last executing test programs:

1m25.042597267s ago: executing program 4 (id=909):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x3a8bc000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
inotify_rm_watch(0xffffffffffffffff, 0x0)

1m23.061310976s ago: executing program 4 (id=921):
syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f00000015c0)='./file0\x00', 0x0, &(0x7f0000000280), 0x0, 0x559e, &(0x7f00000103c0)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
chdir(&(0x7f0000000080)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x40000, 0x173)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f00000008c0)={0xc0})

1m20.701271086s ago: executing program 4 (id=936):
io_uring_setup(0x1778, &(0x7f00000000c0)={0x0, 0x4, 0x3000})
close(0x3)
r0 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000180), 0x2000, 0x0)
ioctl$RNDADDENTROPY(r0, 0x40085203, &(0x7f00000001c0)=ANY=[@ANYBLOB="0100010022000080"])

1m19.312004282s ago: executing program 4 (id=945):
socket$nl_generic(0x10, 0x3, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0xc0ed0044, &(0x7f0000000100)={[{@noblock_validity}, {@resuid}, {@grpquota}, {@noload}, {@nobarrier}, {@lazytime}]}, 0xfe, 0x472, &(0x7f0000000940)="$eJzs3MtvG8UfAPDvOk6a9PFLfyU8GloIFETEI2nSBz1wAYHEAQQSHIo4BSetQt0GNUGiVQSBQxDigCpxRxyR+As4wQUBJySucEeVEMqlhZPR2rtp4tohDydO8ecjbTuzu+7Md2fHnp2xG0DHGkr/SCL2R8SvEdEfEcX6E4Zqf91cmi/9tTRfSqJSee3PJH1Z3FiaL2X/RHVL7avtqFSy/J4G5S6+GTFRLk9dzvKjcxffGZ29cvWp6YsT56fOT10aP3Pm5ImjPafHT7UkzjSuG4Pvzxw5/OIb114unb321o9fp/Xdnx3P42ilodrVbejRVhfWZgdWpJNiGyvChhzI+nt3tf/3R1f0LR/rjxc+amvlgG1VqVQqjT6fMwsV4D8siXbXAGiP/IM+ff7Ntx0aeuwKfzxbewBK476ZbbUjxShk53TXPd+2Um9EnF34+4t0i22ahwAAWOnbdPzzZKPxXyHuWXHe/7I1lIMR8f+IOBQRd0XEQETcHVE9996IuG+D5devkNw+/ilc31Rg65SO/57J1rZWj//y0V8c7MpyB6rxdyfnpstTx7NrMhzde9L82KqXrPbd8798Vr/v02yafWjF+C/d0vLzsWBWj+vFugm6yYm5iZYEn8b/YcRgsVH8yfI6YBIRhyNicJNlTD/+1ZFmx/49/jW0YJ2p8mXEY7X2X4i6+HNJ0/XJsadPj58a7Y3y1PHR/K643U8/L77arPwtxd8CafvvbXj/1+JPnxGT3ojZK1cvVNdrZzdexuJvH5eSJscGNnn/9ySvV9M92b73JubmLo9F9CQvpdm+VfvHb702z+fnp/EPH2vc/w/VHs+qV+L+iEhv4qMR8UBEPJi13UMR8XBEHFsj/h+ee+TtZseat/8as/ItlMY/uUb7p295aepW+2880XXh+2+alV9ZV/ufrKaGsz3ref9bbwW3cu0AAADgTlGofgc+KYwspwuFkZHad/gHYm+hPDM798S5mXcvTda+K38wugv5TFf/ivnQsWxuOM+P1+VPZPPGn3f1VfMjpZnyZLuDhw63r0n/T/3e1e7aAdvO77Wgc+n/0Ln0f+hc+j90Lv0fOlRP490f7HQ9gLbY+Od/77bUA9h5xv/QufR/6Fz6P3Skpr+NL2zpJ/93aqK4O6rRMNG3O6qRJ6KwK6rRusQrn9S6xG6pT54orvs/s9hkYk/DQ+1+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGiNfwIAAP//RwfmeQ==")
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='configfs\x00', 0x16, 0x0)
fchownat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0xffffffffffffffff, 0x100)

1m18.668751278s ago: executing program 4 (id=950):
unshare(0x62040200)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x10, &(0x7f0000000100), 0xfe, 0x458, &(0x7f00000001c0)="$eJzs3MtvG8UfAPDvOnH6/iW/Uh4tLYSXqHgkTfqgBy5FIHEACQkORZxMmlalboOaINGqgoJQOaJK3BFHJP4CLpQLAk5IXOGOkCqUC4XTorV3UzexnThx4hJ/PtImM95xZr67O/F4xusA+tZo9iOJ2BkRv0bEcD17Z4HR+q9b81em/p6/MpVEmr7+Z1Ir99f8lamiaPG8HfVMOtCm3mtvRVSq1emLeX587vy747OXLj979nzlzPSZ6QuTx48fOXxg6Njk0a7EuStr674PZvbvffnN669Onbz+9o9fZ+3dme9vjKNbRutHt6knul1Zj+1qSCeDPWwIHcn6aHa6yrX+PxwDsW1h33C89HFPGwesqzQtpVta776apmm6tVYO2HwSfRv6VPFCn73/LbYNGnrcFW6eiIV5jFv5Vt8zGKW8THkd6x+NiJNX//ki22Kd5iEAABrdOBERzzQb/5XivoZy/8vXhkYi4v8RsTsi7omIPRFxb0St7P0R8UCH9S9eIVk6/kmHVxXYCmXjv+fzta07x3/F6C9GBvLcrlr85eT02er0ofyYHIzyliw/0aaO71785bNW+xrHf9mW1V+MBfN2/DG4aILuVKVcWUvMjW5+FBHJSJP4kyiWcbLx8d6I2Nfh3y7WhM4+9dX+VmWWj7+NLqwzpV9GPFk//1djUfyFpOX65MRzxyaPjm+N6vSh8eKqWOqnn6+91qr+NcXfBTdvpLG96fW/EP9IsjVi9tLlc7X12tnO67j226ct39Os7vqfqwwlb9TSQ/lj71fm5i5ORAwlryx9fPL2c4t8UT67/g8+1rz/747bR+LBiMgu4gMR8VBEPJy3/ZGIeDQiPmkT/w8vPP5O5/G3mZXvoiz+U8ud/2g8/50nBs59/03n8Rey83+kljqYP5Kd/+XiWmkD13LsAAAA4L+iVPsMfFIaW0iXSmNj9c/w74ntperM7NzTp2feu3Cq/ln5kSiXipmu4Yb50Il8brjITy7KH87njT8f2FbLj03NVDudKwa6a0eL/p/5vd0NPMDm4H4t6F/6P/Qv/R/6l/4P/Uv/h/7VrP9/2IN2ABtvmdf/bRvVDmDjGf9D/9L/oX/p/9CXWt4bX1rTLf8SPUp8O7S272pYeSJKd0nImyZRjqa7Blf8ZRarTGxpuqvX/5kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC6498AAAD//+qa3cY=")
r0 = socket$inet6(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000040)="2400000021002551241c0165ff00fc020200000000100f000ee1000c08000b0000000000", 0x24)

1m16.770719709s ago: executing program 4 (id=967):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
getdents64(r0, &(0x7f00000002c0)=""/141, 0x8d)
getdents64(r0, &(0x7f0000000fc0)=""/224, 0xe0)
getdents64(r0, 0x0, 0x0)

1m16.263620369s ago: executing program 32 (id=967):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='ns\x00')
getdents64(r0, &(0x7f00000002c0)=""/141, 0x8d)
getdents64(r0, &(0x7f0000000fc0)=""/224, 0xe0)
getdents64(r0, 0x0, 0x0)

5.141777351s ago: executing program 1 (id=1660):
syz_usb_connect(0x2, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000274c0340ab0560000611000000010902120001000d00000904"], 0x0)
syz_usb_connect$uac1(0x5, 0x71, &(0x7f00000000c0)=ANY=[@ANYBLOB="12011001000000086b1d010140000102030109025f0003010000de0904000000010100000a2401f8ff0302010209040100000102000009040101010102000009050109ff03080005172501"], 0x0)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="043ef50d"], 0xf8)
sendmsg$NL80211_CMD_STOP_SCHED_SCAN(0xffffffffffffffff, 0x0, 0x800)

3.504658776s ago: executing program 1 (id=1677):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000180)='./bus\x00', 0x8, &(0x7f00000001c0)=ANY=[@ANYBLOB="6772706a71756f74613d2c6e6f636865636b706f696e745f6d657267652c616c6c6f635f6d6f64653d64656661756c742c6163746976655f6c6f67733d362c61636c2c6661756c745f696e6a656374696f6e3d30303030303030303030313236322c6661756c745f747970653d30303030303030303030303030303030303030322c6e6f61636c2c636f6d70726573735f63616368652c616c6c6f635f6d6f64653d64656661756c742c6e6f657874656e745f63616368652c636f6d70726573735f63616368652c6d6f64653d6c66732c00000000000000cc6c8ce7c68458259f3f9276c65041208ebd74d6391248adce3f77cddff2a374ee7b1470db785c3234a8e2f4d13511a687db9c47b5599f909fbbf1bdc74f6d65"], 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0x105042, 0x189)
writev(r0, &(0x7f0000000140)=[{&(0x7f00000001c0)='0', 0x1}], 0x1)
write$binfmt_script(r0, &(0x7f0000002340)={'#! ', './file2'}, 0xb)

2.625953813s ago: executing program 3 (id=1684):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@newlink={0x44, 0x10, 0x44b, 0x0, 0x0, {0x7a, 0x0, 0x0, r2}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_BR_AGEING_TIME={0x8, 0x8, 0xffffa888}, @IFLA_BR_VLAN_FILTERING={0x5, 0x7, 0x4}]}}}]}, 0x44}}, 0x0)

2.406478987s ago: executing program 3 (id=1686):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000800)=ANY=[@ANYBLOB="bf16000000000000b7070000010000004070000000000000400000004000e1ff95000000000000002ba76bb33123751c4e3409e62751ee00ba19ce670d25010000020000040000009fc404000000c788b277beee1cbf9b0a4def23d410f6accd3641110bec4e90a6341965dac03d046837d907b09ec39e9ef8f6e396ad200e011ea665c45a3449abe802f5ab3e89cf40b8580218ce740068720000074e3e8eea3fd8cf49827ca315f5b87e1ca6433a8acd715f5888b2007f0000000000000000010089937090c34410000000000000090000000000414027efc842b6d6f800005335001db43a5c000000000000000024000000000000000000e75a89faff01210cce39bf405f1e846c1242000000000000cad326ad7add65873d9f87463ad6f7c2e8ee1a39244960b318778f2a047f6d5bc24fef5d7d617da7fb5e2a431ab9142f3a06d55740a43088696daaed74b9c5c29647d2f950a959cf9938d6df8600a62e96b7cb8e52cbdce57a79d6fce424c22001f6c3784a1975fa657d05003a32a4fd67ce446ac5430207db79240acaf091231b986e77d05d988d6edc71df48dca02113a38300c2bd2b5543ffc16695572361629d1022f722ec23812b70d72cd0010000007881bfa35b9fd6864e90ddb31f75f6324989cdc7044f563a1f74d4efe895fdbc463f747c08f40105869035000000000003000000000000000000000000000000000000080000003ddf4aa4b1c8b8a0ae6feb6737c275dc2740f742b5425f1d5819610608bbab35471cdb0500000000000000d4123f955267fe4a75c114f874e086287547d4099aeec9f15b8ee25a2a5ccf4a9b603c88e12ff25184d4e3c2f7f623559435b2c505fb7113400000f0bc440550ee91302f5a00000000000000000000000000000000e67ccc00148ac4c43021cce9f24f4b2f9492c32e7a92a557ac2b44b8f7a49789906d922b3e4916f390ab7edcd3f5b9fe14446dd446a52131c464f2c08efb46d934615c8631b7c42efd0294bea179b0433f5c899119ec0c0acef5383b5a2720caeb68f1e9c05b05d89467ded84da092dea262e51811e2d7fa515722516bd5ef6c8c4966e5937562a5648a696abaa042a7097ddefe0671f977fb145890f5bf41ba92b8c4c8b14f0d4a880ef4518bb328790700000021e041254f06bd7f000000000000000000000000000000282ffe000000000000000431e8e3204a7d95938c5334a0dd177f1a7389ee570d95e543a27546d3770740f354df6dfdb3d1179b4b9fccd0cd5b7578802c66f5dbf22ad0bd03cbe0fecd096bcf419d35988948d1cd4c51c406040000000090a3bc3cbc08255975f3cee08dab765d8a4ef870aaae3f81ed6364837171ce5564f3cf6feba1b6745409000000000000003459263499fae97e7dcb30e4cff009e0f4f78c155c4ab19b878fcb4cc14b8d2823643a17120418f42b42ed879cb23e6d4e0d11db988d0bc46de02702d29243b72215d5563bdae8c2ccda4498687cd50f3a9058f61d52d70aabccb18d41d75788faf60ce9be97c13e4252d9d112d9ac47368829f8a29eca17de807c840293dd387eee13fdecf3d5a334350f045a22b9adb0539d44d58a00fb9e83ebf4fea36b87e2afdf63f7abf5caf2b01317a5f65f22c8bcf36b390dece1e98541ae932ec3486f74c1eea673c1647568acb17efcef24a9c3504dfa7c7eefe3dcb8d570a730a0837839f54527ce334b8173e7bf73bcd8d80ef294fde6549a0f1a23b78b41f79ea543d2b38b80d3d28c6c93901b763fc8b88794aa74facc345e28f0ad79de4df5afd52e7dfc387e4d2ca4d5caca74754987dbbd4d64e233b4a1d81a9aeb981734ca5416cacf516ca8384d85310f24d393fd48c668465546117377547d11a61bd2bd9e35fa0da5118554a1d93147b103a51baf94aeb1b6292038300423344e6add2226ba5f6724a08567ef515898f0f7dfd3fc198092af3265c5df377a66bbde4fa4a049692e06ee5022c58290bdc37eeb16f4e099e33679044ba21898f76c982c8203663f1adb7bbb42ed8d9b0bb8bd9255e342959b822fa8b3d08b29f2201dfe3a3c5c8bf8bc82f249e7eb9f8571823d730fdc78c6b3122a3fd9209dcae70c10c7b17e83dd759a52fe5c362358dbb780a52f540000000000000000000011230e1d6f9fd3315ada8ecee55fc0ec6ec0ec950c0ad006a06a162035d5729795c4a58b59f9a252723480b08ae9bd52c176380a42b972a3400b5d28b273e60000007cac9d35a991c27e23ce5217fec9ce89ea2dea8ddb383e53cdd077e7c2d73404b7450664f70225897307d8a140ba97bfc2232dccdb1dd0496c219315c02f2ef46f30add1aa13e52d67116328c3a5ee3356eadea07abe8506767771d68e760f8c623fb64865a942acc4912dcd1fa5d729cb45c15577bbb8b08a705efeaf09dd6aadeb8d61501e4fd9c9b1ac845a2138cbde58a04589888c0e528a5134e1dfa8b3f6d8a76517df589cae1019a3bc280e99fb661271357dbbd7e9c42d3fe45efaaa00"/1810], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x35}, 0x48)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000200)=r2, 0x4)
sendmsg$inet(r1, &(0x7f0000002640)={0x0, 0x0, &(0x7f0000002140)=[{&(0x7f0000000240)='\x00\x00\x00\x00\x00', 0x5}], 0x1}, 0x404c010)

2.258405267s ago: executing program 3 (id=1688):
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r1, 0x0)
read$FUSE(r0, &(0x7f0000001440)={0x2020}, 0xfffffe76)

2.186625039s ago: executing program 2 (id=1689):
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000380)='\x00', 0x89901)
fchdir(r0)
close(r0)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x9800, &(0x7f0000001dc0)={0x0, 0x0, 0x100000}, 0x20)

2.123060641s ago: executing program 3 (id=1691):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000009c0), 0x42, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
syz_usb_connect$uac1(0x3, 0xdc, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES8=r1, @ANYRES16=r0], 0x0)

2.027437055s ago: executing program 1 (id=1692):
setresuid(0x0, 0xee00, 0x0)
r0 = shmget$private(0x0, 0x4000, 0x1000, &(0x7f0000ffc000/0x4000)=nil)
shmctl$IPC_SET(r0, 0x1, &(0x7f00000020c0)={{0x3, 0x0, 0x0, 0x0, 0x0, 0x1, 0xe}, 0x9, 0x5, 0x2, 0x1, 0x0, 0x0, 0x3ff})
shmctl$SHM_UNLOCK(r0, 0xc)

1.642576626s ago: executing program 2 (id=1694):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/keys\x00', 0x0, 0x0)
read$FUSE(r0, &(0x7f0000004480)={0x2020}, 0x2020)
preadv2(r0, &(0x7f0000000280)=[{&(0x7f0000000040)=""/63, 0x3f}], 0x1, 0x101, 0x4, 0x2)
read$FUSE(r0, &(0x7f00000002c0)={0x2020}, 0x2020)

1.443176364s ago: executing program 2 (id=1698):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x202)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000780)={0xfffffffe, 0x0, 0x0, 'queue0\x00', 0x48})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r0, 0x40bc5311, &(0x7f0000000100)={0x80, 0x1, 'client1\x00', 0xffffffff80000005, '\x00', "e4a18560d99f00", 0x800000, 0xffffff23})
write$sndseq(r0, &(0x7f00000000c0)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @raw8={"a357b6b140cbb6215dd33459"}}], 0xfffffee4)

1.350618933s ago: executing program 5 (id=1699):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000005c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x44, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x14}]}, @NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xac}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
close(r0)

1.288408953s ago: executing program 5 (id=1700):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x200, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000640)=0x10)
mmap$dsp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x100000b, 0x8012, r0, 0x0)
ioctl$SNDCTL_DSP_SETFMT(r0, 0xc0045005, &(0x7f0000000000)=0x8000)

1.195718911s ago: executing program 2 (id=1701):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000002e40), 0x2, 0x0)
write$UHID_CREATE(r0, &(0x7f0000002ec0)={0x0, {'syz1\x00', 'syz1\x00', 'syz0\x00', &(0x7f0000002e80)=""/53, 0x35, 0x8, 0x6, 0x7, 0xb, 0x3}}, 0x120)
read(r0, &(0x7f00000076c0)=""/252, 0xfc)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)

1.086538131s ago: executing program 0 (id=1702):
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="12000000040000000400000002"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{r1}, &(0x7f0000000040), &(0x7f0000000140)=r0}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r1}, &(0x7f0000000580)=0x2, &(0x7f00000005c0)=r0}, 0x20)

1.001070259s ago: executing program 5 (id=1703):
r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_CPUID2(r2, 0x4048aecb, 0x0)

