irqsave+0x48/0x60
[  338.007079][T12373]                         send_sigio+0x38/0x370
[  338.013325][T12373]                         kill_fasync+0x24d/0x4d0
[  338.019735][T12373]                         lease_break_callback+0x26/0x30
[  338.026749][T12373]                         __break_lease+0x741/0x1b80
[  338.033426][T12373]                         do_dentry_open+0x73a/0x1420
[  338.040183][T12373]                         vfs_open+0x3b/0x340
[  338.046245][T12373]                         path_openat+0x3486/0x3e20
[  338.052830][T12373]                         do_filp_open+0x22d/0x490
[  338.059330][T12373]                         do_sys_openat2+0x12f/0x220
[  338.066017][T12373]                         __x64_sys_openat+0x138/0x170
[  338.072884][T12373]                         do_syscall_64+0xe2/0xf80
[  338.079382][T12373]                         entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.087281][T12373]  }
[  338.089780][T12373]  ... key      at: [<ffffffff9a054c60>] file_f_owner_allocate.__key+0x0/0x20
[  338.098630][T12373]  ... acquired at:
[  338.102416][T12373]    _raw_read_lock_irqsave+0x48/0x60
[  338.107798][T12373]    send_sigio+0x38/0x370
[  338.112213][T12373]    kill_fasync+0x24d/0x4d0
[  338.116798][T12373]    lease_break_callback+0x26/0x30
[  338.121990][T12373]    __break_lease+0x741/0x1b80
[  338.126837][T12373]    do_dentry_open+0x73a/0x1420
[  338.131772][T12373]    vfs_open+0x3b/0x340
[  338.136036][T12373]    path_openat+0x3486/0x3e20
[  338.140801][T12373]    do_filp_open+0x22d/0x490
[  338.145474][T12373]    do_sys_openat2+0x12f/0x220
[  338.150314][T12373]    __x64_sys_openat+0x138/0x170
[  338.155360][T12373]    do_syscall_64+0xe2/0xf80
[  338.160024][T12373]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.166075][T12373] 
[  338.168395][T12373] 
[  338.168395][T12373] the dependencies between the lock to be acquired
[  338.168407][T12373]  and SOFTIRQ-irq-unsafe lock:
[  338.181889][T12373] -> (tasklist_lock){.+.+}-{3:3} {
[  338.187024][T12373]    HARDIRQ-ON-R at:
[  338.191175][T12373]                     lock_acquire+0x106/0x330
[  338.197341][T12373]                     _raw_read_lock+0x36/0x50
[  338.203481][T12373]                     __do_wait+0xde/0x740
[  338.209283][T12373]                     do_wait+0x1e7/0x4f0
[  338.215006][T12373]                     kernel_wait+0xd6/0x1c0
[  338.220980][T12373]                     call_usermodehelper_exec_work+0xbe/0x230
[  338.228523][T12373]                     process_scheduled_works+0xaec/0x17a0
[  338.235728][T12373]                     worker_thread+0xda6/0x1360
[  338.242054][T12373]                     kthread+0x726/0x8b0
[  338.247764][T12373]                     ret_from_fork+0x51b/0xa40
[  338.254001][T12373]                     ret_from_fork_asm+0x1a/0x30
[  338.260410][T12373]    SOFTIRQ-ON-R at:
[  338.264377][T12373]                     lock_acquire+0x106/0x330
[  338.270528][T12373]                     _raw_read_lock+0x36/0x50
[  338.276668][T12373]                     __do_wait+0xde/0x740
[  338.282482][T12373]                     do_wait+0x1e7/0x4f0
[  338.288205][T12373]                     kernel_wait+0xd6/0x1c0
[  338.294179][T12373]                     call_usermodehelper_exec_work+0xbe/0x230
[  338.301720][T12373]                     process_scheduled_works+0xaec/0x17a0
[  338.308915][T12373]                     worker_thread+0xda6/0x1360
[  338.315332][T12373]                     kthread+0x726/0x8b0
[  338.321040][T12373]                     ret_from_fork+0x51b/0xa40
[  338.327281][T12373]                     ret_from_fork_asm+0x1a/0x30
[  338.333701][T12373]    INITIAL USE at:
[  338.337583][T12373]                    lock_acquire+0x106/0x330
[  338.343644][T12373]                    _raw_write_lock_irq+0x3d/0x50
[  338.350129][T12373]                    copy_process+0x2199/0x3980
[  338.356395][T12373]                    kernel_clone+0x248/0x870
[  338.362451][T12373]                    user_mode_thread+0x110/0x180
[  338.368854][T12373]                    rest_init+0x23/0x300
[  338.374568][T12373]                    start_kernel+0x380/0x3d0
[  338.380625][T12373]                    x86_64_start_reservations+0x24/0x30
