last executing test programs:

1m23.590732144s ago: executing program 2 (id=168):
r0 = socket$inet6(0xa, 0x1, 0x8010000000000084)
bind$inet6(r0, &(0x7f00000000c0)={0xa, 0x4e21, 0x0, @empty}, 0x1c)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x14}}}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x7d, 0x0, 0x0)

1m23.23328342s ago: executing program 2 (id=171):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff})
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=@dellink={0x20, 0x11, 0x1, 0x70bd27, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, 0x8603, 0x40000}}, 0x20}}, 0x4000000)

1m23.047583043s ago: executing program 2 (id=175):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x972, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
getresgid(&(0x7f0000000600), &(0x7f0000000640), &(0x7f0000000680))

1m21.983641361s ago: executing program 2 (id=181):
syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file2\x00', 0x200000, &(0x7f00000000c0)=ANY=[], 0xbe, 0x1c0, &(0x7f0000000500)="$eJzs28uO0lAcx/FfKQXE+23jysSFbgRFN+7kAXwBdwQqIRY14gZiYnwU34Q38QUg0d2sppOWQlqmwBkYKJfvJ5mZfzj8zjlteqaniwrAyboX/rZkyQkr3/d/PZX08YOkfMaTA7BVvs59AKfK/pf1DABkY1y3w33A0JL+/v/ZHEU/juH+YVzPTYqSpFi+YJr/bYV/n+SlUSxfjLpcuX/5M8k/VzJ/44rjl+fy5RU5a5afHP+LZ8n8TUm3JN2WdEfSXUnBmb4v6UHK+K258R8bzh/YRHD1VTbNb9BBsHo+dTz3VVqjvTrvRPnX6c2xfyHD1C8UonzNcL6L8m/WzBejfKX51WultOfW7Bcwkct4/dvSmT+//t+b5/PL1z+AJXr9weeG57nfe8HNNixmnywqnLAoRj0s+3Jwd4x9IuMhKDItSilNTuJq2XZR2M2RBrevfTjhhsV01e5yLADHqvqj+63a6w9edrqNttt2v9Tevps+dofP5dWFT+cADlxycw4AAAAAAAAAAAAAAA7RQ0mP1gmavuAHAAAAYG9c7ztDjqTLTVkfIwAAAAAAAAAAAAAAAAAAAHAsLgIAAP//eUA+uA==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000040)='./file0\x00')
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file2\x00', 0x121140, 0x13d)

1m21.568072274s ago: executing program 2 (id=185):
r0 = syz_io_uring_setup(0x1f85, &(0x7f0000000340)={0x0, 0x0, 0x13580, 0x3}, &(0x7f0000000000), &(0x7f0000000300))
r1 = syz_clone(0x82001000, 0x0, 0x0, &(0x7f0000001840), 0x0, 0x0)
wait4(r1, 0x0, 0x40000000, 0x0)
ppoll(&(0x7f0000000040)=[{r0}], 0x1, 0x0, 0x0, 0x0)

1m20.82481754s ago: executing program 2 (id=190):
r0 = syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x124a, 0x80, 0x0, 0x52}, &(0x7f00000008c0)=<r1=>0x0, &(0x7f0000000900))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r0, 0x47f8, 0x0, 0x0, 0x0, 0x0)

1m20.097618983s ago: executing program 32 (id=190):
r0 = syz_io_uring_setup(0xbc3, &(0x7f0000001480)={0x0, 0x124a, 0x80, 0x0, 0x52}, &(0x7f00000008c0)=<r1=>0x0, &(0x7f0000000900))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r0, 0x47f8, 0x0, 0x0, 0x0, 0x0)

8.461790321s ago: executing program 0 (id=607):
r0 = socket(0x10, 0x803, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x4)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x61, 0x4000}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bond={{0x9}, {0x4}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x4000)

8.044711695s ago: executing program 0 (id=611):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x50, r1, 0x1, 0x70bd2c, 0xffffffff, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_KEY={0x34, 0x50, 0x0, 0x1, [@NL80211_KEY_IDX={0x5, 0x2, 0x6}, @NL80211_KEY_DATA_WEP40={0x9, 0xa}, @NL80211_KEY_DATA_WEP104={0x11, 0x1, "8e00000000000000005dfed183"}, @NL80211_KEY_TYPE={0x8, 0x7, 0x1}]}]}, 0x50}}, 0x40)

7.828874362s ago: executing program 0 (id=616):
syz_usb_connect(0x2, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0)

4.73872548s ago: executing program 3 (id=641):
r0 = socket(0x1, 0x1, 0x1)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nbd(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NBD_CMD_CONNECT(r1, &(0x7f00000027c0)={0x0, 0x0, &(0x7f0000002780)={&(0x7f0000000500)={0x3c, r2, 0x1, 0x70bd29, 0x25dfdbfb, {}, [@NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0x40d5}, @NBD_ATTR_SOCKETS={0x1c, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r0}}, {0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r0}}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000004}, 0x4000)

4.439062349s ago: executing program 3 (id=643):
getpid()
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x7, 0x4, 0x100, 0x4, 0x20}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x40804000, 0x0, 0x0, 0x0, 0x0, 0x0)

4.438436819s ago: executing program 0 (id=651):
syz_usb_connect(0x2, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000091c2f20c81403006c05010203010902"], 0x0)

3.853294934s ago: executing program 3 (id=648):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x40980, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x4)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000040)=0x32)

2.740173888s ago: executing program 4 (id=655):
r0 = socket$kcm(0x10, 0x2, 0x4)
close(r0)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x3, &(0x7f00000011c0)=[{&(0x7f0000000140)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea60864160af36514001ac00800060009000c00040005c00364bc24eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000000e4509c5bbcd72c6c953", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

2.580843018s ago: executing program 4 (id=657):
getpid()
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x7, 0x4, 0x100, 0x4, 0x20}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x40804000, 0x0, 0x0, 0x0, 0x0, 0x0)

2.084890122s ago: executing program 1 (id=659):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000240)={0x0, <r1=>0x0}, &(0x7f0000000280)=0x5)
setuid(r1)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000680)=ANY=[@ANYBLOB="b7000000df000000bfa300000000000007030000f8ffffff720af0fff8ffffff71a4f0ff000000005d040200000000001d400500000000004704000001ed000062030000000000f53e440000000000007a0a00fe00ffffffc3030000f1000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710e4d58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c500000057bd81cb2af0b176275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e5b5b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00c37dfca3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebba2c598b4fc72f526d8e8afcb9134658fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9a958f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f94fefe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a1074649c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c0dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6acdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c3bfd03aac93df8866fb010aec0e924d6b1594af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fed000000007baa5b6a686b50f0937f778af083e055f6138a757ebd0ed93517a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e70300000000000000fee18a22da19fcdb4c2890cda1f96b952511e34cb14ea4a10a6f1dbaa69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c25000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca485683252b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a0032f37ff559be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee07751532d5e7d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e2fa3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde20300accc5bd40a2968b59c93d35f8e42366fdef907000000f01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e015cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130b51d6c9b94c5513df2d85e8c01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933f638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb581012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef670000000000000000ba470bfe62fe2933082149d42e8a00000000000000003542591d17b5e8d9be772914cf4e3129e7929aa238bd99c3ddd895e33d8cf6c3d6cc883f0319aec94fb4cffde7a6d1fa1bcc03ead3912c2a68ca172adf3f9417207ea83d03a108d2ae15ee38c06dc98a0d1696b7c7fe142440776889154a93888972462439ae33b24c90e13c8f80d4e32716e96825d7bbdd97e4bae368d009b4611619a778f547fa1c92cc656a89728a6a1758b98fd27e1f5e1b446506d8947ca82bac7c2f00"/2663], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48)

2.053176436s ago: executing program 1 (id=660):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x4, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
shmat(0xffffffffffffffff, &(0x7f0000339000/0x4000)=nil, 0x5000)

1.914107244s ago: executing program 4 (id=661):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_serviced_recursive\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0xffffe000)
setresuid(0x0, 0xee00, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

1.772837112s ago: executing program 4 (id=662):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000880), 0x0, 0x0)
ioctl$TCSETS2(r0, 0x402c542b, &(0x7f0000000000)={0x6, 0xb, 0x10021da0, 0x0, 0x7f, "57220000007600020000000000f0ffffff00", 0xfffffffe, 0x81})
pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x80)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)={0x18})

1.647208698s ago: executing program 4 (id=663):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f0000000900)={[{@nodioread_nolock}, {@nodioread_nolock}, {@noquota}, {@delalloc}, {@journal_dev={'journal_dev', 0x3d, 0x9}}, {@nodioread_nolock}]}, 0x1, 0x5a3, &(0x7f00000002c0)="$eJzs3T1sG3UbAPDnznHTj7xv+krvK72gDhUgFamqk/QDClO7IipV6oDEApHjRlWcuIodaKJIpHuF6IAAdSkbDIwgBgbEwsjKwseMVNEIpKYDGDk+p2nqFCfEMcS/n3TJ/3939vP8fX7OvtOdHEDfOtr4k0Y8EREXk4jhdcsGIlt4tLneyvJi8f7yYjGJev3Sz0kkEXFvebHYWj/J/h+KiKWI+H9EfJWPOJ6uPeW+VqM6vzA1Xi6XZrP+SG366kh1fuHElenxydJkaebU8y+cOXv6zNjJsfXp3q+v7+W3NtYb3998+8Y3L92++fEnR5aK744ncS6GsmXrx7GTmq9JPs5tmH+6G8F6KOl1AmxLLqvzRin9L4Yjl1V9O/X1O4fBXUkP6KL6YER9zbom0AcSRQ99qvU9oHH825p28/vHnfPNA5BG3JXlxeJb0Yo/0Dw3EftXj00O/pI8dGTSON48vJuJsictXY+I0YGBR9//Sfb+277RnUiQrvryfHNDPbr907X9T7TZ/wy1zp3+Ra3930q2/1tpEz+3yf7vYocxfnv1xw82jX99MJ5sGz9Zi5+0iZ9GxOsdxr/1yudnN1tW/zDiWLSP35I8/vzwyOUr5dJo82/bGF8cO/Li5uOPOLhJ/OY52/2riawf/74sp7TD8X/29adPLT0m/rNPP377t3v9D0TEOx3G/8+9j17ebNmd68ndxreArW7/JPJxu8P4z507+l3WdNYQAAAAAAAAAAB2ULp6LVuSFtbaaVooNO/h/W8cTMuVau345crczETzmrfDkU9bV1oNN/tJoz+WXY/b6p/c0D+VywLmDqz2C8VKeaLHYwcAAAAAAAAAAAAAAAAAAIC/i0Mb7v//Nbd6///Gn6sG9qrNf/Ib2OvUP/Svh+s/6VkewO7z+Q99q67+oX+pf+hf6h/6l/qH/tW2/g/sfh7A7vP5D/1L/QMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChMdXvLy8WG/2Jgfm5qcobJyZK1anC9FyxUKzMXi1MViqT5VKhWJn+s+dLKpWrozEzd22kVqrWRqrzC69NV+ZmWr8pWsp3fUQAAAAAAAAAAAAAAAAAAADwzzO0OiVpISLf7KdpoRDxr4g4nERy+Uq5NBoR/46Ib3P5wUZ/rNdJAwAAAAAAAAAAAAAAAAAAwB5TnV+YGi+XS7PdawxkoTp71A+1ruYzsJWVI2JpZ9NoPOOWH5XPXsDubqY+aeQ6fB/2faOHOyUAAAAAAAAAAAAAAAAAAOhTD2767fQRv3c3IQAAAAAAAAAAAAAAAAAAAOhL6U9JRDSmY8PPDG1cui9Zya3+j4g3b11679p4rTY71ph/d21+7f1s/sle5A90qlWnaUQ06hgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4oDq/MDVeLpdmt9kY7GCdXo8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYDv+CAAA//9bQM66")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f0000000180)={0x17c04, 0xffffffffffffffff, 0x4a7a, 0x75ea, 0x2})

1.539868972s ago: executing program 3 (id=664):
syz_mount_image$vfat(&(0x7f0000000880), &(0x7f0000003200)='./file1\x00', 0x4604, &(0x7f0000003240)=ANY=[], 0x3, 0x335, &(0x7f0000000a40)="$eJzs3M9rG0cUwPEnWZYlGVs6lJYWiof20l4WW+25VBQbSgU1tlVqFwxre9UKbSWjFS4qpbZPvZbccwrkYHz0zZD4H/Alt+SSS266BHKICSEb9pf107asyJFjfz8QdjQzTzujGYW3i1f1X///s5i3tLxelXBMSUhE5EQkJWEJhPxj2C1HpdmOfD3+4vHni8srP2Wy2dkFpeYyS9+klVKTUw/++ifudzsck+PUav15+tnxx8ef1t8s/VGwVMFSpXJV6Wqt/LSqr5mG2ihYRU2pedPQLUMVSpZR8drLXnveLG9u1pRe2phIbFYMy1J6qaaKRk1Vy6paqSn9d71QUpqmqYmE4ALOgi7omT6j1wc8GlyRSiWjj4hIvKMltzeUAQEAgKFqz//DTkrfV/4vk27+73Ru5P/7XxxVx385mDx0Ylfrh9Fu+f+3T7z3asn/YyLST/5/Vy6R/3dmRLdLbm+h//wf18NUtKMq1PLKyf8T/vfXtfvb/rRbIP8HAAAAAAAAAAAAAAAAAAAAAOBDcGLbSdu2k8Ex+Nd4hMB/jRvprPUfE5GYs/o263+TLS6vSMx9cM9ZY/O/rdxWzjv6HY5ExBRDpiUpr9394HPKwZNHypGSh+a2G//KOY64LZm8FNz4GUlKqj3etud+zM7OKI8ff/qYUqI5Pi1J+ah7fLo13hn/9lYuKl992RSvSVIerUtZTNlw93Uj/t8ZpX74OdsWH/dOAgAAAADADaApFfIvn1Ot17/e9bumKdW93fuVkUzevU10xv0B7/p6uuv1eST5WWTYswcAAAAA4Hawan8XddM0KucU4nJxn/4Lkd46R9tqRs/rPNI0w17HE3VvZIi867zu9fipthSCP6RoaYr5lf2NJ5j/wNZrp7kmLD1ERdoHP+VUqEuefdefyGlNcNsoesbnLPOd7xM+ZyeMDmw/f3Ln/svBfUG+Owh2wMWdd/s9V6x917mF0av+fwcAAADA+9dI+oOa75ubQ0MZFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAt8yV/KRfW2HYcwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACui7cBAAD//5Oa+gc=")
mq_open(&(0x7f0000000040)=']\x00', 0xdd326361bc84707c, 0x4, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x9)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143042, 0x58)

1.47683241s ago: executing program 1 (id=665):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000600)={'team0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)=@ipv4_newroute={0x2c, 0x18, 0x119, 0x70bd26, 0x25dfdbff, {0x2, 0x20, 0x0, 0x40, 0x1f8, 0x1, 0xfe, 0x9, 0x1800}, [@RTA_OIF={0x8, 0x4, r2}, @RTA_NH_ID={0x8, 0x1e, 0x3}]}, 0x2c}}, 0x0)

1.348478986s ago: executing program 1 (id=666):
r0 = io_uring_setup(0x1530, &(0x7f0000000480)={0x0, 0xd498, 0x800, 0x8000002, 0x1d4})
futex_waitv(&(0x7f00000001c0)=[{0x6, &(0x7f0000000180)=0x6, 0x2}], 0x1, 0x0, &(0x7f0000000240)={0x77359400}, 0x1)
close_range(r0, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f00000005c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x10, &(0x7f0000000600)={[{@nobarrier}, {@stripe={'stripe', 0x3d, 0x800}}]}, 0x1, 0x4e6, &(0x7f00000000c0)="$eJzs3d9rW9cdAPDvla3MTpzZ2faQBZaYsZGELZIdL4nZQ5LB2J4C27J3z7NlYyxbxpKT2IThsOcxGGMb28v61JdC/4BCyZ9QCoH2PZTSEtokfehDWxVJV4nrSnZCJCuxPx84vuf+0P1+j4SOdO691g3gwBqNiKsR0RcRZyNiOF2eSUtsNkptu0cPb8/UShLV6vVPkkjSZc19Jen0SPqwgYj4w28j/pwkjQVblNc3FqeLxcJqOp+vLK3ky+sb5xaWpucL84XliYnxi5OXJi9MjnWsrZd//eG//v76by6//fOb96c+PvOXWr5D6bqt7eikxnOSjcEty/ojYrUbwXoo+wzbJHuQBwAAO6t9x/9eRPw4Ih7/t9fZAAAAAN1QvTIUXyQRVQAAAGDfytSvgU0yufRagKHIZHK5xjW8P4grUSyVKz+bK60tzzaulR2JbGZuoVgYS68VHolsUpsfr9efzp/fNj8REcci4p/Dg/X53EypONvrgx8AAABwQNTG+UOZRr02+Wy4Mf4HAAAA9pmRXicAAAAAdJ3xPwAAAOx/3x7/jzYmSf/eJwMAAAB02u+uXauVavP+17M31tcWSzfOzRbKi7mltZncTGl1JTdfKs3Xf7Nvabf9FUullV/E8tqtfKVQruTL6xtTS6W15cpU/b7eU4VnuU80AAAA0FnHTt19P4mIzV8O1kvNoXSdsTrsb5nn2zzpVh7A3uvrdQJAz7jAFw4uY3xgt4H9wB7lAQAAdM/pHz45/z8YW87/H73v2ADsd895/h/YR5z/h4Nr2/n///cqD2DvGeMDux0HaHv+/53O5wIAAHTHUL0kmVw6BhiKTCaXizhavy1ANplbKBbGIuK7EfHecPY7tfnxXicNAAAAAAAAAAAAAAAAAAAAAAAAAK+YajWJKgAAALCvRWQ+SiIiiYGI4Z8MbT8+cCj5fLg+jYib/7v+71vTlcrqeG35p0+WV/6TLj/fiyMYAAAAwHbNcXpzHA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnfTo4e2ZZtnLuA9+FREjreL3x0B9OhDZiDj8OIn+LY9LIqKvA/E370TE8Vbxk1paMZJmsT1+JiIGexz/SAfiw0F2t9b/XG31/svEaH3a+v3Xn5YX9WC0Xf+XedL/9bXp/47usu9D6fTEvTfzbePfiTjR37r/acZPXrD//dMfNzbarau+FnG65edP8o1Y+crSSr68vnFuYWl6vjBfWJ6YGL84eWnywuRYfm6hWEj/tozxjx+99dVO7T/cJv5Iu/YnjZyq1db7PLVt/st7tx5+v9WGScSDv6X1Fq//8Xbx0+f+p+nnQG396WZ9s1Hf6uQb757cqf2zbdq/2+t/pt1Otzn7+79+0Khln/ERAEA3ldc3FqeLxcLqq16pNeYlSKODldGXIw2Vg1npdc8EAAB02tMv/b3OBAAAAAAAAAAAAAAAAAAAAA6u5v//N3/LuRs/J7Y13kCzkiR73lYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJ18HQAA///4StFY")