972.631315ms ago: executing program 0 (id=1704):
syz_mount_image$msdos(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x80c406, &(0x7f0000000e00)=ANY=[@ANYBLOB="646f74732c646f747300646d61736b3d30303030303030303003994db69d6fadd9fe8357bb9b326973636172642c0166733d6e6f7774066c655f726f2c6769643d8bde74b54a903862b1d491a0644fd032adf103782b3e6ab9bb8b7d5a0000008000000000831cac568a8781052c1f78a90d525fbffbbe712b3588cd20fd6b4fa30f99796b63d0000200006bf7964f30b515830fe521179cb856fcec51525e76986850e3c2079c07811902047009a8bd311ec4398a92a06f061a5a0ba1eb2b3db991e65cb55232662ecb874cb1ea47734fd6c56b06c03f20235fad7299622ac7c70fbb5466c8f69e506f15f9048273682c4abdddc8cbc849980b03000000000000000000000063e0c97554c132b6effff3b3e0c109c72f794db4da27b9108716f1877464f58d22d0ea6e75321d887a6a375c5cf8cce358a8df2720e76ce466c78c7901cc6071bc2eafaa394d4290e95d4db56b59ed5d9bd10d94b075a7ace6d3f19993baa452c9ecc39f61cc383b51b627ad3b736c045f8c784b64bbaac710f4372841998dee85b80f515bdeba72caeb00c76ae7cb06986d7e9f9fec03b990c1fc56d5161ae3c622a649f9f95781dd32bc8e4090861fcad6bed6a3be33f3602b136695e7543543b93f62312f5387cd4c6d1aa22271ec1be39d675c08f44ed601b6c8fbf92f448158194570618bfd504dfd0ff459eff7bc34e453816efefe372fcecc66f0956afbe155f1f53d0eff4872d6921804209e82af2ed0a588b8ebbef33bbbc3d495d110acf1a7537f33a8f5a82a29e2d6761b50d3db9dae0a9606eb4b0a92cdb504659776a21344b8fdc9ca3851a76938dd00e59cb1d1ad7ec9ac6e19d3244e209fd56e67caf895cf9f8507b063cac9ddc2ae46f7dff3f9b86b5b3838383015a502f3540a8a796580c78737b10f54977af5cee89e91cc54e21101973aed1e03820294e9811ef0c389ec53e04e14f226213fa4fd2f9c32cd317f936edcf16bffd78d69907336f1e4cf69c22d2e8f0a1caa2623483b45be9f59f1b74cd3f19a92db916f959d4bcb800c50bfabd4d63861e036ef6d614d46c31ab711ad2ead248d781e89017fc7c22d22be274e450e5f1837bf10921f4b117439ad4503f11682542bdba745be99695d4c3d64b96997f1a6f8f3145f94f227694be7682e8a2a1a288b69474164171c6dc00e770cb068702087467ee08643516fbc3f5f71715559152dbdb61082060c73a9338db0407ed89b6941d034f623a6643e394456c1c8c4a4fc84fea7cabb001968d0d3591bee2f2c93453aa0e750a0b57ffb2d9eeba407a2e8b16c7b6bbeb5ff7fd5fc6c95c4169ffd42357bc6dfbcb88ca559d001460faf3504f22c5853ffa0860ad22946569f51608372adbc094dafdd94e8cc7eeb17d679ca2466e36ae023e13fb304a68f95dc1c56fd365fcf5af0a961b9a7e79e615d6c7daa97af0dca88191b4547239725d1dec265fcced6f805f894c1abdf83b56759ee877f9f220c1ef112adae061e7b6ba836f436d4d3af", @ANYRES16, @ANYRES16], 0xff, 0x2b1, &(0x7f0000000100)="$eJzs3E1rE0EYwPEn2TabVvpyEvTig170stR4VKFRWhADStoV9SBs6VZDYlJ2gyYimLOnfo7i0ZsgfoHe/QDeiiA99eRKk826iemLISY1/f8g7Mw8O5uZnQSeCWx2H2+9LG741oZTlWRaJSnSkH2ReSlIWyI8pprlVNQutzPSkGsLr/berzx5ej+byy3lVZezqzcyqjp76fPrtx8uf6mee/Rx1jRlZ/7Z7o/Mt53zOxd2f66+KPha8LVcqaqja5VK1Vkrubpe8IuW6sOS6/iuFsq+63XEN0qVzc26OuX1melNz/V9dcp1TUpdqxVNh6Mqq2VZOjN9UE7LGZL66x72dj7vZHuGztSdG2+el3UMEZn6Y03t7dGMCAAAjNLh+X8yOqed/ye783+RY/L/d+FZs58Gnv8bEuX/RbeZ/1e9ujrPnUI8/8eR7MXO/H/xRL2S/25A6FeiEavc6Qh5XnaqdyfyfwAAAAAAAAAAAAAAAAAAAAAA/gf7QTAXBMHcwTEpIkFYN0XEiNV7dOUJ8TEQX/8g9jLDBT5i/TEGYg/upUW+N2p2zU40j6348r3c0oI2xR7826vVbCOKX2/FtTM+KdNhPNMznpKrV1rxg9jdB7l4fKtmT8l611iNjlpjkLcBAAAAAICxZmlkPmpMS7S/tyw1pTve3L83CxMi0v59oGt/PyEXJ4Y4EQAAAAAAcCi//qbolEquN5yCMcT36rsg0l/3m4E5kGEYIhJrMcOlip+TXxEZ3JRTcuyU9UQXNMVtj3a4C/c123f39Cn51J2wcGtgFwwSIq2WyXDNur4FAAAAAMbL7/3AqEcCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDZNYy/Lhv1HAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDT4lcAAAD//4aMsuk=")
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c636865636b3d7374726963742c756d61736b3d30303030303030303030303030303030303133363033302c756e695f786c6174653d312c756e695f786c6174653d302c666d61736b3d30303030303030303030303030303030303030303034302c757466383d302c6e6f6e756d7461696c3d302c73686f72746e616d653d77696e39352c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c74696d655f6f66667365743d3078303030303030303030303030303166622c666c7573682c756e695f786c6174653d302c73686f72746e616d653d77696e39352c00208893fdd4787adad4209069"], 0x6, 0x2b0, &(0x7f0000000280)="$eJzs3T9vI0UYB+B3E3vtg8IuqBASK0FBdbpcS+MI5aQIVyAXQAEn7k5CsYV0J0XijzBX0dJQ8gmQkOj4EjQU9Ei0SHRccdKi9e7GTlg72QgnwD1Pk8ns/Gbe3YwTpfD4g5dmR/eyePD481+j309iZxSjeJLEMHai9mWcMvo6AID/sid5Hn/kpTa5JCL62ysLANiilb//Ny4U+GHrJQEAW/b2O+++uT8eH7yVZf24M/vqeFL8Z198La/vP4iPYhr341YM4mlEfqJs38nzfN7JCsN4dTY/nhTJ2fs/VfPv/x6xyO/FIIaLrtP5w/HBXlZayc+LOp6r1h8V+dsxiBca1j8cH9xuyMckjddeWan/Zgzi5w/j45jGvUURy/wXe1n2Rv7Nn5+9V5RX5JP58aS3GLeU717xjwYAAAAAAAAAAAAAAAAAAAAAgP+xm9XZOb1YnN9TdFXn7+w+Lb7pRlYbnj6fp8wn9URnzgea5/Ftfb7OrSzL8mrgMt+JFzvRuZ67BgAAAAAAAAAAAAAAAAAAgH+XR598enR3Or3/8B9p1KcB1G/rv+w8o5Wel6NhzDBOenrLJXeqZTfMHLv1mCRiYxnFjK2K756/+prGjXWp775v++j654/pXqLClo16dx3dTZqfYS/qnn69SX5cHZPGBddK113KW22/tPFS2voFkj6/aMw3jIlkU2Gv/1Y+uaonOXsX6eKpNsa7VaN8LTTtjVb7+e+/KxKndQAAAAAAAAAAAAAAAAAAwFYt3/TbcPHxmtAvh+WH/Mdwy9UBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNVYfv5/i8a8Cl9gcBoPH13zLQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAM+CsAAP//yylfnw==")
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
renameat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0xffffffffffffff9c, &(0x7f00000002c0)='./file1/file3\x00', 0x0)

737.756982ms ago: executing program 0 (id=1705):
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f0000002040)=[{{0x0, 0x0, 0x0}, 0x9}], 0x1, 0x40002022, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x1c}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0xbe8}, {&(0x7f00000007c0)=""/154, 0x53}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}}], 0x4000000000003b4, 0x0, &(0x7f0000003700)={0x77359400})

737.609843ms ago: executing program 1 (id=1706):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000000)={@remote, 0x200000, 0x0, 0xff, 0x1, 0xf278}, 0x20)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000000040)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x200000, 0x2, 0x0, 0x0, 0x96, 0x8}, 0x5b)

634.2504ms ago: executing program 2 (id=1707):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_CQM(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)={0x30, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x1000000}, @NL80211_ATTR_CQM_RSSI_THOLD={0x8, 0x1, [0x1]}]}]}, 0x30}}, 0x0)

580.859248ms ago: executing program 5 (id=1708):
r0 = socket$netlink(0x10, 0x3, 0x0)
setreuid(0xffffffffffffffff, 0xee01)
ioctl$KVM_SET_CLOCK(0xffffffffffffffff, 0x4188aec6, &(0x7f0000000040)={0x6, 0x2, 0x5, 0x95d})
sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="740000004e0001"], 0x74}}, 0x20000050)

550.863953ms ago: executing program 1 (id=1709):
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x810, &(0x7f00000018c0)=ANY=[], 0xfd, 0x1501, &(0x7f00000002c0)="$eJzs3Am4T1X3OPC19t6H62b4JpnP2uvwTYZNkoSSZEiSJCRzQpIkSZK4ZEpCEjLeJHPInG665nnInHTzSpIkJCTZ/+c2/P16h5/3fX/9/vq/d32e5zz2cs7aZ+27nu89w/Pc79ddh1VvVKNKfWaGf4f+bYC//JMEAAkAMBAAcgBAAABlc5bNmb4/i8akf+sk4n9JgxlXugJxJUn/Mzbpf8Ym/c/YpP8Zm/Q/Y5P+Z2zS/4xN+i9EhjYr39WyZdxN3v//f079T5Ll+p8h4D/aIf3/T6P/paOl/xmb9D9jk/5nbNL/jCy40gWIK0w+/xmb9F+IDO0Pf6e84dyVfqct27+wCSGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQ/w+c85cYAPhtfKXrEkIIIYQQQgghxB/Hv3ulKxBCCCGEEEIIIcT/PgQFGgwEkAkyQwJkgUS4CrJCNsgOOSAGV0NOuAZywbWQG/JAXsgH+aEAFIQQCCwwRFAICkMcroMicD0UhWJQHEqAg5JQCm6A0nAjlIGboCzcDOXgFigPFX4+Z7rboTLcAVXgTqgK1aA61IC7oCbcDbXgHqgN90IduA/qwv1QDx6A+tAAGsKD0AgegsbQBJpCM2gOLaDlZfKTc/y9/OehB7wAPaEXJEFv6AMvQl/oB/1hAAyEl2AQvAyD4RUYAkNhGLwKw+E1GAGvw0gYBaPhDRgDY2EcjIcJMBGS4U2YBG/BZHj7oWwwFabBdJgBM2EWvAOzYQ7MhXdhHsyHBZCcZREshiXwHiyF9yEFPoBl8CGkwnJYASthFayGNbAW1sF62AAbYRNshi2wFbbBR7AddsBO2AW7YQ/shY9hH3wC++FTSMPP/sX8s7/Ph24ICKhQoUGDmTATJmACJmIiZsWsmB2zYwxjmBNzYi7MhbkxN+bFvJiE+bEgFkRCQkbGQlgI4xjHIlgEi2JRLI7F0aHDUlgKS+ONWAbLYFksi+WwHJbHClgBb8VbsRJWwspYGatgFayKVbE6Vse78C68G2thLayNtbEO1sG6WBfrYT2sj/WxITbERtgIG2NjbIpNsTk2x5bYElthK2yNrbEttsV22A7bY3vsgB2wI3bETtgJO2Nn7IJdsCt2xW74HD6Hz+Pz+AK+gL2wquqNfbAP9sW+2B8H4AB8CQfhy/gyvoJDcCgOw1fxVXwNR+AZHImjcDSOxkpqLI7D8chqIiZjMmaGSTgZJ+MUnIpTcTrOwJk4C2fhbJyDc/BdnIfzcT4uxIW4GJfgElyK72MKpuAyPIupuBxX4EpchatxFa7FdbgWN+BG3ICbcTNuxa34EX6EO3AH7sJduAf34Mf4MX6Cn+AQTMM0PIAH8CAexEN4CA/jYTyCR/AoHsVjeAyP43E8gSfxFJ7E03gaz+BZPAcA5/E8XsALeBEvpn/4VTqjjMqkMqkElaASVaLKqrKq7Cq7iqmYyqlyqlwql8qtcqu8Kq/Kr/KrgqqgIkWKVaQKqUIqruKqiCqiiqqiqrgqrpxyqpQqpUqr0qqMKqPKqptVOXWLKq8qqDbuVnWrqqTausrqDlVFVVFVVTVVXdVQNVRNVVPVUrVUbVVb1VF1VF11v6qnemN/bKDSO9NIDcXGahg2Vc1Uc9VCvYYPq1ZqBLZWbVRb9agahSOxvWrlOqgnVEc1Djupp9R4fFp1UROxq3pWdVPPqe7qedVDtXY9VS81BXurPmo69lX9VH81QM3Gaiq9Y9XVK+r5zEPVMPWqWoyvqRHqdTVSjVKj1RtqjBqrxqnxaoKaqJLVm2qSektNVm+rKWqqmqamqxlqppql3lGz1Rw1V72r5qn5aoFaqBapxWqJek8tVe+rFPWBWqY+VKlquVqhVqpVarVao9aqdWq92qA2qk1qs9qitqpt6iO1Xe1QO9UutVvtUXvVx2qf+kTtV5+qNPWZOqD+og6qz9Uh9YU6rL5UR9RX6qj6Wh1T36jj6lt1Qp1Up9R36rT6Xp1RZ9U59YM6r35UF9RP6qLyCjRqpbU2OtCZdGadoLPoRH2Vzqqz6ew6h47pq3VOfY3Opa/VuXUendfk0/l1AV1Qh5q01awjXUgX1nF9nS6ir9dFdTFdXJfQTpfUpfQNurS+UZfRN+my+mZdTt+iy+sKuqIHfZuupG/XlfUduoq+U1fV1XR1XUPfpWvqu3UtfY+ure/VdfR9uq6+X9fTD+j6uoFuqB/UjfRDurFuopvqZrq5bqFb6od1K/2Ibq3b6Lb6Ud1OP6bb68d1B/2E7qif1J30U7qzflp30c/orvpZ3U0/p7vrn/RF7XVP3Usn6d66j35R99X9dH89QA/UL+lB+mU9WL+ih+iheph+VQ/Xr+kR+nU9Uo/So/Ubeoweq8fp8XqCnqiT9Zt6kn5LT9Zv6yl6qp6mp+sZeqbu/+tMc/+J/Lf+Tv7gn8++VW/TH+nteofeqXfp3XqP3qv36n16n96v9+s0naYP6AP6oD6oD+lD+rA+rI/oI/qoPqqP6WP6uD6uT+iT+gf9nT6tv9dn9Fl9Vv+gz+vz+sKvPwMwaJTRxpjAZDKZTYLJYhLNVSaryWaymxwmZq42Oc01Jpe51uQ2eUxek8/kNwVMQRMaMtawiUwhU9jEzXWmiLneFDXFTHFTwjhT0pQyN/yP8y9XX0vT0rQyrUxr09q0NW1NO9POtDftTQfTwXQ0HU0n08l0Np1NF9PFdDVdTTfTzXQ33U0P08P0ND1NkkkyfcyLpq/pZ/qbAWageckMMoPMYDPYDDFDzDAzzAw3w80IM8KMNCPNaDPajDFjzDgzzkwwE0yyz2EmmUlmsplsppgpZtrAHGaGmWFmmVlmtplt5pq5Zp6ZZxaYBWaRWWSWmCVmqVlqUkyKWWaWmVSz3Cw3K81Ks9qsNmvNWrPerDcbzUaz2Ww2qWab2Wa2m+1mp9lpdpvdZq/Za/aZfWa/2W/STJo5YA6Yg+agOWQOmcPmsDlijpij5qg5Zo6Z4+a4OWFOmFPmlDltTpsz5ow5Z86Z8+a8uWAumIvmYvptX6ACFZjABJmCTEFCkBAkBolB1iBrkD3IHsSCWJAzyBnkCq4Ncgd5grxBviB/UCAoGIQBBTbgIAoKBYWDeHBdUCS4PigaFAuKByUCF5QMSgU3BKWDG4MywU1B2eDmoFxwS1A+qBBUDG4NbgsqBbcHlYM7girBnUHVoFpQPagR3BXUDO4OagX3BLWDe4M6wX1B3eD+oF7wQFA/aBA0DB4MGgUPBY2DJkHToFnQPGgRtPxD5/f+TJ5HXM+wV5gU9g77hC+GfcN+Yf9wQDgwfCkcFL4cDg5fCYeEQ8Nh4avh8PC1cET4ejgyHBWODt8Ix4Rjw3Hh+HBCODFMDt8MJ4VvhZPDt8Mp4dRwWjA9nBHODGeF74Szwznh3PDdcF44P1wQLgwXhYtD/OWWGFLCD8Jl4Ydharg8XBGuDFeFq8M14dpwXbg+3BBuDDeFm8sO+uXQcHu4I9wZ7gp3h3vCveHH4b7wk3B/+GmYFn4WHgj/Eh4MPw8PhV+Eh8MvwyPhV+HR8OvwWPhNeDz8NjwRngxPhd+Fp8PvwzPh2fBc+EN4PvwxvBD+FF4MffrNffrlnQwZykSZKIESKJESKStlpeyUnWIUo5yUk3JRLspNuSkv5aX8lJ8KUkFKx8RUiApRnOJUhIpQUSpKxak4OXJUikpRaSpNZagMlaWyVI7KUXkqTxWpIt1Gt9HtdDvdQXfQnXQnVaNqVINqUE2qSbWoFtWm2lSH6lBdqkv1qB7Vp/rUkBpSI2pEjakxNaWm1JyaU0tqSa2oFbWm1tSW2lI7akftqT11oA7UkTpSJ+pEnakzdaEu1JW6UjfqRt2pO/WgHtSTelISJVEf6kN9qS/1p/40kAbSIBpEg2kwDaEhNIyG0XAaTiNoBI2kUTSa3qAxNJbG0XiaQBMpmZJpEk2iyTSZptAUmkbTaAbNoFk0i2bTbJpLc2kezaMFtIAW0SJaQktoKS2lFEqhZbSMUimVVtAKWkWraA2toXW0jjbQBtpEm2gLbaFttI2203baSTtpN+2mvbSX9tE+2k/7KY3S6AAdoIN0kA7RITpMh+kIHaGjdJSO0TE6TsfpBJ2gU3SKTtNpOkNn6Bydo/P0I12gn+gieUqwWWyivcpmtdlsdpvD/nWc1+az+W0BW9CGNrfN87uYrLVFbTFb3Jawzpa0pewNfxOXtxVsRXurvc1Wsrfbyra8zQL/Na5p77a17D22tr3X1rB3/S6uY++zde1Dtp5tYuvbZrahbWEb2YdsY9vENrXNbHPbwrazj9n29nHbwT5hO9on/yZeat+36+x6u8FutPvsJ/ac/cEetV/b8/ZH29P2sgPtS3aQfdkOtq/YIXbo72MAO9q+YcfYsXacHW8n2Il/E0+z0+0MO9POsu/Y2XbO38RL7Ht2nk2xC+xCu8gu/jlOrynFfmCX2Q9tql1uV9iVdpVdbdfYtf+31pV2s91it9q99mO73e6wO+0uu9vu+TlOX8d++6lNs5/ZI/Yre9B+bg/ZY/aw/fLnOH19x+w39rj91p6wJ+0p+509bb+3Z+zZn9efvvbv7E/2ovUWGFmxZsMBZ+LMnMBZOJGv4qycjbNzDo7x1ZyTr+FcfC3n5jycl/Nxfi7ABTlkYsvMERfiwhzn67gIX89FuRgX5xLsuCSX4hu4NN/IZfgmLss3czm+hctzBa7It/JtXIlv58p8B1fhO7kqV+PqXIPv4pp8N9fie7g238t1+D6uy/dzPX6A63MDbsgPciN+iBtzE27Kzbg5t+CW/DC34ke4Nbfhtvwot+PHuD0/zh34Ce7IT3Infoo789PchZ/hrvwsd+PnuDs/zz34Be7JvTiJe3MffpH7cj/uzwN4IL/Eg/hlHsyv8BAeysP4VR7Or/EIfp1H8igezW/wGB7L43g8T+CJnMxv8iR+iyfz2zyFp/I0ns4zeCbP4nd4Ns/hufwuz+P5vIAX8iJezEv4PV7K73MKf8DL+ENO5eW8glfyKl7Na3gtr+P1vIE38ibezFt4K2/jj3g77+CdvIt38x7eyx/zPv6E9/OnnMaf8QH+Cx/kz/kQf8GH+Us+wl/xUf6aj/E3fJy/5RN8kk/xd3yav+czfJbP8Q98nn/kC/wTX2TPEGGkIh2ZKIgyRZmjhChLlBhdFWWNskXZoxxRLLo6yhldE+WKro1yR3mivFG+KH9UICoYhRFFNuIoigpFhaN4dF1UJLo+KhoVi4pHJSIXlYxKRTdEpaMbozLRTVHZ6OaoXHRLVD6qEFWMbo1uiypFt0eVozuiKtGdUdWoWlQ9qhHdFdWM7o5qRfdEtaN7ozLRfVHd6P6oXvRAVD9qEDWMHowaRQ9FjaMmUdOoWdQ8ahG1jB6OWkWPRK2jNlHb6NGoXfRY1D56POoQPRF1jJ68tL9Y8MvV9K/2J0W9I/3rG7J79KL44viS+HvxpfH34ynxD+LL4h/GU+PL4yviK+Or4qvja+Jr4+vi6+Mb4hvjm+Kb41viW+Pe18gMDtMfhMG4wGVymV2Cy+IS3VUuq8vmsrscLuaudjndNS6Xu9bldnlcXpfP5XcFXEEXOnLWsYtcIVfYxd11roi73hV1xVxxV8I5V9KVci1cS9fStXKPuNaujWvrHnWPusfcY+7xhF8Ld53cU66ze9p1cc+4Z9yzrpt7znV3z7se7gXX0/VySS7J9XF9XF/X1/V3/d1AN9ANcoPcYDfYDXFD3DA3zA13w90IN8KNdCPdaDfajXFj3Dg3zk1wE1yyS3aT3CQ32U12U9wUN81NczPcDDfLzXKz3Ww3181189w8t8AtcIvcIrfELXFL3VKX4lLcMrfMpbpUt8KtcKvcKrfGrXHr3Dq3wW1wm9wmt8VtcdvcNrfdbXc73U632+12e91et8/tc/vdfpfm0twBd8AddAfdIfeFO+y+dEfcV+6o+9odc9+44+5bd8KddKec16fd9+6MO+vOuR/cefeju+B+chedd8mxN2OTYm/FJsfejk2JTY1Ni02PzYjNjM2KvRObHZsTmxt7NzYvNj+2ILYwtii2OLYk9l5saez9WErsg9iy2Iex1Njy2IrYytiq2OqY9wW2R76QL+zj/jpfxF/vi/pivrgv4Z0v6Uv5G3xpf6Mv42/yZf3Nvpy/xZf3FXxF38Q39c18c9/Ct/QP+1b+Ed/at/Ft/aO+nX/Mt/eP+w7+Cd/RP+k7+ad8Z/+07+Kf8V39s/N/7bLv4V/wPX0vn+R7+z7+Rd/X9/P9/QA/0L/kB/mX/WD/ih/ih/ph/lU/3L/mR/jX/Ug/yo/2b/gxfqwf58f7CX6iT/Zv+kn+LT/Zv+2n+Kl+mp/uZ/iZfpZ/x8/2c/xc/66f5+f7BX6hX+QX+yX+Pb/Uv+9T/Ad+mf/Qp/rlfoVf6Vf51X6NX+vX+fV+g9/oN/nNfovf6rf5j/x2v8Pv9Lv8br/H7/Uf+33+E7/ff+rT/Gf+gP+LP+g/94f8F/6w/9If8V/5o/5rf8x/44/7b/0Jf9Kf8t/50/57f8af9ef8D/68/9Ff8D/5i/I3a0IIIYQQ/xR9mf29/87/qV+3dH0AINuOfIf/es5NuX8Z91P7OsYA4IleXRv8tjVokJSU9OuxqRqCwgsBIHYp/+fvH/g1Xg5t4THoAG2g9N+tr5+q+PN93383f/xmgESALL/lpD8eJcJfz3/jP5i/yXt8ufkXAhQtfCkn/US/xZfmL/MP5t/T7jLzZ/k8GaD1f8nJCpfiS/OXgkfgSejwuyOFEEIIIYQQQohf9FPnu13u+Tb9+Ty/uZSTGS7Fl3s+v4zKf8QahBBCCCGEEEII8d97+rnujz/coUObzv/Jg8x/jjL+BAMEgD9BGTL48w+u9G8mIYQQQgghxB/t0k3/la5ECCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYTIuP79bwhT//TBV3qNQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghxJX2fwIAAP//5g1V0w==")
truncate(&(0x7f0000000140)='./file2\x00', 0x63fc)
chdir(&(0x7f0000000140)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x42, 0x10)