[  338.387638][T12373]                    x86_64_start_kernel+0x143/0x1c0
[  338.394321][T12373]                    common_startup_64+0x13e/0x147
[  338.400819][T12373]    INITIAL READ USE at:
[  338.405136][T12373]                         lock_acquire+0x106/0x330
[  338.411634][T12373]                         _raw_read_lock+0x36/0x50
[  338.418119][T12373]                         __do_wait+0xde/0x740
[  338.424263][T12373]                         do_wait+0x1e7/0x4f0
[  338.430332][T12373]                         kernel_wait+0xd6/0x1c0
[  338.436678][T12373]                         call_usermodehelper_exec_work+0xbe/0x230
[  338.444656][T12373]                         process_scheduled_works+0xaec/0x17a0
[  338.452204][T12373]                         worker_thread+0xda6/0x1360
[  338.458880][T12373]                         kthread+0x726/0x8b0
[  338.464936][T12373]                         ret_from_fork+0x51b/0xa40
[  338.471522][T12373]                         ret_from_fork_asm+0x1a/0x30
[  338.478279][T12373]  }
[  338.480759][T12373]  ... key      at: [<ffffffff8e20c058>] tasklist_lock+0x18/0x40
[  338.488470][T12373]  ... acquired at:
[  338.492254][T12373]    _raw_read_lock+0x36/0x50
[  338.496918][T12373]    send_sigio+0x101/0x370
[  338.501465][T12373]    dnotify_handle_event+0x169/0x440
[  338.506831][T12373]    fsnotify+0x1831/0x1ae0
[  338.511327][T12373]    fsnotify_mkdir+0x121/0x180
[  338.516214][T12373]    vfs_mkdir+0x78f/0x870
[  338.520629][T12373]    do_mkdirat+0x27d/0x4b0
[  338.525129][T12373]    __x64_sys_mkdir+0x6c/0x80
[  338.529889][T12373]    do_syscall_64+0xe2/0xf80
[  338.534554][T12373]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.540609][T12373] 
[  338.542912][T12373] 
[  338.542912][T12373] stack backtrace:
[  338.548791][T12373] CPU: 1 UID: 0 PID: 12373 Comm: syz.6.1880 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  338.548820][T12373] Tainted: [L]=SOFTLOCKUP
[  338.548828][T12373] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  338.548842][T12373] Call Trace:
[  338.548853][T12373]  <TASK>
[  338.548864][T12373]  dump_stack_lvl+0xe8/0x150
[  338.548892][T12373]  __lock_acquire+0x2a94/0x2cf0
[  338.548938][T12373]  ? send_sigio+0x101/0x370
[  338.548965][T12373]  lock_acquire+0x106/0x330
[  338.548993][T12373]  ? send_sigio+0x101/0x370
[  338.549023][T12373]  ? srso_alias_return_thunk+0x5/0xfbef5
[  338.549048][T12373]  ? do_raw_spin_lock+0x12b/0x2f0
[  338.549076][T12373]  _raw_read_lock+0x36/0x50
[  338.549095][T12373]  ? send_sigio+0x101/0x370
[  338.549122][T12373]  send_sigio+0x101/0x370
[  338.549152][T12373]  dnotify_handle_event+0x169/0x440
[  338.549190][T12373]  fsnotify+0x1831/0x1ae0
[  338.549214][T12373]  ? srso_alias_return_thunk+0x5/0xfbef5
[  338.549238][T12373]  ? seqcount_lockdep_reader_access+0xea/0x100
[  338.549273][T12373]  ? fsnotify+0x74c/0x1ae0
[  338.549296][T12373]  ? __pfx_fsnotify+0x10/0x10
[  338.549323][T12373]  ? srso_alias_return_thunk+0x5/0xfbef5
[  338.549353][T12373]  ? _raw_spin_unlock+0x28/0x50
[  338.549385][T12373]  ? d_make_persistent+0x10f/0x180
[  338.549416][T12373]  ? srso_alias_return_thunk+0x5/0xfbef5
[  338.549443][T12373]  fsnotify_mkdir+0x121/0x180
[  338.549477][T12373]  vfs_mkdir+0x78f/0x870
[  338.549512][T12373]  do_mkdirat+0x27d/0x4b0
[  338.549547][T12373]  ? __pfx_do_mkdirat+0x10/0x10
[  338.549577][T12373]  ? strncpy_from_user+0x150/0x2b0
[  338.549604][T12373]  ? srso_alias_return_thunk+0x5/0xfbef5
[  338.549628][T12373]  ? getname_flags+0x1e4/0x540
[  338.549653][T12373]  __x64_sys_mkdir+0x6c/0x80
[  338.549685][T12373]  do_syscall_64+0xe2/0xf80
[  338.549707][T12373]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.549728][T12373]  ? trace_irq_disable+0x37/0x100
[  338.549752][T12373]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.549774][T12373] RIP: 0033:0x7fcb1b99aeb9
[  338.549793][T12373] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  338.549810][T12373] RSP: 002b:00007fcb1c8ea028 EFLAGS: 00000246 ORIG_RAX: 0000000000000053
[  338.549833][T12373] RAX: ffffffffffffffda RBX: 00007fcb1bc15fa0 RCX: 00007fcb1b99aeb9
[  338.549848][T12373] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000300