1.300024223s ago: executing program 0 (id=667):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000140)='./file0\x00', 0x20108c0, &(0x7f0000000380)=ANY=[], 0xfe, 0x6178, &(0x7f000000ca40)="$eJzs3c1vHGcdB/DfvvqltLV6qEqEkJuWl1KaxEkJgQJtD3Dg0gPKFSVy3SoiBZQElFYWceULB078BSAkjghxRBz4A3rgyo0TJyLZSKCeGDT288TjzW7t1PHO2s/nIzkzv3lmvM/4u7Mv2Zl9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACI73/vByudiLj287RgKeIz0YvoRizU9XJELCwv5fX7EfFc7DTHsxExmIuot9/55+mIVyPio6citrbXV+vFFw/Zj+/+8e+/++ETb/3tD4Pz//3Tnd5rk9a7e/dX//nzvaPtMwAAAJSmqqqqk97mn0nv77ttdwoAmIr8/F8lefmpr3/9z7f+Mkv9UavVarV6CnVTNd69ZhERG81t6tcMPo4HgBNmIz5uuwu0SP5F60fEE213AphpnbY7wLHY2l5f7aR8O83ng+Xd9nwuyL78NzoPru+YND3I6Dkm07p/bUYvnpnQn4Up9WGW5Py7o/lf220fpvWOO/9pmZT/cPfSp+Lk/Huj+Y84Pfl3x+Zfqpx//5Hy78kfAAAAAABmWP7//6WWP/+dO/quHMonff67PKU+AAAAAAAAAMDjdtTx/x4w/h8AAADMrPq9eu03T+0tm/RdbPXyq52IJ0fWBwqTLpZZbLsfAAAAAAAAAAAAAFCS/u45vFc7EYOIeHJxsaqq+qdptH5UR93+pCt9/6FkbT/IAwDAro+eGrmWvxMxHxFXo7vzXX+DxcXFqppfWKwWq4W5/Hp2ODdfLTTe1+ZpvWxueIgXxP1hVf+y+cZ2TQe9Xz6offT31bc1rHqH6NhjMkh/zQnNLYUNAMnus9GWZ6RTpqqenvTiA/Zx/J9CS7HU9v2K2df23RQAAAA4flVVVZ30dd5n0vh+3bY7BQBMRX7+H/1c4Eh1d0J7xOP5/Wq1Wq1Wqz9V3VSNd69ZRMRGc5v6NYPh+AHghNmIj9vuAi2Sf9H6EfFc250AZlqn7Q5wLLa211c7Kd9O8/kgje+ezwXZl/9GZ2e7vP246UFGzzGZ1v1rM3rxzIT+PDulPsySnH93NP9ru+3DtN5x5z8tk/If7lwyV56cf280/xGnJ//u2PxLlfPvP1L+PfkDAAAAAMAMy///v+Tz37zLAAAAAAAAAHDibG2vr+brXvPn/58bs57rP0+nnH/nUfNfSPPyP9Fy/t2R/L88sl6vMX//zb3j/9/b66u/v/Ovz+bpYfOfyzOddM/qpHtEJ91Sp5+mR9m7h20OesP6lgadbq+fzvmpBu/EjbgZa3Fh37rd9PfYa1/Z1173dLCv/eK+9v5D7Zf2tQ/S9w5UC7n9XKzGT+JmvL3TXrfNHbD/8we0Vwe05/x7Hv+LlPPvN37q/BdTe2dkWrv/Yfeh4745HXc7b9z4/C8vHP/uHGgzeg/2ranev7Mt9Gfnb/LEMH52e+3WubvX79y5tRJpsm/pxUiTxyznP9j5mdt7/H9htz0/7jeP1/sfDh85/1mxGf2J+b/QmK/396Up960NOf9h+sn5v53axx//Jzn/ycf/yy30BwAAAAAAAAAAAAAAAD5JVVU7l4i+ERGX0/U/bV2bCQBMV37+r5K8XK1Wq9Vq9emrm6rxXm8WEfHX5jb1a4ZfjPtlAMAs+19E/KPtTtAa+Rcsf99fPX2x7c4AU3X7/Q9+dP3mzbVbt9vuCQAAAAAAAADwaeXxP5cb4z+/GBFLI+vtG//1zVg+6vif/TzzYIDRxzzQ9wSb3WGv2xhu/PnYGZ/73KTxv8/Gw+N/5zFxe839mGBwQPvwgPa5A9rnxy7dS2vshR4NOf/nG+Od1/mfGRl+vYTxX0fHvC9Bzv9s4/5c5/+lkfWa+Ve/nbn8Nw674mZ09+V//s57Pz1/+/0PXrnx3vV3195d+/GllZULly5fvnLlyvl3btxcu7D77/H0egbk/PPY184DLUvOP2cu/7Lk/L+QavmXJef/xVTLvyw5//x6T/5lyfnn9z7yL0vO/6VUy78sOf+vpFr+ZdnaXp+r83851fIvSz7+v5pq+Zcl5/9KquVflpz/uVTLvyw5//OpPkT+vh7+FMn550+4HP9lyfmvpFr+Zcn5X0y1/MuS87+UavmXJef/aqrlX5ac/9dSLf+y5Pwvp1r+Zcn5fz3V8i9Lzv9KquVflpz/N1It/7Lk/L+ZavmXJef/WqrlX5ac/7dSLf+y5Py/nWr5lyXn/51Uy78sOf/XUy3/sux9/78ZM2bM5Jm2H5kAAAAAAAAAAAAAgFHTOJ247X0EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP7PDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1Eaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwd3cxcp31GcDP7Ie9dggxEIKTGtgkJoRkya4/4g9aFxMI0AClQEKhH9iud20W/IXXLoEi2TRQImFUVFE1vWgLKGojVRVWxQWtKM1F1Y+r0l7Qm4qqElKjyqCAitRWNFvNnPd9PTM7OzPrHa9nz/v7Scnfu3Nmzpkz78zus/azAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECzO98897laURT1/xr/21IUL6r/edPklsbn3nCjjxAAAABYrf9r/P/5W9InDvZxpaZt/u5V//j1xcXFxeIDo787/qXFxXTBZFGMbyyKxmXR5X//YK15m+CJYqI20vTxSI/dj/a4fKzH5eM9Lt/Q4/KNPS6f6HH5khOwxKby5zGNG9ve+OOW8pQWtxbjjcu2d7jWE7WNIyPxZzkNtcZ1FsePFfPFiWKumGnZvty21tj+m3fW9/X2Iu5rpGlf2+or5IefOhqPoRbO8faWfV29zej7byomf/TDTx3943NXbu80e56Gltsrj/Peu+rH+ZnwmfJYa8XGdE7icY40Hee2Do/JaMtx1hrXq/+5/Tif7/M4R68e5ppqf8wnipHGn7/dOE9jzT/WS+dpW/jcf99dFMXFq4fdvs2SfRUjxeaWz4xcfXwmyhVZv436UnppMbaidXpnH+u0Pme3t67T9udEfPzvDNcbW+YYmh+m7396w5LHfaXrNKrf6+WeK+1rcNDPlWFZg3FdfLtxp5/suAa3h/v/qXuWX4Md106HNZjud9MavKvXGhzZMNo45vQg1BrXuboGd7RsP9rYU60xn7un+xqcPnfyzPTCJz75+vmTR47PHZ87tWvHjplde/bs27dv+tj8ibmZ8v/XeLaH3+ZiJD0H7grnLj4HXtu2bfNSXfzK4J6HE12eh1vath3083Cs/c7V1uYJuXRNl8+NR+snfeLSSLHMc6zx+Ny3+udhut9Nz8Oxpudhx68pHZ6HY308D+vbnLmvv+9Zxpr+63QM1+trwZamNdj+/Uj7Ghz09yPDsgYnwrr41/uW/1qwLRzvk1Mr/X5kdMkaTHc3vPbUP5O+35/Y1xid1uUd9Qtu2lCcX5g7+8DjR86dO7ujCGNNvKxprbSv181N96lYsl5HVrxeD86/6sk7Onx+SzhXE6+v/29i2ceqvs3uB7o/Vo2vbp3PZ8tndxZhDNhan89OX83r5zNlyS7ns77NZ6ZX/714yqVNr7/jy7z+xtz/Qrm/dFNPjI6Plc/f0XR2xltej1sfqrHGa1etse/np/t7PR4P/6316/GtXV6Pt7ZtO+jX4/H2Oxdfj2u9ftqxOu2P50RYJydmur8e17fZunOla3Ks6+vx3WHWwvl/XUgKKRc1rZ3l1m3a19jYeLhfY3EPret0V8v24yGb1ff1zM5rW6f33l3e1mi6d1et1TqdbNt20Os0vV4tt05rvX76dm3aH8+JsC5u3dV9nda3eXb36l87N8U/Nr12bui1BsdHN9SPeTwtwvL1fnFTXIMPFEeL08WJYrZx6YbGeqo19jX1YH9rcEP4b61fK7d2WYP3tm076DWYvo4tt/ZqY0vv/AC0P54TYV089WD3NVjf5i17B/u9673hM2mbpu9d23++ttzPvO5oO03X82de9eP8m73dfzZb3+bEvpXmzO7n6f7wmZs6nKf25+9yz6nZYm3O09ZwnFf2LX+e6sdT3+ZL+/tcTweLorjwsYcaP+8Nf7/y5+e/8/WWv3fp9Hc6Fz720A9uPva3Kzl+ANa/F8qxufxa1/Q3U/38/T8AAACwLsTcPxJmIv8DAABAZcTcH/9VeCL/AwAAQGXE3D8WZpJJ/t/6livzL1woUjN/MYiXp9PwSLld7LjOhI8nF6+qf/6hp+d+/JcX+tv3SFEUP3nkNzpuv/WReFylyXCclx9u/fzSK17oa/+HH7u6XXN//cvh9uP96XcZdKrgzhRF8c1bvtDYz+QHLzXms48cbsz3Xnzyifo2z+8vP47Xf+5l5fZ/EMq/B48dabn+c+E8fC/MmXd0Ph/xel+79Lpte99/dX/xerW7Xty42099qLzd+HtyvvhEuX08z8sd/199/pmv1bd//DWdj//CSOfjfybc7tMPX5mvr7j/eWW5ffNjUP84Xu+z4fjj/p4O13/gq9/qePyXP1duf+at5XaHw4z7vzd8vP2tV+abz9fjtSMt96t4W7ld3P/Md367cXm8vXj77cc/cehSy/loXx/P/nN5O9Nt28fPx/1Ef9G2//rtNK/PuP9nfutwy3nutf/L733ulfXbbd///W3bjbZdv/03Nv3hZ7/QcX/xeA7+2ZmW+3PwPeF5HPb/1IfCegyX/+/lL7TsNzr8ntbXn7j9l7dcaLk/0dt/VO7/8huPN+Z/TP7492960c0vvvjq+rkrim+/r7y9Xvs//kenW47/K7fd13g84uWxo9++/+XE/Z/9+NSp0wvn52ebzmrjd+e8szyejRObNteP95bw2tr+8aHT5z48d3ZyZnKmKCar+yv0rtlXw/xBOS6u9Pr3PRYezzt+75ub7/mnz8fP/8uj5ecvvaP8uvXasN0Xw+e3lI/fYm2V+3/qztsaz+/as+XHLT32Adi2/T/39bVhuP/t3xfE9X7m5R9unIf6ZY2vG/F5vcrj/+5seTvfCOd1Mfxm5rtuu7q/5u3j70a49L7y+b7q8xde5uLj+ifh8X7X98rbj8cV7+93w/cx39ra+noX18c3Loy0337jt3hcDK8nxcXy8rhVPN+Xnr+t4+HF30NSXLy98fHvpNu5fUV3czkLn1iYPjF/6vzj0+fmFs5NL3zik4dOnj5/6tyhxu/yPPSRXte/+vq0ufH6NDu3Z3cxs6koitPFzBq8YF2f46//qb/jP/PY0dm9M/fMzh07cv7YucfOzJ09fnRh4ejc7MI9R44dm/t4r+vPzx7YsXP/rr07p47Pzx7Yt3//rv1T86dO1w+jPKge9sx8dOrU2UONqywc2L1/x4MP7p6ZOnl6du7A3pmZqfO9rt/42jRVv/avT52dO3Hk3PzJuamF+U/OHdixf8+enT1/G+DJM8cWJqfPnj81fX5h7ux0eV8mzzU+Xf/a1+v6VNPCv5Xfz7arlb+Ir3j3/XvS72ete/rTy95UuUnbLxC9En4XzT+85My+fj6OuX88zCST/A8AAAA5iLl/Q5iJ/A8AAACVEXP/xjAT+R8AAAAqI+b+iTCTTPK//r/+f3/9//LyQfb/O/XnC/3/oer/n/lY2Std7/3/2J/X/8/DDe7/r3r/+v/6/9Xr//ffn1/vx6//r//PUsPW/4+5f1NRZJn/AQAAIAcx928OM5H/AQAAoDJi7r8pzET+BwAAgMqIuf9FYSaZ5H/9/776/zt7Fa6q3/8f/Pv/6//r/69J/z8+OPr/2Vhx//79j7Z8qP8f6P/r/+v/6//r/7Nq48tecqP6/zH33xxmkkn+BwAAgBzE3P/iMBP5HwAAACoj5v5bwkzkfwAAAKiMmPu3hJlkkv/1/73/v/6//n+l+/+rff//poPR/18fvP9/d/r/PVxz/39C/3899v/HB3v8w93/73n4+v9cF8P2/v8x978kzCST/A8AAAA5iLn/pWEm8j8AAABURsz9Lwszkf8BAACgMmLuvzXMJJP8r/+v/6//r/+v/995/73f/7/8k/7/cNH/707/vwfv/59X/3/Axz/c/f9Bv///+MPt19f/p5Nh6//H3P/yMJNM8j8AAADkIOb+28JM5H8AAACojJj7XxFmIv8DAABAZcTcvzXMJJP8r/+v/6//r/+v/995/737/yX9/+Gi/9+d/n8P+v/6//r//fX/O3zzq/9PJ8PW/4+5//Ywk0zyPwAAAOQg5v47wkzkfwAAAKiMmPt/KsxE/gcAAIDKiLl/W5hJJvlf/1//X/8/r/7//Rv0//X/q03/vzv9/x70//X/9f/7fP//pVbS/9/Y68aojGHr/8fc/8owk0zyPwAAAOQg5v5XhZnI/wAAAFAZMfe/OsxE/gcAAIDKiLl/Mswkk/yv/1+t/v+f/vVTry70//X/e+y/ov3/uAz0/zOn/9+d/n8P+v/6//r/a9L/Jx/D1v+Puf/OMJNM8j8AAADkIOb+u8JM5H8AAACojJj77w4zkf8BAACgMmLu3x5mkkn+1/+vVv8/0v/X/++2/4r2/xP9/7zp/3fQ9CTV/+9B/1//P/v+f/zuV/+fwRi2/n/M/a8JM8kk/wMAAEAOYu6/J8xE/gcAAIDKiLn/tWEm8j8AAABURsz994aZZJL/9f/1//X/9f/1/zvvX/9/fdL/726l/f8N+v/6//r/mfX/vf8/gzVs/f+Y+18XZpJJ/gcAAIAcxNx/X5iJ/A8AAACVEf/9ZvnvXuV/AAAAqKKY+6fCTDLJ//r/+v859f9r+v/6//r/laf/3533/+9B/1//X/9f/5+BGrb+f8z9rw8zyST/AwAAQA5i7n8gzET+BwAAgMqIuX86zET+BwAAgMqIuX8mzCST/K//r/+fU//f+//r/+v/V5/+f3f6/z3o/+v/V63/XxT6/9xQw9b/j7l/R5hJJvkfAAAAchBz/84wE/kfAAAAKiPm/l1hJvI/AAAAVEbM/bvDTDLJ//r/+v/6//r/+v+d96//vz7p/3en/9+D/r/+f9X6/97/nxts2Pr/Mfc/GGaSSf4HAACAHMTcvyfMRP4HAACAyoi5f2+YScj/nf5dNwAAALC+xNy/L8wkk7//1/+vSP//N/++Zd/6//r/3fY/mP7/Jv3/MPX/h0tF+//tT4trpv/fg/7/devPFyMDOcQbdvz6//r/XJth6//H3L8/zCST/A8AAAA5iLn/DWEm8j8AAABURsz9Px1mIv8DAABAZcTc/zNhJpnkf/3/ivT/2+j/6/9327/3/9f/r7KK9v8HplL9/xH9//XU//f+//r/va5PNV3//n/8U3/9/5j7D4SZZJL/AQAAIAcx9/9smIn8DwAAAJURc/8bw0zkfwAAAKiMmPsPhplkkv/1//X/9f/1/69P//+NRbth7P/XF4/+f7UMcf9/vJ/96/97/3/9/zU5/vYvNQM5fv1//X+WGrb3/4+5/01hJpnkfwAAAMhBzP0PhZnI/wAAAFAZMfe/OcxE/gcAAIDKiLn/LWEmmeR//X/9f/1//X/v/995//r/69MQ9//7ov+v/6//v36PX/9f/5+lhq3/H3P/w2EmmeR/AAAAyEHM/W8NM5H/AQAAoDJi7n9bmIn8DwAAAJURc//bw0wyyf/6//r/+v/6//r/nfev/78+6f93p//fg/6//r/+v/4/AzVs/f+Y+38uzCST/A8AAAA5iLn/kTAT+R8AAAAqI+b+d4SZyP8AAABQGTH3vzPMJJP8r/+v/6//r/+v/995//r/65P+f3f6/z3o/+v/6//r/zNQw9b/j7n/XWEmmeR/AAAAyEHM/T8fZiL/AwAAQGXE3P/uMBP5HwAAACoj5v5fCDPJJP/r/+v/D1f/f/FC8/X0//X/i0H1/+tX0v/Pgv5/d/r/PXTo/2/U/9f/1//X/+eaDVv/P+b+94SZZJL/AQAAIAcx9783zET+BwAAgMqIuf99YSbyPwAAAFRGzP2Phplkkv/1/7Ps/6e7PHz9f+//r//v/f/1/1dH/787/f8evP+//r/+v/4/AzVs/f+Y+x8LM8kk/wMAAEAOYu5/f5iJ/A8AAACVEXP/L4aZyP8AAABQGTH3fyDMJJP8r/+fZf9/iN//v2r9/7GW9ZFT/3+i6fFM61L/X/9/Dej/d6f/34P+v/7/MPf/w2retMz19f8ZRsPW/4+5/4NhJpnkfwAAAMhBzP2/FGYi/wMAAEBlxNz/y2Em8j8AAABURsz9vxJmkkn+r2D//2Kh/6//PzT9/9b1kVP/3/v/L6X/vzb0/7vT/+9B/1//f5j7/z3o/zOMhq3/H3P/r4aZLBv8fvBffdxNAAAAYIjE3P+hMJNM/v4fAAAAchBz/6EwE/kfAAAAKiPm/sNhJpnk/wr2/1f5/v/xHVX1//X/B93/H9H/1//X/18Dg+v/v+LmotD/1//X/9f/1//X/2c1hq3/H3P/kTCTTPI/AAAA5CDm/l8LM5H/AQAAoDJi7j8aZiL/AwAAQGXE3D8bZpJJ/r+B/f/x4ez/e///a+3//0T/3/v/B/r/nen/rw3v/9+d/n8P+v/6//r/+v8M1LD1/2PunwszyST/AwAAQIWlHwfH3H8szET+BwAAgMqIuf94mIn8DwAAAJURc/+Hw0wyyf/e/1//3/v/34j+/1jL9vr/Jf1//f9B0P/vTv+/B/1//X/9f/1/BmrY+v8x98+HmWSS/wEAACAHMfd/JMxE/gcAAIDKiLn/o2Em8j8AAABURsz9J8JMMsn/+v/6/7n3/2tFcdH7/+v/d9q//v/6pP/fnf5/D/r/+v/6//r/DNSw9f9j7j8ZZpJJ/gcAAIAcxNx/KsxE/gf4f/buo0mu87rjcJsmEVb2R/DaKy/tFf0RvPXOVV67nOhsiaRylqicA5VzzonKOedM5RypSKkKKg7OOcBgGvciNKbvfc/zbI6BIjwNckjX36hfvQAAMIzc/f8ct9j/AAAAMIzc/f8StzTZ//p//X/3/n+zl/f/D//1+v+z9P/6/1040t9fv/2vu1gUftH+/6/++qZ/0P/r//X/k/T/+n/9PxdaWv+fu/9f45Ym+x8AAAA6yN3/b3GL/Q8AAADDyN3/73GL/Q8AAADDyN1/U9zSZP/r//X/+n/9/6H+/w79v/5/3bz/P03/P0P/r//X/+v/2aml9f+5+/8jbmmy/wEAAKCD3P3/GbfY/wAAADCM3P3/FbfY/wAAADCM3P3/Hbc02f/6f/2//n8t/f8J7/9f8PvR/+v/t9H/T9P/z9D/6//1//p/dmpp/X/u/v+JW5rsfwAAAOggd///xi32PwAAAAwjd///xS32PwAAAAwjd///xy1N9r/+X/+v/19L/39M7//r//X/K3f75tx/E/T/R+n/Z8z0/5uN/n/KJffz23976/n8F6H/1/9z1NL6/9z994pb/nazOXGlv0kAAABgUXL33ztuafLn/wAAANBB7v6b4xb7HwAAAIaRu/+WuKXJ/tf/6//1//p//f/2r6//Xyfv/0+7+v7/L//8n/6xb//v/f9p3v/fdf9/z3eG/p91W1r/n7v/1rilyf4HAACADnL33ydusf8BAABgGLn77xu32P8AAAAwjNz994tbmux//f9o/f+fHvp15/X/B7WL/l//r//X/49O/z/N+/8zDv4zd7p+qP/X/3v/X//P1Vla/5+7//5xS5P9DwAAAB3k7n9A3GL/AwAAwDBy9z8wbrH/AQAAYBi5+x8UtzTZ//r/0fr/w7/O+//6/21fX/+v/x+Z/n+a/n/GKO//X+F3zb77+au178+v/9f/c9TS+v/c/Q+OW5rsfwAAAOggd/9D4hb7HwAAAIaRu/+hcYv9DwAAAMPI3f+wuKXJ/tf/6//X0f/nV9D/6/+vff+f9P/rpP+fpv+fMUr/f4X23c+v/fPr//X/HLW0/j93/8Pjlib7HwAAADrI3f+IuMX+BwAAgGHk7n9k3GL/AwAAwDBy9z8qbmmy//X/+v919P/e/9f/e/9f/39p9P/T9P8z9P/6f/2//p+dWlr/n7v/trilyf4HAACADnL3Pzpusf8BAABgGLn7HxO32P8AAAAwjNz9j41bmux//b/+X/+v/9f/b//6+v910v9P0//PaN7/b27R/+v/9f/s1oL6//N+1anN4+KWJvsfAAAAOsjd//i4xf4HAACAYeTuf0LcYv8DAADAMHL3PzFuabL/9f+L6f8Pcr6x+v/Tm81G/79p2v+fPu+fZ31f6v/1/8dA/z9N/z+jef+/735+7Z9f/6//56gF9f8HP87d/6S4pcn+BwAAgA5y9z85brH/AQAAYBi5+58St9j/AAAAMIzc/U+NW5rsf/3/Yvr/A2P1/97/v/D7o1P/7/3/o/T/x0P/P03/P0P/r//X/+v/2aml9f+5+58WN5244Yp/iwAAAMDC5O5/etzS5M//AQAAoIPc/c+IW+x/AAAAWKnbjvxM7v5nxi1N9r/+f7f9/4nzfk7/r/+/8PtD/6//1/9fe/r/afr/Gfp//b/+X//PTi2t/8/d/6y4pcn+BwAAgA5y998et9j/AAAAMIzc/c+OW+x/AAAAGEbu/ufELU32v/7f+//6f/3/XP9/7jlU/b/+f/n0/9P0/zP0//r//fb/J8/9j/p/xnAZ/f+ZM2duvub9f+7+58YtTfY/AAAAdJC7/3lxi/0PAAAAw8jd//y4xf4HAACAYeTuf0Hc0mT/6/+b9v/5rb6u/v+WzUb/7/1//b/+f5r+f5r+f4b+X//v/X/9Pzu1tPf/c/e/MG5psv8BAACgg9z9L4pb7H8AAAAYRu7+F8ct9j8AAAAMI3f/S+KWJvtf/9+0//f+v/5f/3/c/f/dG/3/sVhF/3/64l9/6f3/rfp//f+Edv3/3/3NoR/q//X/HLW0/j93/0vjlib7HwAAADrI3f+yuMX+BwAAgGHk7n953GL/AwAAwDBy978ibrq+yf7X/+v/9f/6f/3/9q9/zO//n9hsNvr/HVhF/z9h6f3/bt7/v/Df8nP0//r/NX9+/b/+n6OW1v/n7n9l3NJk/wMAAEAHuftfFbfY/wAAADCM3P2vjlvsfwAAABhG7v7XxC1N9r/+X/+v/9f/D9//37qK/t/7/zui/5+2jP7/4vT/+v81f379v/6fS7ev/j93/2vjlib7HwAAADrI3f+6uMX+BwAAgGHk7n993GL/AwAAwDBy978hbmmy//X/+v/L6f/zc+r/x+r/Ty6u/z916H9fk/f/9f87ov+fpv+fof/X/+v/b9P/s0tLe/8/d/8b45Ym+x8AAAA6yN3/prj1/7q1/wEAAGAYufvfHLfY/wAAADCM3P1viVua7H/9v/7f+//6/+Hf/9f/t6L/n6b/n6H/1//r/73/z04trf/P3f/WuKXJ/gcAAIAOcve/LW6x/wEAAGAYufvfHrfY/wAAADCM3P13xC1N9r/+X/+v/9f/6//P/jPU/49B/z/tePr/0/p//X/1838S/xbo//X/c7+eMS2t/8/d/464pcn+BwAAgA5y978zbrH/AQAAYBi5+98Vt9j/AAAAsErXb/m53P3vjlua7H/9v/5f/6//1/9v//r6/3XaS/+f3xT6f+//hz79/18c+tHa3v+/8P9+6f/1/+ze0vr/3P3viVua7H8AAADoIHf/e+MW+x8AAACGkbv/fXGL/Q8AAADDyN3//rilyf7X/+v/9f/6f/3/9q+v/18n7/9P0//P0P/v9f38tX9+/b/+n6OW1v/n7v9A3NJk/wMAAEAHufs/GLfY/wAAADCM3P0filvsfwAAABjGwe7PuKzh/tf/6//1//p//f/2r6//Xyf9/zT9/wz9v/5f/6//Z6eW1v9/+OBXndp8JG5psv8BAACgg9z9H41b7H8AAAAYRu7+j8Ut9j8AAAAMI3f/x+OWJvtf/6//X0f/f+bMmZv1//r/w7+fc/3/nfp/iv5/mv5/hv5f/6//1/+zU0vr/3P3fyJuabL/AQAAoIPc/Z+MW+x/AAAAGEbu/k/FLfY/AAAADCN3/6fjlib7X/+/gP7/lP7f+//6/433/4/2/9ed/Y+y/v/y6P+n6f9njNj/n7r03/6++/mrte/Pr//X/3PU0vr/3P2fiVua7H8AAADoIHf/Z+MW+x8AAACGkbv/c3GL/Q8AAADDyN3/+bilyf7X/x9f/3/P37su7/+f3mz//Pp//b/+3/v/15r+f5r+f8aI/f9l2Hc/v/bPr//X/3PU0vr/3P1fiFsOD78bLu93CQAAACxJ7v4vxi1N/vwfAAAAOsjd/6W4xf4HAACAYeTu/3Lc0mT/6/8X8P7/gP2/9/+3f3/o/xfd/1+n/x+D/n+a/n+G/l//r//fUf+f3836/+6W1v/n7v9K3NJk/wMAAEAHufu/GrfY/wAAADCM3P1fi1vsfwAAABhG7v4745bz9v+2tnsU+n/9v/5f/6//3/719f/rpP+fdqn9/8nN1fX/Sf+v/9f/d+3/vf/PWUvr/3P3fz1u8ef/AAAAsDo3XOTnc/d/I26x/wEAAGAYufu/GbfY/wAAADCM3P3filvuum5fH+lY6f/1//p//b/+f/vX1/+vk/5/mvf/Z+j/d9HP36j/H6P/32z0/1y9pfX/ufu/Hbf4838AAAAYRu7+78Qt9j8AAAAMI3f/d+MW+x8AAACGkbv/e3FLk/2v/9f/X2X/f5Bm6v/P0v+fpf/fTv9/PPT/0/T/M/T/3v/X/3v/n51aWv+fu//7cUuT/Q8AAAAd5O7/Qdxi/wMAAMAwcvf/MG6x/wEAAGAYuft/FLc02f976//jb7X+f/X9v/f/9f/6f/3/ouj/p+n/Z+j/9f/6f/0/O7W0/j93/4/jlib7HwAAADrI3f+TuMX+BwAAgGHk7v9p3GL/AwAAwDBy9/8sbmmy/73/r//X/+v/9f/bv77+f530/9P0/9vVPyj9v/5f/6//Z6eW1v/n7v953NJk/wMAAEAHuft/EbfY/wAAADCM3P13xS32PwAAAAwjd/8v45Ym+1//r//X/+v/9f/bv77+f530/9P22f///Z/Nf1nv/++9/8+PoP/X/+v/2Yml9f+5+38VtzTZ/wAAANBB7v5fxy32PwAAAAwjd/9v4hb7HwAAAIaRu/+3cUuT/T/T/5+sv1D/P0n/f/jz6/+3f3/o//X/+v9rT/8/zfv/M/T/3v/X/+v/2aml9f+5+38XtzTZ/wAAANBB7v674xb7HwAAAIaRu//3cYv9DwAAAMPI3f+HuKXJ/vf+/5r6/xv1//p//b/+X/8/Q/8/Tf8/Q/+v/9f/6//ZqaX1/7n7/xgAAP//RD5ONQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x101042, 0x137)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)
pwrite64(r0, &(0x7f0000000140)='2', 0xfdef, 0xfecc)