433.079653ms ago: executing program 0 (id=1710):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x1c, &(0x7f0000000400)=[@in6={0xa, 0x0, 0x0, @private2}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000040)={r1, 0x3a}, &(0x7f00000000c0)=0x8)

431.69879ms ago: executing program 2 (id=1711):
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000280)='./file1\x00', 0x810, &(0x7f0000002400)={[{@ssd_spread}, {@nodatacow}, {@nobarrier}, {@usebackuproot}, {@metadata_ratio={'metadata_ratio', 0x3d, 0x6}}, {@autodefrag}, {@space_cache_v1}, {@max_inline={'max_inline', 0x3d, [0x6d, 0x65, 0x31, 0x78, 0x32, 0xb61148b71cab6665]}}]}, 0x3, 0x510e, &(0x7f00000196c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734d2FpAqhUbJJahw38Xptk4daqqwpVSPSNOuGBlVRGht7TRYv2LFNiVGIjE1EIwSlDVLyoQijKKr5ALUCEUkB4SLFESqPiKoogEChNURBpJQkIk2Q4mr23jN759ydhx9rvPT3k7xzZv7ncc+Zh+fce+dcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4/+HQV67622bxh397wdPPXTxx2d51F798zQVnPh7C5OzjHVm4o//6Wyd+fuf5d+29b81t9xy58P29ebk8HgaqfzrzO9fFWo8sDeHejhC608DKwSzQk98fjPW9YzCEM8JcoFZiqj8rkTYcvt8Xwv4wF6hV9b2+EAYLgYueeOjBG6uJW/pCWBZCqKRtPFvJ2uhLA+f0ZoH+NLCtOwv86mimFvhuZxaAExbfDLUX/cHJ+gwj85dr8PrrOWkb9sZKu9cVEyON8/1s3QJvVEFv+sDkCT1tpepYEKW3xyHvtkXwbiuN882etuIXqfwbytG5UCV0bp7asvHKmV3xkc4wNtbVqKYFep6fevVLm44lvWheh3EDRk7K6/Cmx5bd2bXiE4/es3LZiwc+sO+lE93MHxWGtJheaJWQv+YWzfMYTfg8WQRvv9K3pFFfukIIWz7/e59sFi/N/0eaz//jyznedtbljrW+PpTNzeMjgzHxylA2NwcAAIBFYzHsNd029sBHCsWHK0l9pfn/aHvH/+Mh/3wyn/X2UAgTs4l9wyGcNft4FrgjNnfJcAjvnk1N1gfWJYFDIbx9NrGiVlVSYkksMZoEfjKUByaSwOEYmEwC34qBm5PAdTFwMAlsioFDSeD8GAjT9f34/aG8H20H+mJgQzaIB+NZCL8Yiq0lY/VMrSoAAICTJJ8d9tTfLZzrcKIZ4vTyYF+rDPEM7IYZKkkN6Qy2Nq1qWEN3qxo6W9VQ6/ee5t0v1dzRqubSaRgd9Rlu/eXffCo0UZr/jzef/1fm2ZCO0vH/ENbP/o25O/PITC2+YbIuAwAAAHACBv73+W82i5fm/xPtnf8f94l0FTKHR+JuiK3DIYzXB7Jq/7AcyI56D+QBAAAAWAxqx+Nrx8Kn89vsFO10Pl3OP3mM+eOB/4l58/ceun9Ds+0tzf8n2zv/v7/+NtuIw3ErvjYcwpJC4AdxK6uBWaMx8OOP1gfy/h+OA3BDrCo/MaFW1Q2xxIYYGE8C+xuV+GGtxFn1gfzJqjW+r9aP6bxEIQAAAACnXNwdEI/Lx/P/3/ObNVc1K1ea/284tvP/Z+fBpdP7ZwZCWNUdQlf6w4BH+rOFAWNgsCNPPNCf1dWVVnVtfwjnVTuWVvV8vv5/d7rG4BN9WVUxcNZ7Drx6TjXxzb4QVhUDT37m9g9WE7uSQK3xv+wL4V3V3qaNf2dJ1nhP2vjXl4TwzkKgVtUlS0KoNtabVvVQJb+OQVrVP1dCeEshUKvqQ5UQdgcAFqn4X+nm4oM7d1+9dePMzNSOBUzEffh9Ycv0zNTYpm0zmysNtmlzss11yxhdW+5Tu1e+eSZfoujTd68fbCdd+53geLGtfD9+6cTB/H78LtQz2881PXV316Zdft97y02EwjepRl3uXOAu9xcrmXsSS/XH/L1hICy5cufUjrEvbty1a8fq7G+72ddkf+NhpmysVqdj1T/ftrXx8mi4WlbieMdqebGSVbsu375q5+6rV05fvvHSqUunrlj9oTXj546vHf/wuauqvRrP/rbo6vL5qk66evT2Nvt1Ert6dnehklPxqSEhIbHYEtsGljf9P7k0/9/efP4fP3XiJ3++PkOj4/8j8TB/9vjcYf4NMbC/3eP/I42O5tdODBhNAntiYI/D/AAAALw5xEl+3JsZ90r/dMV3XmxWrjT/39Pe7/9P0vr/taXrL2y0zP+KWGK80fr/6TL/tfX/9zRa/z9d5r+2/v/+N2D9/ytrgWRIfmH9fwAA4M3g1K3/33J5//QCAaUMLZf3Ty8QUMrQchn/di8QcMzr/z/7n3/136GJ0vz/5vbm/xbuBwAAgNPHl//sqt9pFi/N//e3N/8/9ev/hUbn/482Ckw2WhjQ+n8AAAAsUo3W/xu5vv9zzcqV5v8H25v/x9MuOutyx1pfH8rWtAvpmnavDNV+MgAAAACLQ2cYG+tpM2/dyqjrjr/Np/KlQJuli57/kyPHdv7/ofbm/3W/y7jpsWV3dq34xKOv37Ny2YsHPrDvpbnj/wAAAMDCaXe/BAAAAAAAAAAAAAAA8MZ7/j/2rm0WL/3+P6yffbzR7//jdf/i7wveWpc71tp6/b/8/kUfv2v37JKFjwyF8N5iYOverWeE/Nr8y4uBBz+74m3VxN60xP3Pnf9CNfG5NPCxlWe+Vk2clwQ2xEUS354G4lUVX1uaBOLyiv+eBuJ4HEwDvXngq0uzfnSkY/XTwWysOtKxenowhOFCoDZW9w5mbXSkHbwlCdQ6+IU0EDv453mgM92quwayrYqBwVj0toFsqwAAOG3Fb4E9Ycv0zNR4/Aofb8/urr+N6pYsu7ZcbUebzT+TL0326bvXD7aT7kq/i85da7wnVKpdWF36ulrM0jHby5NTS4uhe2uDLrda7a2zQbnUsQ5db+Me9WU9Gtu0bWZzT8uOr22dZU13yyyrS5OdYpbO2SFto5Y2tqWNHrU5Nm1scrzfGcbGupJcfxCDI6FOq1dEu7/XL67z1+hVUMxzxZF9v2pWX2n+P9Le/L9S7Ndr+cUA9sQr6/3dsGX+AQAAYGF9dd2vvxH/fer6h59slrc0/x9tb/4f92Dlh4KzvR2H4vX/9w2HMHtp/ZEscEds7pLhEN49m5qMJbIL6l8YS4xngTviDpMVscSGyfqqlsTAwSTwk6E8cCgJHI6BfC/FgZDvyvn7oRA+OJtaX19ieywxkgQ+GQOjSWAsBsaTwNIYmEgCLy/NA5NJ4N9iIEzXj9XdS/OxAgAAOBb5PKun/m5I53kHu1tl6GiVob9Vhs5WGSpNM/SEg416Ee9/O2bo6SiPQnyoJ222L6mllCFeDL/hhrcc3drh/x/W50wLlpqO5x/UzjfoqM9w30e6K6GJ0vx/vL35f3/9bdb64Tj/n7v+Xxb4Qdy8r8VTx0dj4McfrQ/kOwYOx8nuDbWqJvMS+aT9hlhiIgZGk8D2GJhIAhvW54H9b6sP5DPtWuP7ao1P5yUKAQAAADjl4g6CuJsmzv9v2/mVgWblSvP/ifbm/7G9gWJj18VajywN4d6Oua2pBVYOZoG4H2Mw/jz+HYMhnFHYwVErMdWflehNGg7f78t+od6bVvW9vuzHB/H+RU889OCN1cQtfSEsK+x9qbXxbCVroy8NnNObBfrTwLbuLBD3/NQC3+3MAnDCansF4wsqP9WlZmT+cg1ef2+Wa4Km3SvtA50n33y/uVoopR2u+T7VmmN72pruv+WkKb09Dnm3LcZ324h3W/GLVP4N5ehcqBI6N09t2XjlzK74SPGXrCUL9DwXf6XaTvokvA73HP/WtlZJN2A8+fgYn7/c/K/DjljdTY8tu7NrxScevWflshcPfGDfS21vRgPxh8IPXfOvgz8qDO9Cq4T8NbfoPk8mfZ4siv8Gknf3qKcthLD+5a/f0Cxemv9Ptjf/705uZ/06DubO4RDeVxjcR+Lw//Fw9jlYCGSfkm8pB7JD7v811PCTEwAAAE622u6O2v6C6fw2OyE8nSeX80+GcHT4GPLH/RUT8+Zvd7v7//qzy5rFS/P/Dc3n/0uSzXT83/F/Fojj//M63XdFL0kf2HNCu6JL1bEgHP+f1+n+bnP8f16O/zv+Px/H/1tw/H9ep/vTVvqWtN2XrhDCi3/0wNPN4qX5//b25v/W/5t/0b7a+n8bGq3/t73R+n97rP8HAAAsqAYLzaXzvNLqfaUM6ep9pQwtFwhsucRg8/X/mqyz96ZZ/680qK3W/3vh7Gd/E5oozf/3tDf/jy+HgWLri2X9v9H1Daq6OQa2WxgQAACA01GjfRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8se77h//Z3Cz+8G8vePq5iycu27vu4pevueDMx0OYnn28Iwt39F9/68TP7zz/rr33rbntniMXvr+Sl+vJb3+3Lnes9fWhEPYXHhmMiVeGqnfmAhd9/K7d3dXEI0MhvLcY2Lp36xnVxLeGQlheDDz42RVvqyb2piXuf+78F6qJz6WBj60887Vq4rw80JFu7j8uzTa3I93cG5eGMFwI1Db3sqX1VdXa+NM80Jm28U+DWRsxMBiLfmMwayMGZmKJ6SUhrOoOoSut6uFKVlVXWtW/VLKqutKqvlwJ4bwQQnda1XO9WVXdac8f782qioGz3nPg1XOqif29IawqBp78zO0frCa+kARqjf9Fbwjvqr5k0sa/3ZM13pM2fktPCO8MIfSmJX7ZnZXoTUs83x3CWwqBWuOf7w5hd+BNIX741H2i7dx99daNMzNTOxYw0Zu31Re2TM9MjW3aNrO5kmxTIx2F9NFrj7/vz7z6pU3V20/fvX6wnXR3Xq5ndpPX9NTdXXu6b33crv5iJXPPR6n+mL83DIQlV+6c2jH2xY27du1Ynf1tN/ua7G9XHs3GavViGavlxUpW7bp8+6qdu69eOX35xkunLp26YvWH1oyfO752/MPnrqr2ajz7ezK6evup7+rZ3YVKTsUHgISExGJLdNZ9uo2f7h/kpS/6cxvaEyqzH9ClaUUxS8dsL09Gp9cdZ4+P53tKyx6tLk0cSlnWzJPl2vosa0uTibla+rIss9/rSpPDYmOds0Ma73eGsbGuRuMwUn+3OLw/O4HhfSofunbTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP+xAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswLEAAAAAgDB/6zB6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAD//56HJTY=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='pids.current\x00', 0x275a, 0x0)
pwritev2(r0, &(0x7f0000000000)=[{&(0x7f0000000100)="46e97e0baa69", 0x6}], 0x1, 0x4, 0xb, 0x0)
lseek(r0, 0x5, 0x3)

348.291012ms ago: executing program 5 (id=1712):
syz_mount_image$udf(&(0x7f0000000c40), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='noadinicb,nostrict,mode=00000000000000000000004,uid=forget,noadinicb,umask=00000000000000040002000,lastblock=00000000000000000013,undelete,partition=00000000000000000005,\x00'], 0x43, 0xc11, &(0x7f0000000d00)="$eJzs3V1oXOl5B/DnnSOtRto00WYTb9Jm04GUxCi18VdsBZcgZxW1AccbIit0r6LRh51h5ZGR5MabtkFtSQu9Cd2b0psimi4t5KJX3V5WabaQUAol5CK9KAiaLHvRC10ECi0bhXPmHWlky7ayXlvS7u+3zP7PnHnO+P0YnzkCvzoBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAER89nOXTp1OB90KAOBxujL5pVNnff8DwLvKVT//AwAAAAAAAAAAAADAYZeiiGORYujVzTRdPe+oX261b92eGp/Y+7DBFClqUVT15aN++szZc586f2G0m/c//u324Xh+8uqlxnOLN24uzS8vz881ptqt2cW5+X2/w8Mef6eRagAaN168NXft2nLjzMmzu16+Pfz6wJPHhi9eOHF+tFs7NT4xMdlT09f/lv/0u9xrhccTUUQzUrw5/EZqRkQtHn4sHvDZedQGq06MVJ2YGp+oOrLQarZXyhdTLVfVIho9B411x+gxzMVDGYtYLZtfNnik7N7kzeZSc2ZhvvHF5tJKa6W12E61TmvL/jSiFqMpYi0iNgbufrv+KOKjkeLlU5tpJiKK7jh8sloY/OD21B5BH/ehbGejP2KtdgTm7BAbiCKuRIqfvXY8Zssxy4/4eMQXynw14pUyPxORyg/GuYif7vE54mjqiyL+PVIsps00V50PuueVy19ufL59bbGntnteOfLfD4/TIT831aOImeqMv5ne+sUOAAAAAAAAAAAAAAAAAG+3wSji25HiT579vWpdcVTr0t93cfQ9L/x275rxZx7wPmXtyYhYre1vTW5/XjqcauV/j6Bj7Es9ivhGXv/3RwfdGAAAAAAAAAAAAAAAAAAAgHe1Il6IFF85cTytRe89xVvt642rzZmFzl1hu/f+7d4zfWtra6uROjmWczrnas61nOs5N3JGLR+fcyzndM7VnGs513Nu5IwiH59zLOd0ztWcaznXc27kjL58fM6xnNM5V3Ou5VzPuZEzDsm9ewEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3klqUcTPI8W3vraZIkXEWMR0dHJ94KBbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACU6qmIk5Fi/YV69XytFnE1In6+tbXVfUTEZpkP66D7CgAAAAAAAAAAAAAAAAAAAIdWKuJjkeLp/9tMjYi4Pfz6wJPHhi9eOHF+tIgiUlnSW//85NVLjecWb9xcml9enp9rTLVbs4tz8/v94+qXW+1bt6fGJx5JZx5o8BG3f7D+3OLNl5Za17+6sufrQ/VLM8srS83ZvV+OwahFTPfuGakaPDU+UTV6odVsV4em2j0aWIsY229nAAAAAAAAAAAAAAAAAAAAODSGUhGfixQ/+a9zqbtuvK+z5v9XOs+K7dpX/mDndwEs3JFdvb8/YD/bab8NHakW3jemxicmJnt29/XfXVq2KaUinokUn3j5Q9V6+BRDe66NL+veW9bdOJfrhn+trFvdVVUfmRqfaFxZbJ+4tLCwONtcac4szDcmbzZn9/2LAwAAAAAAAAAAAAAAAAAAAOA+hlIRP4oU//P3/5G6953P6//7Os961v//VrWEvlJPu3Nbtbb/vdXa/s72+y6ODn302XvtfxTr/8s2pVTENyPF2R99qLqffnf9//QdtWXdn0WKN579SK6rPVHWNbvd6bzjtdbC/Kmy9q8jxa+/2a2NqvZ6rn16p/Z0WTsYKf5yc3ftV3PtB3Zqz5S1xyPF9/5779oP7tSeLWt/Ein+6e8a3dqhsvb3c+2xndqTs4sLcw8a1nL+vxMp/vbK76Run+85/z2//2H1jtx215zff/vtmv/hnn2reV7/NM9/8wHzfz5SfKf+kVzXGfuZ/PpT1f935v8TkeI//2137bVc+/6d2tP77dZBK+f/25Hiu3/14+0+5/nPI7szQ73z/6t9u3P7U3JA8/9Uz77h3K7ZX3Is3o2WX/r6i82FhfklGzZs2NjeOOgzE49D+f3/55Hi/48VqXsdk7//39N5tnP997/f2Pn+v3hHbjug7//39+y7mK9a+vsi6is3bvY/E1FffunrJ1o3mtfnr8+3z5w+9elPnz996vT5/ie6F3c7W/seu3eCcv5/ECl++A8/3P45Zvf1397X/0N35LYDmv+ne/u067pm30PxrlTO/99Eiqc+++Ptnzfvd/3f/fn/+Md25/bfvwOa/w/07BvO7Wr9kmMBAAAAAAAAAABwlAylIv4iUvzuH/9m6q4h2s+//5u7I7cd0L//Otazb+4xrWvY9yADABwi5fXfByPFP299f3st9+7rv/iNbm3v9d+9HIb7/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFGXoog/jBRDr26m9YHyeUf9cqt96/bU+MTehw2mSFGLoqovH/XTZ86e+9T5C6PdvP/xb7cPx/OTVy81nlu8cXNpfnl5fq4x1W7NLs7N7/sdHvb4O41UA9C48eKtuWvXlhtnTp7d9fLt4dcHnjw2fPHCifOj3dqp8YmJyZ6avv63/KffJd1j/xNRxPcjxZvDb6TvDkTU4uHH4gGfnUdtsOrESNWJqfGJqiMLrWZ7pXwx1XJVLaLRc9BYd4wew1w8lLGI1bL5ZYNHyu5N3mwuNWcW5htfbC6ttFZai+1U67S27E8jajGaItYiYmPg7rfrjyK+GSlePrWZ/mUgouiOwyevTH7p1NkHt6f2CPq4D2U7G/0Ra7UjMGeH2EAU8Y+R4mevHY/vDUT0RecRH4/4QpmvRrxS5mciUvnBOBfx0z0+RxxNfVHEuUixmDbTawPl+aB7Xrn85cbn29cWe2q755Uj//3wOB3yc1M9ivhBdcbfTP/q7zUAAAAAAAAAAAAAAADAIVLEWqT4yonjqVofvL2muNW+3rjanFnoLOvrrv3rrpne2traaqROjuWczrmacy3nes6NnFHLx+ccyzmdczXnWs71nBs5o8jH5xzLOZ1zNedazvWcGzmjLx+fcyzndM7VnGs513Nu5IxDsnYPAAAAAAAAAAAAAAAAAAB4Z6lFUd3F/Vtf20xbA537S09HJ9fdD/Qd7xcBAAD//0kCdPc=")
openat(0xffffffffffffff9c, &(0x7f0000000540)='./file1\x00', 0x2042, 0x2a)
unlinkat(0xffffffffffffff9c, &(0x7f0000000c40)='./file1\x00', 0x0)
renameat2(0xffffffffffffff9c, &(0x7f00000007c0)='./file3\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file1\x00', 0x0)