[  338.549862][T12373] RBP: 00007fcb1ba08c1f R08: 0000000000000000 R09: 0000000000000000
[  338.549876][T12373] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  338.549888][T12373] R13: 00007fcb1bc16038 R14: 00007fcb1bc15fa0 R15: 00007fffab05a528
[  338.549914][T12373]  </TASK>
[  339.296141][T11949] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  339.310048][T11949] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  339.321246][T11949] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  339.331337][T11949] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  339.432709][T11949] 8021q: adding VLAN 0 to HW filter on device bond0
[  339.451635][T11949] 8021q: adding VLAN 0 to HW filter on device team0
[  339.462551][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  339.469672][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  339.483885][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  339.491046][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  339.648505][T12025] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  339.659789][T12025] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  339.670008][T12025] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  339.689013][T12025] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  339.726179][T11949] 8021q: adding VLAN 0 to HW filter on device batadv0
[  339.789630][T11949] veth0_vlan: entered promiscuous mode
[  339.804991][T12025] 8021q: adding VLAN 0 to HW filter on device bond0
[  339.816683][T11949] veth1_vlan: entered promiscuous mode
[  339.834157][T12025] 8021q: adding VLAN 0 to HW filter on device team0
[  339.851985][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  339.859114][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  339.871687][   T50] bridge0: port 2(bridge_slave_1) entered blocking state
[  339.878801][   T50] bridge0: port 2(bridge_slave_1) entered forwarding state
[  339.925169][T11949] veth0_macvtap: entered promiscuous mode
[  339.939354][T11949] veth1_macvtap: entered promiscuous mode
[  339.968572][T11949] batman_adv: batadv0: Interface activated: batadv_slave_0
[  339.997729][T11949] batman_adv: batadv0: Interface activated: batadv_slave_1
[  340.020632][ T7382] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  340.030406][ T7382] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  340.040511][ T7382] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  340.066963][ T7382] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  340.114845][T11949] ieee80211 phy28: Selected rate control algorithm 'minstrel_ht'
[  340.151428][T12025] 8021q: adding VLAN 0 to HW filter on device batadv0
[  340.162378][ T3008] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  340.163394][T11949] ieee80211 phy29: Selected rate control algorithm 'minstrel_ht'
[  340.181648][ T3008] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  340.204504][ T3008] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  340.215203][ T3008] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  340.249785][T12025] veth0_vlan: entered promiscuous mode
[  340.261650][T12025] veth1_vlan: entered promiscuous mode
[  340.298896][T12025] veth0_macvtap: entered promiscuous mode
[  340.310552][T12025] veth1_macvtap: entered promiscuous mode
[  340.333949][T12025] batman_adv: batadv0: Interface activated: batadv_slave_0
[  340.351234][T12025] batman_adv: batadv0: Interface activated: batadv_slave_1
[  340.365555][ T7382] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  340.389640][ T7382] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  340.409119][ T7382] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  340.427691][ T7382] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  340.439461][T12025] ieee80211 phy30: Selected rate control algorithm 'minstrel_ht'
[  340.471131][ T7382] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  340.480957][T12025] ieee80211 phy31: Selected rate control algorithm 'minstrel_ht'
[  340.489972][ T7382] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  340.522364][   T50] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  340.531881][   T50] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50