1.132752904s ago: executing program 3 (id=668):
syz_mount_image$jfs(&(0x7f0000000140), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='quota,errors=remount-ro,integrity,iocharset=cp932,nodiscard,nointegrity,grpquota\x00quota,resize,iocharset=iso8859-5,uid=', @ANYRESDEC, @ANYBLOB="2c726573697a653d3078303030303030303030303030303030332c713a5774613f726573697a652c7533727130303030303030303000303030303030303030342c736d61636b66736861743d6574002678f9edfbac5d6325f9002c00c9cd79b9b92293ea"], 0xfe, 0x61d3, &(0x7f0000008140)="$eJzs3c1vHGcdB/DfvvqltLV6qEqFkJuWl1KaxEkJgQJND3Dg0gPKFSVy3SoiBZQElFYWceULB078BSAkjghxRBz4A3rgyo0TJyLZSKCeGDT288TjzW7t1PHO2s/nIzkzv3lmvc/4u7MvmZl9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACI73/vByudiLj287RgKeIz0YvoRizU9XJELCwv5fX7EfFc7DTHsxExmIuob7/zz9MRr0XER09FbG2vr9aLLxyyH9/9499/98Mn3vrbHwbn/vunO73XJ6139+6v/vPne0fbZgAAAChNVVVVJ33Mfz59vu+23SkAYCry63+V5OWnvv71P9/6yyz1R61Wq9XqKdRN1Xj3mkVEbDRvU79ncDgeAE6Yjfi47S7QIvkXrR8RT7TdCWCmddruAMdia3t9tZPy7TRfD5Z32/O5IPvy3+g8uL5j0vQgo+eYTOvxtRm9eGZCfxam1IdZkvPvjuZ/bbd9mNY77vynZVL+w91Ln4qT8++N5j/i9OTfHZt/qXL+/UfKvyd/AAAAAACYYfn//5daPv47d/RNOZRPOv67PKU+AAAAAAAAAMDjdtTx/x4w/h8AAADMrPqzeu03T+0tm/RdbPXyq52IJ0fWBwqTLpZZbLsfAAAAAAAAAAAAAFCS/u45vFc7EYOIeHJxsaqq+qdptH5UR739SVf69kPJ2n6SBwCAXR89NXItfydiPiKupu/6GywuLlbV/MJitVgtzOX3s8O5+Wqh8bk2T+tlc8NDvCHuD6v6l803btd00Oflg9pHf199X8Oqd4iOPSaD9Nec0NxS2ACQ7L4abXlFOmWq6ulJbz5gH/v/KbQUS20/rph9bT9MAQAAgONXVVXVSV/n/Xw65t9tu1MAwFTk1//R4wJHqrsT2iMez+9Xq9VqtVr9qeqmarx7zSIiNpq3qd8zGI4fAE6Yjfi47S7QIvkXrR8Rz7XdCWCmddruAMdia3t9tZPy7TRfD9L47vlckH35b3R2bpdvP256kNFzTKb1+NqMXjwzoT/PTqkPsyTn3x3N/9pu+zCtd9z5T8uk/Ic7l8yVJ+ffG81/xOnJvzs2/1Ll/PuPlH9P/gAAAAAAMMPy//8vOf6bNxkAAAAAAAAATpyt7fXVfN1rPv7/uTHruf7zdMr5dx41/4U0L/8TLeffHcn/yyPr9Rrz99/c2///vb2++vs7//psnh42/7k800mPrE56RHTSPXX6aXqUrXvY5qA3rO9p0On2+umcn2rwTtyIm7EW5/et201/j732lX3tdU8H+9ov7GvvP9R+cV/7IH3vQLWQ28/GavwkbsbbO+1129wB2z9/QHt1QHvOv+f5v0g5/37jp85/MbV3Rqa1+x92H9rvm9Nx93Plxud/ef74N+dAm9F7sG1N9fadaaE/O3+TJ4bxs9trt87evX7nzq2VSJN9Sy9EmjxmOf/Bzs/c3vP/i7vt+Xm/ub/e/3D4yPnPis3oT8z/xcZ8vb0vT7lvbcj5D9NPzv/t1D5+/z/J+U/e/19poT8AAAAAAAAAAAAAAADwSaqq2rlE9EpEXErX/7R1bSYAMF1XIu5Fej9Qy8vVarVarVafvrqpGu+NZhERf23e5lJE/GLcLwMAZtn/IuIfbXeC1si/YPn7/urpS213Bpiq2+9/8KPrN2+u3brddk8AAAAAAAAAgE8rj/+53Bj/+aWIWBpZb9/4r2/G8lHH/+znmQcDjD7mgb4n2OwOe93GcOMvxM743Gcnjf99Jh4e/zuPidtrbscEgwPahwe0zx3QPj926V5aYy/0aMj5v9AY77zO//mR4ddLGP91dMz7EuT8zzQez3X+XxpZr5l/9duZy3/jsCtuRndf/ufuvPfTc7ff/+DVG+9df3ft3bUfX1xZOX/x0qXLly+fe+fGzbXzu/8eT69nQM4/j33tPNCy5Pxz5vIvS87/C6mWf1ly/l9MtfzLkvPP7/fkX5acf/7sI/+y5PxfTrX8y5Lz/0qq5V+Wre31uTr/V1It/7Lk/f+rqZZ/WXL+r6Za/mXJ+Z9NtfzLkvM/l+pD5O/r4U+RnH8+wmX/L0vOfyXV8i9Lzv9CquVflpz/xVTLvyw5/9dSLf+y5Py/lmr5lyXnfynV8i9Lzv/rqZZ/WXL+l1Mt/7Lk/L+RavmXJef/zVTLvyw5/9dTLf+y5Py/lWr5lyXn/+1Uy78sOf/vpFr+Zcn5v5Fq+Zdl7/v/zZgxYybPtP3MBAAAAAAAAAAAAACMmsbpxG1vIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyfHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh7+5i5Drr+4Gf2TevHUIMhODkb2CTmBCSJbu2E7/wb4oJrw1QCiQU+oLjetdmwW947RIokk0DJRJGpRVV04u2gFAbqaqIKi5oRWkuqr5clfaC3lRUlZAaVQEFVKS2otlq5jzP45nZ2Zld73h99jyfj2T/dmfOzDlz5szsftf+7gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHa3vnH+s42iKJp/Wn9tL4oXND/eOrW9ddnrrvUWAgAAAOv1v62/n7shXXBoFTdqW+ZvX/EPX19aWloq3j/6O+NfXFpKV0wVxfiWomhdFz31bx9otC8TPFZMNkbaPh8ZsPrRAdePDbh+fMD1EwOu3zLg+skB1y/bActsLX8e07qzXa0Pt5e7tLixGG9dt6vHrR5rbBkZiT/LaWm0brM0fqxYKE4U88Vsx/Llso3W8t+8tbmutxVxXSNt69rZPEJ++MmjcRsaYR/v6ljX5fuMvv+GYupHP/zk0T869+zNvebA3dBxf+V23nlbczs/HS4pt7VRbEn7JG7nSNt27uzxnIx2bGejdbvmx93b+dwqt3P08mZuqO7nfLIYaX387dZ+Gmv/sV7aTzvDZf91e1EUFy9vdvcyy9ZVjBTbOi4Zufz8TJZHZPM+mofSi4uxNR2nt67iOG3OuV2dx2n3ayI+/7eG242tsA3tT9P3PzWx7Hlf63EaNR/1Sq+V7mNw2K+VqhyD8bj4dutBP97zGNwVHv8n71j5GOx57PQ4BtPjbjsGbxt0DI5MjLa2OT0JjdZtLh+DuzuWH22tqdGaz9zR/xicOXfyzMzixz/x2oWTR47PH58/tXf37tm9+/YdOHBg5tjCifnZ8u8r3NvVt60YSa+B28K+i6+BV3ct236oLn15eK/DyT6vw+1dyw77dTjW/eAaG/OCXH5Ml6+Nh5o7ffLSSLHCa6z1/Ny1/tdhetxtr8Oxttdhz68pPV6HY6t4HTaXOXPX6r5nGWv702sbrtbXgu1tx2D39yPdx+Cwvx+pyjE4GY6Lf7lr5a8FO8P2Pj691u9HRpcdg+nhhvee5iXp+/3JA63R67i8pXnFdRPF+cX5s/c8euTcubO7izA2xEvajpXu43Vb22Mqlh2vI2s+Xg8tvOLxW3pcvj3sq8nXNv+aXPG5ai5z7z39n6vWV7fe+7Pj0j1FGEO20fuz11fz5v5MWbLP/mwu8+mZ9X8vnnJp2/vv+ArvvzH3P1+uL93VY6PjY+XrdzTtnfGO9+POp2qs9d7VaK37uZnVvR+Phz8b/X58Y5/34x1dyw77/Xi8+8HF9+PGoJ92rE/38zkZjpMTs/3fj5vL7Niz1mNyrO/78e1hNsL+f01ICikXtR07Kx23aV1jY+PhcY3FNXQep3s7lh8P2ay5rif3XNlxeuft5X2Npkd32UYdp1Ndyw77OE3vVysdp41BP327Mt3P52Q4Lm7c2/84bS7z9L3rf+/cGj9se++cGHQMjo9ONLd5PB2E5fv90tZ4DN5THC1OFyeKuda1E63jqdFa1/R9qzsGJ8KfjX6v3NHnGLyza9lhH4Pp69hKx15jbPmDH4Lu53MyHBdP3Nf/GGwu86b9w/3e9c5wSVqm7XvX7p+vrfQzr1u6dtPV/JlXczv/en//n802lzlxYK05s/9+ujtccl2P/dT9+l3pNTVXbMx+2hG289kDK++n5vY0l/niwVUeT4eKorjw0QdaP+8N/77yZ+e/8/WOf3fp9W86Fz76wA+uP/Y3a9l+ADa/58uxrfxa1/YvU6v5938AAABgU4i5fyTMRP4HAACA2oi5P/6v8ET+BwAAgNqIuX8szCST/L/jTc8uPH+hSM38pSBen3bDg+VyseM6Gz6fWrqsefkDX53/8V9cWN26R4qi+MmDv9Zz+R0Pxu0qTYXtfOrNnZcvv+GFVa3/kYcvL9feX/9SuP/4eFZ7GPSq4M4WRfHNGz7fWs/UBy615tMPPtKa77n4+GPNZZ47WH4eb//MS8rlfz+Ufw8dO9Jx+2fCfvhemLNv770/4u2+duk1O/e/7/L64u0at72w9bCf+GB5v/H35HzhsXL5uJ9X2v6//NyTX2su/+irem//hZHe2/9kuN+vhvnfLy+Xb38Omp/H230mbH9cX7zdPV/5Vs/tf+qz5fJn3lIu90iYcf13hs93veXZhfb99WjjSMfjKt5aLhfXP/ud32xdH+8v3n/39k8evtSxP7qPj6f/qbyfma7l4+VxPdGfd62/eT/tx2dc/5O/8UjHfh60/qfe88zLm/fbvf67u5Yb7bp9929s+oPPfL7n+uL2HPrTMx2P59C7w+s4rP+JD4bjMVz/P099vmO90SPv7nz/ict/afuFjscTve1H5fqfev3x1vz3qR//3nUvuP6FF1/Z3HdF8e33lvc3aP3H//B0x/Z/+aa7Ws9HvD529LvXv5K4/rMfmz51evH8wlzbXm397px3lNuzZXLrtub23hDeW7s/P3z63Ifmz07NTs0WxVR9f4XeFftKmD8ox8W13v6uh8PzecvvfnPbHf/4uXj5Pz9UXn7p7eXXrVeH5b4QLt9ePn9LjXWu/4lbb2q9vhtPl5939NiHYOeu/ziwqgXD4+/+viAe72de+qHWfmhe1/q6EV/X69z+786V9/ONsF+Xwm9mvu2my+trXz7+boRL7y1f7+vef+FtLj6vfxye73d+r7z/uF3x8X43fB/zrR2d73fx+PjGhZHu+2/9Fo+L4f2kuFheH5eK+/vSczf13Lz4e0iKize3Pv/tdD83r+lhrmTx44szJxZOnX905tz84rmZxY9/4vDJ0+dPnTvc+l2ehz886PaX35+2td6f5ub33VvMbi2K4nQxuwFvWFdn+5sfrW77zzx8dG7/7B1z88eOnD927uEz82ePH11cPDo/t3jHkWPH5j826PYLc/fv3nNw7/4908cX5u4/cPDg3oPTC6dONzej3KgB9s1+ZPrU2cOtmyzef+/B3ffdd+/s9MnTc/P375+dnT4/6Patr03TzVv/6vTZ+RNHzi2cnJ9eXPjE/P27D+7bt2fgbwM8eebY4tTM2fOnZs4vzp+dKR/L1LnWxc2vfYNuTz0t/mv5/Wy3RvmL+Ip33b0v/X7Wpq9+asW7Khfp+gWiz4bfRfP3LzpzYDWfx9w/HmaSSf4HAACAHMTcPxFmIv8DAABAbcTcvyXMRP4HAACA2oi5fzLMJJP8r/+v/7+6/n95vf5/Xv3/Mx8te6Wbvf8f+/P6/3m4xv3/da9f/1//v379/9X35zf79uv/6/+zXNX6/zH3by2KLPM/AAAA5CDm/m1hJvI/AAAA1EbM/deFmcj/AAAAUBsx978gzCST/K//v6r+/55Bhav69/+d/1//v9ic/f/45Oj/Z2PN/fv3PdTxqf5/oP+v/6//r/+v/8+6ja94TY/+f+tX81/t/n/M/deHmWSS/wEAACAHMfe/MMxE/gcAAIDaiLn/hjAT+R8AAABqI+b+7WEmmeR//X/n/9f/1/9ff/+/c42V6v+v9/z/bRuj/785OP9/f/r/A1xx/39S/38z9v/Hh7v91e7/D9x8/X+uiqqd/z/m/heFmWSS/wEAACAHMfe/OMxE/gcAAIDaiLn/JWEm8j8AAADURsz9N4aZZJL/9f/1//X/9f9rff7/9fb/+57/v/xI/79a9P/70/8fwPn/8+r/D3n7q93/H/b5/8ff3H17/X96qVr/P+b+l4aZZJL/AQAAIAcx998UZiL/AwAAQG3E3P+yMBP5HwAAAGoj5v4dYSaZ5H/9f/1//X/9f/3/3usf3P8v6f9Xi/5/f/r/A+j/6//r/6+u/9/jm9/O/n/8aqn/n7uq9f9j7r85zCST/A8AAAA5iLn/ljAT+R8AAABqI+b+/xdmIv8DAABAbcTcvzPMJJP8r/+v/6//n1f//+4J/X/9/3rT/+9P/38A/X/9f/3/VZ7/f7m1nP9/y6A7ozaq1v+Puf/lYSaZ5H8AAADIQcz9rwgzkf8BAACgNmLuf2WYifwPAAAAtRFz/1SYSSb5X/+/Xv3/P/mrJ15Z6P/r/w9Yf037//Ew0P/PnP5/f/r/A+j/6//r/29I/598VK3/H3P/rWEmmeR/AAAAyEHM/beFmcj/AAAAUBsx998eZiL/AwAAQG3E3L8rzCST/K//X6/+f6T/r//fb/017f8n+v950//voe1Fqv8/gP6//n/2/f/43a/+P8NRtf5/zP2vCjPJJP8DAABADmLuvyPMRP4HAACA2oi5/9VhJvI/AAAA1EbM/XeGmWSS//X/9f/1//X/9f97r1//f3PS/+9vrf3/Cf1//X/9/8z6/87/z3BVrf8fc/9rwkwyyf8AAACQg5j77wozkf8BAACgNuL/3yz/36v8DwAAAHUUc/90mEkm+V//X/8/p/5/Q/9f/1//v/b0//tz/v8B9P/1/ze0///9js/69P8n2g73Fen/U0VV6//H3P/aMJNM8j8AAADkIOb+e8JM5H8AAACojZj7Z8JM5H8AAACojZj7Z8NMMsn/+v/6/zn1/53/X/9f/7/+9P/70/8fQP9f/79u5/8vCv1/rqmq9f9j7t8dZpJJ/gcAAIAcxNy/J8xE/gcAAIDaiLl/b5iJ/A8AAAC1EXP/vWEmmeR//X/9f/1//X/9/97rr3j/v6H/35v+f3/6/wPo/+v/163/7/z/XGNV6//H3H9fmEkm+R8AAAByEHP/vjAT+R8AAABqI+b+/WEmIf/3+n/dAAAAwOYSc/+BMJNM/v1f/78m/f9f/7uOdev/6//3W/9w+v9b9f/DdP7/aqlp/7/7ZXHF9P8H0P/X/9f/1/9nqKrW/4+5/2CYSSb5HwAAAHIQc//rwkzkfwAAAKiNmPv/f5iJ/A8AAAC1EXP/T4WZZJL/9f9r0v/vov+v/99v/c7/r/9fZzXt/w9Nrfr/I/r/+v/V2n79f/1/lrv6/f/40er6/zH33x9mkkn+BwAAgBzE3P/TYSbyPwAAANRGzP2vDzOR/wEAAKA2Yu4/FGZSt/z/st4X6//r/+v/6/9fnf7/64tuVez/Nw8e/f960f/vr1b9f+f/1/+v2Pbr/+v/s1zVzv8fc/8bwkzqlv8BAAAgYzH3PxBmIv8DAABAbcTc/8YwE/kfAAAAaiPm/jeFmWSS//X/9f/1//X/nf+/9/r1/zcn/f/+9P8H0P/X/9f/1/9nqKrW/4+5/81hJpnkfwAAAMhBzP1vCTOR/wEAAKA2Yu5/a5iJ/A8AAAC1EXP/28JMMsn/+v/6//r/+v/6/73Xr/+/Oen/96f/P4D+v/6//r/+P0NVtf5/zP0/E2aSSf4HAACAHMTc/2CYifwPAAAAtRFz/9vDTOR/AAAAqI2Y+98RZpJJ/tf/1//X/9f/1//vvX79/81J/78//f8B9P/1//X/9f+5EltXuqJq/f+Y+98ZZpJJ/gcAAIAcxNz/s2Em8j8AAADURsz97wozkf8BAACgNmLu/7kwk0zyv/6//n+1+v9LF9pvp/+v/18Mq//fvJH+fxb0//vT/x+gR/9/i/6//r/+v/4/V6xq/f+Y+98dZpJJ/gcAAIAcxNz/njAT+R8AAABqI+b+94aZyP8AAABQGzH3PxRmkkn+1//Psv8/EnvL1ev/O/+//r/z/+v/r4/+f3/6/wM4/7/+v/6//j9DVbX+f8z9D4eZZJL/AQAAIAcx978vzET+BwAAgNqIuf/nw0zkfwAAAKiNmPvfH2aSSf7X/8+y/1/h8//Xrf8/1nF85NT/n2x7PtNxqf+v/78B9P/70/8fQP9f/7/K/f9wNG9d4fb6/1RR1fr/Mfd/IMwkk/wPAAAAOYi5/xfCTOR/AAAAqI2Y+38xzET+BwAAgNqIuf+Xwkwyyf/6//r/+v/O/+/8/73Xr/+/Oen/96f/P4D+v/5/lfv/A+j/U0VV6//H3P/LYSYrBr8f/OcqHiYAAABQITH3fzDMJJN//wcAAIAcxNx/OMxE/gcAAIDaiLn/kTCTTPK//n93/z+eUVX/X/9f/1//X/9/Mxpe//9l1xeF/r/+v/6//r/+v/4/61G1/n/M/UfCTDLJ/wAAAJCDmPt/JcxE/gcAAIDaiLn/aJiJ/A8AAAC1EXP/XJhJJvn/Gvb/x6vZ/3f+/yvt//9E/1//P9D/703/f2M4/39/+v8D6P/r/+v/6/8zVFXr/8fcPx9mkkn+BwAAgBpLPw6Ouf9YmIn8DwAAALURc//xMBP5HwAAAGoj5v4PhZlkkv+d/1//3/n/r0X/f6xjef3/kv6//v8w6P/3p/8/gP6//r/+v/4/Q1W1/n/M/QthJpnkfwAAAMhBzP0fDjOR/wEAAKA2Yu7/SJiJ/A8AAAC1EXP/iTCTTPK//r/+f+79/0ZRXHT+f/3/XuvX/9+c9P/70/8fQP9f/39T9f+f+K32z/T/qaKq9f9j7j8ZZpJJ/gcAAIAcxNx/Ksz/Y+8+miQ7szoOp0TbIAL4CKxZsYSV+Ahs2RHBmsAJ4ZGE9yC8N8J7GO9HMxrvNd6PxnursZqJqAlVn3PUVZV1b3dXduW973mezaE7upRZrZJafyp+c4v9DwAAAMPI3f8jcYv9DwAAAMPI3f+jcUuT/a//1/937/83e3n+/9Ffr/+/Rv+v/9+FE/39he2/7rQo/NT+/7u/5+4f1P/r//X/k/T/nv+v/+e4pfX/uft/LG5psv8BAACgg9z9Px632P8AAAAwjNz9PxG32P8AAAAwjNz9d8ctTfa//l//r//X/x/p/x/S/+v/183z/6fp/2fo//X/+n/9Pzu1tP4/d/9Pxi1N9j8AAAB0kLv/nrjF/gcAAIBh5O7/qbjF/gcAAIBh5O7/6bilyf7X/+v/9f9r6f8vef7/sc9H/6//30b/P03/P0P/r//X/+v/2aml9f+5+38mbmmy/wEAAKCD3P0/G7fY/wAAADCM3P0/F7fY/wAAADCM3P0/H7c02f9d+v9Hjv1Y/6//v/73ax39/zk9/1//r/9fuQc3T/47Qf9/kv5/xkz/v9no/6fccD+//dNbz/s/hf5f/89JS+v/c/f/QtzyfZvNpVv9JAEAAIBFyd3/i3FLk+//AwAAQAe5+++NW+x/AAAAGEbu/vvilib7v0v/f5z+X/9//e+X/l//v+319f/r5Pn/087e/3/Xd/zwD/Xt/z3/f5rn/++6/3/iK0P/z7otrf/P3X9/3NJk/wMAAEAHuft/KW6x/wEAAGAYuft/OW6x/wEAAGAYuft/JW5psv/1/6P1/99y5OOu6/8Paxf9v/5f/6//H53+f5rn/884/Nfc1fqh/l//7/n/+n/OZmn9f+7+X41bmux/AAAA6CB3/6/FLfY/AAAADCN3/6/HLfY/AAAADCN3/2/ELU32v/5/tP7/6Md5/n/1//d827Vfov/X/+v/B6f/n6b/nzHK8/9v8atm3/38Wd2u93+g/9f/c8uW1v/n7v/NuKXJ/gcAAIAOcvf/Vtxi/wMAAMAwcvf/dtxi/wMAAMAwcvf/TtzSZP/r//X/6+j/8xU8/1//f/v7/6T/Xyf9/zT9/4xR+v9bpP/3/H/9P7u2tP4/d//vxi1N9j8AAAB0kLv/9+IW+x8AAACGkbv/9+MW+x8AAACGkbv/D+KWJvtf/6//X0f/f+bn/+v/9f+e/9+E/n+a/n+G/l//r//X/7NTS+v/c/c/ELc02f8AAADQQe7+P4xb7H8AAAAYRu7+P4pb7H8AAAAYRu7+P45bmux//b/+X/9/hv7/wkb/r//X/y+M/n+a/n+G/l//r//X/7NTC+r/r/uoK5s/iVua7H8AAADoIHf/n8Yt9j8AAAAMI3f/n8Ut9j8AAAAMI3f/n8ctTfa//n8x/f9hzrfw/v/g5vr/q5vNZvD+3/P/T+3/r17397O+LvX/+v9zoP+fpv+fof/X/+v/9f/s1IL6/8Mf5+7/i7ilyf4HAACADnL3/2XcYv8DAADAMHL3/1XcYv8DAADAMHL3/3Xc0mT/6/8X0/8fWnj/7/n/+v8jf13P/79G/78s+v9p+v8Z+n/9v/5f/89OLa3/z93/N3HTpYu3/CkCAAAAC5O7/2/jlibf/wcAAIAOcvf/Xdxi/wMAAMBKPXDiZ3L3/33c0mT/6/932/9fuu7n9P/6/+NfH/p//b/+//bT/0/T/8/Q/+v/9f/6f3Zqaf1/7v5/iFua7H8AAADoIHf/g3GL/Q8AAADDyN3/j3GL/Q8AAADDyN3/T3FLk/2v//f8f/2//l//v/319f/rpP+fpv+fof/X/++3/7/85P+p/2cMN9H/Hxwc3Hvb+//c/f8ctzTZ/wAAANBB7v5/iVvsfwAAABhG7v5/jVvsfwAAABhG7v5/i1ua7H/9f9P+P7/U19X/37fZ6P/1//p//f80/f80/f8M/b/+3/P/9f/s1NKe/5+7/9/jlmPD786b+iwBAACAJcnd/x9xS5Pv/wMAAEAHufv/M26x/wEAAGAYufv/K25psv/1/037f8//1//r/8+7/398o/8/F6vo/6+e/vpL7//v1//r/ye06/+//3uP/FD/r/9v6fh/uB2ztP4/d/9/xy1N9j8AAAB0kLv/f+IW+x8AAACGkbv/f+MW+x8AAACGkbv//+KmC032v/5f/6//1//r/7e//jk////SZrPR/+/AKvr/CUvv/3fz/P/TY1H9v/5/ze9f/6//56Sl9f+5+/8/bmmy/wEAAKCD3P1PiVvsfwAAABhG7v6nxi32PwAAAAwjd//T4pYm+1//r//X/+v/h+//719F/+/5/zui/5+2jP7/dPp//f+a37/+X//PjdtX/5+7/+lxS5P9DwAAAB3k7n9G3GL/AwAAwDBy9z8zbrH/AQAAYBi5+58VtzTZ//p//f/N9P/5PvX/Y/X/lxfX/1858tdr8vx//f+O6P+n6f9n6P/1//r/B/T/7NLSnv+fu//ZcUuT/Q8AAAAd5O5/Ttz6f93a/wAAADCM3P3PjVvsfwAAABhG7v7nxS1N9r/+X//v+f/6/+Gf/6//b0X/P03/P0P/r//X/3v+Pzu1tP4/d//z45Ym+x8AAAA6yN3/grjF/gcAAIBh5O5/Ydxi/wMAAMAwcvc/FLc02f/6f/2//l//r/+/9vdQ/z8G/f+08+n/r+r/9f/Vz98R/xTo//X/cx/PmJbW/+fuf1Hc0mT/AwAAQAe5+18ct9j/AAAAMIzc/Q/HLfY/AAAArNKFLT+Xu/8lcUuT/a//1/+frf8/+rr6f/3/ZqX9/7bX1/+v0176//yi0P97/n/o0/9/55Efre35/8f//NL/6//ZvaX1/7n7Xxq3NNn/AAAA0EHu/pfFLfY/AAAADCN3/8vjFvsfAAAAhpG7/xVxS5P9r//X/3v+v/5f/7/99fX/6+T5/9P0/zP0//P9/Lb/Qa2wtv5/1+9f/6//56Sl9f+5+18ZtzTZ/wAAANBB7v5XxS32PwAAAAwjd/+r4xb7HwAAAIZxuPszLmu4//X/+n/9v/5f/7/99fX/66T/n6b/n6H/32s/v/b3r//X/3PS0vr/1xx+1JXNa+OWJvsfAAAAOsjd/7q4xf4HAACAYeTuf33cYv8DAADAMHL3vyFuabL/9f/6/3X0/wcHB/c26v/zHzT9/6H5/v9R/T9F/z9N/z9D/6//1//r/9mppfX/ufsfiVua7H8AAADoIHf/G+MW+x8AAACGkbv/TXGL/Q8AAADDyN3/5rilyf7X/y+g/7+i//f8f8//33j+v/5/R/T/0/T/M0bs/6/c+Ke/737+rPb9/vX/+n9OWlr/n7v/LXFLk/0PAAAAHeTuf2vcYv8DAADAMHL3vy1usf8BAABgGLn73x63NNn/+v/z6/+f+L3r8vz/q5vt71//r//X/+v/bzf9/zT9/4wR+/+bsO9+fu3vX/+v/+ek7P/vOPZn4r76/9z974hbjg6/i7fyuQIAAADLkLv/nXFLk+//AwAAQAe5+98Vt9j/AAAAMIzc/e+OW5rsf/3/Ap7/P2D/7/n/278+9P+L7v/v1P+PQf8/Tf8/Q/+v/99D/59/rozV/+dXs/6/u+z/j9tX/5+7/z1xS5P9DwAAAB3k7n9v3GL/AwAAwDBy978vbrH/AQAAYBi5+x+NW67b/9va7lHo//X/+n/9v/5/++vr/9dJ/z/tRvv/y5uz9f9J/6//1/97/r/+v7el9f+5+98ft/j+PwAAAKzOxVN+Pnf/B+IW+x8AAACGkbv/g3GL/Q8AAADDyN3/objlsTv39ZbOlf5f/z9E///wtx5+rP5f/7/R/7en/5/m+f8z9P+76Ofv0v+P0f9vNvp/zm5p/X/u/g/HLb7/DwAAAMPI3f+RuMX+BwAAgGHk7v9o3GL/AwAAwDBy938sbmmy//X/+v8z9v+Haebe+//4WP2//n+j/29P/z9N/z/jNvT/F4/+9Tv0/57/P0j/7/n/7MLS+v/c/R+PW5rsfwAAAOggd/8n4hb7HwAAAIaRu/+TcYv9DwAAAMPI3f+puKXJ/t9b/x+/1fr/1ff/y3j+f3ys/l//v9H/t6f/n6b/n+H5//p//b/+n51aWv+fu//TcUuT/Q8AAAAd5O7/TNxi/wMAAMAwcvd/Nm6x/wEAAGAYufs/F7c02f+e/6//1//r//X/219f/79O+v9p+v/t6m+U/l//r//X/7NTS+v/c/d/Pm5psv8BAACgg9z9X4hb7H8AAAAYRu7+x+IW+x8AAACGkbv/i3FLk/2v/9f/6//1//r/E69/10b/v1r6/2n77P9/4NvnX9bz//fe/+db0P/r//X/7MTS+v/c/V+KW5rsfwAAAOggd/+X4xb7HwAAAIaRu/8rcYv9DwAAAMPI3f/VuKXJ/p/p/y/XL9T/T9L/H33/+v/tXx/6/9X0/4f0/+uk/5/m+f8z9P+e/6//1/+zU0vr/3P3fy1uabL/AQAAoIPc/Y/HLfY/AAAADCN3/9fjFvsfAAAAhpG7/xtxS5P97/n/a+r/79L/6//1//p//f8M/f80/f+MZfX/J/7zQv+/7Pev/9f/c9LS+v/c/d8MAAD//yBlU3A=")
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={0xffffffffffffffff, 0x5, 0x3, 0x0, &(0x7f0000000000)="259a53", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)