246.397241ms ago: executing program 0 (id=1713):
syz_mount_image$erofs(&(0x7f0000000040), &(0x7f0000000140)='./file2\x00', 0x320c8cc, &(0x7f00000003c0)=ANY=[], 0x1, 0x1f3, &(0x7f0000001880)="$eJzslc+q00AUxr+ZxKT3Ij6AGxde8LowbXJB3Fy4d+PKheCfiwvBYtNSTa20XdiCaJ/AvTsXPoaiWxf6BlIF0U3dqOuRyUwmQ0mrMS0Knh90+k3m5MyZM5MzIAjiv+Xjhx8z8X3/cw3AcezA18+/OLkNt+zf174+fH3p4tGTm8/f+LNgq8inEL8/vwvg1aGDd+ZdIWynO/r/KrjR18BxVusjMARa3wLHda1jMNzQ+o6l+9I+CNrdJA5u95OWFA3ZhLKJ2t2EuYvxzacMLSs+Zo0Px5O7zSSJBxsUv8rf/JBj38SHmj1+ASrahpW/EByh1ntguGJs/Sw3KiXW+k+6+fqdlev3UHHZnwDkT9oFNrzqFJnw5FTLbbKFFgwBbF17H52o7ifb87KvO0iFU/p1rtIiT8XmP4AKAu7aHAq/4CT4q85PdfH2pRZ8pfGLA7V/JtRHql9u0oMlQ15JPzrzpj6JZwxnrPqpSsnT9Kqpj3r368Px5Fy31+zEnfheFO2db2wDiOppIVLtsvLnA1tpfdrO/RfeSRKPeXjQHI0GoWpNP1JtUcXlcDGfcuyexjHZl9XUW/D7zdIs/cmvgz1WvV27XConBEEQ/wCnwNKanNblTOjbxAwIEV3+y3ESBEEQBEEQBEEQBPHn/AwAAP//W8NQxQ==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000002180)='./file0\x00', 0x0, 0x1c1)
ioctl$FS_IOC_GET_ENCRYPTION_PWSALT(r0, 0x80086601, 0x0)

246.198023ms ago: executing program 3 (id=1714):
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x2})
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000040)={0xffffffffffffffff, 0x0, 0x2a, 0x0, &(0x7f0000000300)="e30080670000ec67838717bd86dde148f06309feffffff44fe52904b3df7a5d706af24246d60df20afe4", 0x0, 0x407, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0xc}, 0x50)
r0 = syz_open_dev$sg(&(0x7f00000000c0), 0x6f5e, 0x28101)
ioctl$FIBMAP(r0, 0x1, &(0x7f0000000040)=0x85)

41.551374ms ago: executing program 3 (id=1715):
syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file2\x00', 0x200000, &(0x7f00000000c0)=ANY=[], 0xbe, 0x1cf, &(0x7f0000000240)="$eJzs28uO0lAcx/FfKYWZ8X7buDJxoRsHHd24cx7AF3A3GSohFjXiBmKiPopvwpv4ApDozpU1vUBabMuR25Hh+0lm+IfD75xT0kNPFxWAvXU9/u/IkRdXYRh+vifp1UtJdcuTA7BRoX6HAPaV+8P2DADYMTl1433AyJG+//x0Pk7/PMP9w+S0lhQHkjL5hmn+qxO/3q1L40y+mXa5cP/yLck/UD5/WJpoFo5/NJc/WjCuM8snx//wfj5/SdJlSVckXZV0TVL0Td+QdDOJfsmO354b/47BsQOris6+41XzK3QQrZ7X3cB/XNToLs57af5JcXPmJ2RU+IFGmj8xnG9Z/umS+WaaPz5/F7QL2mtL9guYqFle/670K5xf/y/M8/Xq9Q+gQn8wfHMWBP6HfnSxjYvZO2WFFxfTfXTVh6OrY+YdGQ9BYbU4KGjycmfLpovG+jo8rDjrosuXxe85mtq/pKardhsztPaTBGBLWh9771v9wfBRt3fW8Tv+25Nnz6e33fF9eav07hzAjstvzgEAAAAAAAAAAAAAwC66Jen2MkHTB/wAAAAA/DfW+8yQJ+nvJtvHCAAAAAAAAAAAAAAAAAAAAFwUfwIAAP//olU77g==")
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x1000002, 0x11, r0, 0x0)

38.164977ms ago: executing program 0 (id=1716):
r0 = socket$tipc(0x1e, 0x2, 0x0)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000780)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv6_newnexthop={0x38, 0x68, 0x1, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NHA_ENCAP_TYPE={0x6, 0x7, 0x8}, @NHA_ENCAP={0x10, 0x8, 0x0, 0x1, @LWT_BPF_IN={0xc, 0x1, 0x0, 0x1, @LWT_BPF_PROG_FD={0x8}}}, @NHA_OIF={0x8, 0x5, r2}]}, 0x38}, 0x1, 0x0, 0x0, 0x804}, 0x4040040)

1.528056ms ago: executing program 5 (id=1717):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
r0 = socket(0x15, 0x5, 0x0)
getsockopt(r0, 0x200000000114, 0x271e, &(0x7f0000000580)=""/102393, &(0x7f0000000040)=0x18ff9)

0s ago: executing program 1 (id=1718):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000400)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010080000000000000006600000008000300", @ANYRES32=r2, @ANYBLOB="080026007f0900000800b7"], 0x2c}, 0x1, 0x0, 0x0, 0x4008800}, 0x0)

kernel console output (not intermixed with test programs):

 of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  172.102707][ T5823] EXT4-fs error (device loop4): ext4_readdir:265: inode #11: block 20: comm syz-executor: path /189/file0/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=393216, rec_len=1024, size=1024 fake=0
[  172.173484][ T5823] EXT4-fs error (device loop4): ext4_empty_dir:3118: inode #11: block 20: comm syz-executor: bad entry in directory: inode out of bounds - offset=6144, inode=393216, rec_len=1024, size=1024 fake=0
[  172.238746][ T8597] loop1: detected capacity change from 0 to 512
[  172.250524][ T8597] EXT4-fs: Ignoring removed i_version option
[  172.277509][ T8597] EXT4-fs: Ignoring removed oldalloc option
[  172.296733][ T5823] EXT4-fs error (device loop4): ext4_readdir:265: inode #11: block 20: comm syz-executor: path /189/file0/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=393216, rec_len=1024, size=1024 fake=0
[  172.325764][ T8597] EXT4-fs (loop1): Test dummy encryption mode enabled
[  172.358178][ T8597] EXT4-fs (loop1): 1 truncate cleaned up
[  172.395066][ T5823] EXT4-fs error (device loop4): ext4_empty_dir:3118: inode #11: block 20: comm syz-executor: bad entry in directory: inode out of bounds - offset=6144, inode=393216, rec_len=1024, size=1024 fake=0
[  172.426840][ T8597] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  172.502504][ T5823] EXT4-fs error (device loop4): ext4_readdir:265: inode #11: block 20: comm syz-executor: path /189/file0/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=393216, rec_len=1024, size=1024 fake=0
[  172.545537][ T5823] EXT4-fs error (device loop4): ext4_empty_dir:3118: inode #11: block 20: comm syz-executor: bad entry in directory: inode out of bounds - offset=6144, inode=393216, rec_len=1024, size=1024 fake=0
[  172.582875][ T8597] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  172.583525][ T5823] EXT4-fs error (device loop4): ext4_readdir:265: inode #11: block 20: comm syz-executor: path /189/file0/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=393216, rec_len=1024, size=1024 fake=0
[  172.628894][ T8605] netlink: 12 bytes leftover after parsing attributes in process `syz.2.947'.
[  172.679452][ T5834] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  172.694398][ T5823] EXT4-fs error (device loop4): ext4_empty_dir:3118: inode #11: block 20: comm syz-executor: bad entry in directory: inode out of bounds - offset=6144, inode=393216, rec_len=1024, size=1024 fake=0
[  172.788629][ T5823] EXT4-fs error (device loop4): ext4_readdir:265: inode #11: block 20: comm syz-executor: path /189/file0/lost+found: bad entry in directory: inode out of bounds - offset=0, inode=393216, rec_len=1024, size=1024 fake=0
[  172.814907][ T5823] EXT4-fs error (device loop4): ext4_empty_dir:3118: inode #11: block 20: comm syz-executor: bad entry in directory: inode out of bounds - offset=6144, inode=393216, rec_len=1024, size=1024 fake=0
[  173.006471][ T8612] loop0: detected capacity change from 0 to 1024
[  173.046020][ T8612] EXT4-fs: Ignoring removed bh option
[  173.104627][ T8612] EXT4-fs (loop0): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  173.153083][ T8612] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.207745][ T8612] EXT4-fs error (device loop0): ext4_find_dest_de:2050: inode #12: block 7: comm syz.0.953: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0
[  173.272649][ T8612] EXT4-fs (loop0): Remounting filesystem read-only
[  173.338566][ T5822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.641315][ T8632] loop3: detected capacity change from 0 to 1024
[  173.704032][ T8632] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  173.828228][ T8641] netlink: 64 bytes leftover after parsing attributes in process `syz.1.964'.
[  173.840671][ T5823] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.922159][ T5830] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.299657][ T1039] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.518248][ T1039] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.703293][ T1039] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.734020][ T8646] loop3: detected capacity change from 0 to 32768
[  174.783709][ T5838] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  174.796676][ T8646] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  174.797272][ T5838] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  174.820219][ T5838] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  174.839451][ T8643] loop1: detected capacity change from 0 to 40427
[  174.843342][ T5838] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  174.853646][ T8643] F2FS-fs (loop1): Image doesn't support compression
[  174.862067][ T5838] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  174.877612][ T8643] F2FS-fs (loop1): build fault injection rate: 690
[  174.927391][ T1039] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  174.958490][ T8643] F2FS-fs (loop1): invalid crc value
[  175.075830][ T8646] XFS (loop3): Ending clean mount
[  175.135082][ T8646] XFS (loop3): Quotacheck needed: Please wait.
[  175.237708][ T8646] XFS (loop3): Quotacheck: Done.
[  175.282293][ T8643] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  175.358172][ T8643] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  175.360296][ T5830] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  175.463924][ T5834] syz-executor: attempt to access beyond end of device
[  175.463924][ T5834] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  175.493296][ T5834] CPU: 1 UID: 0 PID: 5834 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  175.493322][ T5834] Tainted: [L]=SOFTLOCKUP
[  175.493327][ T5834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  175.493335][ T5834] Call Trace:
[  175.493341][ T5834]  <TASK>
[  175.493348][ T5834]  dump_stack_lvl+0xe8/0x150
[  175.493373][ T5834]  f2fs_handle_critical_error+0x37c/0x540
[  175.493398][ T5834]  f2fs_write_end_io+0xcdb/0xff0
[  175.493433][ T5834]  __submit_merged_bio+0x256/0x650
[  175.493455][ T5834]  __submit_merged_write_cond+0x3c3/0x4e0
[  175.493478][ T5834]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  175.493514][ T5834]  f2fs_write_data_pages+0x2970/0x35e0
[  175.493532][ T5834]  ? __lock_acquire+0x6b5/0x2cf0
[  175.493578][ T5834]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  175.493609][ T5834]  ? css_rstat_updated+0x23a/0x530
[  175.493644][ T5834]  ? rcu_is_watching+0x15/0xb0
[  175.493665][ T5834]  ? __lock_acquire+0x6b5/0x2cf0
[  175.493693][ T5834]  ? __lock_acquire+0x6b5/0x2cf0
[  175.493716][ T5834]  ? do_raw_spin_lock+0x12b/0x2f0
[  175.493740][ T5834]  ? do_raw_spin_unlock+0xf5/0x210
[  175.493754][ T5834]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  175.493774][ T5834]  do_writepages+0x32e/0x550
[  175.493801][ T5834]  ? do_raw_spin_unlock+0xf5/0x210
[  175.493819][ T5834]  filemap_fdatawrite+0x1e9/0x2f0
[  175.493840][ T5834]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  175.493906][ T5834]  ? do_raw_spin_unlock+0xf5/0x210
[  175.493924][ T5834]  f2fs_sync_dirty_inodes+0x30e/0x810
[  175.493957][ T5834]  f2fs_write_checkpoint+0x9cf/0x2680
[  175.494008][ T5834]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  175.494071][ T5834]  kill_f2fs_super+0x314/0x720
[  175.494093][ T5834]  ? __pfx_kill_f2fs_super+0x10/0x10
[  175.494121][ T5834]  ? lockdep_hardirqs_on+0x7a/0x110
[  175.494146][ T5834]  deactivate_locked_super+0xbc/0x130
[  175.494166][ T5834]  cleanup_mnt+0x437/0x4d0
[  175.494184][ T5834]  ? _raw_spin_unlock_irq+0x23/0x50
[  175.494206][ T5834]  task_work_run+0x1d9/0x270
[  175.494222][ T5834]  ? __pfx_task_work_run+0x10/0x10
[  175.494244][ T5834]  exit_to_user_mode_loop+0xed/0x480
[  175.494259][ T5834]  ? rcu_is_watching+0x15/0xb0
[  175.494278][ T5834]  do_syscall_64+0x2b7/0xf80
[  175.494291][ T5834]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.494304][ T5834]  ? trace_irq_disable+0x37/0x100
[  175.494320][ T5834]  ? clear_bhb_loop+0x40/0x90
[  175.494336][ T5834]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  175.494349][ T5834] RIP: 0033:0x7f9e1c79c117
[  175.494363][ T5834] Code: a2 c7 05 7c 94 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  175.494374][ T5834] RSP: 002b:00007fffe2650788 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  175.494389][ T5834] RAX: 0000000000000000 RBX: 00007f9e1c80471f RCX: 00007f9e1c79c117
[  175.494397][ T5834] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffe2650840
[  175.494405][ T5834] RBP: 00007fffe2650840 R08: 00007fffe2651840 R09: 00000000ffffffff
[  175.494414][ T5834] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffe26518d0
[  175.494421][ T5834] R13: 00007f9e1c80471f R14: 000000000002ad27 R15: 00007fffe2651910
[  175.494446][ T5834]  </TASK>
[  175.494452][ T5834] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  175.651299][ T8653] loop0: detected capacity change from 0 to 40427
[  175.857897][ T8653] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  175.882739][ T8653] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  175.928897][ T1039] bridge_slave_1: left allmulticast mode
[  175.934843][ T1039] bridge_slave_1: left promiscuous mode
[  175.937057][ T8653] F2FS-fs (loop0): invalid crc value
[  175.959312][ T1039] bridge0: port 2(bridge_slave_1) entered disabled state
[  176.079615][ T1039] bridge_slave_0: left allmulticast mode
[  176.085395][ T1039] bridge_slave_0: left promiscuous mode
[  176.099553][ T1039] bridge0: port 1(bridge_slave_0) entered disabled state
[  176.136016][ T8670] loop2: detected capacity change from 0 to 40427
[  176.162989][ T8670] F2FS-fs (loop2): Wrong SSA boundary, start(3584) end(4096) blocks(0)
[  176.205829][ T8670] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  176.214387][ T8670] F2FS-fs (loop2): build fault injection type: 0x6
[  176.228040][ T8653] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  176.246740][ T8670] F2FS-fs (loop2): invalid crc value
[  176.286264][ T8653] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  176.294327][ T8653] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  176.454277][ T8670] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  176.503217][ T8670] F2FS-fs (loop2): Start checkpoint disabled!
[  176.523350][ T8670] F2FS-fs (loop2): f2fs_disable_checkpoint() finish, err:0
[  176.549630][ T8670] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  176.568682][ T8670] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  176.585827][ T8676] loop3: detected capacity change from 0 to 32768
[  176.635925][ T8676] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  176.723332][ T8676] XFS (loop3): Ending clean mount
[  176.734194][ T8676] XFS (loop3): Quotacheck needed: Please wait.
[  176.752709][   T74] kworker/u8:4: attempt to access beyond end of device
[  176.752709][   T74] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  176.796416][   T74] CPU: 0 UID: 0 PID: 74 Comm: kworker/u8:4 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  176.796441][   T74] Tainted: [L]=SOFTLOCKUP
[  176.796447][   T74] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  176.796456][   T74] Workqueue: writeback wb_workfn (flush-7:2)
[  176.796488][   T74] Call Trace:
[  176.796494][   T74]  <TASK>
[  176.796501][   T74]  dump_stack_lvl+0xe8/0x150
[  176.796524][   T74]  f2fs_handle_critical_error+0x37c/0x540
[  176.796549][   T74]  f2fs_write_end_io+0xcdb/0xff0
[  176.796587][   T74]  __submit_merged_bio+0x256/0x650
[  176.796612][   T74]  __submit_merged_write_cond+0x3c3/0x4e0
[  176.796638][   T74]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  176.796679][   T74]  f2fs_write_data_pages+0x2970/0x35e0
[  176.796735][   T74]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  176.796807][   T74]  ? __lock_acquire+0x6b5/0x2cf0
[  176.796845][   T74]  ? __lock_acquire+0x6b5/0x2cf0
[  176.796865][   T74]  ? folio_try_get+0x1c/0x340
[  176.796903][   T74]  ? filemap_get_entry+0xca/0x320
[  176.796924][   T74]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  176.796943][   T74]  do_writepages+0x32e/0x550
[  176.796970][   T74]  ? reacquire_held_locks+0x104/0x190
[  176.796987][   T74]  ? writeback_sb_inodes+0x42a/0x1940
[  176.797011][   T74]  __writeback_single_inode+0x133/0x1060
[  176.797029][   T74]  ? do_raw_spin_unlock+0xf5/0x210
[  176.797048][   T74]  writeback_sb_inodes+0x92e/0x1940
[  176.797091][   T74]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  176.797106][   T74]  ? do_raw_spin_lock+0x12b/0x2f0
[  176.797161][   T74]  ? rcu_is_watching+0x15/0xb0
[  176.797190][   T74]  wb_writeback+0x445/0xad0
[  176.797210][   T74]  ? queue_io+0x211/0x450
[  176.797234][   T74]  ? __pfx_wb_writeback+0x10/0x10
[  176.797248][   T74]  ? do_raw_spin_lock+0x12b/0x2f0
[  176.797279][   T74]  wb_workfn+0x3f8/0xef0
[  176.797298][   T74]  ? look_up_lock_class+0x57/0x110
[  176.797333][   T74]  ? __pfx_wb_workfn+0x10/0x10
[  176.797360][   T74]  ? do_raw_spin_unlock+0xf5/0x210
[  176.797379][   T74]  ? process_one_work+0x87c/0x15a0
[  176.797399][   T74]  ? process_one_work+0x87c/0x15a0
[  176.797428][   T74]  ? process_one_work+0x87c/0x15a0
[  176.797443][   T74]  process_one_work+0x949/0x15a0
[  176.797483][   T74]  ? __pfx_process_one_work+0x10/0x10
[  176.797497][   T74]  ? do_raw_spin_lock+0x12b/0x2f0
[  176.797529][   T74]  worker_thread+0xb46/0x1140
[  176.797557][   T74]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  176.797594][   T74]  kthread+0x388/0x470
[  176.797609][   T74]  ? __pfx_worker_thread+0x10/0x10
[  176.797624][   T74]  ? __pfx_kthread+0x10/0x10
[  176.797646][   T74]  ret_from_fork+0x51b/0xa40
[  176.797667][   T74]  ? __pfx_ret_from_fork+0x10/0x10
[  176.797682][   T74]  ? __switch_to+0xc7d/0x1400
[  176.797702][   T74]  ? __pfx_kthread+0x10/0x10
[  176.797722][   T74]  ret_from_fork_asm+0x1a/0x30
[  176.797757][   T74]  </TASK>
[  176.797763][   T74] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  176.844699][ T8676] XFS (loop3): Quotacheck: Done.
[  176.940074][ T5148] Bluetooth: hci3: Invalid handle: 0x20c9 > 0x0eff
[  176.966220][ T5838] Bluetooth: hci1: command tx timeout
[  177.261238][ T5830] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  177.317206][ T8698] loop0: detected capacity change from 0 to 256
[  177.562792][ T8698] FAT-fs (loop0): Directory bread(block 64) failed
[  177.579089][ T8698] FAT-fs (loop0): Directory bread(block 65) failed
[  177.588060][ T8698] FAT-fs (loop0): Directory bread(block 66) failed
[  177.594612][ T8698] FAT-fs (loop0): Directory bread(block 67) failed
[  177.601921][ T8698] FAT-fs (loop0): Directory bread(block 68) failed
[  177.648602][ T8698] FAT-fs (loop0): Directory bread(block 69) failed
[  177.655359][ T8698] FAT-fs (loop0): Directory bread(block 70) failed
[  177.668540][ T8698] FAT-fs (loop0): Directory bread(block 71) failed
[  177.675167][ T8698] FAT-fs (loop0): Directory bread(block 72) failed
[  177.697831][ T8698] FAT-fs (loop0): Directory bread(block 73) failed
[  177.734960][ T8708] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.980'.
[  177.828064][ T1039] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  177.852572][ T1039] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  177.878790][ T1039] bond0 (unregistering): Released all slaves
[  178.034585][ T8656] chnl_net:caif_netlink_parms(): no params data found
[  178.221377][ T8720] netlink: 'syz.2.986': attribute type 11 has an invalid length.
[  179.178456][ T5838] Bluetooth: hci1: command tx timeout
[  179.212438][ T8755] loop6: detected capacity change from 0 to 524287999
[  179.330597][ T8758] vivid-007: disconnect
[  179.355825][ T8757] vivid-007: reconnect
[  179.373108][ T8733] loop0: detected capacity change from 0 to 32768
[  179.502050][ T8733] JBD2: Ignoring recovery information on journal
[  179.546334][ T8764] netlink: 6 bytes leftover after parsing attributes in process `syz.1.997'.
[  179.576904][ T8656] bridge0: port 1(bridge_slave_0) entered blocking state
[  179.584049][ T8656] bridge0: port 1(bridge_slave_0) entered disabled state
[  179.676054][ T8656] bridge_slave_0: entered allmulticast mode
[  179.687759][ T8733] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  179.707340][ T8656] bridge_slave_0: entered promiscuous mode
[  179.781838][ T8771] loop1: detected capacity change from 0 to 256
[  179.814775][ T1039] hsr_slave_0: left promiscuous mode
[  179.847937][ T1039] hsr_slave_1: left promiscuous mode
[  179.854097][ T1039] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  179.860529][ T8771] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d)
[  179.891944][ T1039] batman_adv: batadv0: Removing interface: batadv_slave_0
[  179.970059][ T1039] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  179.970097][ T1039] batman_adv: batadv0: Removing interface: batadv_slave_1
[  180.036299][ T5822] ocfs2: Unmounting device (7,0) on (node local)
[  180.114881][ T1039] veth1_macvtap: left promiscuous mode
[  180.137191][ T1039] veth0_macvtap: left promiscuous mode
[  180.164768][ T1039] veth1_vlan: left promiscuous mode
[  180.176143][ T1039] veth0_vlan: left promiscuous mode
[  180.577508][ T8786] loop1: detected capacity change from 0 to 8192
[  180.618943][ T8786] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  180.670441][ T8795] loop0: detected capacity change from 0 to 64
[  181.193448][ T8807] loop3: detected capacity change from 0 to 1024
[  181.208771][ T8803] loop2: detected capacity change from 0 to 4096
[  181.274212][ T5832] Bluetooth: hci1: command tx timeout
[  181.280168][ T8803] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  181.322207][ T8803] ntfs3(loop2): ino=1a, mi_enum_attr
[  181.351592][ T8807] hfsplus: bad catalog entry type
[  181.378785][ T8803] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  181.429931][ T8803] ntfs3(loop2): ino=1a, mi_enum_attr
[  181.484616][ T2957] hfsplus: b-tree write err: -5, ino 4
[  181.496332][ T8803] ntfs3(loop2): Failed to initialize $Extend/$Reparse.
[  181.611128][ T8803] ntfs3(loop2): ino=5, "/" ntfs_readdir
[  182.235818][ T5919] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  182.385989][ T5919] usb 4-1: Using ep0 maxpacket: 16
[  182.402718][ T5919] usb 4-1: New USB device found, idVendor=0db0, idProduct=5581, bcdDevice=f9.22
[  182.424832][ T5919] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  182.434008][ T5919] usb 4-1: Product: syz
[  182.452226][ T5919] usb 4-1: Manufacturer: syz
[  182.457288][ T5919] usb 4-1: SerialNumber: syz
[  182.468089][ T1039] team0 (unregistering): Port device team_slave_1 removed
[  182.541732][ T1039] team0 (unregistering): Port device team_slave_0 removed
[  182.687376][ T5919] usb 4-1: dvb_usb_v2: found a 'MSI Mega Sky 55801 DVB-T USB2.0' in warm state
[  182.734460][ T5919] usb 4-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  182.765083][ T5919] dvbdev: DVB: registering new adapter (MSI Mega Sky 55801 DVB-T USB2.0)
[  182.788019][ T5919] usb 4-1: media controller created
[  182.814530][ T8831] loop0: detected capacity change from 0 to 32768
[  182.835415][ T5919] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  182.844154][ T8831] (syz.0.1028,8831,1):ocfs2_validate_inode_block:1449 ERROR: Invalid dinode #66: Corrupt state (nlink = 0 or mode = 5) detected!
[  182.862395][ T8831] (syz.0.1028,8831,1):ocfs2_read_locked_inode:599 ERROR: status = -117
[  182.871035][ T8831] (syz.0.1028,8831,1):ocfs2_init_global_system_inodes:452 ERROR: status = -117
[  182.880416][ T8831] (syz.0.1028,8831,1):ocfs2_init_global_system_inodes:476 ERROR: status = -117
[  182.909780][ T8831] (syz.0.1028,8831,1):ocfs2_initialize_super:2198 ERROR: status = -117
[  182.927782][ T8831] (syz.0.1028,8831,1):ocfs2_fill_super:1177 ERROR: status = -117
[  182.977464][ T5919] zl10353_read_register: readreg error (reg=127, ret==-71)
[  183.157060][ T5919] dvb_usb_gl861 4-1:157.0: probe with driver dvb_usb_gl861 failed with error -5
[  183.217226][ T5919] usb 4-1: USB disconnect, device number 10
[  183.225566][ T8835] loop0: detected capacity change from 0 to 2048
[  183.244437][ T8835] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  183.293652][ T8836] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  183.306854][ T8835] syz.0.1030: attempt to access beyond end of device
[  183.306854][ T8835] loop0: rw=8912896, sector=33554430, nr_sectors = 2 limit=2048
[  183.341575][ T5832] Bluetooth: hci1: command 0x0419 tx timeout
[  183.345543][ T8835] syz.0.1030: attempt to access beyond end of device
[  183.345543][ T8835] loop0: rw=8388608, sector=9437254, nr_sectors = 2 limit=2048
[  183.365944][ T8835] NILFS (loop0): I/O error reading meta-data file (ino=6, block-offset=0)
[  183.759782][ T8656] bridge0: port 2(bridge_slave_1) entered blocking state
[  183.775934][ T8656] bridge0: port 2(bridge_slave_1) entered disabled state
[  183.783417][ T8656] bridge_slave_1: entered allmulticast mode
[  183.791794][ T8656] bridge_slave_1: entered promiscuous mode
[  183.828400][ T8838] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1031'.
[  184.006127][ T8656] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  184.041508][ T8656] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  184.079844][ T8854] loop3: detected capacity change from 0 to 256
[  184.129593][ T8854] exfat: Deprecated parameter 'utf8'
[  184.215752][ T8656] team0: Port device team_slave_0 added
[  184.234675][ T8656] team0: Port device team_slave_1 added
[  184.248254][ T8854] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  184.348751][ T8656] batman_adv: batadv0: Adding interface: batadv_slave_0
[  184.355823][ T8656] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  184.449472][ T8656] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  184.463855][ T8656] batman_adv: batadv0: Adding interface: batadv_slave_1
[  184.511778][ T8656] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  184.616090][ T8656] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  184.667953][ T8867] loop0: detected capacity change from 0 to 16
[  184.714629][ T8867] erofs (device loop0): mounted with root inode @ nid 36.
[  184.730369][ T8850] loop2: detected capacity change from 0 to 32768
[  184.758313][ T8850] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1038 (8850)
[  184.818687][ T8656] hsr_slave_0: entered promiscuous mode
[  184.826133][   T29] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  184.847717][ T8656] hsr_slave_1: entered promiscuous mode
[  184.862949][ T8656] debugfs: 'hsr0' already exists in 'hsr'
[  184.869205][ T8850] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  184.882991][ T8850] BTRFS info (device loop2): using sha256 checksum algorithm
[  184.884902][ T8656] Cannot create hsr debugfs directory
[  184.921653][ T1039] IPVS: stop unused estimator thread 0...
[  184.985910][   T29] usb 4-1: Using ep0 maxpacket: 16
[  184.993586][   T29] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  185.020170][   T29] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  185.023113][ T8873] loop0: detected capacity change from 0 to 512
[  185.045814][   T29] usb 4-1: New USB device found, idVendor=1b1c, idProduct=1b02, bcdDevice= 0.00
[  185.068033][   T29] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.080143][   T29] usb 4-1: config 0 descriptor??
[  185.156295][ T8873] EXT4-fs error (device loop0): ext4_orphan_get:1391: inode #15: comm syz.0.1046: inode has both inline data and extents flags
[  185.247466][ T8850] BTRFS info (device loop2): rebuilding free space tree
[  185.268378][ T8873] loop0: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  185.269052][ T8873] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.1046: couldn't read orphan inode 15 (err -117)
[  185.278281][    C0] EXT4-fs (loop0): error count since last fsck: 1
[  185.278307][    C0] EXT4-fs (loop0): initial error at time 1770020662: ext4_orphan_get:1391: inode 15
[  185.278338][    C0] EXT4-fs (loop0): last error at time 1770020662: ext4_orphan_get:1391: inode 15
[  185.360161][ T8850] BTRFS info (device loop2): disabling free space tree
[  185.398033][ T8873] loop0: lost filesystem error report for type 5 error -117
[  185.399919][ T8873] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  185.426013][ T8850] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  185.437666][ T5838] Bluetooth: hci1: command 0x0419 tx timeout
[  185.454384][ T8850] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  185.497630][   T29] corsair 0003:1B1C:1B02.000E: item fetching failed at offset 3/5
[  185.513383][ T8861] loop1: detected capacity change from 0 to 32768
[  185.533282][ T8850] BTRFS info (device loop2): enabling ssd optimizations
[  185.549366][   T29] corsair 0003:1B1C:1B02.000E: parse failed
[  185.551793][ T8861] 
[  185.551793][ T8861]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  185.551793][ T8861] 
[  185.578977][   T29] corsair 0003:1B1C:1B02.000E: probe with driver corsair failed with error -22
[  185.588129][ T8850] BTRFS info (device loop2): turning on async discard
[  185.594925][ T8850] BTRFS info (device loop2): force clearing of disk cache
[  185.615812][ T8850] BTRFS info (device loop2): enabling auto defrag
[  185.655871][ T8850] BTRFS info (device loop2): max_inline set to 4096
[  185.701142][   T29] usb 4-1: USB disconnect, device number 11
[  185.751076][ T5834] 
[  185.751076][ T5834]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  185.751076][ T5834] 
[  185.786669][ T5834] 
[  185.786669][ T5834]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  185.786669][ T5834] 
[  186.104912][ T5835] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  186.112484][ T8656] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  186.161381][ T8656] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  186.222112][ T8656] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  186.262383][ T5822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.325834][ T8656] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  186.382586][ T8910] loop2: detected capacity change from 0 to 128
[  186.423377][ T8912] loop0: detected capacity change from 0 to 16
[  186.457464][ T8912] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  186.500285][ T8910] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  186.566229][ T8910] ext4 filesystem being mounted at /204/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  186.633721][ T8656] 8021q: adding VLAN 0 to HW filter on device bond0
[  186.656294][ T8656] 8021q: adding VLAN 0 to HW filter on device team0