975.851385ms ago: executing program 1 (id=669):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0xc008ae88, &(0x7f00000002c0)={0x2, 0x0, [{0x40000097, 0x0, 0x1}, {0x40000067, 0x0, 0x80000000}]})

561.418578ms ago: executing program 1 (id=670):
getpid()
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000007c0)=@base={0x7, 0x4, 0x100, 0x4, 0x20}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0x1b}}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x40804000, 0x0, 0x0, 0x0, 0x0, 0x0)

561.172758ms ago: executing program 4 (id=671):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file1\x00', 0x101880a, &(0x7f0000005a80)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c61636c2c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474722c6673796e635f6d6f64653d706f7369782c646973636172645f756e69743d7365676d656e742c6261636b67726f756e645f67633d6f6e2c6e6f696e6c696e655f78617474722c646973636172645f756e69743d626c6f636b2c6673796e635f6d6f64653d7374726963742c617467632c657874656e745f63616368652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303031343033302c00271d57a599b8b169a579679e220c689eaaec4fa6229021e75c68a687d319b615573b0b0ceefba8e2e2419434463974ef8174b66469344931de0ccad650792761"], 0x1, 0x550b, &(0x7f0000000540)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy")
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x14a408, 0x0, 0x0, 0x0, &(0x7f0000000000))
rename(&(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='./bus/file0\x00')

244.73µs ago: executing program 3 (id=672):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f00000000c0)={0x80000043, 0x0, 0x0, 0x3}, 0x10)
recvmmsg(r0, &(0x7f0000004d00)=[{{0x0, 0x0, &(0x7f0000002ec0)=[{&(0x7f0000001780)=""/174, 0xae}], 0x1}, 0xfffffe00}], 0x1, 0x40000000, 0x0)

0s ago: executing program 0 (id=673):
syz_mount_image$ext4(&(0x7f0000001280)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000240)={[{@minixdf}, {}, {@barrier_val={'barrier', 0x3d, 0x9}}, {@i_version}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@dioread_nolock}, {@nombcache}, {@noblock_validity}, {@nomblk_io_submit}]}, 0x0, 0x566, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9GajdN4o8KgvUiiBYLeq9LMg0lm27JbkoTC20P9uJFiiBiQfwDvHss/gP+FQUtFClBD14is5lNt81ukqYbN3U+H5j2vZnZvPnum+/bNzu7bACFNZL9U4p4OSK+SSIOt20bjHzjyOp+yw+vTWVLEisrn/2ZRJKva+2f5P8fzCsvRcSvX0WcKK1vt764NFupVtP5vD7WmLs8Vl9cOnlxrjKTzqSXJiYnT781OfHuO2/3LNbXz/39/ad3Pzr99fHl736+f+R2EmfiUL6tPY5ncKO9MhIj+XMyFGee2HG8B43tJkm/D4BtGcjzfCiyMeBwDORZD/z/XY+IFaCgEvkPBdWaB7Su7Xt0HfzcePDB6gXQ+vgHV98biX3Na6MDy8ljV0bZ9e5wD9rP2vjljzu3syU2eR/ieg/aA2i5cTMiTg0Orh//knz8275TzTePN/ZkG0V7/YF+upvNf97oNP8prc1/osP852CH3N2OzfO/dL8HzXSVzf/e6zj/XRu6hgfy2gvNOd9QcuFiNT0VES9GxGgM7c3qG93POb18b6Xbtvb5X7Zk7bfmgvlx3B/c+/hjpiuNyrPE3O7BzYhXOs5/k7X+Tzr0f/Z8nNtiG8fSO69227Z5/Dtr5aeI1zr2/6M7WsnG9yfHmufDWOusWO+vW8d+69b+6If9jT/r/wMbxz+ctN+vrT99Gz/u+yfttm275/+e5PNmeU++7mql0Zgfj9iTfLJ+/cSjx7bqrf2z+EePbzz+dTr/90fEF1uM/9bRW1137ff5n8U//VT9//SFex9/+UO39rfW/282S6P5mq2Mf1s9wGd57gAAAAAAAGC3KUXEoUhK5bVyqVQur36+42gcKFVr9caJC7WFS9PR/K7scAyVWne6D7d9HmI8/zxsqz7xRH0yIo5ExLcD+5v18lStOt3v4AEAAAAAAAAAAAAAAAAAAGCXONjl+/+Z3wf6fXTAjvOT31Bcm+Z/L37pCdiVvP5Dccl/KC75D8Ul/6G45D8Ul/yH4pL/UFzyHwAAAAAAAAAAAAAAAAAAAAAAAAAAAHrq3Nmz2bKy/PDaVFafvrK4MFu7cnI6rc+W5xamylO1+cvlmVptppqWp2pzm/29aq12eXwiFq6ONdJ6Y6y+uHR+rrZwqXH+4lxlJj2fDv0nUQEAAAAAAAAAAAAAAAAAAMDzpb64NFupVtN5ha6F92NXHMZOBrhqWw8f3C1RKHQt7NtG5/Z5YAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANv8GAAD//04mM/E=")
lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000180), &(0x7f00000001c0)=ANY=[], 0x361, 0x0)
lsetxattr$security_ima(&(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000100)=@md5={0x1, "5211eb8e5ce6935e9bbd76e32c4c956e"}, 0x11, 0x1)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)='system.posix_acl_access\x00', &(0x7f0000000540)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100000000000000020"], 0x24, 0x0)

kernel console output (not intermixed with test programs):