[  186.720212][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.727547][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  186.831973][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.839250][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  186.937986][ T8928] loop3: detected capacity change from 0 to 1024
[  186.963700][ T8930] sctp: [Deprecated]: syz.1.1054 (pid 8930) Use of struct sctp_assoc_value in delayed_ack socket option.
[  186.963700][ T8930] Use struct sctp_sack_info instead
[  187.001362][ T8928] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  187.023222][ T5835] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  187.072059][ T8928] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  187.272266][ T5830] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  187.721379][ T8656] 8021q: adding VLAN 0 to HW filter on device batadv0
[  188.518861][ T8999] loop2: detected capacity change from 0 to 136
[  188.563511][ T8656] veth0_vlan: entered promiscuous mode
[  188.798820][ T9006] loop1: detected capacity change from 0 to 256
[  189.059907][ T9002] loop3: detected capacity change from 0 to 65536
[  189.087566][ T8999] Attempt to read inode for relocated directory
[  189.102661][ T9002] XFS (loop3): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  189.165197][ T9002] XFS (loop3): Ending clean mount
[  189.203738][ T8656] veth1_vlan: entered promiscuous mode
[  189.223481][ T9002] XFS (loop3): Metadata corruption detected at xfs_dinode_verify+0x1a9/0x1590, inode 0x26 dinode
[  189.235882][ T9002] XFS (loop3): Unmount and run xfs_repair
[  189.241625][ T9002] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  189.249610][ T9002] 00000000: 49 4e 81 ed 03 02 00 00 00 00 00 00 00 00 00 00  IN..............
[  189.259140][ T9002] 00000010: 00 00 00 01 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  189.272236][ T9002] 00000020: 34 f7 58 68 7a bb 44 4d 34 f7 58 68 7a bb 44 4d  4.Xhz.DM4.Xhz.DM
[  189.281196][ T9002] 00000030: 34 f7 58 68 7a bb 44 4d 00 00 00 00 00 00 00 0a  4.Xhz.DM........
[  189.290186][ T9002] 00000040: 00 00 00 00 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  189.299183][ T9002] 00000050: 00 00 25 01 00 00 00 00 00 00 00 00 38 7c 45 d7  ..%.........8|E.
[  189.308032][ T9006] syz.1.1077: attempt to access beyond end of device
[  189.308032][ T9006] loop1: rw=2049, sector=256, nr_sectors = 32 limit=256
[  189.308208][ T9006] syz.1.1077: attempt to access beyond end of device
[  189.308208][ T9006] loop1: rw=2049, sector=352, nr_sectors = 8 limit=256
[  189.339052][ T9002] 00000060: ff ff ff ff da a2 56 a4 00 00 00 00 00 00 00 08  ......V.........
[  189.349415][ T9002] 00000070: 00 00 00 01 00 00 00 10 00 00 00 00 00 00 00 08  ................
[  189.436368][ T5830] XFS (loop3): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  189.468916][ T8656] veth0_macvtap: entered promiscuous mode
[  189.510298][ T8656] veth1_macvtap: entered promiscuous mode
[  189.544328][ T8656] batman_adv: batadv0: Interface activated: batadv_slave_0
[  189.557291][ T8656] batman_adv: batadv0: Interface activated: batadv_slave_1
[  189.572173][ T3459] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  189.606685][ T3459] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  189.697734][ T3459] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  189.748823][ T2957] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  189.965877][ T5935] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  190.121126][ T1039] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  190.145746][ T1039] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  190.151961][ T5935] usb 4-1: Using ep0 maxpacket: 8
[  190.186764][ T5935] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  190.218390][ T5935] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  190.225254][ T2957] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  190.255731][ T2957] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  190.261156][ T5935] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  190.312627][ T5935] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  190.363162][ T5935] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  190.402129][ T5935] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  190.420592][ T5935] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  190.466710][ T5935] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  190.514929][ T5935] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  190.552313][ T5935] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  190.591511][ T5935] usb 4-1: config 168 descriptor has 1 excess byte, ignoring
[  190.600163][ T5935] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  190.622635][ T5935] usb 4-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  190.653033][ T5935] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  190.684655][ T5935] usb 4-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  190.719023][ T5935] usb 4-1: string descriptor 0 read error: -22
[  190.725343][ T5935] usb 4-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  190.750484][ T5935] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  190.784417][ T5935] adutux 4-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  190.918492][ T9059] netlink: 'syz.2.1088': attribute type 14 has an invalid length.
[  190.959655][ T9063] loop5: detected capacity change from 0 to 1024
[  191.077204][ T5935] usb 4-1: USB disconnect, device number 12
[  191.182333][ T9068] program syz.1.1090 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  191.198052][ T9063] hfsplus: bad catalog folder entry
[  191.243620][ T2957] hfsplus: bad catalog folder entry
[  191.253647][ T2957] hfsplus: bad catalog file entry
[  191.266282][ T5827] Bluetooth: hci0: command 0x0406 tx timeout
[  191.272324][ T5833] Bluetooth: hci2: command 0x0406 tx timeout
[  191.279625][   T51] Bluetooth: hci3: command 0x0406 tx timeout
[  191.322232][ T9026] adutux: No device or device unplugged -19
[  191.417055][ T9073] loop1: detected capacity change from 0 to 128
[  191.558790][ T9084] bond0: option resend_igmp: invalid value (14377)
[  191.575422][ T9084] bond0: option resend_igmp: allowed values 0 - 255
[  191.709188][ T9088] netdevsim netdevsim1 netdevsim0: entered promiscuous mode
[  191.856319][ T9092] block nbd1: Unsupported socket: should be TCP or UNIX.
[  191.866686][ T9094] loop0: detected capacity change from 0 to 512
[  191.878384][ T9094] EXT4-fs: Ignoring removed oldalloc option
[  191.933846][ T9094] EXT4-fs (loop0): 1 truncate cleaned up
[  191.978139][ T9094] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.037825][ T9086] loop5: detected capacity change from 0 to 32768
[  192.060724][ T9086] JBD2: Ignoring recovery information on journal
[  192.094605][ T9101] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1103'.
[  192.103829][ T9101] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1103'.
[  192.137745][ T9101] veth3: entered promiscuous mode
[  192.143966][ T9101] veth3: entered allmulticast mode
[  192.145202][ T9086] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  192.343362][ T9109] (syz.5.1097,9109,0):ocfs2_get_block:141 get_block on system inode 0xffff888058d616b8 (65)
[  192.597939][ T9117] Bluetooth: MGMT ver 1.23
[  192.604302][ T9117] Bluetooth: hci0: load_link_keys: expected 3 bytes, got 7 bytes
[  192.617444][ T8656] ocfs2: Unmounting device (7,5) on (node local)
[  192.813739][ T5822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.072109][ T9133] netlink: 52 bytes leftover after parsing attributes in process `syz.5.1109'.
[  193.087208][ T9129] loop0: detected capacity change from 0 to 2048
[  193.151046][ T9129] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  193.173851][ T9129] ext4 filesystem being mounted at /224/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  193.185870][ T5884] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  193.301359][ T9121] loop3: detected capacity change from 0 to 32768
[  193.348205][ T9142] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm syz.0.1114: bg 0: block 345: padding at end of block bitmap is not set
[  193.364669][ T9142] EXT4-fs (loop0): Remounting filesystem read-only
[  193.381845][   T12] EXT4-fs warning (device loop0): ext4_convert_unwritten_extents:5039: inode #15: block 1: len 15: ext4_ext_map_blocks returned -30
[  193.386888][ T9121] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  193.409220][ T5884] usb 3-1: config index 0 descriptor too short (expected 39, got 27)
[  193.417907][ T5884] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  193.427452][ T9144] netlink: 488 bytes leftover after parsing attributes in process `syz.5.1117'.
[  193.428365][ T5884] usb 3-1: config 0 interface 0 has no altsetting 0
[  193.448896][ T5884] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  193.458363][ T5884] usb 3-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  193.467050][ T5884] usb 3-1: Product: syz
[  193.471421][ T5884] usb 3-1: Manufacturer: syz
[  193.478414][ T9144] netlink: 488 bytes leftover after parsing attributes in process `syz.5.1117'.
[  193.479613][ T5884] usb 3-1: SerialNumber: syz
[  193.499687][ T5884] usb 3-1: config 0 descriptor??
[  193.517510][ T5884] hub 3-1:0.0: bad descriptor, ignoring hub
[  193.523782][ T5884] hub 3-1:0.0: probe with driver hub failed with error -5
[  193.559552][ T5884] usb 3-1: selecting invalid altsetting 0
[  193.608581][ T5822] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.636861][ T9121] XFS (loop3): Ending clean mount
[  193.650033][ T9121] XFS (loop3): Quotacheck needed: Please wait.
[  193.798828][ T9121] XFS (loop3): Quotacheck: Done.
[  193.864453][ T9149] sp0: Synchronizing with TNC
[  193.928598][ T9131] loop1: detected capacity change from 0 to 32768
[  193.994059][ T5830] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  194.326737][ T9127] usb 3-1: reset high-speed USB device number 10 using dummy_hcd
[  194.337384][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  194.343823][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  194.564467][ T9167] program syz.1.1126 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  194.586644][ T9127] usb 3-1: device firmware changed
[  194.615080][ T5884] usb 3-1: USB disconnect, device number 10
[  194.770600][ T9175] netlink: 104 bytes leftover after parsing attributes in process `syz.5.1130'.
[  194.849229][ T5884] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  194.912428][ T9178] loop3: detected capacity change from 0 to 256
[  194.942277][ T9178] exfat: Deprecated parameter 'utf8'
[  194.948332][ T9156] loop0: detected capacity change from 0 to 32768
[  194.976409][ T9156] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1123 (9156)
[  194.981403][ T9178] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x3e6496f2, utbl_chksum : 0xe619d30d)
[  195.025163][ T9156] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  195.040515][ T5884] usb 3-1: config index 0 descriptor too short (expected 39, got 27)
[  195.059686][ T9156] BTRFS info (device loop0): using crc32c checksum algorithm
[  195.066941][ T5884] usb 3-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0
[  195.084804][ T5884] usb 3-1: config 0 interface 0 has no altsetting 0
[  195.095074][ T5884] usb 3-1: string descriptor 0 read error: -22
[  195.104133][ T9156] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  195.135838][ T5884] usb 3-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  195.138610][ T9184] io-wq is not configured for unbound workers
[  195.155750][ T5884] usb 3-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  195.185584][ T5884] usb 3-1: config 0 descriptor??
[  195.203120][ T5884] hub 3-1:0.0: bad descriptor, ignoring hub
[  195.209522][ T5884] hub 3-1:0.0: probe with driver hub failed with error -5
[  195.228449][ T5884] usb 3-1: selecting invalid altsetting 0
[  195.330329][ T9156] BTRFS info (device loop0): rebuilding free space tree
[  195.427040][ T9156] BTRFS info (device loop0): disabling free space tree
[  195.446850][ T9156] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  195.487450][ T9156] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  195.524411][ T9156] BTRFS info (device loop0): enabling ssd optimizations
[  195.537879][ T5884] usb 3-1: USB disconnect, device number 11
[  195.545879][ T9156] BTRFS info (device loop0): turning off barriers
[  195.553101][ T9156] BTRFS info (device loop0): turning on flush-on-commit
[  195.564176][ T9207] loop3: detected capacity change from 0 to 256
[  195.591644][ T9156] BTRFS info (device loop0): turning on async discard
[  195.601758][ T9156] BTRFS info (device loop0): enabling disk space caching
[  195.610971][ T9156] BTRFS info (device loop0): force clearing of disk cache
[  195.618665][ T9156] BTRFS info (device loop0): force lzo compression, level 1
[  195.626233][ T9156] BTRFS info (device loop0): max_inline set to 0
[  195.726197][ T5877] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  195.911335][ T9181] loop1: detected capacity change from 0 to 32768
[  195.916168][ T5877] usb 6-1: config 0 has an invalid interface number: 16 but max is 0
[  195.938502][ T5877] usb 6-1: config 0 has no interface number 0
[  195.944641][ T5877] usb 6-1: too many endpoints for config 0 interface 16 altsetting 144: 127, using maximum allowed: 30
[  195.945846][ T9181] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1132 (9181)
[  196.015331][ T5877] usb 6-1: config 0 interface 16 altsetting 144 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  196.037484][ T9181] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  196.068471][ T5877] usb 6-1: config 0 interface 16 altsetting 144 endpoint 0x81 has invalid wMaxPacketSize 0
[  196.089674][ T5877] usb 6-1: config 0 interface 16 altsetting 144 has 1 endpoint descriptor, different from the interface descriptor's value: 127
[  196.092127][ T9181] BTRFS info (device loop1): using sha256 checksum algorithm
[  196.135828][ T5877] usb 6-1: config 0 interface 16 has no altsetting 0
[  196.146928][ T5877] usb 6-1: New USB device found, idVendor=5543, idProduct=004d, bcdDevice= 0.00
[  196.170710][ T5877] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.226690][ T5877] usb 6-1: config 0 descriptor??
[  196.332547][ T5822] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  196.347038][ T9181] BTRFS info (device loop1): enabling ssd optimizations
[  196.354026][ T9181] BTRFS info (device loop1): turning on async discard
[  196.385922][ T9181] BTRFS info (device loop1): enabling free space tree
[  196.703432][ T5877] uclogic 0003:5543:004D.000F: interface is invalid, ignoring
[  196.729887][ T5834] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  196.928685][ T9212] loop3: detected capacity change from 0 to 32768
[  196.945259][ T9212] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1140 (9212)
[  196.991491][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  197.034760][ T9212] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  197.065823][ T9212] BTRFS info (device loop3): using sha256 checksum algorithm
[  197.274433][ T9212] BTRFS info (device loop3): rebuilding free space tree
[  197.406473][ T9259] loop0: detected capacity change from 0 to 1024
[  197.425957][ T9212] BTRFS info (device loop3): disabling free space tree
[  197.434379][ T9212] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  197.489017][ T9212] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  197.538506][ T5891] usb 6-1: USB disconnect, device number 2
[  197.584324][ T9212] BTRFS info (device loop3): setting nodatasum
[  197.591192][ T3020] hfsplus: b-tree write err: -5, ino 4
[  197.612163][ T9212] BTRFS info (device loop3): setting nodatacow
[  197.642669][ T9212] BTRFS info (device loop3): turning off barriers
[  197.649808][ T9212] BTRFS info (device loop3): force clearing of disk cache
[  197.754206][ T9267] Bluetooth: hci5: Frame reassembly failed (-84)
[  197.796290][ T1039] Bluetooth: hci5: Frame reassembly failed (-84)
[  197.851423][ T9271] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  197.996092][ T5830] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  198.039506][ T9279] loop2: detected capacity change from 0 to 512
[  198.081376][ T9279] EXT4-fs: Ignoring removed oldalloc option
[  198.086973][ T9274] loop0: detected capacity change from 0 to 4096
[  198.095411][ T9274] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512).
[  198.155560][ T9279] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  198.251868][ T9274] ntfs3(loop0): Failed to initialize $Extend/$ObjId.
[  198.343658][ T9279] fscrypt (loop2, inode 18): Direct key flag not allowed with different contents and filenames modes
[  198.558676][ T5835] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.974910][ T9308] loop3: detected capacity change from 0 to 4096
[  199.056107][ T9316] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  199.817502][ T5838] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  199.824243][ T5832] Bluetooth: hci5: command 0x1003 tx timeout
[  200.694245][ T9381] loop3: detected capacity change from 0 to 128
[  200.806736][ T9381] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  200.856619][ T9381] hpfs: filesystem error: improperly stopped
[  200.895748][ T9381] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  200.903958][ T9381] hpfs: You really don't want any checks? You are crazy...
[  200.966706][ T9381] hpfs: hpfs_map_sector(): read error
[  200.977382][ T9381] hpfs: code page support is disabled
[  200.987668][ T9381] hpfs: hpfs_map_4sectors(): unaligned read
[  201.002154][ T9381] hpfs: hpfs_map_4sectors(): unaligned read
[  201.021512][ T9381] hpfs: filesystem error: unable to find root dir
[  201.047189][ T9393] program syz.2.1193 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  201.536332][ T5884] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  201.643320][ T9420] loop2: detected capacity change from 0 to 2048
[  201.670041][ T9424] xt_CT: You must specify a L4 protocol and not use inversions on it
[  201.708857][ T5884] usb 2-1: Using ep0 maxpacket: 32
[  201.747806][ T5884] usb 2-1: config 2 has an invalid interface number: 88 but max is 0
[  201.767500][ T9420] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  201.819932][ T5884] usb 2-1: config 2 has no interface number 0
[  201.865834][ T5884] usb 2-1: config 2 interface 88 has no altsetting 0
[  201.895905][ T5884] usb 2-1: New USB device found, idVendor=0557, idProduct=2009, bcdDevice=c7.1e
[  201.917623][ T5884] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  201.944252][ T5884] usb 2-1: Product: syz
[  201.954340][ T5884] usb 2-1: Manufacturer: syz
[  201.966007][ T5884] usb 2-1: SerialNumber: syz
[  202.045483][ T5835] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.097859][ T9415] loop3: detected capacity change from 0 to 32768
[  202.189257][ T9415] ERROR: (device loop3): dbAdjCtl: the maximum free buddy is not the old root
[  202.189257][ T9415] 
[  202.230902][ T9415] ERROR: (device loop3): remounting filesystem as read-only
[  202.333951][ T9442] loop5: detected capacity change from 0 to 2048
[  202.416273][ T9442] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  202.716250][ T9448] loop2: detected capacity change from 0 to 4096
[  202.728956][ T9448] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512).
[  202.813668][ T5884] asix 2-1:2.88 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  202.857581][ T5884] asix 2-1:2.88: probe with driver asix failed with error -71
[  202.917509][ T5884] usb 2-1: USB disconnect, device number 6
[  203.617648][ T9475] loop3: detected capacity change from 0 to 1024
[  203.759963][ T9457] loop0: detected capacity change from 0 to 32768
[  203.819008][ T9457] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  203.852284][ T9486] erspan0: entered promiscuous mode
[  203.939796][ T9457] XFS (loop0): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  204.078603][ T9457] XFS (loop0): Starting recovery (logdev: internal)
[  204.142407][ T9457] XFS (loop0): Ending recovery (logdev: internal)
[  204.190638][ T9457] XFS (loop0): Quotacheck needed: Please wait.
[  204.273220][ T9457] XFS (loop0): Quotacheck: Done.
[  204.302051][   T30] audit: type=1804 audit(1770020681.457:38): pid=9457 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.1214" name="/newroot/246/file1/file2" dev="loop0" ino=4423 res=1 errno=0
[  204.415145][ T5822] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  204.438076][ T9518] loop2: detected capacity change from 0 to 256
[  204.520162][ T9518] FAT-fs (loop2): Directory bread(block 64) failed
[  204.559238][ T9518] FAT-fs (loop2): Directory bread(block 65) failed
[  204.575000][ T9518] FAT-fs (loop2): Directory bread(block 66) failed
[  204.628738][ T9518] FAT-fs (loop2): Directory bread(block 67) failed
[  204.674119][ T9518] FAT-fs (loop2): Directory bread(block 68) failed
[  204.735829][ T9518] FAT-fs (loop2): Directory bread(block 69) failed
[  204.755887][ T9518] FAT-fs (loop2): Directory bread(block 70) failed
[  204.762445][ T9518] FAT-fs (loop2): Directory bread(block 71) failed
[  204.816272][ T9518] FAT-fs (loop2): Directory bread(block 72) failed
[  204.860417][ T9518] FAT-fs (loop2): Directory bread(block 73) failed
[  204.956016][ T9528] faux_driver vkms: [drm] Unknown color mode 11; guessing buffer size.
[  205.049878][ T9518] FAT-fs (loop2): Filesystem has been set read-only
[  205.243308][ T9536] loop5: detected capacity change from 0 to 1024
[  205.326582][ T9505] loop3: detected capacity change from 0 to 32768
[  205.391460][ T9505] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  205.394799][ T9536] hfsplus: bad catalog entry type
[  205.535491][ T2957] hfsplus: b-tree write err: -5, ino 4
[  205.615409][ T9505] XFS (loop3): Ending clean mount
[  205.657391][ T9505] XFS (loop3): Quotacheck needed: Please wait.
[  205.767190][ T9505] XFS (loop3): Quotacheck: Done.
[  205.949018][ T5830] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  206.174236][ T9561] Falling back ldisc for ptm0.
[  206.377909][ T9567] loop5: detected capacity change from 0 to 256
[  206.406932][ T9567] exfat: Deprecated parameter 'namecase'
[  206.412636][ T9567] exfat: Deprecated parameter 'namecase'
[  206.487222][ T9567] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xbc8dc3cd, utbl_chksum : 0xe619d30d)
[  206.569592][ T9567] exFAT-fs (loop5): start_clu is invalid cluster(0xff000008)
[  206.722577][ T9577] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  206.731256][ T5877] hid-generic 0003:0004:0000.0010: unknown main item tag 0x0
[  206.768642][ T9577] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off.
[  206.776193][ T5877] hid-generic 0003:0004:0000.0010: unknown main item tag 0x0
[  206.797832][ T5877] hid-generic 0003:0004:0000.0010: unknown main item tag 0x0
[  206.805260][ T5877] hid-generic 0003:0004:0000.0010: unknown main item tag 0x0
[  206.835503][ T5877] hid-generic 0003:0004:0000.0010: unknown main item tag 0x0
[  206.853326][ T5877] hid-generic 0003:0004:0000.0010: unknown main item tag 0x0
[  206.877625][ T5877] hid-generic 0003:0004:0000.0010: unknown main item tag 0x0
[  206.909407][ T5877] hid-generic 0003:0004:0000.0010: unknown main item tag 0x0
[  206.932379][ T5877] hid-generic 0003:0004:0000.0010: unknown main item tag 0x0
[  206.955824][ T5877] hid-generic 0003:0004:0000.0010: unknown main item tag 0x0
[  207.008527][ T5877] hid-generic 0003:0004:0000.0010: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  207.032776][ T9582] loop1: detected capacity change from 0 to 128
[  207.091641][ T9582] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  207.134377][ T9582] hpfs: filesystem error: improperly stopped
[  207.171388][ T9582] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  207.173540][ T9583] fido_id[9583]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  207.207494][ T9582] hpfs: You really don't want any checks? You are crazy...
[  207.237604][ T9582] hpfs: hpfs_map_sector(): read error
[  207.261114][ T9582] hpfs: code page support is disabled
[  207.279297][ T9582] hpfs: hpfs_map_4sectors(): unaligned read
[  207.285292][ T9582] hpfs: hpfs_map_4sectors(): unaligned read
[  207.325811][ T9582] hpfs: filesystem error: unable to find root dir
[  207.396047][ T9582] hpfs: hpfs_map_4sectors(): unaligned read
[  207.403489][ T9582] hpfs: hpfs_map_sector(): read error
[  207.487190][ T9594] Set syz1 is full, maxelem 2 reached
[  207.729891][ T9600] mmap: syz.5.1254 (9600) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  207.795872][   T29] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  207.983962][   T29] usb 2-1: Using ep0 maxpacket: 32
[  207.993634][   T29] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86
[  208.013934][   T29] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  208.025408][   T29] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[  208.041720][   T29] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has an invalid bInterval 255, changing to 11
[  208.057098][   T29] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 59391, setting to 1024
[  208.071146][   T29] usb 2-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  208.081109][   T29] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  208.091495][   T29] usb 2-1: Product: syz
[  208.096149][   T29] usb 2-1: Manufacturer: syz
[  208.100884][   T29] usb 2-1: SerialNumber: syz
[  208.109796][   T29] usb 2-1: config 0 descriptor??
[  208.515897][ T5891] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  208.544405][   T29] iforce 2-1:0.0: usb_submit_urb failed: -32
[  208.567135][   T29] input input19: Device does not respond to id packet M
[  208.586491][   T29] input input19: Device does not respond to id packet P
[  208.711401][ T5891] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  208.725785][ T5891] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  208.755754][ T5891] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  208.778427][ T5891] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  208.794157][   T29] iforce 2-1:0.0: usb_submit_urb failed: -71
[  208.808354][   T29] input input19: Device does not respond to id packet B
[  208.819960][ T5891] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  208.832003][   T29] iforce 2-1:0.0: usb_submit_urb failed: -71
[  208.838160][   T29] input input19: Device does not respond to id packet N
[  208.861496][   T29] iforce 2-1:0.0: usb_submit_urb failed: -71
[  208.871088][ T5891] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  208.880648][   T29] iforce 2-1:0.0: usb_submit_urb failed: -71