0.189773][ T5769] veth1_vlan: entered promiscuous mode
[   90.204205][ T5771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   90.217697][ T5771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.229760][ T5771] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.242472][ T5771] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.251482][ T5771] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.260394][ T5771] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.270814][ T5771] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.330992][ T5770] veth1_vlan: entered promiscuous mode
[   90.461594][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.478144][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.503000][ T5769] veth0_macvtap: entered promiscuous mode
[   90.547217][ T5769] veth1_macvtap: entered promiscuous mode
[   90.585925][ T5770] veth0_macvtap: entered promiscuous mode
[   90.598005][ T3462] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.601348][ T2985] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.620519][ T2985] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.632745][ T3462] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.645147][ T5770] veth1_macvtap: entered promiscuous mode
[   90.685123][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   90.697144][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.707817][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   90.719209][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.733829][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_0
[   90.747411][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   90.766314][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.776515][ T5769] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   90.787377][ T5769] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.808501][ T5769] batman_adv: batadv0: Interface activated: batadv_slave_1
[   90.831320][ T5769] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   90.847258][ T5769] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   90.857241][ T5769] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   90.867871][ T5769] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   90.898782][ T3446] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   90.917934][ T3446] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   90.931847][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   90.946729][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.958284][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   90.969473][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   90.979657][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   90.993423][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.015749][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_0
[   91.073664][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   91.098447][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.108655][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   91.119561][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.129567][ T5770] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   91.140505][ T5770] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   91.152654][ T5770] batman_adv: batadv0: Interface activated: batadv_slave_1
[   91.191392][ T5770] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   91.209408][ T5770] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   91.218394][ T5770] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   91.230720][ T5770] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   91.274153][ T5784] Bluetooth: hci0: command tx timeout
[   91.309033][ T3462] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.333386][ T3462] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.354475][ T5784] Bluetooth: hci3: command tx timeout
[   91.376166][ T5825] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   91.427912][ T5865] process 'syz.1.2' launched './file1' with NULL argv: empty string added
[   91.438077][ T5784] Bluetooth: hci2: command tx timeout
[   91.443601][ T5777] Bluetooth: hci1: command tx timeout
[   91.472426][ T3446] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.501245][  T145] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.509473][  T145] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.512291][ T3446] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.574496][ T2985] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   91.594479][ T2985] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   91.660171][ T5825] usb 1-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   91.695303][ T5825] usb 1-1: config 1 has an invalid descriptor of length 48, skipping remainder of the config
[   91.739615][ T5825] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 66
[   91.773754][ T5825] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 48, changing to 9
[   91.815865][ T5825] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8240, setting to 1024
[   91.862521][ T5870] syz.3.4[5870]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   91.876036][ T5870] loop3: detected capacity change from 0 to 8
[   91.897941][ T5825] usb 1-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   91.922701][ T5825] usb 1-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   91.931640][ T5825] usb 1-1: Product: syz
[   91.941820][ T5825] usb 1-1: Manufacturer: syz
[   91.972486][ T5825] cdc_wdm 1-1:1.0: skipping garbage
[   91.999207][ T5825] cdc_wdm 1-1:1.0: skipping garbage
[   92.006937][ T5869] loop1: detected capacity change from 0 to 128
[   92.029955][ T5825] cdc_wdm 1-1:1.0: cdc-wdm0: USB WDM device
[   92.042178][ T5869] VFS: Found a Xenix FS (block size = 512) on device loop1
[   92.068446][ T5825] cdc_wdm 1-1:1.0: Unknown control protocol
[   92.095326][    T9] cfg80211: failed to load regulatory.db
[   92.248153][ T5768] sysv_free_block: trying to free block not in datazone
[   92.274553][ T5768] sysv_free_inode: inode 0,1,2 or nonexistent inode
[   92.309613][ T5872] loop2: detected capacity change from 0 to 8192
[   92.344819][ T5872] =======================================================
[   92.344819][ T5872] WARNING: The mand mount option has been deprecated and
[   92.344819][ T5872]          and is ignored by this kernel. Remove the mand
[   92.344819][ T5872]          option from the mount to silence this warning.
[   92.344819][ T5872] =======================================================
[   92.426868][ T5872] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   92.450817][ T5872] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal
[   92.469000][ T5872] REISERFS (device loop2): using ordered data mode
[   92.488312][ T5872] reiserfs: using flush barriers
[   92.587398][ T5872] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   92.654494][ T5872] REISERFS (device loop2): checking transaction log (loop2)
[   92.676366][ T5872] REISERFS (device loop2): Using r5 hash to sort names
[   92.689996][ T5880] warning: `syz.3.7' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   92.716632][ T5872] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[   92.738692][ T5872] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[   92.855909][ T5872] REISERFS warning (device loop2): sh-2029: %s: bitmap block (#%u) reading failed reiserfs_read_bitmap_block: reiserfs_read_bitmap_block
[   92.910539][ T5872] REISERFS warning (device loop2): sh-2029: %s: bitmap block (#%u) reading failed reiserfs_read_bitmap_block: reiserfs_read_bitmap_block
[   92.941790][ T5872] REISERFS warning (device loop2): sh-2029: %s: bitmap block (#%u) reading failed reiserfs_read_bitmap_block: reiserfs_read_bitmap_block
[   93.353861][ T5784] Bluetooth: hci0: command tx timeout
[   93.430985][ T5893] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   93.450373][ T5784] Bluetooth: hci3: command tx timeout
[   93.514538][ T5784] Bluetooth: hci2: command tx timeout
[   93.514548][ T5777] Bluetooth: hci1: command tx timeout
[   93.563625][   T23] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   93.743850][   T23] usb 4-1: Using ep0 maxpacket: 8
[   93.756847][   T23] usb 4-1: config 0 has an invalid interface number: 31 but max is 0
[   93.776152][   T23] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   93.803525][   T23] usb 4-1: config 0 has no interface number 0
[   93.824256][   T23] usb 4-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[   93.852675][   T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   93.863963][   T23] usb 4-1: Product: syz
[   93.868273][   T23] usb 4-1: Manufacturer: syz
[   93.873283][   T23] usb 4-1: SerialNumber: syz
[   93.898540][   T23] usb 4-1: config 0 descriptor??
[   93.963096][ T5889] loop1: detected capacity change from 0 to 40427
[   94.003099][ T5889] F2FS-fs (loop1): build fault injection attr: rate: 771, type: 0x7ffff
[   94.032225][ T5889] F2FS-fs (loop1): invalid crc value
[   94.065811][ T5889] F2FS-fs (loop1): Found nat_bits in checkpoint
[   94.080989][ T5775] usb 1-1: USB disconnect, device number 2
[   94.181589][   T27] usb 4-1: USB disconnect, device number 2
[   94.260395][ T5889] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   94.458648][ T5768] syz-executor: attempt to access beyond end of device
[   94.458648][ T5768] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   94.506138][ T5768] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[   94.579688][ T5909] netlink: 'syz.2.20': attribute type 1 has an invalid length.
[   94.589074][ T5911] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   94.592953][ T5909] netlink: 'syz.2.20': attribute type 2 has an invalid length.
[   94.630097][ T5909] netlink: 'syz.2.20': attribute type 1 has an invalid length.
[   94.639924][ T5909] netlink: 'syz.2.20': attribute type 2 has an invalid length.
[   94.652095][ T5911] netlink: 8 bytes leftover after parsing attributes in process `syz.0.21'.
[   94.836831][ T5915] netlink: 'syz.0.23': attribute type 11 has an invalid length.
[   95.271944][ T5924] mmap: syz.2.27 (5924) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   95.558239][ T5918] loop3: detected capacity change from 0 to 32768
[   95.573663][    T8] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   95.663707][ T5918] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[   95.773914][    T8] usb 1-1: Using ep0 maxpacket: 16
[   95.790586][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[   95.837319][    T8] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[   95.855306][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   95.863394][    T8] usb 1-1: Product: syz
[   95.874132][    T8] usb 1-1: Manufacturer: syz
[   95.882001][    T8] usb 1-1: SerialNumber: syz
[   95.896738][    T8] usb 1-1: config 0 descriptor??
[   95.912821][    T8] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[   95.939282][    T8] em28xx 1-1:0.0: DVB interface 0 found: bulk
[   95.992472][ T5918] syz.3.24 (5918) used greatest stack depth: 20656 bytes left
[   96.048777][ T5769] (syz-executor,5769,1):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 72
[   96.083105][ T5769] ocfs2: Unmounting device (7,3) on (node local)
[   96.220100][ T5942] netlink: 24 bytes leftover after parsing attributes in process `syz.1.33'.
[   96.429794][ T5946] loop1: detected capacity change from 0 to 4096
[   96.562631][    T8] em28xx 1-1:0.0: chip ID is em2750
[   96.689654][ T5946] EXT4-fs (loop1): Test dummy encryption mode enabled
[   96.728891][ T5946] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[   96.759355][ T5946] System zones: 0-5
[   96.778492][ T5946] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   96.857670][    T8] em28xx 1-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[   96.866673][    T8] em28xx 1-1:0.0: board has no eeprom
[   96.919029][   T28] audit: type=1800 audit(1768683361.777:2): pid=5946 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.34" name="file1" dev="loop1" ino=15 res=0 errno=0
[   96.965125][    T8] em28xx 1-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[   96.994616][    T8] em28xx 1-1:0.0: dvb set to bulk mode.
[   97.003044][ T5842] em28xx 1-1:0.0: Binding DVB extension
[   97.030000][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.054030][    T8] usb 1-1: USB disconnect, device number 3
[   97.080916][    T8] em28xx 1-1:0.0: Disconnecting em28xx
[   97.111645][ T5944] loop3: detected capacity change from 0 to 32768
[   97.152502][ T5944] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop3 scanned by syz.3.32 (5944)
[   97.236219][ T5842] em28xx 1-1:0.0: Registering input extension
[   97.242889][    T8] em28xx 1-1:0.0: Closing input extension
[   97.296432][ T5944] BTRFS info (device loop3): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[   97.352502][    T8] em28xx 1-1:0.0: Freeing device
[   97.365960][ T5944] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[   97.403669][ T5944] BTRFS info (device loop3): using free space tree
[   97.551053][ T5966] can0: slcan on ptm0.
[   97.611102][ T5944] BTRFS info (device loop3): enabling ssd optimizations
[   97.635289][ T5944] BTRFS info (device loop3): auto enabling async discard
[   97.743006][ T5986] loop0: detected capacity change from 0 to 256
[   97.826946][ T5961] can0 (unregistered): slcan off ptm0.
[   97.862169][   T28] audit: type=1800 audit(1768683362.717:3): pid=5986 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.41" name="file1" dev="loop0" ino=1048592 res=0 errno=0
[   98.122680][ T5769] BTRFS info (device loop3): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[   98.265663][  T967] usb 3-1: new full-speed USB device number 2 using dummy_hcd
[   98.353596][   T23] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   98.492517][  T967] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   98.523908][  T967] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   98.540163][  T967] usb 3-1: New USB device found, idVendor=056a, idProduct=f43b, bcdDevice=ff.ff
[   98.550625][  T967] usb 3-1: New USB device strings: Mfr=255, Product=0, SerialNumber=0
[   98.560214][  T967] usb 3-1: Manufacturer: syz
[   98.568444][   T23] usb 2-1: Using ep0 maxpacket: 16
[   98.575244][  T967] usb 3-1: config 0 descriptor??
[   98.590279][   T23] usb 2-1: New USB device found, idVendor=0403, idProduct=b8d8, bcdDevice=30.bb
[   98.600823][   T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   98.612319][   T23] usb 2-1: Product: syz
[   98.617505][   T23] usb 2-1: Manufacturer: syz
[   98.622165][   T23] usb 2-1: SerialNumber: syz
[   98.794009][ T5842] usb 1-1: new full-speed USB device number 4 using dummy_hcd
[   98.849161][ T5989] loop2: detected capacity change from 0 to 512
[   98.861460][ T6004] loop3: detected capacity change from 0 to 128
[   98.879384][ T5989] EXT4-fs: quotafile must be on filesystem root
[   99.015998][ T5842] usb 1-1: config 0 has no interfaces?
[   99.021611][ T5842] usb 1-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[   99.038435][ T5842] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.050643][ T5842] usb 1-1: config 0 descriptor??
[   99.058608][   T23] usb 2-1: Quirk or no altest; falling back to MIDI 1.0
[   99.148456][  T967] wacom 0003:056A:F43B.0001: Unknown device_type for 'syz'. Ignoring.
[   99.285290][ T6008] loop3: detected capacity change from 0 to 256
[   99.300103][   T23] snd-usb-audio: probe of 2-1:222.0 failed with error -2
[   99.319283][   T27] usb 1-1: USB disconnect, device number 4
[   99.418847][   T23] usb 3-1: USB disconnect, device number 2
[   99.427032][ T5983] udevd[5983]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:222.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   99.533156][  T967] usb 2-1: USB disconnect, device number 2
[  100.056021][   T28] audit: type=1326 audit(1768683364.917:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6016 comm="syz.2.56" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a8b99acb9 code=0x7ffc0000
[  100.099796][   T28] audit: type=1326 audit(1768683364.937:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6016 comm="syz.2.56" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a8b99acb9 code=0x7ffc0000
[  100.198240][   T28] audit: type=1326 audit(1768683364.947:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6016 comm="syz.2.56" exe="/root/syz-executor" sig=0 arch=c000003e syscall=121 compat=0 ip=0x7f8a8b99acb9 code=0x7ffc0000
[  100.281356][   T28] audit: type=1326 audit(1768683364.947:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6016 comm="syz.2.56" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a8b99acb9 code=0x7ffc0000
[  100.350117][   T28] audit: type=1326 audit(1768683364.947:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6016 comm="syz.2.56" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a8b99acb9 code=0x7ffc0000
[  100.417384][ T6027] netlink: 4 bytes leftover after parsing attributes in process `syz.2.60'.
[  100.430835][   T28] audit: type=1326 audit(1768683364.997:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6016 comm="syz.2.56" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7f8a8b99acb9 code=0x7ffc0000
[  100.500950][   T28] audit: type=1326 audit(1768683364.997:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6016 comm="syz.2.56" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a8b99acb9 code=0x7ffc0000
[  100.558462][   T28] audit: type=1326 audit(1768683364.997:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6016 comm="syz.2.56" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a8b99acb9 code=0x7ffc0000
[  101.051889][ T6042] loop0: detected capacity change from 0 to 256
[  101.109143][ T6042] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  101.145334][ T6042] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  101.254940][ T6042] syz.0.66: attempt to access beyond end of device
[  101.254940][ T6042] loop0: rw=524288, sector=280, nr_sectors = 128 limit=256
[  101.287627][ T6042] syz.0.66: attempt to access beyond end of device
[  101.287627][ T6042] loop0: rw=524288, sector=408, nr_sectors = 256 limit=256
[  101.308021][ T6042] syz.0.66: attempt to access beyond end of device
[  101.308021][ T6042] loop0: rw=0, sector=280, nr_sectors = 8 limit=256
[  101.411363][ T6030] loop1: detected capacity change from 0 to 40427
[  101.447202][ T6030] F2FS-fs (loop1): invalid crc value
[  101.494773][ T6030] F2FS-fs (loop1): Found nat_bits in checkpoint
[  101.676886][ T6030] F2FS-fs (loop1): Start checkpoint disabled!
[  101.738323][ T6030] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  101.822353][ T6057] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  101.830571][ T6057] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  101.838646][ T6057] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  101.846640][ T6057] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  101.854606][ T6057] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  101.862508][ T6057] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  101.870497][ T6057] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  101.878510][ T6057] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  101.886517][ T6057] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  101.894497][ T6057] ICMPv6: RA: ndisc_router_discovery failed to add default route
[  101.927693][ T6030] capability: warning: `syz.1.61' uses 32-bit capabilities (legacy support in use)
[  102.370367][ T6064] loop0: detected capacity change from 0 to 4096
[  102.408134][ T6064] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  102.515965][ T6064] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  102.609906][ T6069] syz.1.74 uses obsolete (PF_INET,SOCK_PACKET)
[  103.313567][  T967] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  103.415948][ T6094] loop2: detected capacity change from 0 to 256
[  103.447382][ T6094] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  103.522123][  T967] usb 1-1: Using ep0 maxpacket: 16
[  103.547100][  T967] usb 1-1: config 0 has an invalid interface number: 8 but max is 0
[  103.565212][  T967] usb 1-1: config 0 has no interface number 0
[  103.589394][  T967] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  103.657004][  T967] usb 1-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  103.694593][  T967] usb 1-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  103.708700][  T967] usb 1-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  103.717435][  T967] usb 1-1: Product: syz
[  103.721749][  T967] usb 1-1: SerialNumber: syz
[  103.748621][  T967] usb 1-1: config 0 descriptor??
[  103.786151][  T967] cm109 1-1:0.8: invalid payload size 0, expected 4
[  103.824231][  T967] input: CM109 USB driver as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.8/input/input9
[  104.051632][ T6088] loop1: detected capacity change from 0 to 32768
[  104.106677][    C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71
[  104.115724][    C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71
[  104.123243][    C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71
[  104.130595][    C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71
[  104.137976][    C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71
[  104.145179][    C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71
[  104.152400][    C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71
[  104.159633][    C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71
[  104.167056][    C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71
[  104.174304][    C0] cm109 1-1:0.8: cm109_urb_ctl_callback: urb status -71
[  104.189800][ T6088] (syz.1.84,6088,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  104.203820][  T967] usb 1-1: USB disconnect, device number 5
[  104.209848][    C0] cm109 1-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  104.227669][ T6088] (syz.1.84,6088,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  104.273612][  T967] cm109 1-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  104.396934][ T6088] JBD2: Ignoring recovery information on journal
[  104.494764][ T6088] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  104.681795][ T6110] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  104.682370][ T6088] (syz.1.84,6088,0):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options
[  104.955337][ T5768] ocfs2: Unmounting device (7,1) on (node local)
[  105.798829][ T6131] loop2: detected capacity change from 0 to 4096
[  105.835475][ T6118] loop3: detected capacity change from 0 to 32768
[  105.879154][ T6133] loop0: detected capacity change from 0 to 16
[  105.947094][ T6133] erofs: (device loop0): mounted with root inode @ nid 36.
[  105.975184][ T6118] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[  106.272187][ T6142] loop1: detected capacity change from 0 to 128
[  106.357056][ T6142] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  106.398595][ T6142] ext4 filesystem being mounted at /23/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  106.472272][ T5769] ocfs2: Unmounting device (7,3) on (node local)
[  106.489041][ T5771] erofs: (device loop0): erofs_fill_dentries: bogus dirent @ nid 46
[  106.566969][ T5768] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  106.585156][ T5771] erofs: (device loop0): erofs_readdir: invalid de[0].nameoff 0 @ nid 89
[  106.627685][ T5771] erofs: (device loop0): erofs_readdir: invalid de[0].nameoff 0 @ nid 89
[  106.847449][ T6152] loop0: detected capacity change from 0 to 64
[  106.898715][ T6152] BFS-fs: bfs_fill_super(): loop0 is unclean, continuing
[  106.983602][  T967] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  107.021465][ T6150] syz.1.111 (6150) used greatest stack depth: 20392 bytes left
[  107.088160][ T6156] netlink: 16 bytes leftover after parsing attributes in process `syz.3.113'.
[  107.113224][ T6156] sch_fq: defrate 0 ignored.
[  107.209729][  T967] usb 3-1: Using ep0 maxpacket: 32
[  107.218288][  T967] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  107.243540][  T967] usb 3-1: config 0 has no interface number 0
[  107.301620][  T967] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  107.323582][  T967] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  107.347947][  T967] usb 3-1: Product: syz
[  107.352470][  T967] usb 3-1: Manufacturer: syz
[  107.362830][  T967] usb 3-1: SerialNumber: syz
[  107.379830][  T967] usb 3-1: config 0 descriptor??
[  107.410699][  T967] quatech2 3-1:0.1: Quatech 2nd gen USB to Serial Driver converter detected
[  107.617844][ T6169] Illegal XDP return value 92 on prog  (id 8) dev N/A, expect packet loss!
[  107.653122][  T967] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  107.705348][  T967] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  108.158797][    C0] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71
[  108.176622][ T5842] usb 3-1: USB disconnect, device number 3
[  108.208633][ T5842] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  108.256019][ T5842] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  108.294715][ T5842] quatech2 3-1:0.1: device disconnected
[  108.842333][ T6184] loop0: detected capacity change from 0 to 256
[  108.865617][ T6186] syz_tun: entered promiscuous mode
[  108.871874][ T6185] syz_tun: left promiscuous mode
[  109.136782][ T6189] loop2: detected capacity change from 0 to 4096
[  109.156228][ T6189] EXT4-fs: Ignoring removed nomblk_io_submit option
[  109.236849][ T6189] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  109.386404][   T28] kauditd_printk_skb: 4 callbacks suppressed
[  109.386420][   T28] audit: type=1800 audit(1768683374.247:16): pid=6189 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.128" name="file1" dev="loop2" ino=15 res=0 errno=0
[  109.492130][ T6196] loop0: detected capacity change from 0 to 4096
[  109.531851][ T6196] ntfs3: loop0: Different NTFS sector size (1024) and media sector size (512).
[  109.571155][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  110.245044][ T6198] loop3: detected capacity change from 0 to 40427
[  110.279479][ T6198] F2FS-fs (loop3): build fault injection attr: rate: 771, type: 0x7ffff
[  110.311175][ T6198] F2FS-fs (loop3): invalid crc value
[  110.344570][ T6198] F2FS-fs (loop3): Found nat_bits in checkpoint
[  110.421208][ T6208] loop1: detected capacity change from 0 to 4096
[  110.460413][ T6208] ntfs3: loop1: Different NTFS sector size (1024) and media sector size (512).
[  110.542226][ T6198] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  110.915434][ T5769] syz-executor: attempt to access beyond end of device
[  110.915434][ T5769] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  110.967054][ T5769] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  111.262087][    T8] kernel write not supported for file /input/mouse0 (pid: 8 comm: kworker/0:0)
[  112.053925][ T6224] loop0: detected capacity change from 0 to 32768
[  112.127032][ T6224] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  112.225926][ T6224] XFS (loop0): Ending clean mount
[  112.649119][ T6239] loop3: detected capacity change from 0 to 32768
[  112.685939][ T5771] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  112.797284][ T6239] UFO tlock:0xffffc9000286a090
[  112.891633][ T6253] loop2: detected capacity change from 0 to 512
[  112.903325][ T6239] MetaData crosses page boundary!!
[  112.948604][ T6239] lblock = 6300000010, size  = -820051968
[  112.983177][ T6239] CPU: 1 PID: 6239 Comm: syz.3.149 Not tainted syzkaller #0
[  112.990571][ T6239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  113.000691][ T6239] Call Trace:
[  113.004044][ T6239]  <TASK>
[  113.007034][ T6239]  dump_stack_lvl+0x18c/0x250
[  113.011789][ T6239]  ? __wake_up_bit+0x210/0x210
[  113.016608][ T6239]  ? show_regs_print_info+0x20/0x20
[  113.021953][ T6239]  ? load_image+0x400/0x400
[  113.026529][ T6239]  ? folio_unlock+0x118/0x2e0
[  113.031269][ T6239]  __get_metapage+0xaac/0xfa0
[  113.036013][ T6239]  dtReadFirst+0xd5/0x920
[  113.040412][ T6239]  jfs_readdir+0x919/0x3bb0
[  113.045010][ T6239]  ? dtInitRoot+0x670/0x670
[  113.049604][ T6239]  ? __up_read+0x2b6/0x6b0
[  113.054096][ T6239]  ? down_write+0x16e/0x200
[  113.058666][ T6239]  ? down_read_killable+0x340/0x340
[  113.063915][ T6239]  ? end_current_label_crit_section+0x149/0x170
[  113.070216][ T6239]  ? dtInitRoot+0x670/0x670
[  113.074778][ T6239]  wrap_directory_iterator+0x92/0xd0
[  113.080216][ T6239]  iterate_dir+0x1c2/0x580
[  113.084705][ T6239]  __se_sys_getdents+0xf6/0x260
[  113.089625][ T6239]  ? __x64_sys_getdents+0x80/0x80
[  113.094711][ T6239]  ? fillonedir+0x430/0x430
[  113.099278][ T6239]  ? lockdep_hardirqs_on+0x98/0x150
[  113.104546][ T6239]  do_syscall_64+0x55/0xa0
[  113.109022][ T6239]  ? clear_bhb_loop+0x40/0x90
[  113.113936][ T6239]  ? clear_bhb_loop+0x40/0x90
[  113.118683][ T6239]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  113.124640][ T6239] RIP: 0033:0x7f44d899acb9
[  113.129215][ T6239] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  113.148885][ T6239] RSP: 002b:00007f44d97f1028 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[  113.157453][ T6239] RAX: ffffffffffffffda RBX: 00007f44d8c15fa0 RCX: 00007f44d899acb9
[  113.165491][ T6239] RDX: 0000000000000030 RSI: 0000200000000000 RDI: 0000000000000004
[  113.173525][ T6239] RBP: 00007f44d8a08bf7 R08: 0000000000000000 R09: 0000000000000000
[  113.181552][ T6239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  113.189565][ T6239] R13: 00007f44d8c16038 R14: 00007f44d8c15fa0 R15: 00007ffd3da0b438
[  113.197588][ T6239]  </TASK>
[  113.334710][ T6253] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.381095][ T6239] bread failed!
[  113.381401][ T6253] ext4 filesystem being mounted at /48/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  113.384829][ T6239] jfs_readdir: unexpected rc = -5 from dtReadNext
[  113.581536][ T6253] EXT4-fs error (device loop2): ext4_do_update_inode:5248: inode #2: comm syz.2.152: corrupted inode contents
[  113.626943][ T6253] EXT4-fs error (device loop2): ext4_dirty_inode:6124: inode #2: comm syz.2.152: mark_inode_dirty error
[  113.652639][ T6253] EXT4-fs error (device loop2): ext4_do_update_inode:5248: inode #2: comm syz.2.152: corrupted inode contents
[  113.672114][ T6264] EXT4-fs error (device loop2): ext4_do_update_inode:5248: inode #2: comm syz.2.152: corrupted inode contents
[  113.730086][ T5770] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.196285][ T6272] syz.3.155 (6272) used greatest stack depth: 19952 bytes left
[  114.321550][ T6276] loop3: detected capacity change from 0 to 1024
[  114.333855][ T6266] loop0: detected capacity change from 0 to 32768
[  114.347111][ T6276] EXT4-fs: Ignoring removed nomblk_io_submit option
[  114.413084][ T6276] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.468944][ T6266] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  114.484476][ T6285] netlink: 'syz.1.162': attribute type 2 has an invalid length.
[  114.492199][ T6285] netlink: 12 bytes leftover after parsing attributes in process `syz.1.162'.
[  114.502757][ T6285] Zero length message leads to an empty skb
[  114.797571][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.836529][ T6266] XFS (loop0): Ending clean mount
[  114.901746][ T6266] XFS (loop0): Quotacheck needed: Please wait.
[  115.042815][ T6266] XFS (loop0): Quotacheck: Done.
[  115.412104][ T5771] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  115.723620][ T5842] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  115.913622][ T5842] usb 2-1: Using ep0 maxpacket: 8
[  115.925878][ T5842] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  115.943945][ T5842] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  115.973809][ T5842] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  116.003032][ T5842] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  116.043975][ T5842] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  116.071351][ T5842] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.318922][ T5842] usb 2-1: GET_CAPABILITIES returned 0
[  116.337824][ T5842] usbtmc 2-1:16.0: can't read capabilities
[  116.473620][ T6333] loop3: detected capacity change from 0 to 8192
[  116.491644][ T6333] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  116.516273][ T6333] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  116.551309][ T5842] usb 2-1: USB disconnect, device number 3
[  116.571752][ T6333] REISERFS (device loop3): using ordered data mode
[  116.578731][ T6333] reiserfs: using flush barriers
[  116.591754][ T6333] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  116.612040][ T6333] REISERFS (device loop3): checking transaction log (loop3)
[  116.636700][ T6333] REISERFS (device loop3): Using r5 hash to sort names
[  116.649430][ T6333] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  116.736521][ T6339] loop2: detected capacity change from 0 to 64
[  117.046600][ T5770] Bad inode number on dev loop2: 4160749571 is out of range
[  117.075875][ T5770] Bad inode number on dev loop2: 4160749571 is out of range
[  117.088574][ T6343] loop3: detected capacity change from 0 to 1024
[  117.114106][ T5777] Bluetooth: hci1: command 0x0401 tx timeout
[  117.437307][ T2985] hfsplus: b-tree write err: -5, ino 4
[  117.698581][ T6352] loop3: detected capacity change from 0 to 1024
[  117.715291][ T6352] EXT4-fs: Ignoring removed nomblk_io_submit option
[  117.799180][ T6352] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  117.826708][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.002565][ T6345] loop0: detected capacity change from 0 to 32768
[  118.047146][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.089392][ T6345] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  118.128447][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.321805][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.453369][ T6345] syz.0.184 (6345) used greatest stack depth: 18768 bytes left
[  118.510834][ T5771] ocfs2: Unmounting device (7,0) on (node local)
[  118.628314][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.668056][ T6363] loop3: detected capacity change from 0 to 256
[  118.679555][ T6365] loop0: detected capacity change from 0 to 128
[  118.763566][   T28] audit: type=1800 audit(1768683383.607:17): pid=6363 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.193" name="file1" dev="loop3" ino=1048597 res=0 errno=0
[  118.765272][ T6365] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  118.820891][ T6363] FAT-fs (loop3): error, clusters badly computed (0 != 128)
[  118.820939][ T6365] ext4 filesystem being mounted at /36/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  118.897487][ T6354] loop1: detected capacity change from 0 to 32768
[  118.974074][ T6363] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  118.999486][ T6354] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.189 (6354)
[  119.124954][ T6365] fscrypt (loop0, inode 12): Unsupported encryption flags (0x23)
[  119.197785][ T6354] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  119.215050][ T6354] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  119.274053][ T6354] BTRFS info (device loop1): metadata ratio 2
[  119.280232][ T6354] BTRFS info (device loop1): allowing degraded mounts
[  119.345718][ T5771] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  119.362178][ T6354] BTRFS info (device loop1): force zlib compression, level 3
[  119.403988][ T6354] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  119.418847][ T6367] FAT-fs (loop3): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  119.459294][ T6354] BTRFS info (device loop1): use zstd compression, level 3
[  119.513535][ T6354] BTRFS info (device loop1): force clearing of disk cache
[  119.520974][ T6354] BTRFS info (device loop1): turning on flush-on-commit
[  119.626849][ T6354] BTRFS warning (device loop1): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  119.651835][ T6376] loop0: detected capacity change from 0 to 1024
[  119.687062][ T6354] BTRFS info (device loop1): trying to use backup root at mount time
[  119.722401][ T6354] BTRFS info (device loop1): using free space tree
[  119.809474][ T5784] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  119.823877][ T5784] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  119.832305][ T5784] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  119.841722][ T5784] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  119.850456][ T5784] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  119.858885][ T5784] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  120.143654][ T6354] BTRFS info (device loop1): enabling ssd optimizations
[  120.175826][ T2985] hfsplus: b-tree write err: -5, ino 3
[  120.204507][ T6354] BTRFS info (device loop1): rebuilding free space tree
[  120.720653][ T6413] netlink: 24 bytes leftover after parsing attributes in process `syz.0.198'.
[  120.782970][ T5768] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  121.323404][ T6427] loop3: detected capacity change from 0 to 64
[  121.344960][ T6427] MINIX-fs: mounting unchecked file system, running fsck is recommended
[  121.468048][ T6427] MINIX-fs warning: remounting unchecked fs, running fsck is recommended
[  121.528023][ T5842] kernel write not supported for file /sequencer2 (pid: 5842 comm: kworker/0:5)
[  121.792565][ T6383] chnl_net:caif_netlink_parms(): no params data found
[  121.914584][ T5777] Bluetooth: hci2: command tx timeout
[  122.108303][ T6437] netlink: 'syz.3.205': attribute type 1 has an invalid length.
[  122.424768][ T5842] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  122.456972][ T6450] netlink: 28 bytes leftover after parsing attributes in process `syz.3.209'.
[  122.498274][ T6450] vlan2: entered promiscuous mode
[  122.503629][ T6450] bond0: entered promiscuous mode
[  122.508844][ T6450] bond_slave_0: entered promiscuous mode
[  122.519168][ T6450] bond_slave_1: entered promiscuous mode
[  122.598263][   T12] hsr_slave_0: left promiscuous mode
[  122.634816][ T5842] usb 2-1: Using ep0 maxpacket: 32
[  122.651820][ T5842] usb 2-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  122.668962][ T5842] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.684687][   T12] hsr_slave_1: left promiscuous mode
[  122.704392][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  122.715307][ T5842] usb 2-1: config 0 descriptor??
[  122.741134][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  122.757819][ T6461] loop3: detected capacity change from 0 to 64
[  122.775566][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  122.783083][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  122.824390][   T12] bridge_slave_1: left allmulticast mode
[  122.830434][   T12] bridge_slave_1: left promiscuous mode
[  122.841785][ T6461] hfs: unable to locate alternate MDB
[  122.869224][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  122.876134][ T6461] hfs: continuing without an alternate MDB
[  122.936754][   T12] bridge_slave_0: left allmulticast mode
[  122.942514][   T12] bridge_slave_0: left promiscuous mode
[  122.972282][ T5842] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  123.007122][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  123.021204][ T5842] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  123.055220][ T5842] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  123.079161][ T5842] usb 2-1: media controller created
[  123.160508][ T5842] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  123.188351][   T12] veth1_macvtap: left promiscuous mode
[  123.212332][   T12] veth0_macvtap: left promiscuous mode
[  123.242524][   T12] veth1_vlan: left promiscuous mode
[  123.252537][ T5842] az6027: usb out operation failed. (-71)
[  123.285401][ T5842] az6027: usb out operation failed. (-71)
[  123.286777][   T12] veth0_vlan: left promiscuous mode
[  123.291219][ T5842] stb0899_attach: Driver disabled by Kconfig
[  123.313518][ T5842] az6027: no front-end attached
[  123.313518][ T5842] 
[  123.325800][ T5842] az6027: usb out operation failed. (-71)
[  123.331695][ T5842] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  123.339829][ T6445] loop0: detected capacity change from 0 to 32768
[  123.352807][ T5842] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input10
[  123.369683][ T6445] (syz.0.206,6445,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  123.390698][ T6445] (syz.0.206,6445,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  123.421097][ T5842] dvb-usb: schedule remote query interval to 400 msecs.
[  123.440290][ T6445] JBD2: Ignoring recovery information on journal
[  123.465283][ T5842] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  123.543561][ T5842] usb 2-1: USB disconnect, device number 4
[  123.585168][ T6445] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  123.793098][ T5842] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  123.993984][ T5777] Bluetooth: hci2: command tx timeout
[  124.013028][ T6445] (syz.0.206,6445,1):ocfs2_parse_options:1460 ERROR: Invalid heartbeat mount options
[  124.189380][ T5771] ocfs2: Unmounting device (7,0) on (node local)
[  124.844726][ T6486] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  125.234652][   T12] team0 (unregistering): Port device team_slave_1 removed
[  125.274490][ T6492] loop0: detected capacity change from 0 to 128
[  125.318732][ T6492] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  125.333126][   T12] team0 (unregistering): Port device team_slave_0 removed
[  125.342273][ T6492] ext4 filesystem being mounted at /47/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  125.430517][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  125.489943][ T5771] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  125.509673][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  125.987988][   T12] bond0 (unregistering): Released all slaves
[  126.083754][ T5784] Bluetooth: hci2: command tx timeout
[  126.177791][ T6383] bridge0: port 1(bridge_slave_0) entered blocking state
[  126.195268][ T6383] bridge0: port 1(bridge_slave_0) entered disabled state
[  126.202575][ T6383] bridge_slave_0: entered allmulticast mode
[  126.255003][ T6383] bridge_slave_0: entered promiscuous mode
[  126.286913][ T6383] bridge0: port 2(bridge_slave_1) entered blocking state
[  126.296602][ T6383] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.324006][ T6383] bridge_slave_1: entered allmulticast mode
[  126.332616][ T6383] bridge_slave_1: entered promiscuous mode
[  126.345086][ T6500] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  126.419597][ T6502] loop3: detected capacity change from 0 to 64
[  126.438922][ T6383] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  126.486729][ T6383] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  126.628549][ T6383] team0: Port device team_slave_0 added
[  126.671955][ T6383] team0: Port device team_slave_1 added
[  126.828735][ T6383] batman_adv: batadv0: Adding interface: batadv_slave_0
[  126.856240][ T6383] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  126.899648][ T6383] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  126.915560][ T6383] batman_adv: batadv0: Adding interface: batadv_slave_1
[  126.922821][ T6383] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  126.965035][ T6383] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  127.052370][ T6383] hsr_slave_0: entered promiscuous mode
[  127.072024][ T6383] hsr_slave_1: entered promiscuous mode
[  127.094698][ T6383] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  127.115122][ T6383] Cannot create hsr debugfs directory
[  127.399752][ T6524] macsec1: entered allmulticast mode
[  127.405624][ T6524] macvlan1: entered allmulticast mode
[  127.411058][ T6524] veth1_vlan: entered allmulticast mode
[  127.419595][ T6524] macvlan1: left allmulticast mode
[  127.428270][ T6524] veth1_vlan: left allmulticast mode
[  127.497788][   T27] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  127.707062][   T27] usb 4-1: Using ep0 maxpacket: 16
[  127.716225][ T6383] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  127.729132][   T27] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  127.748014][ T6383] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  127.754208][ T5784] Bluetooth: hci4: command 0x1003 tx timeout
[  127.763603][ T5777] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  127.800292][ T6383] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  127.804123][   T27] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  127.830255][ T6383] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  127.863082][   T27] usb 4-1: New USB device found, idVendor=056a, idProduct=0084, bcdDevice= 0.00
[  127.903713][   T27] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.949030][   T27] usb 4-1: config 0 descriptor??
[  128.149792][ T6383] 8021q: adding VLAN 0 to HW filter on device bond0
[  128.157756][ T5777] Bluetooth: hci2: command tx timeout
[  128.217058][ T6383] 8021q: adding VLAN 0 to HW filter on device team0
[  128.272765][ T2985] bridge0: port 1(bridge_slave_0) entered blocking state
[  128.280024][ T2985] bridge0: port 1(bridge_slave_0) entered forwarding state
[  128.374920][ T3462] bridge0: port 2(bridge_slave_1) entered blocking state
[  128.382205][ T3462] bridge0: port 2(bridge_slave_1) entered forwarding state
[  128.498499][   T27] wacom 0003:056A:0084.0002: hidraw0: USB HID v0.00 Device [HID 056a:0084] on usb-dummy_hcd.3-1/input0
[  128.745392][   T27] usb 4-1: USB disconnect, device number 3
[  128.806380][ T6553] fido_id[6553]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/4-1/report_descriptor': No such file or directory
[  129.168112][ T6383] 8021q: adding VLAN 0 to HW filter on device batadv0
[  129.345456][ T6549] loop0: detected capacity change from 0 to 32768
[  129.463847][ T6549] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  129.524179][ T6581] vcan0: tx drop: invalid da for name 0x00000000000000f0
[  129.827366][ T6549] XFS (loop0): Ending clean mount
[  129.847057][ T6549] XFS (loop0): Quotacheck needed: Please wait.
[  129.926524][ T6549] XFS (loop0): Quotacheck: Done.
[  130.137944][   T28] audit: type=1800 audit(1768683394.997:18): pid=6549 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.235" name="file1" dev="loop0" ino=9286 res=0 errno=0
[  130.233803][ T6383] veth0_vlan: entered promiscuous mode
[  130.260599][ T6383] veth1_vlan: entered promiscuous mode
[  130.357453][ T6383] veth0_macvtap: entered promiscuous mode
[  130.372349][ T5771] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  130.390332][ T6383] veth1_macvtap: entered promiscuous mode
[  130.419255][ T6383] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  130.430243][ T6383] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.448820][ T6383] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  130.461884][ T6383] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.477510][ T6383] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  130.507197][ T6383] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.540603][ T6383] batman_adv: batadv0: Interface activated: batadv_slave_0
[  130.587847][ T6383] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  130.641074][ T6383] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.684401][ T6383] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  130.713306][ T6383] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.743583][ T6383] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  130.776456][ T6383] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  130.807773][ T6383] batman_adv: batadv0: Interface activated: batadv_slave_1
[  130.877503][ T6383] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  130.904337][ T6383] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  130.913160][ T6383] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  130.922926][ T6383] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  131.224146][ T3462] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  131.232949][ T3462] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  131.328300][ T3462] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  131.373301][ T3462] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  131.587166][ T6622] loop0: detected capacity change from 0 to 4096
[  131.657137][ T6622] ntfs: (device loop0): ntfs_read_locked_inode(): $DATA attribute is missing.
[  131.680890][ T6622] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -2.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  131.712720][ T6622] ntfs: (device loop0): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  131.746174][ T6622] ntfs: volume version 3.1.
[  132.009772][ T2985] ntfs: (device loop0): ntfs_write_block(): Writing beyond initialized size is not supported yet. Sorry.
[  132.024494][    T8] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  132.071788][ T5771] ntfs: (device loop0): ntfs_put_super(): Volume has errors.  Leaving volume marked dirty.  Run chkdsk.
[  132.213648][    T8] usb 2-1: Using ep0 maxpacket: 8
[  132.253858][    T8] usb 2-1: config 0 has no interfaces?
[  132.267592][    T8] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0069, bcdDevice=6e.55
[  132.307223][    T8] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.333475][    T8] usb 2-1: Product: syz
[  132.352376][    T8] usb 2-1: Manufacturer: syz
[  132.372700][    T8] usb 2-1: SerialNumber: syz
[  132.423274][    T8] usb 2-1: config 0 descriptor??
[  132.777290][ T6647] loop4: detected capacity change from 0 to 32768
[  132.862218][ T6634] netlink: 12 bytes leftover after parsing attributes in process `syz.1.252'.
[  132.898274][ T6647] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  132.936139][ T6634] netlink: 28 bytes leftover after parsing attributes in process `syz.1.252'.
[  132.960767][   T59] (kworker/u4:4,59,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: directory entry overrun - offset=0, inode=72, rec_len=65296, name_len=7
[  133.027189][ T5843] usb 2-1: USB disconnect, device number 5
[  133.039272][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  133.053362][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  133.115884][ T6664] (syz.4.255,6664,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: directory entry overrun - offset=0, inode=72, rec_len=65296, name_len=7
[  133.163847][ T6664] (syz.4.255,6664,1):ocfs2_prepare_dir_for_insert:4312 ERROR: status = -2
[  133.181064][ T6664] (syz.4.255,6664,1):__ocfs2_prepare_orphan_dir:2171 ERROR: status = -2
[  133.201780][ T6664] (syz.4.255,6664,1):ocfs2_prepare_orphan_dir:2213 ERROR: status = -2
[  133.224114][ T6664] (syz.4.255,6664,1):ocfs2_prepare_orphan_dir:2229 ERROR: status = -2
[  133.234526][ T6664] (syz.4.255,6664,1):ocfs2_rename:1466 ERROR: status = -2
[  133.253754][ T6664] (syz.4.255,6664,1):ocfs2_rename:1690 ERROR: status = -2
[  133.423311][ T6383] ocfs2: Unmounting device (7,4) on (node local)
[  134.863053][ T6690] loop1: detected capacity change from 0 to 40427
[  134.890235][ T6690] F2FS-fs (loop1): build fault injection attr: rate: 771, type: 0x7ffff
[  134.902793][ T6690] F2FS-fs (loop1): invalid crc value
[  134.984877][ T6690] F2FS-fs (loop1): Found nat_bits in checkpoint
[  135.121017][ T6690] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  135.263544][   T28] audit: type=1800 audit(1768683400.117:19): pid=6690 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.264" name="file1" dev="loop1" ino=10 res=0 errno=0
[  135.429050][ T5768] syz-executor: attempt to access beyond end of device
[  135.429050][ T5768] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  135.497544][ T5768] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  136.766968][ T6722] loop0: detected capacity change from 0 to 40427
[  136.816366][ T6722] F2FS-fs (loop0): invalid crc value
[  136.836371][ T6722] F2FS-fs (loop0): Found nat_bits in checkpoint
[  136.984875][ T6725] loop4: detected capacity change from 0 to 32768
[  137.008965][ T6722] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  137.192449][ T6725] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  137.440222][ T5771] syz-executor: attempt to access beyond end of device
[  137.440222][ T5771] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  137.487150][ T6725] XFS (loop4): Ending clean mount
[  137.509088][ T6725] XFS (loop4): Quotacheck needed: Please wait.
[  137.546215][ T5771] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  137.687969][ T6725] XFS (loop4): Quotacheck: Done.
[  137.880064][ T6760] loop1: detected capacity change from 0 to 512
[  137.914002][ T6760] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  137.994412][ T6760] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  138.016448][ T6383] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  138.056344][ T6760] EXT4-fs (loop1): 1 truncate cleaned up
[  138.063391][ T6760] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.292180][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.260293][ T6786] netlink: 'syz.0.285': attribute type 11 has an invalid length.
[  139.839380][ T6800] Bluetooth: MGMT ver 1.22
[  140.042233][ T6804] loop4: detected capacity change from 0 to 512
[  140.092217][ T6804] EXT4-fs: Ignoring removed nomblk_io_submit option
[  140.112307][ T6806] loop1: detected capacity change from 0 to 2048
[  140.121906][ T6804] EXT4-fs (loop4): Test dummy encryption mode enabled
[  140.152288][ T6804] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  140.215345][ T6806] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.295308][ T6804] EXT4-fs (loop4): 1 truncate cleaned up
[  140.302290][ T6804] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.342324][ T6806] EXT4-fs (loop1): shut down requested (0)
[  140.553883][ T6383] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.564851][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.879859][ T6815] loop4: detected capacity change from 0 to 4096
[  141.145396][ T6821] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  141.819267][ T6833] netlink: 8 bytes leftover after parsing attributes in process `syz.1.303'.
[  142.363876][ T6841] input: syz0 as /devices/virtual/input/input14
[  142.425069][ T6703] net_ratelimit: 44 callbacks suppressed
[  142.425087][ T6703] Set syz1 is full, maxelem 65536 reached
[  142.684275][ T6830] loop4: detected capacity change from 0 to 40427
[  142.752708][ T6830] F2FS-fs (loop4): invalid crc value
[  142.784319][ T6830] F2FS-fs (loop4): Found nat_bits in checkpoint
[  142.988942][ T6830] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  143.098001][ T6859] loop0: detected capacity change from 0 to 4096
[  143.134869][ T6859] ntfs: (device loop0): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[  143.230042][ T6859] ntfs: (device loop0): ntfs_read_locked_inode(): Corrupt standard information attribute in inode.
[  143.261132][ T6860] loop1: detected capacity change from 0 to 8192
[  143.278674][ T6383] syz-executor: attempt to access beyond end of device
[  143.278674][ T6383] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  143.306999][ T6859] ntfs: (device loop0): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  143.353607][ T6383] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  143.366159][ T6859] ntfs: (device loop0): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  143.381575][ T6860] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  143.418394][ T6860] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal
[  143.454418][ T6859] ntfs: volume version 3.1.
[  143.513334][ T6860] REISERFS (device loop1): using ordered data mode
[  143.556778][ T6860] reiserfs: using flush barriers
[  143.595815][ T6860] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  143.660677][ T6851] loop3: detected capacity change from 0 to 40427
[  143.668533][ T6860] REISERFS (device loop1): checking transaction log (loop1)
[  143.709141][ T6851] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x7ffff
[  143.759412][ T6851] F2FS-fs (loop3): build fault injection attr: rate: 0, type: 0x35f7
[  143.811714][ T6851] F2FS-fs (loop3): Image doesn't support compression
[  143.857968][ T6851] F2FS-fs (loop3): invalid crc value
[  143.928402][   T59] ntfs: (device loop0): ntfs_write_block(): Writing beyond initialized size is not supported yet. Sorry.
[  143.940530][ T6851] F2FS-fs (loop3): Found nat_bits in checkpoint
[  143.977174][ T5771] ntfs: (device loop0): ntfs_put_super(): Volume has errors.  Leaving volume marked dirty.  Run chkdsk.
[  143.985353][ T6860] REISERFS (device loop1): Using tea hash to sort names
[  144.027323][ T6860] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[  144.213756][ T6851] F2FS-fs (loop3): Start checkpoint disabled!
[  144.228400][ T6851] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  144.335480][   T28] audit: type=1800 audit(1768683409.197:20): pid=6851 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.309" name="file1" dev="loop3" ino=10 res=0 errno=0
[  144.383766][ T6851] F2FS-fs (loop3): Checkpoint should be enabled.
[  144.580868][ T3462] kworker/u4:12: attempt to access beyond end of device
[  144.580868][ T3462] loop3: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  144.643719][ T3462] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  144.657990][ T3462] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  144.674978][ T3462] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  144.684734][ T3462] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  145.117017][ T6880] sctp: [Deprecated]: syz.1.318 (pid 6880) Use of struct sctp_assoc_value in delayed_ack socket option.
[  145.117017][ T6880] Use struct sctp_sack_info instead
[  145.513997][ T6886] loop1: detected capacity change from 0 to 4096
[  145.621912][ T6886] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  145.698290][ T6886] ntfs3: loop1: Failed to initialize $Extend/$Reparse.
[  145.767427][ T6895] loop4: detected capacity change from 0 to 64
[  145.826558][   T28] audit: type=1800 audit(1768683410.687:21): pid=6886 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.320" name="file1" dev="loop1" ino=30 res=0 errno=0
[  145.852648][ T6886] ntfs3: loop1: ino=1e, attr_set_size
[  146.496336][ T6893] loop3: detected capacity change from 0 to 32768
[  146.557158][ T6893] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.323 (6893)
[  146.658145][ T6893] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  146.713359][ T6893] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  146.739483][ T6893] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  146.763560][ T6893] BTRFS info (device loop3): force zstd compression, level 3
[  146.781334][ T6893] BTRFS info (device loop3): turning on sync discard
[  146.798487][ T6893] BTRFS info (device loop3): force clearing of disk cache
[  146.818750][ T6893] BTRFS info (device loop3): enabling disk space caching
[  146.853753][ T6893] BTRFS info (device loop3): turning off discard
[  146.860217][ T6893] BTRFS info (device loop3): disk space caching is enabled
[  147.134622][ T6893] BTRFS info (device loop3): enabling ssd optimizations
[  147.175918][ T6893] BTRFS info (device loop3): rebuilding free space tree
[  147.253215][ T6893] BTRFS info (device loop3): disabling free space tree
[  147.283700][ T6893] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  147.323507][ T6893] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  147.677056][ T6907] loop1: detected capacity change from 0 to 32768
[  147.716156][ T5769] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  147.735553][ T6907] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 scanned by syz.1.328 (6907)
[  147.861552][ T6907] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  147.917864][ T6907] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  147.978536][ T6907] BTRFS info (device loop1): using free space tree
[  148.240895][ T6907] BTRFS info (device loop1): enabling ssd optimizations
[  148.273648][ T6907] BTRFS info (device loop1): auto enabling async discard
[  148.468717][ T6939] loop0: detected capacity change from 0 to 32768