[  208.890552][ T5891] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  208.899272][   T29] iforce 2-1:0.0: usb_submit_urb failed: -71
[  208.907589][ T5891] usb 3-1: Product: syz
[  208.911790][ T5891] usb 3-1: Manufacturer: syz
[  208.924713][   T29] iforce 2-1:0.0: usb_submit_urb failed: -71
[  208.943118][   T29] input: Unknown I-Force Device [%04x:%04x] as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input19
[  208.980181][ T5891] cdc_wdm 3-1:1.0: skipping garbage
[  208.985420][ T5891] cdc_wdm 3-1:1.0: skipping garbage
[  209.007206][   T29] usb 2-1: USB disconnect, device number 7
[  209.015179][ T5891] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  209.025144][ T5891] cdc_wdm 3-1:1.0: Unknown control protocol
[  209.143299][ T9622] loop3: detected capacity change from 0 to 4096
[  209.159683][ T9622] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512).
[  209.166055][ T5877] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  209.339621][ T5877] usb 6-1: Using ep0 maxpacket: 32
[  209.365892][ T5877] usb 6-1: config 0 has an invalid interface number: 51 but max is 0
[  209.396479][ T5877] usb 6-1: config 0 has no interface number 0
[  209.439829][ T5877] usb 6-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  209.475748][ T5877] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  209.495785][ T5877] usb 6-1: Product: syz
[  209.500005][ T5877] usb 6-1: Manufacturer: syz
[  209.516343][ T5877] usb 6-1: SerialNumber: syz
[  209.536730][ T5877] usb 6-1: config 0 descriptor??
[  209.567137][ T5877] quatech2 6-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  209.770461][ T5891] usb 3-1: USB disconnect, device number 12
[  209.782265][ T5877] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  209.926262][ T5877] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  210.015339][    C0] quatech-serial ttyUSB0: qt2_process_read_urb - xmit_empty message too short
[  210.227469][    C0] usb 6-1: qt2_read_bulk_callback - non-zero urb status: -71
[  210.235458][ T5919] usb 6-1: USB disconnect, device number 3
[  210.259398][ T5919] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  210.303089][ T9636] netlink: 'syz.1.1270': attribute type 10 has an invalid length.
[  210.304558][ T5919] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  210.325861][ T9636] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  210.351621][ T5919] quatech2 6-1:0.51: device disconnected
[  210.378398][ T9636] batman_adv: batadv0: Removing interface: batadv_slave_0
[  210.422846][ T9636] bond0: (slave batadv_slave_0): Enslaving as an active interface with an up link
[  210.613366][ T9631] loop2: detected capacity change from 0 to 32768
[  210.717595][ T9631] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  210.792350][ T9631] XFS (loop2): Ending clean mount
[  210.831173][ T9631] XFS (loop2): Quotacheck needed: Please wait.
[  210.947822][ T9631] XFS (loop2): Quotacheck: Done.
[  211.310665][ T5835] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  211.582041][ T9671] loop0: detected capacity change from 0 to 32768
[  211.629802][ T9671] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1280 (9671)
[  211.672871][ T9671] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  211.685261][ T9671] BTRFS info (device loop0): using sha256 checksum algorithm
[  211.716255][ T9671] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  211.929619][ T9671] BTRFS info (device loop0): rebuilding free space tree
[  212.068168][ T9671] BTRFS info (device loop0): disabling free space tree
[  212.075613][ T9671] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  212.111204][ T9671] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  212.186545][ T9671] BTRFS info (device loop0): setting nodatasum
[  212.193694][ T9671] BTRFS info (device loop0): setting nodatacow
[  212.200754][ T9671] BTRFS info (device loop0): enabling ssd optimizations
[  212.212248][ T9671] BTRFS info (device loop0): enabling disk space caching
[  212.232190][ T9671] BTRFS info (device loop0): force clearing of disk cache
[  212.275808][ T9671] BTRFS info (device loop0): enabling auto defrag
[  212.433538][ T9720] loop5: detected capacity change from 0 to 512
[  212.470174][ T5822] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  212.509091][ T9718] loop3: detected capacity change from 0 to 2048
[  212.544889][ T9720] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  212.582978][ T9718] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  212.692424][ T9718] ext4 filesystem being mounted at /252/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  212.735940][ T9720] ext4 filesystem being mounted at /50/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  212.981527][ T8656] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.033153][ T5830] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.216251][ T9736] netlink: 540 bytes leftover after parsing attributes in process `syz.5.1296'.
[  213.307189][ T9740] loop3: detected capacity change from 0 to 64
[  213.440305][ T9744] netlink: 'syz.0.1301': attribute type 4 has an invalid length.
[  214.033353][ T9771] loop5: detected capacity change from 0 to 256
[  214.175775][ T5877] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  214.347340][ T5877] usb 4-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  214.392720][ T5877] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  214.422919][ T5877] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  214.459072][ T5877] usb 4-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  214.490783][ T5877] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  214.521048][ T9790] can0: slcan on ttyS3.
[  214.535800][ T5877] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  214.588900][ T9798] loop0: detected capacity change from 0 to 128
[  214.614179][ T5877] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  214.639692][ T5877] usb 4-1: invalid MIDI out EP 0
[  214.658788][ T9796] can0 (unregistered): slcan off ttyS3.
[  214.693199][ T9800] loop7: detected capacity change from 0 to 6
[  214.816388][ T9800] Invalid logical block size (4)
[  214.836240][    C0] blk_print_req_error: 10 callbacks suppressed
[  214.836259][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x880700 phys_seg 1 prio class 2
[  214.856197][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  214.865844][    C0] buffer_io_error: 10 callbacks suppressed
[  214.865863][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  214.883028][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  214.892672][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  214.914951][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  214.924628][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  214.948626][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  214.958367][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  214.978176][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x800000 phys_seg 1 prio class 2
[  214.987882][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  215.062745][ T5877] snd-usb-audio 4-1:27.0: probe with driver snd-usb-audio failed with error -22
[  215.158363][ T5877] usb 4-1: USB disconnect, device number 13
[  215.400307][ T9795] loop5: detected capacity change from 0 to 32768
[  215.430494][ T9795] XFS (loop5): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  215.546677][ T9795] XFS (loop5): Ending clean mount
[  215.733775][ T8656] XFS (loop5): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  215.792938][ T9814] loop2: detected capacity change from 0 to 32768
[  215.899240][ T9814] JBD2: Ignoring recovery information on journal
[  216.057705][ T9814] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  216.072612][ T9807] loop0: detected capacity change from 0 to 40427
[  216.081480][ T9807] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  216.125328][ T9807] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  216.128645][ T9837] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1340'.
[  216.159051][ T9807] F2FS-fs (loop0): invalid crc value
[  216.320861][ T9807] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  216.381258][ T9807] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  216.392961][ T9807] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  216.410407][ T5835] ocfs2: Unmounting device (7,2) on (node local)
[  216.580155][ T9850] netlink: 'syz.3.1345': attribute type 2 has an invalid length.
[  216.687752][ T9857] program syz.2.1344 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  216.860359][ T9865] loop1: detected capacity change from 0 to 128
[  217.447133][ T9882] pimreg: entered allmulticast mode
[  217.483949][ T9880] pimreg: left allmulticast mode
[  217.515302][ T9886] loop0: detected capacity change from 0 to 128
[  217.523826][ T9886] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  217.601061][ T9886] UDF-fs: error (device loop0): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  218.234235][ T9910] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1372'.
[  218.260729][ T9912] blkio.reset_stats is deprecated
[  218.435209][ T9916] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1375'.
[  218.561854][ T9902] loop3: detected capacity change from 0 to 32768
[  218.673547][ T9902] XFS (loop3): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  218.913992][ T9902] XFS (loop3): Ending clean mount
[  219.155867][   T29] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  219.226976][ T5830] XFS (loop3): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  219.376694][   T29] usb 3-1: Using ep0 maxpacket: 32
[  219.403300][   T29] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  219.423688][ T5884] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  219.436754][   T29] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  219.492902][   T29] usb 3-1: config 0 descriptor??
[  219.629209][ T5884] usb 1-1: Using ep0 maxpacket: 16
[  219.649874][ T5884] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  219.678837][ T9941] loop1: detected capacity change from 0 to 131072
[  219.681617][ T5884] usb 1-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  219.710299][ T9941] F2FS-fs (loop1): Invalid log sectors per block(570425347) log sectorsize(9)
[  219.720010][ T9941] F2FS-fs (loop1): Can't find valid F2FS filesystem in 2th superblock
[  219.730471][ T9941] F2FS-fs (loop1): invalid crc value
[  219.743064][   T29] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  219.771221][ T5884] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  219.796000][   T29] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  219.808710][ T9959] loop5: detected capacity change from 0 to 8
[  219.822245][ T5838] Bluetooth: hci1: command 0x0419 tx timeout
[  219.835026][ T9941] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=3000000, run fsck to fix.
[  219.835729][ T5884] usb 1-1: config 0 descriptor??
[  219.847547][ T9941] F2FS-fs (loop1): Bad quota inode 2:50331648
[  219.856403][ T9941] F2FS-fs (loop1): Failed to enable quota tracking (type=2, err=-22). Please run fsck to fix.
[  219.856627][   T29] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  219.866791][ T9941] F2FS-fs (loop1): Cannot turn on quotas: error -22
[  219.866814][ T9941] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  219.930027][   T29] usb 3-1: media controller created
[  219.932999][ T9941] F2FS-fs (loop1): Try to recover 2th superblock, ret: 0
[  219.943084][ T9941] F2FS-fs (loop1): Mounted with checkpoint version = 753bd00b
[  219.958355][ T9959] SQUASHFS error: zlib decompression failed, data probably corrupt
[  219.968809][   T29] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  219.975879][ T9959] SQUASHFS error: Failed to read block 0x9b: -5
[  220.003666][ T9959] SQUASHFS error: Unable to read metadata cache entry [99]
[  220.021730][ T9959] SQUASHFS error: Unable to read inode 0x127
[  220.081994][   T29] az6027: usb out operation failed. (-71)
[  220.108570][   T29] az6027: usb out operation failed. (-71)
[  220.115358][   T29] stb0899_attach: Driver disabled by Kconfig
[  220.176096][   T29] az6027: no front-end attached
[  220.176096][   T29] 
[  220.227492][   T29] az6027: usb out operation failed. (-71)
[  220.272803][   T29] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  220.325097][   T29] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input20
[  220.343165][ T5884] mcp2221 0003:04D8:00DD.0011: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.0-1/input0
[  220.407226][   T29] dvb-usb: schedule remote query interval to 400 msecs.
[  220.414247][   T29] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  220.451941][   T29] usb 3-1: USB disconnect, device number 13
[  220.692072][   T29] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  220.722872][ T9974] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1395'.
[  220.766895][ T5884] usb 1-1: USB disconnect, device number 14
[  221.375836][ T5884] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  221.564124][ T5884] usb 2-1: New USB device found, idVendor=0c45, idProduct=6005, bcdDevice=b5.55
[  221.585737][ T5884] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  221.602223][ T9988] loop3: detected capacity change from 0 to 32768
[  221.615849][ T5884] usb 2-1: Product: syz
[  221.626339][ T5884] usb 2-1: Manufacturer: syz
[  221.636334][ T5884] usb 2-1: SerialNumber: syz
[  221.647369][ T5884] usb 2-1: config 0 descriptor??
[  221.666074][ T5935] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  221.674970][ T9988] (syz.3.1403,9988,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  221.692529][ T5884] gspca_main: sonixb-2.14.0 probing 0c45:6005
[  221.715956][ T9988] (syz.3.1403,9988,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  221.716675][T10004] netlink: 68 bytes leftover after parsing attributes in process `syz.0.1410'.
[  221.746481][T10004] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1410'.
[  221.780087][ T9988] JBD2: Ignoring recovery information on journal
[  221.845762][ T5935] usb 3-1: Using ep0 maxpacket: 32
[  221.872427][ T5935] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  221.932702][ T9988] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  221.968162][ T5935] usb 3-1: New USB device found, idVendor=085a, idProduct=0009, bcdDevice=a3.47
[  221.982309][ T5935] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  222.005855][ T5935] usb 3-1: Product: syz
[  222.010064][ T5935] usb 3-1: Manufacturer: syz
[  222.025978][ T5935] usb 3-1: SerialNumber: syz
[  222.049163][ T5935] usb 3-1: config 0 descriptor??
[  222.080372][ T5884] input: sonixb as /devices/platform/dummy_hcd.1/usb2/2-1/input/input21
[  222.294676][ T5830] ocfs2: Unmounting device (7,3) on (node local)
[  222.298859][ T5935] kaweth 3-1:0.0: Firmware present in device.
[  222.318451][ T5884] usb 2-1: USB disconnect, device number 8
[  222.472142][ T5935] kaweth 3-1:0.0: Statistics collection: 0
[  222.499913][ T5935] kaweth 3-1:0.0: Multicast filter limit: 0
[  222.513815][ T5935] kaweth 3-1:0.0: MTU: 0
[  222.525915][ T5935] kaweth 3-1:0.0: Read MAC address 00:00:00:00:00:00
[  222.540045][T10018] loop5: detected capacity change from 0 to 4096
[  222.586409][T10020] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  222.623397][   T30] audit: type=1800 audit(1770020699.777:39): pid=10018 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1417" name="file1" dev="loop5" ino=15 res=0 errno=0
[  222.654820][   T30] audit: type=1800 audit(1770020699.807:40): pid=10018 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1417" name="file1" dev="loop5" ino=15 res=0 errno=0
[  222.852285][T10026] loop5: detected capacity change from 0 to 512
[  222.887202][ T5935] kaweth 3-1:0.0: Error setting SOFS wait
[  222.897692][T10026] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  222.919893][ T5935] kaweth 3-1:0.0: probe with driver kaweth failed with error -5
[  222.933819][T10026] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  222.967310][ T5935] usb 3-1: USB disconnect, device number 14
[  222.998756][T10026] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  223.008311][T10026] System zones: 0-2, 18-18, 34-35
[  223.015446][T10026] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  223.056865][T10026] EXT4-fs (loop5): warning: mounting unchecked fs, running e2fsck is recommended
[  223.076476][T10026] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  223.121544][T10026] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  223.213760][ T8656] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.342728][T10042] loop5: detected capacity change from 0 to 128
[  223.359989][T10042] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  223.382378][T10042] hpfs: filesystem error: improperly stopped
[  223.417530][T10042] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  223.445838][T10042] hpfs: You really don't want any checks? You are crazy...
[  223.461237][T10042] hpfs: hpfs_map_sector(): read error
[  223.479792][T10042] hpfs: code page support is disabled
[  223.502924][T10042] hpfs: hpfs_map_4sectors(): unaligned read
[  223.529758][T10042] hpfs: hpfs_map_4sectors(): unaligned read
[  223.551590][T10042] hpfs: filesystem error: unable to find root dir
[  224.679428][T10073] program syz.5.1441 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  225.056674][T10092] ªªªªªª: renamed from vlan0 (while UP)
[  225.276403][ T5877] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  225.313913][T10099] sctp: Trying to GSO but underlying device doesn't support it.
[  225.358297][T10075] loop3: detected capacity change from 0 to 32768
[  225.363643][T10080] loop2: detected capacity change from 0 to 32768
[  225.397770][T10080] xfs: Deprecated parameter 'noikeep'
[  225.418930][T10080] XFS: noikeep mount option is deprecated.
[  225.438636][   T30] audit: type=1800 audit(1770020702.587:41): pid=10075 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1439" name="file1" dev="loop3" ino=4 res=0 errno=0
[  225.467498][ T5877] usb 2-1: Using ep0 maxpacket: 16
[  225.483816][ T5877] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  225.509509][ T5877] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  225.532561][T10080] XFS (loop2): DAX unsupported by block device. Turning off DAX.
[  225.552095][ T5877] usb 2-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00
[  225.580437][T10080] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  225.628002][ T5877] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.699493][ T5877] usb 2-1: config 0 descriptor??
[  225.717202][T10080] XFS (loop2): Ending clean mount
[  225.749381][T10080] XFS (loop2): Quotacheck needed: Please wait.
[  225.854190][T10080] XFS (loop2): Quotacheck: Done.
[  225.915206][ T5835] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  225.986556][ T5919] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  226.112970][ T5877] hid (null): invalid report_count 999017594
[  226.133083][ T5877] hid (null): invalid report_size 47664
[  226.140073][ T5877] hid (null): unknown global tag 0xc
[  226.198891][ T5919] usb 1-1: Using ep0 maxpacket: 8
[  226.209147][ T5919] usb 1-1: config 0 has no interfaces?
[  226.220704][ T5919] usb 1-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  226.230475][ T5919] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.248184][ T5919] usb 1-1: config 0 descriptor??
[  226.313081][ T5877] usb 2-1: string descriptor 0 read error: -71
[  226.353137][ T5877] usb 2-1: Max retries (5) exceeded reading string descriptor 200
[  226.372348][T10123] loop2: detected capacity change from 0 to 4096
[  226.373931][ T5877] letsketch 0003:6161:4D15.0012: probe with driver letsketch failed with error -32
[  226.400131][T10123] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512).
[  226.422697][T10125] loop3: detected capacity change from 0 to 512
[  226.452394][ T5877] usb 2-1: USB disconnect, device number 9
[  226.471020][T10125] FAT-fs (loop3): error, corrupted directory (invalid entries)
[  226.613128][   T24] usb 1-1: USB disconnect, device number 15
[  226.654306][T10129] tap0: tun_chr_ioctl cmd 1074025678
[  226.662406][T10129] tap0: group set to 0
[  226.757465][T10131] netlink: 212356 bytes leftover after parsing attributes in process `syz.3.1463'.
[  227.435924][T10161] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1477'.
[  227.782133][T10169] loop0: detected capacity change from 0 to 16
[  227.824570][T10169] erofs (device loop0): mounted with root inode @ nid 36.
[  227.848003][   T30] audit: type=1800 audit(1770020705.007:42): pid=10169 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1480" name="file1" dev="loop0" ino=86 res=0 errno=0
[  228.036879][T10153] loop1: detected capacity change from 0 to 40427
[  228.062021][T10157] loop2: detected capacity change from 0 to 32768
[  228.063675][T10175] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1483'.
[  228.084334][T10153] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  228.086793][T10157] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1476 (10157)
[  228.092915][T10153] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  228.153824][T10157] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  228.167639][T10157] BTRFS info (device loop2): using sha256 checksum algorithm
[  228.265855][ T5919] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  228.356111][T10157] BTRFS info (device loop2): enabling ssd optimizations
[  228.405972][T10157] BTRFS info (device loop2): turning on async discard
[  228.412959][T10157] BTRFS info (device loop2): enabling free space tree
[  228.427015][ T5919] usb 6-1: Using ep0 maxpacket: 16
[  228.447264][ T5919] usb 6-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  228.449451][T10153] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  228.478765][ T5919] usb 6-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  228.492317][T10153] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  228.505806][ T5919] usb 6-1: Product: syz
[  228.510009][ T5919] usb 6-1: Manufacturer: syz
[  228.520704][T10153] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  228.534976][ T5919] usb 6-1: SerialNumber: syz
[  228.612748][T10171] loop3: detected capacity change from 0 to 40427
[  228.613490][ T5919] usb 6-1: config 0 descriptor??
[  228.646988][T10171] F2FS-fs (loop3): build fault injection rate: 771
[  228.671865][T10153] syz.1.1473: attempt to access beyond end of device
[  228.671865][T10153] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  228.703737][T10171] F2FS-fs (loop3): invalid crc value
[  228.711112][ T5835] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  228.952122][T10171] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  228.999480][ T5935] usb 6-1: USB disconnect, device number 4
[  229.037660][T10171] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  229.218328][T10194] loop0: detected capacity change from 0 to 32768
[  229.229599][T10203] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1487'.
[  229.268907][ T5830] syz-executor: attempt to access beyond end of device
[  229.268907][ T5830] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  229.302630][T10203] bond0: entered promiscuous mode
[  229.325845][ T5830] CPU: 1 UID: 0 PID: 5830 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  229.325877][ T5830] Tainted: [L]=SOFTLOCKUP
[  229.325883][ T5830] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  229.325891][ T5830] Call Trace:
[  229.325897][ T5830]  <TASK>
[  229.325903][ T5830]  dump_stack_lvl+0xe8/0x150
[  229.325929][ T5830]  f2fs_handle_critical_error+0x37c/0x540
[  229.325954][ T5830]  f2fs_write_end_io+0xcdb/0xff0
[  229.325991][ T5830]  __submit_merged_bio+0x256/0x650
[  229.326014][ T5830]  __submit_merged_write_cond+0x3c3/0x4e0
[  229.326039][ T5830]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  229.326076][ T5830]  f2fs_write_data_pages+0x2970/0x35e0
[  229.326094][ T5830]  ? __lock_acquire+0x6b5/0x2cf0
[  229.326140][ T5830]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  229.326202][ T5830]  ? __lock_acquire+0x6b5/0x2cf0
[  229.326231][ T5830]  ? __lock_acquire+0x6b5/0x2cf0
[  229.326255][ T5830]  ? do_raw_spin_lock+0x12b/0x2f0
[  229.326278][ T5830]  ? do_raw_spin_unlock+0xf5/0x210
[  229.326292][ T5830]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  229.326311][ T5830]  do_writepages+0x32e/0x550
[  229.326339][ T5830]  ? do_raw_spin_unlock+0xf5/0x210
[  229.326357][ T5830]  filemap_fdatawrite+0x1e9/0x2f0
[  229.326378][ T5830]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  229.326436][ T5830]  ? do_raw_spin_unlock+0xf5/0x210
[  229.326452][ T5830]  f2fs_sync_dirty_inodes+0x30e/0x810
[  229.326487][ T5830]  f2fs_write_checkpoint+0x9cf/0x2680
[  229.326536][ T5830]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  229.326591][ T5830]  ? kfree+0x1c1/0x610
[  229.326609][ T5830]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  229.326630][ T5830]  kill_f2fs_super+0x314/0x720
[  229.326656][ T5830]  ? __pfx_kill_f2fs_super+0x10/0x10
[  229.326686][ T5830]  ? lockdep_hardirqs_on+0x7a/0x110
[  229.326713][ T5830]  deactivate_locked_super+0xbc/0x130
[  229.326734][ T5830]  cleanup_mnt+0x437/0x4d0
[  229.326755][ T5830]  ? _raw_spin_unlock_irq+0x23/0x50
[  229.326779][ T5830]  task_work_run+0x1d9/0x270
[  229.326796][ T5830]  ? __pfx_task_work_run+0x10/0x10
[  229.326820][ T5830]  exit_to_user_mode_loop+0xed/0x480
[  229.326836][ T5830]  ? rcu_is_watching+0x15/0xb0
[  229.326856][ T5830]  do_syscall_64+0x2b7/0xf80
[  229.326879][ T5830]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.326892][ T5830]  ? trace_irq_disable+0x37/0x100
[  229.326909][ T5830]  ? clear_bhb_loop+0x40/0x90
[  229.326927][ T5830]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  229.326942][ T5830] RIP: 0033:0x7f509799c117
[  229.326957][ T5830] Code: a2 c7 05 7c 94 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  229.326969][ T5830] RSP: 002b:00007ffce1295c58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  229.326984][ T5830] RAX: 0000000000000000 RBX: 00007f5097a0471f RCX: 00007f509799c117
[  229.326994][ T5830] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffce1295d10
[  229.327002][ T5830] RBP: 00007ffce1295d10 R08: 00007ffce1296d10 R09: 00000000ffffffff
[  229.327012][ T5830] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffce1296da0
[  229.327020][ T5830] R13: 00007f5097a0471f R14: 0000000000037f2a R15: 00007ffce1296de0
[  229.327046][ T5830]  </TASK>
[  229.327053][ T5830] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  229.375461][T10203] bond_slave_0: entered promiscuous mode