[  148.525165][ T6939] XFS: attr2 mount option is deprecated.
[  148.722899][ T6939] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  149.048866][ T6939] XFS (loop0): Ending clean mount
[  149.080974][ T6939] XFS (loop0): Quotacheck needed: Please wait.
[  149.197559][ T5768] BTRFS info (device loop1): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  149.251336][ T6939] XFS (loop0): Quotacheck: Done.
[  149.615369][ T6959] loop3: detected capacity change from 0 to 32768
[  149.689876][ T6959] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  149.781619][ T5771] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  149.914011][ T6982] loop4: detected capacity change from 0 to 32768
[  150.004933][ T6982] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 scanned by syz.4.339 (6982)
[  150.015474][ T7003] netlink: 'syz.1.342': attribute type 5 has an invalid length.
[  150.143545][ T6982] BTRFS info (device loop4): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  150.193595][ T6982] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  150.203094][ T6982] BTRFS info (device loop4): using free space tree
[  150.246424][ T5777] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  150.260296][ T5777] Bluetooth: hci2: Injecting HCI hardware error event
[  150.270340][ T5777] Bluetooth: hci2: hardware error 0x00
[  150.472484][ T5769] ocfs2: Unmounting device (7,3) on (node local)
[  150.634941][ T6982] BTRFS info (device loop4): enabling ssd optimizations
[  150.655703][ T6982] BTRFS info (device loop4): auto enabling async discard
[  151.549543][ T6383] BTRFS info (device loop4): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  151.716757][ T7048] sctp: [Deprecated]: syz.1.348 (pid 7048) Use of int in maxseg socket option.
[  151.716757][ T7048] Use struct sctp_assoc_value instead
[  152.364802][ T7056] loop4: detected capacity change from 0 to 4096
[  152.417483][ T7056] ntfs3: loop4: Different NTFS sector size (2048) and media sector size (512).
[  152.634379][ T5777] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  152.764244][ T7076] loop0: detected capacity change from 0 to 1024
[  152.776812][ T7076] EXT4-fs: Ignoring removed oldalloc option
[  152.830183][ T7073] loop3: detected capacity change from 0 to 4096
[  152.888264][ T7073] ntfs3: loop3: Different NTFS sector size (4096) and media sector size (512).
[  152.921850][ T7076] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  152.957277][ T7076] ext4 filesystem being mounted at /78/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  153.292584][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  153.674295][ T7094] netlink: 12 bytes leftover after parsing attributes in process `syz.4.362'.
[  153.703648][ T7094] netlink: 12 bytes leftover after parsing attributes in process `syz.4.362'.
[  154.260089][ T7115] 9pnet_fd: p9_fd_create_tcp (7115): problem binding to privport
[  154.609989][ T7125] loop3: detected capacity change from 0 to 4096
[  154.652085][ T7125] NILFS (loop3): invalid segment: Checksum error in segment payload
[  154.688988][ T7125] NILFS (loop3): trying rollback from an earlier position
[  154.812828][ T7125] NILFS (loop3): recovery complete
[  154.840322][ T7135] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  155.090926][ T7141] loop4: detected capacity change from 0 to 1024
[  155.134363][ T7141] hfsplus: invalid length 32517 has been corrected to 255
[  155.200931][   T28] audit: type=1800 audit(1768683420.057:22): pid=7141 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.377" name="file1" dev="loop4" ino=20 res=0 errno=0
[  155.725711][ T7160] loop1: detected capacity change from 0 to 4096
[  155.795828][ T7160] ntfs: (device loop1): check_mft_mirror(): $MFT and $MFTMirr (record 1) do not match.  Run ntfsfix or chkdsk.
[  155.849844][ T7160] ntfs: (device loop1): load_system_files(): $MFTMirr does not match $MFT.  Mounting read-only.  Run ntfsfix and/or chkdsk.
[  155.898580][ T7160] ntfs: (device loop1): ntfs_read_locked_inode(): First extent of $DATA attribute has non zero lowest_vcn.
[  155.943725][ T7160] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[  155.994356][ T7160] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[  156.044292][ T7160] ntfs: volume version 3.1.
[  156.052025][ T7160] ntfs: (device loop1): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5.
[  156.072718][ T7160] ntfs: (device loop1): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys.
[  156.094860][ T7160] ntfs: (device loop1): load_system_files(): Failed to determine if Windows is hibernated.  Will not be able to remount read-write.  Run chkdsk.
[  156.135535][ T7171] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  156.173229][ T7160] ntfs: (device loop1): ntfs_read_locked_index_inode(): $INDEX_ROOT attribute is corrupt.
[  156.493300][ T7158] loop3: detected capacity change from 0 to 32768
[  156.502715][ T7158] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 scanned by syz.3.383 (7158)
[  156.552881][ T7158] BTRFS info (device loop3): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  156.573719][ T7158] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  156.591760][ T7158] BTRFS info (device loop3): using free space tree
[  156.675518][ T7179] loop1: detected capacity change from 0 to 4096
[  156.756998][ T7158] BTRFS info (device loop3): enabling ssd optimizations
[  156.794748][ T7198] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  156.810906][ T7158] BTRFS info (device loop3): auto enabling async discard
[  157.233155][ T5769] BTRFS info (device loop3): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  158.143795][ T5842] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[  158.148447][ T7227] loop0: detected capacity change from 0 to 128
[  158.368183][ T5842] usb 2-1: unable to read config index 0 descriptor/start: -71
[  158.389149][ T5842] usb 2-1: can't read configurations, error -71
[  158.422971][ T7201] loop4: detected capacity change from 0 to 32768
[  158.482715][ T7201] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  158.507875][ T7201] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  158.699235][ T7201] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms
[  158.985714][ T7201] gfs2: fsid=syz:syz.s: first mount done, others may mount
[  159.104139][ T7230] loop3: detected capacity change from 0 to 32768
[  159.147904][ T7230] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.396 (7230)
[  159.214999][ T7230] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  159.255790][ T7230] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  159.277015][ T7230] BTRFS info (device loop3): using free space tree
[  159.490327][ T7266] loop0: detected capacity change from 0 to 1024
[  159.534946][ T7230] BTRFS info (device loop3): enabling ssd optimizations
[  159.541982][ T7230] BTRFS info (device loop3): auto enabling async discard
[  159.589477][ T7266] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  159.602956][ T5842] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  159.644123][ T5769] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  159.838463][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.854107][ T5842] usb 2-1: Using ep0 maxpacket: 8
[  159.884848][ T5842] usb 2-1: config 0 has an invalid interface number: 56 but max is 0
[  159.893028][ T5842] usb 2-1: config 0 has no interface number 0
[  159.965758][ T5842] usb 2-1: New USB device found, idVendor=0b48, idProduct=3007, bcdDevice=4f.64
[  160.016964][ T5842] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  160.043744][ T5842] usb 2-1: Product: syz
[  160.048012][ T5842] usb 2-1: Manufacturer: syz
[  160.083537][ T5842] usb 2-1: SerialNumber: syz
[  160.127043][ T5842] usb 2-1: config 0 descriptor??
[  160.167214][ T5842] dvb-usb: found a 'Technotrend TT Connect S2-3600' in warm state.
[  160.207453][ T5842] pctv452e: pctv452e_power_ctrl: 1
[  160.207453][ T5842] 
[  160.235065][ T5842] pctv452e: pctv452e_power_ctrl: Warning set interface returned: -22
[  160.235065][ T5842] 
[  160.293641][ T5842] dvb-usb: bulk message failed: -22 (5/0)
[  160.328850][ T5842] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  160.385014][ T7245] dvb-usb: bulk message failed: -22 (7/0)
[  160.411346][ T7245] pctv452e: I2C error -22; AA 01  00 00 00 -> aa 01 31 03 00 00 00
[  160.422269][ T5842] dvbdev: DVB: registering new adapter (Technotrend TT Connect S2-3600)
[  160.479021][ T5842] usb 2-1: media controller created
[  160.502424][ T5842] dvb-usb: bulk message failed: -22 (8/0)
[  160.517237][ T5842] pctv452e: I2C error -22; AA 02  A0 01 14 -> aa 02 31 04 a0 01 14
[  160.547481][ T5842] dvb-usb: MAC address reading failed.
[  160.627600][ T5842] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  160.813995][ T7287] loop4: detected capacity change from 0 to 4096
[  161.055785][ T5842] DVB: Unable to find symbol stb0899_attach()
[  161.061950][ T5842] dvb-usb: no frontend was attached by 'Technotrend TT Connect S2-3600'
[  161.503589][ T5842] rc_core: IR keymap rc-tt-1500 not found
[  161.509419][ T5842] Registered IR keymap rc-empty
[  161.582647][ T5842] rc rc0: Technotrend TT Connect S2-3600 as /devices/platform/dummy_hcd.1/usb2/2-1/rc/rc0
[  161.657467][ T5842] input: Technotrend TT Connect S2-3600 as /devices/platform/dummy_hcd.1/usb2/2-1/rc/rc0/input15
[  161.709838][ T5842] dvb-usb: schedule remote query interval to 100 msecs.
[  161.735073][ T5842] pctv452e: pctv452e_power_ctrl: 0
[  161.735073][ T5842] 
[  161.766762][ T7292] loop0: detected capacity change from 0 to 131072
[  161.773347][ T5842] dvb-usb: Technotrend TT Connect S2-3600 successfully initialized and connected.
[  161.798295][ T7292] F2FS-fs (loop0): Wrong CP boundary, start(512) end(1536) blocks(0)
[  161.806714][ T7292] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  161.830898][ T7292] F2FS-fs (loop0): invalid crc value
[  161.847761][ T5758] dvb-usb: bulk message failed: -22 (4/0)
[  161.863935][ T5758] dvb-usb: error -22 while querying for an remote control event.
[  161.881654][ T7292] F2FS-fs (loop0): Found nat_bits in checkpoint
[  161.925739][ T5842] usb 2-1: USB disconnect, device number 7
[  162.014228][ T7292] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  162.021388][ T7292] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  162.235738][ T5842] dvb-usb: Technotrend TT Connect S2-3600 successfully deinitialized and disconnected.
[  162.834733][ T7296] loop3: detected capacity change from 0 to 32768
[  162.863325][ T7296] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  162.876591][ T7296] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  162.992280][ T7320] loop4: detected capacity change from 0 to 4096
[  163.056646][ T7296] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  163.094832][   T23] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  163.102028][   T23] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  163.142099][ T7320] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  163.237266][ T7320] ntfs3: loop4: Failed to initialize $Extend/$Reparse.
[  163.251967][   T23] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 149ms
[  163.273944][   T23] gfs2: fsid=syz:syz.0: jid=0: Done
[  163.282103][ T7296] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  163.384407][   T28] kauditd_printk_skb: 7 callbacks suppressed
[  163.384422][   T28] audit: type=1800 audit(1768683428.247:25): pid=7320 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.415" name="file1" dev="loop4" ino=30 res=0 errno=0
[  163.425261][ T7320] ntfs3: loop4: ino=1e, attr_set_size
[  164.023669][   T23] usb 5-1: new full-speed USB device number 2 using dummy_hcd
[  164.060663][ T7328] loop1: detected capacity change from 0 to 128
[  164.120043][ T7328] VFS: Found a Xenix FS (block size = 512) on device loop1
[  164.204578][ T7328] sysv_free_block: trying to free block not in datazone
[  164.243856][   T23] usb 5-1: config index 0 descriptor too short (expected 539, got 27)
[  164.252381][   T23] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x85 has an invalid bInterval 0, changing to 4
[  164.277711][   T23] usb 5-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  164.298293][   T23] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.307547][   T23] usb 5-1: Product: syz
[  164.311774][   T23] usb 5-1: Manufacturer: syz
[  164.316506][   T23] usb 5-1: SerialNumber: syz
[  164.346763][   T23] usb 5-1: config 0 descriptor??
[  164.360693][   T23] hub 5-1:0.0: bad descriptor, ignoring hub
[  164.368344][   T23] hub: probe of 5-1:0.0 failed with error -5
[  164.378211][   T23] input: syz syz as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input16
[  164.408613][   T23] usbtouchscreen 5-1:0.0: usbtouch_probe - usb_submit_urb failed with result: -90
[  164.470762][ T5768] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  164.508567][   T23] usbtouchscreen: probe of 5-1:0.0 failed with error -90
[  164.575859][   T23] usb 5-1: USB disconnect, device number 2
[  165.046630][ T7347] loop0: detected capacity change from 0 to 4096
[  165.069350][ T7347] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  165.097321][ T7347] ntfs3: loop0: Failed to initialize $Extend/$Reparse.
[  165.234786][   T28] audit: type=1800 audit(1768683430.097:26): pid=7347 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.426" name="file1" dev="loop0" ino=30 res=0 errno=0
[  165.264957][ T7347] ntfs3: loop0: ino=1e, attr_set_size
[  165.617225][ T7359] loop0: detected capacity change from 0 to 2048
[  165.733826][ T7364] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  165.787605][ T7345] loop1: detected capacity change from 0 to 32768
[  165.823752][ T7345] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  165.835053][ T7364] NILFS (loop0): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  165.849355][ T7364] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=4)
[  165.871150][ T7363] loop4: detected capacity change from 0 to 4096
[  165.881980][ T7364] Remounting filesystem read-only
[  165.986158][ T5771] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer
[  166.019174][ T5771] NILFS (loop0): discard dirty page: offset=0, ino=2
[  166.032419][ T5771] NILFS (loop0): discard dirty block: blocknr=18, size=1024
[  166.083833][ T5771] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  166.094685][ T7345] XFS (loop1): Ending clean mount
[  166.100868][ T5771] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  166.125362][ T5771] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  166.145233][ T7345] XFS (loop1): Quotacheck needed: Please wait.
[  166.154113][ T5771] NILFS (loop0): discard dirty page: offset=0, ino=6
[  166.160867][ T5771] NILFS (loop0): discard dirty block: blocknr=35, size=1024
[  166.191532][ T5771] NILFS (loop0): discard dirty block: blocknr=36, size=1024
[  166.206188][ T5771] NILFS (loop0): discard dirty block: blocknr=37, size=1024
[  166.234036][ T5771] NILFS (loop0): discard dirty block: blocknr=38, size=1024
[  166.241416][ T5771] NILFS (loop0): discard dirty page: offset=4096, ino=6
[  166.278370][ T5771] NILFS (loop0): discard dirty block: blocknr=39, size=1024
[  166.287204][ T5771] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  166.300431][ T5771] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  166.310912][ T5771] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  166.320501][ T7345] XFS (loop1): Quotacheck: Done.
[  166.344438][ T5771] NILFS (loop0): discard dirty page: offset=0, ino=5
[  166.352401][ T5771] NILFS (loop0): discard dirty block: blocknr=41, size=1024
[  166.384877][ T5771] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  166.405045][ T5771] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  166.432528][ T5771] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  166.446422][ T5771] NILFS (loop0): discard dirty page: offset=0, ino=4
[  166.456792][ T5771] NILFS (loop0): discard dirty block: blocknr=40, size=1024
[  166.469633][ T5771] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  166.507688][ T5771] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  166.517820][ T5771] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  166.534940][ T5771] NILFS (loop0): discard dirty page: offset=0, ino=3
[  166.541795][ T5771] NILFS (loop0): discard dirty block: blocknr=42, size=1024
[  166.556391][ T5771] NILFS (loop0): discard dirty block: blocknr=43, size=1024
[  166.567390][ T5771] NILFS (loop0): discard dirty block: blocknr=44, size=1024
[  166.594636][ T5771] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  166.613682][ T5771] NILFS (loop0): discard dirty page: offset=196608, ino=3
[  166.620882][ T5771] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  166.651027][ T5771] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  166.683703][ T5771] NILFS (loop0): discard dirty block: blocknr=49, size=1024
[  166.691081][ T5771] NILFS (loop0): discard dirty block: blocknr=18446744073709551615, size=1024
[  166.745861][ T5768] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  167.097358][ T7386] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  167.369509][ T7394] loop4: detected capacity change from 0 to 512
[  167.441617][ T7392] loop3: detected capacity change from 0 to 4096
[  167.459279][ T7394] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  167.501142][ T7396] loop1: detected capacity change from 0 to 2048
[  167.528128][ T7394] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  167.558901][ T7392] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  167.573740][ T7394] ext4 filesystem being mounted at /53/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  167.607006][ T7396] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  167.650207][ T7394] Quota error (device loop4): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  167.680920][ T7392] ntfs3: loop3: Failed to initialize $Extend/$Reparse.
[  167.709609][ T7394] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  167.759265][ T7394] EXT4-fs error (device loop4): ext4_acquire_dquot:6949: comm syz.4.443: Failed to acquire dquot type 0
[  167.781276][ T7402] Quota error (device loop4): do_check_range: Getting dqdh_next_free 4294967294 out of range 0-8
[  167.795466][ T7402] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  167.805816][ T7402] EXT4-fs error (device loop4): ext4_acquire_dquot:6949: comm syz.4.443: Failed to acquire dquot type 0
[  167.818845][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.870310][   T28] audit: type=1800 audit(1768683432.727:27): pid=7392 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.441" name="file1" dev="loop3" ino=30 res=0 errno=0
[  167.945978][ T7392] ntfs3: loop3: ino=1e, attr_set_size
[  167.971801][ T6383] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  168.055613][ T7406] netlink: 8 bytes leftover after parsing attributes in process `syz.0.446'.
[  168.766605][ T7429] bridge0: port 2(bridge_slave_1) entered disabled state
[  168.975059][ T7437] netlink: 4 bytes leftover after parsing attributes in process `syz.0.460'.
[  169.216764][ T7445] program syz.3.464 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  169.423688][ T7451] nbd0: detected capacity change from 0 to 127
[  169.452214][ T5777] block nbd0: Receive control failed (result -104)
[  169.465638][ T7453] netlink: 4 bytes leftover after parsing attributes in process `syz.3.468'.
[  169.586775][ T7455] program syz.3.469 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  169.638392][ T7457] netlink: 28 bytes leftover after parsing attributes in process `syz.4.470'.
[  169.652764][ T7457] netlink: 28 bytes leftover after parsing attributes in process `syz.4.470'.
[  169.674156][ T7457] netlink: 28 bytes leftover after parsing attributes in process `syz.4.470'.
[  169.683107][ T7457] netlink: 28 bytes leftover after parsing attributes in process `syz.4.470'.
[  169.821920][ T7461] netlink: 104 bytes leftover after parsing attributes in process `syz.3.472'.
[  169.966520][ T7467] tipc: Started in network mode
[  169.971859][ T7467] tipc: Node identity 74725f6c656e3a2, cluster identity 4711
[  169.980370][ T7467] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  170.083574][ T5842] usb 5-1: new full-speed USB device number 3 using dummy_hcd
[  170.091316][ T7471] loop3: detected capacity change from 0 to 65
[  170.101839][ T7469] loop1: detected capacity change from 0 to 1024
[  170.111417][ T7471] BFS-fs: bfs_fill_super(): NOTE: filesystem loop3 was created with 512 inodes, the real maximum is 511, mounting anyway
[  170.113286][ T7469] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  170.168786][ T7469] EXT4-fs (loop1): orphan cleanup on readonly fs
[  170.179790][ T7469] EXT4-fs error (device loop1): ext4_quota_enable:7140: comm syz.1.476: inode #2304: comm syz.1.476: iget: illegal inode #
[  170.197930][ T7469] EXT4-fs error (device loop1): ext4_quota_enable:7143: comm syz.1.476: Bad quota inode: 2304, type: 2
[  170.240758][ T7469] EXT4-fs warning (device loop1): ext4_enable_quotas:7184: Failed to enable quota tracking (type=2, err=-117, ino=2304). Please run e2fsck to fix.
[  170.256160][ T5842] usb 5-1: device descriptor read/64, error -71
[  170.264971][ T7469] EXT4-fs (loop1): Cannot turn on quotas: error -117
[  170.280310][ T7469] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  170.347987][ T7469] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  170.359020][ T7469] EXT4-fs error (device loop1): ext4_quota_enable:7140: comm syz.1.476: inode #2304: comm syz.1.476: iget: illegal inode #
[  170.378665][ T7469] EXT4-fs error (device loop1): ext4_quota_enable:7143: comm syz.1.476: Bad quota inode: 2304, type: 2
[  170.394118][ T7469] EXT4-fs warning (device loop1): ext4_enable_quotas:7184: Failed to enable quota tracking (type=2, err=-117, ino=2304). Please run e2fsck to fix.
[  170.416903][ T7469] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended
[  170.439304][ T7469] EXT4-fs error (device loop1): ext4_quota_enable:7140: comm syz.1.476: inode #2304: comm syz.1.476: iget: illegal inode #
[  170.468770][ T7469] EXT4-fs error (device loop1): ext4_quota_enable:7143: comm syz.1.476: Bad quota inode: 2304, type: 2
[  170.481734][ T7469] EXT4-fs warning (device loop1): ext4_enable_quotas:7184: Failed to enable quota tracking (type=2, err=-117, ino=2304). Please run e2fsck to fix.
[  170.518304][ T7474] loop3: detected capacity change from 0 to 256
[  170.533594][ T5842] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[  170.569518][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.578220][ T7474] FAT-fs (loop3): Directory bread(block 64) failed
[  170.592433][ T7474] FAT-fs (loop3): Directory bread(block 65) failed
[  170.599745][ T7474] FAT-fs (loop3): Directory bread(block 66) failed
[  170.607065][ T7474] FAT-fs (loop3): Directory bread(block 67) failed
[  170.615190][ T7474] FAT-fs (loop3): Directory bread(block 68) failed
[  170.621906][ T7474] FAT-fs (loop3): Directory bread(block 69) failed
[  170.632968][ T7474] FAT-fs (loop3): Directory bread(block 70) failed
[  170.665805][ T7474] FAT-fs (loop3): Directory bread(block 71) failed
[  170.673096][ T7474] FAT-fs (loop3): Directory bread(block 72) failed
[  170.692198][ T7474] FAT-fs (loop3): Directory bread(block 73) failed
[  170.700094][ T5842] usb 5-1: device descriptor read/64, error -71
[  170.824204][ T5842] usb usb5-port1: attempt power cycle
[  171.508336][ T7483] loop1: detected capacity change from 0 to 2048
[  171.530268][ T7483] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  171.605490][ T7484] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  171.843420][    C0] sched: RT throttling activated
[  172.105134][ T7490] sock: sock_set_timeout: `syz.1.485' (pid 7490) tries to set negative timeout
[  173.137598][ T7500] loop1: detected capacity change from 0 to 8192
[  173.233021][ T7478] loop3: detected capacity change from 0 to 262144
[  173.246278][ T7478] F2FS-fs (loop3): invalid crc value
[  173.270393][ T7478] F2FS-fs (loop3): Found nat_bits in checkpoint
[  173.334716][ T7478] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  173.375344][   T28] audit: type=1800 audit(1768683438.237:28): pid=7478 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.480" name="bus" dev="loop3" ino=10 res=0 errno=0
[  173.526203][ T7493] loop0: detected capacity change from 0 to 32768
[  173.580080][ T7493] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.486 (7493)
[  173.672382][ T7493] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  173.690604][ T5842] usb usb5-port1: Cannot enable. Maybe the USB cable is bad?
[  173.723567][ T7493] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  173.732368][ T7493] BTRFS info (device loop0): turning off barriers
[  173.803521][ T7493] BTRFS info (device loop0): setting nodatasum
[  173.809813][ T7493] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  173.864564][ T7493] BTRFS info (device loop0): use zstd compression, level 3
[  173.871906][ T7493] BTRFS info (device loop0): using free space tree
[  173.894092][ T5842] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  173.944017][ T5842] usb 5-1: Using ep0 maxpacket: 32
[  173.955928][ T5842] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0021, bcdDevice=29.40
[  173.973477][ T5842] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.989987][ T5842] usb 5-1: config 0 descriptor??
[  174.259695][ T5842] dvb-usb: found a 'Elgato EyeTV DTT' in warm state.
[  174.308126][ T5842] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  174.346453][ T5842] dvbdev: DVB: registering new adapter (Elgato EyeTV DTT)
[  174.384785][ T5842] usb 5-1: media controller created
[  174.455708][ T5842] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  174.459572][ T7511] dib0700: tx buffer length is larger than 4. Not supported.
[  174.474460][ T5771] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  174.636833][ T5842] DVB: Unable to find symbol dib7000p_attach()
[  174.654043][ T5842] dvb-usb: no frontend was attached by 'Elgato EyeTV DTT'
[  174.819036][ T5842] rc_core: IR keymap rc-dib0700-rc5 not found
[  174.831024][ T5842] Registered IR keymap rc-empty
[  174.857210][ T5842] dvb-usb: could not initialize remote control.
[  174.874148][ T5842] dvb-usb: Elgato EyeTV DTT successfully initialized and connected.
[  174.909597][ T5842] usb 5-1: USB disconnect, device number 6
[  175.023195][ T5842] dvb-usb: Elgato EyeTV DTT successfully deinitialized and disconnected.
[  175.576979][ T7547] io-wq is not configured for unbound workers
[  175.683855][ T5843] usb 5-1: new full-speed USB device number 7 using dummy_hcd
[  175.863739][ T5843] usb 5-1: device descriptor read/64, error -71
[  175.945298][   T28] audit: type=1326 audit(1768683440.807:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7555 comm="syz.1.504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff28599acb9 code=0x7ffc0000
[  176.020943][   T28] audit: type=1326 audit(1768683440.827:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7555 comm="syz.1.504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=138 compat=0 ip=0x7ff28599acb9 code=0x7ffc0000
[  176.068423][   T28] audit: type=1326 audit(1768683440.827:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7555 comm="syz.1.504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff28599acb9 code=0x7ffc0000
[  176.123888][   T28] audit: type=1326 audit(1768683440.827:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7555 comm="syz.1.504" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff28599acb9 code=0x7ffc0000
[  176.153921][ T5843] usb 5-1: new full-speed USB device number 8 using dummy_hcd
[  176.314464][ T5843] usb 5-1: device descriptor read/64, error -71
[  176.433831][ T5843] usb usb5-port1: attempt power cycle
[  176.843549][ T5843] usb 5-1: new full-speed USB device number 9 using dummy_hcd
[  176.885219][ T7575] loop3: detected capacity change from 0 to 32768
[  176.902290][ T5843] usb 5-1: device descriptor read/8, error -71
[  176.943295][ T7575] ERROR: (device loop3): dbFindCtl: Corrupt dmapctl page
[  176.943295][ T7575] 
[  176.959342][ T7575] ERROR: (device loop3): remounting filesystem as read-only
[  176.967691][ T7575] jfs_mkdir: dtInsert returned -EIO
[  176.973095][ T7575] ERROR: (device loop3): jfs_mkdir: 
[  176.973095][ T7575] 
[  176.999709][ T7575] ERROR: (device loop3): dbFindCtl: Corrupt dmapctl page
[  176.999709][ T7575] 
[  177.033991][   T23] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  177.173540][ T5843] usb 5-1: new full-speed USB device number 10 using dummy_hcd
[  177.205534][ T5843] usb 5-1: device descriptor read/8, error -71
[  177.233563][   T23] usb 2-1: Using ep0 maxpacket: 32
[  177.240580][   T23] usb 2-1: config 0 has an invalid interface number: 85 but max is 0
[  177.248927][   T23] usb 2-1: config 0 has no interface number 0
[  177.255299][   T23] usb 2-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  177.266398][   T23] usb 2-1: config 0 interface 85 has no altsetting 0
[  177.276487][   T23] usb 2-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  177.285675][   T23] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.298271][   T23] usb 2-1: Product: syz
[  177.302452][   T23] usb 2-1: Manufacturer: syz
[  177.308030][   T23] usb 2-1: SerialNumber: syz
[  177.315194][   T23] usb 2-1: config 0 descriptor??
[  177.328550][ T5843] usb usb5-port1: unable to enumerate USB device
[  177.933018][   T23] appletouch 2-1:0.85: Geyser mode initialized.
[  177.941009][   T23] input: appletouch as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.85/input/input18
[  177.952984][   T27] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  178.143571][   T27] usb 4-1: Using ep0 maxpacket: 16
[  178.143646][ T5758] usb 2-1: USB disconnect, device number 8
[  178.165705][   T27] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  178.176407][   T27] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  178.189149][   T27] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  178.202682][   T27] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  178.211599][ T5758] appletouch 2-1:0.85: input: appletouch disconnected
[  178.221688][   T27] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  178.240847][   T27] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  178.253061][   T27] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  178.261526][   T27] usb 4-1: Manufacturer: syz
[  178.270577][   T27] usb 4-1: config 0 descriptor??
[  178.584386][   T27] rc_core: IR keymap rc-hauppauge not found
[  178.599318][   T27] Registered IR keymap rc-empty
[  178.605270][   T27] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  178.633702][   T27] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  178.684075][   T27] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  178.711933][   T27] input: Conexant Hybrid TV (cx231xx) MCE IR no TX (2040:b138) as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input19
[  178.744317][   T27] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  178.783980][   T27] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  178.833565][   T27] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  178.874071][   T27] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  178.944769][   T27] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  178.989398][   T27] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  179.044008][   T27] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  179.064523][ T7603] netlink: 36 bytes leftover after parsing attributes in process `syz.0.522'.
[  179.077134][ T7603] netlink: 16 bytes leftover after parsing attributes in process `syz.0.522'.
[  179.103594][   T27] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  179.143648][   T27] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  179.173614][   T27] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  179.225801][   T27] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  179.278564][   T27] mceusb 4-1:0.0: Registered  with mce emulator interface version 90
[  179.312509][   T27] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  179.353871][   T28] audit: type=1326 audit(1768683444.207:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7608 comm="syz.4.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f588eb9acb9 code=0x7ffc0000
[  179.376232][   T27] usb 4-1: USB disconnect, device number 4
[  179.445347][   T28] audit: type=1326 audit(1768683444.207:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7608 comm="syz.4.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f588eb9acb9 code=0x7ffc0000
[  179.517258][   T28] audit: type=1326 audit(1768683444.207:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7608 comm="syz.4.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f588eb9acb9 code=0x7ffc0000
[  179.580776][   T28] audit: type=1326 audit(1768683444.217:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7608 comm="syz.4.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f588eb9acb9 code=0x7ffc0000
[  179.656955][   T28] audit: type=1326 audit(1768683444.217:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7608 comm="syz.4.525" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f588eb9acb9 code=0x7ffc0000
[  179.891753][ T7614] loop3: detected capacity change from 0 to 8192
[  180.434530][ T7623] loop4: detected capacity change from 0 to 2048
[  180.477759][ T7623] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  180.494430][ T7623] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  180.527939][ T7623] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  180.981693][ T7625] loop1: detected capacity change from 0 to 40427
[  181.036453][ T7625] F2FS-fs (loop1): invalid crc value
[  181.047020][ T7625] F2FS-fs (loop1): Found nat_bits in checkpoint
[  181.129262][ T7625] F2FS-fs (loop1): Start checkpoint disabled!
[  181.140462][ T7625] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  181.280829][   T59] kworker/u4:4: attempt to access beyond end of device
[  181.280829][   T59] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  181.294899][    T9] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  181.309457][   T59] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  181.316789][   T59] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  181.473539][    T9] usb 5-1: Using ep0 maxpacket: 16
[  181.491211][    T9] usb 5-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  181.501549][    T9] usb 5-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  181.522292][    T9] usb 5-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  181.553643][    T9] usb 5-1: config 1 interface 0 has no altsetting 0
[  181.569960][    T9] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  181.589633][    T9] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.603473][    T9] usb 5-1: Product: syz
[  181.608129][    T9] usb 5-1: Manufacturer: syz
[  181.623093][    T9] usb 5-1: SerialNumber: syz
[  181.858595][    T9] usblp 5-1:1.0: usblp0: USB Unidirectional printer dev 11 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  182.033679][ T5842] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  182.067675][   T27] usb 5-1: USB disconnect, device number 11
[  182.081301][   T27] usblp0: removed
[  182.086793][ T7647] loop3: detected capacity change from 0 to 256
[  182.106283][ T7647] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d)
[  182.234431][ T5842] usb 2-1: Using ep0 maxpacket: 32
[  182.248246][ T5842] usb 2-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  182.267664][ T5842] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  182.282386][ T5842] usb 2-1: Product: syz
[  182.286797][ T5842] usb 2-1: Manufacturer: syz
[  182.297728][ T5842] usb 2-1: SerialNumber: syz
[  182.320970][ T5842] usb 2-1: config 0 descriptor??
[  182.402072][ T7652] loop0: detected capacity change from 0 to 256
[  182.410579][ T7652] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  182.451259][ T7652] FAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  182.578403][ T7654] loop3: detected capacity change from 0 to 4096
[  182.603582][ T7654] ntfs3: loop3: Different NTFS sector size (2048) and media sector size (512).
[  182.756076][ T5842] airspy 2-1:0.0: Board ID: 00
[  182.761208][ T5842] airspy 2-1:0.0: Firmware version: 
[  182.970561][ T5842] airspy 2-1:0.0: usb_control_msg() failed -71 request 11
[  183.005296][ T7662] Context (ID=0x1) not attached to queue pair (handle=0x2:0x40)
[  183.030045][ T5842] airspy 2-1:0.0: Registered as swradio24
[  183.062617][ T5842] airspy 2-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[  183.078625][ T7664] loop3: detected capacity change from 0 to 8
[  183.096445][ T5842] usb 2-1: USB disconnect, device number 9
[  183.361446][ T7671] loop3: detected capacity change from 0 to 1024
[  183.455757][   T28] audit: type=1800 audit(1768683448.317:38): pid=7671 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.553" name="file1" dev="loop3" ino=20 res=0 errno=0
[  183.523598][    T9] usb 5-1: new full-speed USB device number 12 using dummy_hcd
[  183.672447][ T7681] loop0: detected capacity change from 0 to 512
[  183.680449][ T7681] EXT4-fs: Ignoring removed oldalloc option
[  183.711161][    T9] usb 5-1: device descriptor read/64, error -71
[  183.762419][ T7681] EXT4-fs (loop0): 1 truncate cleaned up
[  183.805294][ T7681] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  183.913536][   T28] audit: type=1800 audit(1768683448.767:39): pid=7681 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.565" name="file0" dev="loop0" ino=13 res=0 errno=0
[  183.947976][ T7681] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.565: invalid indirect mapped block 234881024 (level 0)
[  184.004419][    T9] usb 5-1: new full-speed USB device number 13 using dummy_hcd
[  184.012321][ T7681] EXT4-fs (loop0): Remounting filesystem read-only
[  184.067944][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.173884][    T9] usb 5-1: device descriptor read/64, error -71
[  184.237100][ T7695] netlink: 'syz.0.562': attribute type 1 has an invalid length.
[  184.263990][ T7695] netlink: 4 bytes leftover after parsing attributes in process `syz.0.562'.
[  184.303863][    T9] usb usb5-port1: attempt power cycle
[  184.730023][    T9] usb 5-1: new full-speed USB device number 14 using dummy_hcd
[  184.781510][    T9] usb 5-1: device descriptor read/8, error -71
[  185.063751][    T9] usb 5-1: new full-speed USB device number 15 using dummy_hcd
[  185.104298][    T9] usb 5-1: device descriptor read/8, error -71
[  185.244274][    T9] usb usb5-port1: unable to enumerate USB device
[  185.364351][ T7720] loop1: detected capacity change from 0 to 32768
[  185.376532][ T7720] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 scanned by syz.1.574 (7720)
[  185.399071][ T7720] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  185.409479][ T7720] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  185.419780][ T7720] BTRFS info (device loop1): using free space tree
[  185.475230][ T7720] BTRFS info (device loop1): enabling ssd optimizations
[  185.482346][ T7720] BTRFS info (device loop1): auto enabling async discard
[  185.503634][   T23] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  185.591768][ T5768] BTRFS info (device loop1): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  185.723638][   T23] usb 4-1: Using ep0 maxpacket: 8
[  185.744913][   T23] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  185.771641][   T23] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  185.792455][   T23] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  185.810484][ T7744] loop1: detected capacity change from 0 to 128
[  185.823593][   T23] usb 4-1: New USB device found, idVendor=046d, idProduct=c293, bcdDevice= 0.00
[  185.863589][   T23] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.881982][ T7744] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  185.895353][   T23] usb 4-1: config 0 descriptor??
[  185.922477][ T7744] hpfs: filesystem error: improperly stopped
[  185.929052][ T7744] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  185.941531][ T7744] hpfs: You really don't want any checks? You are crazy...
[  185.979495][ T7744] hpfs: hpfs_map_sector(): read error
[  186.014213][ T7744] hpfs: code page support is disabled
[  186.022870][ T7744] hpfs: hpfs_map_4sectors(): unaligned read
[  186.029938][ T7744] hpfs: hpfs_map_4sectors(): unaligned read
[  186.036416][ T7744] hpfs: filesystem error: unable to find root dir
[  186.313148][   T23] logitech 0003:046D:C293.0003: nested delimiters
[  186.333582][   T23] logitech 0003:046D:C293.0003: item 0 4 2 10 parsing failed
[  186.341906][   T23] logitech 0003:046D:C293.0003: parse failed
[  186.350258][   T23] logitech: probe of 0003:046D:C293.0003 failed with error -22
[  186.518552][    T9] usb 4-1: USB disconnect, device number 5
[  186.547042][ T7757] loop4: detected capacity change from 0 to 2048
[  186.615367][ T7757] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  186.659244][   T28] audit: type=1800 audit(1768683451.517:40): pid=7757 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.582" name="file1" dev="loop4" ino=15 res=0 errno=0
[  186.760408][ T6383] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.413501][ T5842] usb 2-1: new full-speed USB device number 10 using dummy_hcd
[  187.573623][ T5842] usb 2-1: device descriptor read/64, error -71
[  187.698647][ T7780] loop3: detected capacity change from 0 to 32768
[  187.761115][ T7780] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  187.843622][ T5842] usb 2-1: new full-speed USB device number 11 using dummy_hcd
[  187.928895][ T7782] loop4: detected capacity change from 0 to 32768
[  187.976926][ T7780] XFS (loop3): Ending clean mount
[  188.016318][ T5842] usb 2-1: device descriptor read/64, error -71
[  188.071661][ T7782] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  188.153888][ T5842] usb usb2-port1: attempt power cycle
[  188.215527][ T5769] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  188.304485][ T6383] ocfs2: Unmounting device (7,4) on (node local)
[  188.573584][ T5842] usb 2-1: new full-speed USB device number 12 using dummy_hcd
[  188.624368][ T5842] usb 2-1: device descriptor read/8, error -71
[  188.756203][ T7798] loop3: detected capacity change from 0 to 128
[  188.789325][ T7798] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  188.802919][ T7794] loop0: detected capacity change from 0 to 32768
[  188.907425][ T7798] ext4 filesystem being mounted at /150/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  188.916466][ T5842] usb 2-1: new full-speed USB device number 13 using dummy_hcd
[  188.964339][ T5842] usb 2-1: device descriptor read/8, error -71
[  188.973959][ T7798] fscrypt (loop3, inode 12): Direct key flag not allowed with different contents and filenames modes
[  189.104490][ T5842] usb usb2-port1: unable to enumerate USB device
[  189.131284][ T5769] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  189.378388][ T7805] loop0: detected capacity change from 0 to 4096
[  189.390982][ T7805] ntfs3: loop0: Different NTFS sector size (4096) and media sector size (512).
[  189.485208][   T28] audit: type=1800 audit(1768683454.347:41): pid=7805 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.596" name="file2" dev="loop0" ino=33 res=0 errno=0
[  189.638933][ T7813] loop4: detected capacity change from 0 to 4096
[  189.660029][ T7813] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[  189.777166][ T7813] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  190.305032][ T7831] bridge0: port 3(bond1) entered blocking state
[  190.312272][ T7831] bridge0: port 3(bond1) entered disabled state
[  190.320505][ T7831] bond1: entered allmulticast mode
[  190.328390][ T7835] loop6: detected capacity change from 0 to 7
[  190.329342][ T7831] bond1: entered promiscuous mode
[  190.354268][ T5983] Dev loop6: unable to read RDB block 7
[  190.360564][ T5983]  loop6: unable to read partition table
[  190.371422][ T5983] loop6: partition table beyond EOD, truncated
[  190.389392][ T7835] Dev loop6: unable to read RDB block 7
[  190.395259][ T7835]  loop6: unable to read partition table
[  190.401316][ T7835] loop6: partition table beyond EOD, truncated
[  190.407649][ T7835] loop_reread_partitions: partition scan of loop6 (úùƒå¡™‰ü�¾SêjÌ–ã¢P=ý?ã}X‹ºÐ	œëÜ%õ«`ÉæÖ€ù…ˆŠ5) failed (rc=-5)
[  190.697640][ T7847] netlink: 8 bytes leftover after parsing attributes in process `syz.4.614'.
[  190.866253][ T7853] loop1: detected capacity change from 0 to 128
[  190.899305][ T7853] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  190.914096][ T7853] ext4 filesystem being mounted at /170/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  191.043200][ T5768] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  191.283667][ T7862] loop4: detected capacity change from 0 to 512
[  191.307225][ T7862] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  191.536993][ T7866] program syz.1.624 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  191.555049][ T7868] netlink: 8 bytes leftover after parsing attributes in process `syz.4.623'.
[  191.698108][ T7870] loop1: detected capacity change from 0 to 16
[  191.741248][ T7870] erofs: (device loop1): mounted with root inode @ nid 36.
[  191.749605][ T7858] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  191.821712][ T7872] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  191.921334][   T28] audit: type=1800 audit(1768683456.777:42): pid=7872 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.626" name="bus" dev="loop4" ino=18 res=0 errno=0
[  191.952206][ T7858] XFS (loop3): Ending clean mount
[  191.966774][ T7858] XFS (loop3): Quotacheck needed: Please wait.
[  192.027446][ T7858] XFS (loop3): Quotacheck: Done.
[  192.033961][ T2131] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  192.071161][ T6383] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.117126][ T5769] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  192.241865][ T2131] usb 2-1: config 1 has an invalid descriptor of length 211, skipping remainder of the config
[  192.266233][ T2131] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  192.277554][ T2131] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  192.312321][ T2131] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=67
[  192.330666][ T2131] usb 2-1: SerialNumber: syz
[  192.578387][ T2131] usb 2-1: 0:2 : does not exist
[  192.593800][ T2131] usb 2-1: usbmixer: too many channels (61) in unit 5
[  192.635011][ T2131] usb 2-1: USB disconnect, device number 14
[  192.746376][ T5983] udevd[5983]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  192.965213][ T7897] set_capacity_and_notify: 3 callbacks suppressed
[  192.965229][ T7897] loop3: detected capacity change from 0 to 1024
[  192.984022][ T7897] EXT4-fs: Ignoring removed orlov option
[  193.007344][ T7897] EXT4-fs: Ignoring removed mblk_io_submit option
[  193.035571][ T7897] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a814c018, mo2=0002]
[  193.044121][ T7897] System zones: 0-1, 3-12
[  193.050947][ T7897] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.139804][ T5769] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.467078][ T7913] loop3: detected capacity change from 0 to 128
[  193.503540][   T28] audit: type=1800 audit(1768683458.357:43): pid=7913 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.637" name="file2" dev="loop3" ino=1048606 res=0 errno=0
[  193.945283][ T7922] syz.4.642: attempt to access beyond end of device
[  193.945283][ T7922] loop9: rw=0, sector=0, nr_sectors = 8 limit=0
[  193.969978][ T7922] F2FS-fs (loop9): Unable to read 1th superblock
[  193.978391][ T7922] syz.4.642: attempt to access beyond end of device
[  193.978391][ T7922] loop9: rw=0, sector=8, nr_sectors = 8 limit=0
[  193.998418][ T7922] F2FS-fs (loop9): Unable to read 2th superblock
[  194.009218][ T7924] syz.4.642: attempt to access beyond end of device
[  194.009218][ T7924] loop9: rw=0, sector=0, nr_sectors = 8 limit=0
[  194.028105][ T7924] F2FS-fs (loop9): Unable to read 1th superblock
[  194.037841][ T7924] syz.4.642: attempt to access beyond end of device
[  194.037841][ T7924] loop9: rw=0, sector=8, nr_sectors = 8 limit=0
[  194.053561][ T7923] block nbd1: server does not support multiple connections per device.
[  194.062746][ T7923] block nbd1: shutting down sockets
[  194.072780][ T7924] F2FS-fs (loop9): Unable to read 2th superblock
[  194.477583][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  194.484086][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  194.801202][ T7931] loop1: detected capacity change from 0 to 32768
[  194.843127][ T7931] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 scanned by syz.1.644 (7931)
[  194.898769][ T7931] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  194.910085][ T7941] Bluetooth: received HCILL_WAKE_UP_IND in state 2
[  194.947368][ T7931] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  194.951333][  T145] Bluetooth: hci4: Frame reassembly failed (-84)
[  194.965866][ T7931] BTRFS info (device loop1): setting nodatacow, compression disabled
[  194.974175][ T7931] BTRFS info (device loop1): force clearing of disk cache
[  194.981388][ T7931] BTRFS info (device loop1): enabling ssd optimizations
[  194.989676][ T7931] BTRFS info (device loop1): using spread ssd allocation scheme
[  194.997892][ T7931] BTRFS info (device loop1): turning off barriers
[  195.004585][ T7931] BTRFS info (device loop1): disabling free space tree
[  195.011755][ T7931] BTRFS info (device loop1): not using ssd optimizations
[  195.019044][ T7931] BTRFS info (device loop1): not using spread ssd allocation scheme
[  195.173752][ T7931] BTRFS info (device loop1): rebuilding free space tree
[  195.202131][ T7931] BTRFS info (device loop1): disabling free space tree
[  195.221578][ T7931] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  195.233637][ T7931] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  195.296377][ T7962] loop4: detected capacity change from 0 to 512
[  195.371546][ T7962] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  195.398286][ T7962] ext4 filesystem being mounted at /112/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  195.431891][ T5768] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  195.565719][ T6383] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.798956][ T5983] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 12 /dev/loop1 scanned by udevd (5983)
[  196.013015][ T7975] lo speed is unknown, defaulting to 1000
[  196.022089][ T7975] lo speed is unknown, defaulting to 1000
[  196.038132][ T7975] lo speed is unknown, defaulting to 1000
[  196.058631][ T7975] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  196.092119][ T7975] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  196.187387][ T7975] lo speed is unknown, defaulting to 1000
[  196.197853][ T7975] lo speed is unknown, defaulting to 1000
[  196.208759][ T7975] lo speed is unknown, defaulting to 1000
[  196.216623][ T7975] lo speed is unknown, defaulting to 1000
[  196.429749][ T7982] ip6tnl1: entered allmulticast mode
[  196.953816][ T5777] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  197.089273][ T7993] loop4: detected capacity change from 0 to 1024
[  197.146762][ T7993] EXT4-fs (loop4): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  197.163963][ T7995] loop3: detected capacity change from 0 to 128
[  197.173668][ T7993] ext4 filesystem being mounted at /118/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  197.204920][ T7995] FAT-fs (loop3): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  197.316421][ T7993] EXT4-fs error (device loop4): ext4_map_blocks:718: inode #15: block 3: comm syz.4.663: lblock 3 mapped to illegal pblock 3 (length 3)
[  197.437640][ T7993] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  197.475291][ T8004] loop1: detected capacity change from 0 to 512
[  197.515455][ T8004] EXT4-fs warning (device loop1): read_mmp_block:115: Error -117 while reading MMP block 9
[  197.535785][ T7993] EXT4-fs (loop4): This should not happen!! Data will be lost
[  197.535785][ T7993] 
[  197.710439][   T49] EXT4-fs error (device loop4): ext4_map_blocks:718: inode #15: block 8: comm kworker/u4:3: lblock 8 mapped to illegal pblock 8 (length 8)
[  197.760262][   T49] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  197.799938][   T49] EXT4-fs (loop4): This should not happen!! Data will be lost
[  197.799938][   T49] 
[  197.825120][   T49] EXT4-fs error (device loop4): ext4_validate_block_bitmap:439: comm kworker/u4:3: bg 0: block 112: padding at end of block bitmap is not set
[  197.841676][ T8009] kvm: kvm [8008]: vcpu0, guest rIP: 0xfff0 Unhandled RDMSR(0x40000067)
[  197.883572][   T49] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 48 with max blocks 20 with error 117
[  197.915857][   T49] EXT4-fs (loop4): This should not happen!! Data will be lost
[  197.915857][   T49] 
[  197.946596][ T6383] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  198.282756][ T8005] loop0: detected capacity change from 0 to 32768
[  198.381390][ T8005] ERROR: (device loop0): dbAllocNext: Corrupt dmap page
[  198.381390][ T8005] 
[  198.414304][ T8007] loop3: detected capacity change from 0 to 32768
[  198.433046][ T8005] ERROR: (device loop0): remounting filesystem as read-only
[  198.559950][  T112] ------------[ cut here ]------------
[  198.566417][  T112] WARNING: CPU: 1 PID: 112 at fs/jfs/jfs_dmap.c:2875 dbAdjTree+0x448/0x4d0
[  198.575555][  T112] Modules linked in:
[  198.579517][  T112] CPU: 1 PID: 112 Comm: jfsCommit Not tainted syzkaller #0
[  198.586886][  T112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  198.597562][  T112] RIP: 0010:dbAdjTree+0x448/0x4d0
[  198.602666][  T112] Code: e8 5d 0a dc fe e9 5a ff ff ff e8 63 e3 83 fe eb 05 e8 5c e3 83 fe 48 83 c4 28 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 48 e3 83 fe <0f> 0b eb e8 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c ee fb ff ff 4c
[  198.623064][  T112] RSP: 0018:ffffc90002cf7648 EFLAGS: 00010293
[  198.629347][  T112] RAX: ffffffff83030fd8 RBX: ffff888069b52010 RCX: ffff8880193cbc00
[  198.637395][  T112] RDX: 0000000000000000 RSI: 0000000000000155 RDI: 0000000000020056
[  198.645446][  T112] RBP: 0000000000020056 R08: ffffea0001a6d487 R09: 1ffffd400034da90
[  198.653608][  T112] R10: dffffc0000000000 R11: fffff9400034da91 R12: ffff888069b52018
[  198.661646][  T112] R13: dffffc0000000000 R14: 0000000000000004 R15: 0000000000000155
[  198.669750][  T112] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  198.678786][  T112] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  198.686328][  T112] CR2: 00007f99c5b8f000 CR3: 000000002c37d000 CR4: 00000000003506e0
[  198.694421][  T112] Call Trace:
[  198.697744][  T112]  <TASK>
[  198.700729][  T112]  ? lock_page+0x2a0/0x2a0
[  198.705238][  T112]  dbJoin+0x238/0x300
[  198.709919][  T112]  dbFreeBits+0x4e1/0xda0
[  198.714459][  T112]  dbFree+0x332/0x650
[  198.718581][  T112]  txFreeMap+0x9e6/0xde0
[  198.723020][  T112]  ? __mark_inode_dirty+0x3a8/0xc90
[  198.728418][  T112]  xtTruncate+0xd27/0x2ec0
[  198.732923][  T112]  ? xtInitRoot+0x170/0x170
[  198.737969][  T112]  jfs_free_zero_link+0x35c/0x4c0
[  198.743066][  T112]  ? jfs_write_failed+0x190/0x190
[  198.748174][  T112]  ? _raw_spin_lock_irq+0xbb/0xf0
[  198.753275][  T112]  ? _raw_spin_unlock_irq+0x23/0x50
[  198.758582][  T112]  ? lockdep_hardirqs_on+0x98/0x150
[  198.763920][  T112]  jfs_evict_inode+0x35d/0x440
[  198.768738][  T112]  ? evict+0x4c4/0x8d0
[  198.772864][  T112]  ? jfs_write_inode+0x220/0x220
[  198.777989][  T112]  evict+0x4ca/0x8d0
[  198.781960][  T112]  ? proc_nr_inodes+0x230/0x230
[  198.786911][  T112]  ? do_raw_spin_unlock+0x121/0x230
[  198.792175][  T112]  ? _raw_spin_unlock+0x28/0x40
[  198.797131][  T112]  ? iput+0x706/0x920
[  198.801169][  T112]  jfs_lazycommit+0x429/0xa70
[  198.805964][  T112]  ? txFreelock+0x5a0/0x5a0
[  198.811152][  T112]  ? do_task_dead+0xd0/0xd0
[  198.815855][  T112]  ? __kthread_parkme+0x7a/0x1c0
[  198.820866][  T112]  kthread+0x2fa/0x390
[  198.825016][  T112]  ? txFreelock+0x5a0/0x5a0
[  198.829578][  T112]  ? kthread_blkcg+0xd0/0xd0
[  198.834298][  T112]  ret_from_fork+0x48/0x80
[  198.838772][  T112]  ? kthread_blkcg+0xd0/0xd0
[  198.843588][  T112]  ret_from_fork_asm+0x11/0x20
[  198.848436][  T112]  </TASK>
[  198.851503][  T112] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  198.858826][  T112] CPU: 1 PID: 112 Comm: jfsCommit Not tainted syzkaller #0
[  198.866065][  T112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  198.876160][  T112] Call Trace:
[  198.879495][  T112]  <TASK>
[  198.882466][  T112]  dump_stack_lvl+0x18c/0x250
[  198.887197][  T112]  ? show_regs_print_info+0x20/0x20
[  198.892456][  T112]  ? load_image+0x400/0x400
[  198.897070][  T112]  panic+0x2dc/0x730
[  198.901055][  T112]  ? bpf_jit_dump+0xd0/0xd0
[  198.905625][  T112]  ? ret_from_fork_asm+0x11/0x20
[  198.910652][  T112]  __warn+0x2e0/0x470
[  198.914686][  T112]  ? dbAdjTree+0x448/0x4d0
[  198.919162][  T112]  ? dbAdjTree+0x448/0x4d0
[  198.923635][  T112]  report_bug+0x2be/0x4f0
[  198.928006][  T112]  ? dbAdjTree+0x448/0x4d0
[  198.932463][  T112]  ? dbAdjTree+0x448/0x4d0
[  198.936915][  T112]  ? dbAdjTree+0x44a/0x4d0
[  198.941393][  T112]  handle_bug+0xcf/0x120
[  198.945675][  T112]  exc_invalid_op+0x1a/0x50
[  198.950218][  T112]  asm_exc_invalid_op+0x1a/0x20
[  198.955100][  T112] RIP: 0010:dbAdjTree+0x448/0x4d0
[  198.960281][  T112] Code: e8 5d 0a dc fe e9 5a ff ff ff e8 63 e3 83 fe eb 05 e8 5c e3 83 fe 48 83 c4 28 5b 41 5c 41 5d 41 5e 41 5f 5d c3 e8 48 e3 83 fe <0f> 0b eb e8 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c ee fb ff ff 4c
[  198.979918][  T112] RSP: 0018:ffffc90002cf7648 EFLAGS: 00010293
[  198.986013][  T112] RAX: ffffffff83030fd8 RBX: ffff888069b52010 RCX: ffff8880193cbc00
[  198.994005][  T112] RDX: 0000000000000000 RSI: 0000000000000155 RDI: 0000000000020056
[  199.001994][  T112] RBP: 0000000000020056 R08: ffffea0001a6d487 R09: 1ffffd400034da90
[  199.009994][  T112] R10: dffffc0000000000 R11: fffff9400034da91 R12: ffff888069b52018
[  199.017996][  T112] R13: dffffc0000000000 R14: 0000000000000004 R15: 0000000000000155
[  199.026022][  T112]  ? dbAdjTree+0x448/0x4d0
[  199.030484][  T112]  ? dbAdjTree+0x448/0x4d0
[  199.035015][  T112]  ? lock_page+0x2a0/0x2a0
[  199.039460][  T112]  dbJoin+0x238/0x300
[  199.043478][  T112]  dbFreeBits+0x4e1/0xda0
[  199.047841][  T112]  dbFree+0x332/0x650
[  199.051860][  T112]  txFreeMap+0x9e6/0xde0
[  199.056127][  T112]  ? __mark_inode_dirty+0x3a8/0xc90
[  199.061353][  T112]  xtTruncate+0xd27/0x2ec0
[  199.065818][  T112]  ? xtInitRoot+0x170/0x170
[  199.070378][  T112]  jfs_free_zero_link+0x35c/0x4c0
[  199.075440][  T112]  ? jfs_write_failed+0x190/0x190
[  199.080493][  T112]  ? _raw_spin_lock_irq+0xbb/0xf0
[  199.085547][  T112]  ? _raw_spin_unlock_irq+0x23/0x50
[  199.090773][  T112]  ? lockdep_hardirqs_on+0x98/0x150
[  199.096009][  T112]  jfs_evict_inode+0x35d/0x440
[  199.100805][  T112]  ? evict+0x4c4/0x8d0
[  199.104899][  T112]  ? jfs_write_inode+0x220/0x220
[  199.109870][  T112]  evict+0x4ca/0x8d0
[  199.113801][  T112]  ? proc_nr_inodes+0x230/0x230
[  199.118686][  T112]  ? do_raw_spin_unlock+0x121/0x230
[  199.123929][  T112]  ? _raw_spin_unlock+0x28/0x40
[  199.128811][  T112]  ? iput+0x706/0x920
[  199.132827][  T112]  jfs_lazycommit+0x429/0xa70
[  199.137539][  T112]  ? txFreelock+0x5a0/0x5a0
[  199.142069][  T112]  ? do_task_dead+0xd0/0xd0
[  199.146600][  T112]  ? __kthread_parkme+0x7a/0x1c0
[  199.151602][  T112]  kthread+0x2fa/0x390
[  199.155700][  T112]  ? txFreelock+0x5a0/0x5a0
[  199.160247][  T112]  ? kthread_blkcg+0xd0/0xd0
[  199.164859][  T112]  ret_from_fork+0x48/0x80
[  199.169310][  T112]  ? kthread_blkcg+0xd0/0xd0
[  199.173934][  T112]  ret_from_fork_asm+0x11/0x20
[  199.178759][  T112]  </TASK>
[  199.181931][  T112] Kernel Offset: disabled
[  199.186361][  T112] Rebooting in 86400 seconds..