[  229.705846][T10194] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  229.714889][T10203] bond_slave_1: entered promiscuous mode
[  229.766905][T10203] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  229.793889][T10215] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1489'.
[  229.805552][T10203] bond0: left promiscuous mode
[  229.812873][T10194] XFS (loop0): Ending clean mount
[  229.813466][T10203] bond_slave_0: left promiscuous mode
[  229.820811][T10215] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1489'.
[  229.848463][T10203] bond_slave_1: left promiscuous mode
[  229.857177][T10194] XFS (loop0): Quotacheck needed: Please wait.
[  229.865404][T10203] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[  229.980133][T10194] XFS (loop0): Quotacheck: Done.
[  230.236954][ T5822] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  230.587818][   T29] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  230.804517][   T29] usb 2-1: Using ep0 maxpacket: 8
[  230.823902][   T29] usb 2-1: config 0 has an invalid interface number: 186 but max is 0
[  230.836339][   T29] usb 2-1: config 0 has no interface number 0
[  230.842722][   T29] usb 2-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  230.876789][   T29] usb 2-1: config 0 interface 186 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  230.895037][   T29] usb 2-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A
[  230.919370][   T29] usb 2-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  230.944287][   T29] usb 2-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  230.974095][   T29] usb 2-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5
[  230.988440][   T29] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.996894][   T29] usb 2-1: Product: syz
[  231.001187][   T29] usb 2-1: Manufacturer: syz
[  231.006255][   T29] usb 2-1: SerialNumber: syz
[  231.018006][   T29] usb 2-1: config 0 descriptor??
[  231.111031][ T5877] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  231.124207][T10238] loop5: detected capacity change from 0 to 40427
[  231.175811][T10238] F2FS-fs (loop5): invalid crc value
[  231.247730][   T29] iowarrior 2-1:0.186: IOWarrior product=0x1505, serial= interface=186 now attached to iowarrior0
[  231.286933][ T5877] usb 4-1: Using ep0 maxpacket: 8
[  231.311891][ T5877] usb 4-1: config 0 has an invalid interface number: 186 but max is 0
[  231.340218][ T5877] usb 4-1: config 0 has no interface number 0
[  231.365950][ T5877] usb 4-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  231.386148][ T5877] usb 4-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A
[  231.435749][ T5877] usb 4-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  231.446933][T10238] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  231.465998][ T5877] usb 4-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  231.480419][T10238] F2FS-fs (loop5): Start checkpoint disabled!
[  231.498415][T10238] F2FS-fs (loop5): f2fs_disable_checkpoint() finish, err:0
[  231.499792][   T29] usb 2-1: USB disconnect, device number 10
[  231.508247][ T5877] usb 4-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5
[  231.527425][T10238] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  231.545067][ T5877] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  231.556090][ T5877] usb 4-1: Product: syz
[  231.582874][ T5877] usb 4-1: Manufacturer: syz
[  231.589168][ T5877] usb 4-1: SerialNumber: syz
[  231.603751][ T5877] usb 4-1: config 0 descriptor??
[  231.679119][   T12] kworker/u8:0: attempt to access beyond end of device
[  231.679119][   T12] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  231.684629][T10265] TCP: tcp_parse_options: Illegal window scaling value 130 > 14 received
[  231.705175][   T12] CPU: 1 UID: 0 PID: 12 Comm: kworker/u8:0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  231.705203][   T12] Tainted: [L]=SOFTLOCKUP
[  231.705209][   T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  231.705219][   T12] Workqueue: writeback wb_workfn (flush-7:5)
[  231.705254][   T12] Call Trace:
[  231.705260][   T12]  <TASK>
[  231.705267][   T12]  dump_stack_lvl+0xe8/0x150
[  231.705291][   T12]  f2fs_handle_critical_error+0x37c/0x540
[  231.705318][   T12]  f2fs_write_end_io+0xcdb/0xff0
[  231.705359][   T12]  __submit_merged_bio+0x256/0x650
[  231.705385][   T12]  __submit_merged_write_cond+0x3c3/0x4e0
[  231.705415][   T12]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  231.705458][   T12]  f2fs_write_data_pages+0x2970/0x35e0
[  231.705510][   T12]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  231.705542][   T12]  ? unwind_next_frame+0xa5/0x23c0
[  231.705594][   T12]  ? ret_from_fork_asm+0x1a/0x30
[  231.705630][   T12]  ? unwind_next_frame+0xa5/0x23c0
[  231.705732][   T12]  ? __lock_acquire+0x6b5/0x2cf0
[  231.705759][   T12]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  231.705791][   T12]  do_writepages+0x32e/0x550
[  231.705820][   T12]  ? reacquire_held_locks+0x104/0x190
[  231.705840][   T12]  ? writeback_sb_inodes+0x42a/0x1940
[  231.705866][   T12]  __writeback_single_inode+0x133/0x1060
[  231.705886][   T12]  ? do_raw_spin_unlock+0xf5/0x210
[  231.705907][   T12]  writeback_sb_inodes+0x92e/0x1940
[  231.705954][   T12]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  231.705969][   T12]  ? do_raw_spin_lock+0x12b/0x2f0
[  231.706030][   T12]  ? rcu_is_watching+0x15/0xb0
[  231.706061][   T12]  wb_writeback+0x445/0xad0
[  231.706084][   T12]  ? queue_io+0x211/0x450
[  231.706110][   T12]  ? __pfx_wb_writeback+0x10/0x10
[  231.706125][   T12]  ? do_raw_spin_lock+0x12b/0x2f0
[  231.706159][   T12]  wb_workfn+0x3f8/0xef0
[  231.706178][   T12]  ? __lock_acquire+0x6b5/0x2cf0
[  231.706194][   T12]  ? look_up_lock_class+0x57/0x110
[  231.706235][   T12]  ? __pfx_wb_workfn+0x10/0x10
[  231.706262][   T12]  ? do_raw_spin_lock+0x12b/0x2f0
[  231.706275][   T12]  ? lock_acquire+0x106/0x330
[  231.706295][   T12]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  231.706314][   T12]  ? process_one_work+0x87c/0x15a0
[  231.706335][   T12]  ? process_one_work+0x87c/0x15a0
[  231.706373][   T12]  ? process_one_work+0x87c/0x15a0
[  231.706391][   T12]  process_one_work+0x949/0x15a0
[  231.706434][   T12]  ? __pfx_process_one_work+0x10/0x10
[  231.706450][   T12]  ? do_raw_spin_lock+0x12b/0x2f0
[  231.706485][   T12]  worker_thread+0xb46/0x1140
[  231.706532][   T12]  kthread+0x388/0x470
[  231.706549][   T12]  ? __pfx_worker_thread+0x10/0x10
[  231.706566][   T12]  ? __pfx_kthread+0x10/0x10
[  231.706590][   T12]  ret_from_fork+0x51b/0xa40
[  231.706614][   T12]  ? __pfx_ret_from_fork+0x10/0x10
[  231.706630][   T12]  ? __switch_to+0xc7d/0x1400
[  231.706667][   T12]  ? __pfx_kthread+0x10/0x10
[  231.706690][   T12]  ret_from_fork_asm+0x1a/0x30
[  231.706731][   T12]  </TASK>
[  232.009487][   T12] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  232.032663][ T5877] iowarrior 4-1:0.186: IOWarrior product=0x1505, serial= interface=186 now attached to iowarrior0
[  232.156369][T10271] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1515'.
[  232.308757][ T5919] usb 4-1: USB disconnect, device number 14
[  232.319084][T10273] loop0: detected capacity change from 0 to 1024
[  232.528618][   T49] hfsplus: b-tree write err: -5, ino 4
[  232.530336][T10277] loop2: detected capacity change from 0 to 4096
[  232.815591][ T2957] ntfs3(loop2): ino=5, mi_enum_attr
[  232.969334][T10295] loop2: detected capacity change from 0 to 1024
[  233.041682][T10295] hfsplus: xattr searching failed
[  233.066118][T10295] hfsplus: xattr searching failed
[  233.232005][ T5919] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  233.424839][ T5919] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9375, bcdDevice=1a.9e
[  233.443918][ T5919] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  233.488202][ T5919] usb 4-1: config 0 descriptor??
[  233.492768][T10310] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1533'.
[  233.903696][ T5919] ath6kl: Unsupported hardware version: 0x0
[  233.919473][T10308] loop2: detected capacity change from 0 to 32768
[  233.947894][ T5919] ath6kl: Failed to init ath6kl core: -22
[  233.956228][T10308] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1531 (10308)
[  233.975199][ T5919] ath6kl_usb 4-1:0.0: probe with driver ath6kl_usb failed with error -22
[  234.051775][T10308] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  234.097233][T10308] BTRFS info (device loop2): using sha256 checksum algorithm
[  234.141318][   T24] usb 4-1: USB disconnect, device number 15
[  234.331781][T10308] BTRFS info (device loop2): rebuilding free space tree
[  234.382505][T10308] BTRFS info (device loop2): disabling free space tree
[  234.400373][T10308] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  234.428240][T10308] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  234.464498][T10308] BTRFS info (device loop2): enabling ssd optimizations
[  234.481636][T10308] BTRFS info (device loop2): turning on sync discard
[  234.490618][T10308] BTRFS info (device loop2): force clearing of disk cache
[  234.530203][T10308] BTRFS info (device loop2): enabling auto defrag
[  234.550310][T10308] BTRFS info (device loop2): max_inline set to 0
[  234.829019][ T5835] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  234.921179][T10369] loop5: detected capacity change from 0 to 1024
[  235.105041][T10375] loop3: detected capacity change from 0 to 128
[  235.236180][T10375] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  235.282710][T10375] ext4 filesystem being mounted at /294/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  235.313713][ T3459] hfsplus: b-tree write err: -5, ino 4
[  235.471073][ T5830] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  235.546436][T10388] loop2: detected capacity change from 0 to 2048
[  235.648782][T10388] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  235.826664][ T5835] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4128793 free clusters
[  235.903528][ T5835] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.015783][ T5919] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  236.123881][ T5884] usb 1-1: new low-speed USB device number 16 using dummy_hcd
[  236.209051][ T5919] usb 4-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[  236.229121][ T5919] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  236.251653][T10386] loop5: detected capacity change from 0 to 32768
[  236.266747][ T5919] usb 4-1: Product: syz
[  236.270951][ T5919] usb 4-1: Manufacturer: syz
[  236.275578][ T5919] usb 4-1: SerialNumber: syz
[  236.298326][ T5884] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  236.311250][ T5919] usb 4-1: config 0 descriptor??
[  236.322690][ T5884] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  236.336705][T10386] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  236.346001][ T5884] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  236.354196][ T5919] gspca_main: sunplus-2.14.0 probing 055f:c230
[  236.409872][ T5884] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  236.464850][ T5884] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  236.501566][ T5884] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  236.515389][T10386] XFS (loop5): Ending clean mount
[  236.521561][ T5884] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  236.545448][ T5884] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  236.582455][ T5884] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  236.621289][ T5884] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  236.658362][ T5884] usb 1-1: config 168 descriptor has 1 excess byte, ignoring
[  236.668141][ T8656] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  236.677545][ T5884] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  236.705400][ T5884] usb 1-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  236.733674][ T5884] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  236.746023][ T5884] usb 1-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  236.810218][ T5884] usb 1-1: string descriptor 0 read error: -22
[  236.817109][ T5884] usb 1-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  236.838111][ T5884] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  236.902742][ T5884] adutux 1-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  237.109940][ T5884] usb 1-1: USB disconnect, device number 16
[  237.164402][ T5919] gspca_sunplus: reg_r err -71
[  237.171571][ T5919] sunplus 4-1:0.0: probe with driver sunplus failed with error -71
[  237.219293][ T5919] usb 4-1: USB disconnect, device number 16
[  237.223059][T10441] netlink: 190972 bytes leftover after parsing attributes in process `syz.1.1579'.
[  237.335988][ T5838] Bluetooth: hci4: command 0x0406 tx timeout
[  237.546394][T10432] loop2: detected capacity change from 0 to 32768
[  237.562091][T10432] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1577 (10432)
[  237.608430][T10432] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  237.628114][T10432] BTRFS info (device loop2): using sha256 checksum algorithm
[  237.770000][T10440] loop5: detected capacity change from 0 to 32768
[  237.780113][T10432] BTRFS info (device loop2): enabling ssd optimizations
[  237.826077][T10440] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1580 (10440)
[  237.838975][T10432] BTRFS info (device loop2): turning on async discard
[  237.884883][T10432] BTRFS info (device loop2): enabling free space tree
[  237.933923][T10440] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  237.948712][T10440] BTRFS info (device loop5): using crc32c checksum algorithm
[  238.026278][T10462] loop0: detected capacity change from 0 to 8192
[  238.062906][ T5835] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  238.179404][T10440] BTRFS info (device loop5): turning off barriers
[  238.223170][T10440] BTRFS info (device loop5): enabling free space tree
[  238.308509][T10440] BTRFS info (device loop5): use zstd compression, level 3
[  238.362462][T10489] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1588'.
[  238.437147][T10489] bridge0: port 1(bridge_slave_0) entered disabled state
[  238.608856][T10489] bridge_slave_0 (unregistering): left allmulticast mode
[  238.636048][T10489] bridge_slave_0 (unregistering): left promiscuous mode
[  238.643489][T10489] bridge0: port 1(bridge_slave_0) entered disabled state
[  238.716018][ T8656] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  238.936875][T10496] loop3: detected capacity change from 0 to 64
[  239.587269][T10520] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1602'.
[  240.220141][ T5935] usb 2-1: new full-speed USB device number 11 using dummy_hcd
[  240.366427][ T5919] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  240.428742][ T5935] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  240.466198][ T5935] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  240.485972][ T5935] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  240.517504][ T5935] usb 2-1: New USB device found, idVendor=0457, idProduct=07da, bcdDevice= 0.00
[  240.552596][ T5919] usb 4-1: Using ep0 maxpacket: 8
[  240.591424][ T5919] usb 4-1: config 0 has no interfaces?
[  240.610876][ T5935] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  240.626201][ T5919] usb 4-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  240.658738][ T5935] usb 2-1: config 0 descriptor??
[  240.663805][ T5919] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  240.696863][ T5919] usb 4-1: config 0 descriptor??
[  240.815839][ T5921] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  240.982429][ T5884] usb 4-1: USB disconnect, device number 17
[  241.016564][ T5921] usb 6-1: Using ep0 maxpacket: 32
[  241.027587][ T5921] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  241.051205][ T5921] usb 6-1: config 0 has no interface number 0
[  241.089902][ T5921] usb 6-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=93.d8
[  241.111913][ T5935] hid_parser_main: 8 callbacks suppressed
[  241.111932][ T5935] hid-multitouch 0003:0457:07DA.0013: unknown main item tag 0x0
[  241.144560][ T5921] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  241.163237][ T5921] usb 6-1: Product: syz
[  241.167883][ T5935] hid-multitouch 0003:0457:07DA.0013: unknown main item tag 0x0
[  241.175641][ T5935] hid-multitouch 0003:0457:07DA.0013: unknown main item tag 0x0
[  241.176770][ T5921] usb 6-1: Manufacturer: syz
[  241.199692][ T5935] hid-multitouch 0003:0457:07DA.0013: unknown main item tag 0x0
[  241.218631][ T5921] usb 6-1: SerialNumber: syz
[  241.224070][ T5935] hid-multitouch 0003:0457:07DA.0013: unknown main item tag 0x0
[  241.237050][ T5921] usb 6-1: config 0 descriptor??
[  241.246088][ T5935] hid-multitouch 0003:0457:07DA.0013: unknown main item tag 0x0
[  241.265763][ T5935] hid-multitouch 0003:0457:07DA.0013: unknown main item tag 0x0
[  241.273471][ T5935] hid-multitouch 0003:0457:07DA.0013: unknown main item tag 0x0
[  241.283710][ T5921] usb 6-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  241.293017][ T5921] usb 6-1: selecting invalid altsetting 1
[  241.306079][ T5935] hid-multitouch 0003:0457:07DA.0013: unknown main item tag 0x0
[  241.313856][ T5935] hid-multitouch 0003:0457:07DA.0013: unknown main item tag 0x0
[  241.325360][ T5921] usb 6-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  241.346595][ T5921] usb 6-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  241.370494][ T5921] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  241.379869][ T5935] hid-multitouch 0003:0457:07DA.0013: hidraw0: USB HID v0.00 Device [HID 0457:07da] on usb-dummy_hcd.1-1/input0
[  241.415044][ T5921] usb 6-1: media controller created
[  241.448353][ T5935] usb 2-1: USB disconnect, device number 11
[  241.473293][ T5921] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  241.581894][T10569] fido_id[10569]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  241.646948][ T5921] usb 6-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  241.655145][ T5921] zl10353_read_register: readreg error (reg=127, ret==-71)
[  241.702049][ T5921] usb 6-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  241.859526][ T5921] usb 6-1: USB disconnect, device number 5
[  242.598952][T10595] netlink: 'syz.3.1631': attribute type 8 has an invalid length.
[  242.611975][T10595] sch_fq: defrate 0 ignored.
[  242.828218][T10603] loop5: detected capacity change from 0 to 1024
[  242.855464][T10605] loop0: detected capacity change from 0 to 64
[  243.060472][T10571] loop2: detected capacity change from 0 to 32768
[  243.164928][T10607] sctp: [Deprecated]: syz.3.1637 (pid 10607) Use of int in maxseg socket option.
[  243.164928][T10607] Use struct sctp_assoc_value instead
[  243.240564][T10571] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  243.501463][T10628] loop1: detected capacity change from 0 to 256
[  243.570231][T10571] XFS (loop2): Ending clean mount
[  243.595808][T10628] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  243.690660][   T30] audit: type=1800 audit(1770020720.837:43): pid=10628 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1643" name="file1" dev="loop1" ino=1048660 res=0 errno=0
[  243.719662][ T5877] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  243.764211][T10628] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  243.858493][T10628] FAT-fs (loop1): Filesystem has been set read-only
[  243.900941][ T5835] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  243.931565][ T5877] usb 4-1: config 220 has an invalid interface number: 76 but max is 2
[  243.940476][ T5877] usb 4-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  243.975604][ T5877] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  244.021261][ T5877] usb 4-1: config 220 has no interface number 2
[  244.064957][ T5877] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  244.082196][ T5877] usb 4-1: config 220 interface 0 has no altsetting 0
[  244.096887][T10616] loop0: detected capacity change from 0 to 40427
[  244.133905][T10616] F2FS-fs (loop0): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  244.141938][ T5877] usb 4-1: config 220 interface 76 has no altsetting 0
[  244.156229][ T5877] usb 4-1: config 220 interface 1 has no altsetting 0
[  244.176566][ T5877] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  244.195723][ T5877] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  244.196249][T10616] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  244.220064][ T5877] usb 4-1: Product: syz
[  244.226358][T10616] F2FS-fs (loop0): build fault injection rate: 18446
[  244.267517][T10616] F2FS-fs (loop0): invalid crc value
[  244.293961][ T5877] usb 4-1: Manufacturer: syz
[  244.312356][ T5877] usb 4-1: SerialNumber: syz
[  244.548906][T10616] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  244.564527][T10616] F2FS-fs (loop0): Start checkpoint disabled!
[  244.585993][ T5877] usb 4-1: selecting invalid altsetting 0
[  244.602252][T10616] F2FS-fs (loop0): f2fs_disable_checkpoint() finish, err:0
[  244.617065][ T5877] uvcvideo 4-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  244.624413][ T5877] uvcvideo 4-1:220.0: No valid video chain found.
[  244.639341][T10616] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  244.649720][T10616] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  244.672533][ T5877] usb 4-1: selecting invalid altsetting 0
[  244.701258][ T5877] usbtest 4-1:220.1: probe with driver usbtest failed with error -22
[  244.724685][T10616] syz.0.1639: attempt to access beyond end of device
[  244.724685][T10616] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  244.747734][ T5877] usb 4-1: USB disconnect, device number 18
[  244.886346][T10648] syz.0.1639: attempt to access beyond end of device
[  244.886346][T10648] loop0: rw=0, sector=45096, nr_sectors = 8 limit=40427
[  244.956689][ T2957] kworker/u8:6: attempt to access beyond end of device
[  244.956689][ T2957] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  244.975895][ T2957] CPU: 0 UID: 0 PID: 2957 Comm: kworker/u8:6 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  244.975926][ T2957] Tainted: [L]=SOFTLOCKUP
[  244.975932][ T2957] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  244.975946][ T2957] Workqueue: writeback wb_workfn (flush-7:0)
[  244.975979][ T2957] Call Trace:
[  244.975985][ T2957]  <TASK>
[  244.975993][ T2957]  dump_stack_lvl+0xe8/0x150
[  244.976024][ T2957]  f2fs_handle_critical_error+0x37c/0x540
[  244.976052][ T2957]  f2fs_write_end_io+0xcdb/0xff0
[  244.976093][ T2957]  __submit_merged_bio+0x256/0x650
[  244.976120][ T2957]  __submit_merged_write_cond+0x3c3/0x4e0
[  244.976150][ T2957]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  244.976196][ T2957]  f2fs_write_data_pages+0x2970/0x35e0
[  244.976254][ T2957]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  244.976290][ T2957]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  244.976349][ T2957]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  244.976386][ T2957]  ? __lock_acquire+0x6b5/0x2cf0
[  244.976421][ T2957]  ? f2fs_update_inode+0x13d9/0x2620
[  244.976446][ T2957]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  244.976468][ T2957]  do_writepages+0x32e/0x550
[  244.976496][ T2957]  ? reacquire_held_locks+0x104/0x190
[  244.976515][ T2957]  ? writeback_sb_inodes+0x42a/0x1940
[  244.976540][ T2957]  __writeback_single_inode+0x133/0x1060
[  244.976560][ T2957]  ? do_raw_spin_unlock+0xf5/0x210
[  244.976581][ T2957]  writeback_sb_inodes+0x92e/0x1940
[  244.976628][ T2957]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  244.976644][ T2957]  ? do_raw_spin_lock+0x12b/0x2f0
[  244.976704][ T2957]  ? rcu_is_watching+0x15/0xb0
[  244.976734][ T2957]  wb_writeback+0x445/0xad0
[  244.976756][ T2957]  ? queue_io+0x211/0x450
[  244.976777][ T2957]  ? __pfx_wb_writeback+0x10/0x10
[  244.976789][ T2957]  ? do_raw_spin_lock+0x12b/0x2f0
[  244.976817][ T2957]  wb_workfn+0x3f8/0xef0
[  244.976837][ T2957]  ? __lock_acquire+0x6b5/0x2cf0
[  244.976852][ T2957]  ? look_up_lock_class+0x57/0x110
[  244.976889][ T2957]  ? __pfx_wb_workfn+0x10/0x10
[  244.976915][ T2957]  ? do_raw_spin_lock+0x12b/0x2f0
[  244.976928][ T2957]  ? lock_acquire+0x106/0x330
[  244.976948][ T2957]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  244.976967][ T2957]  ? process_one_work+0x87c/0x15a0
[  244.976987][ T2957]  ? process_one_work+0x87c/0x15a0
[  244.977026][ T2957]  ? process_one_work+0x87c/0x15a0
[  244.977043][ T2957]  process_one_work+0x949/0x15a0
[  244.977086][ T2957]  ? __pfx_process_one_work+0x10/0x10
[  244.977102][ T2957]  ? do_raw_spin_lock+0x12b/0x2f0
[  244.977137][ T2957]  worker_thread+0xb46/0x1140
[  244.977186][ T2957]  kthread+0x388/0x470
[  244.977202][ T2957]  ? __pfx_worker_thread+0x10/0x10
[  244.977218][ T2957]  ? __pfx_kthread+0x10/0x10
[  244.977242][ T2957]  ret_from_fork+0x51b/0xa40
[  244.977265][ T2957]  ? __pfx_ret_from_fork+0x10/0x10
[  244.977283][ T2957]  ? __switch_to+0xc7d/0x1400
[  244.977305][ T2957]  ? __pfx_kthread+0x10/0x10
[  244.977328][ T2957]  ret_from_fork_asm+0x1a/0x30
[  244.977368][ T2957]  </TASK>
[  244.977376][ T2957] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  245.582490][T10649] loop5: detected capacity change from 0 to 32768
[  245.633234][T10649] (syz.5.1651,10649,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  245.684367][T10649] (syz.5.1651,10649,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  245.714066][T10664] loop3: detected capacity change from 0 to 1024
[  245.761969][T10649] JBD2: Ignoring recovery information on journal
[  245.769314][T10664] EXT4-fs: inline encryption not supported
[  245.846962][T10649] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  245.868911][T10664] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  245.975783][ T5919] usb 2-1: new full-speed USB device number 12 using dummy_hcd
[  246.142822][ T5919] usb 2-1: New USB device found, idVendor=05ab, idProduct=0060, bcdDevice=11.06
[  246.162521][ T5919] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  246.207222][ T5830] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  246.209201][ T5919] usb 2-1: config 0 descriptor??
[  246.374307][ T8656] ocfs2: Unmounting device (7,5) on (node local)
[  246.440962][T10666] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  246.472729][T10666] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  246.501526][ T5832] Bluetooth: hci3: Unknown advertising packet type: 0x17
[  246.501557][ T5832] Bluetooth: hci3: Malformed LE Event: 0x0d
[  246.502390][ T5919] usb 2-1: string descriptor 0 read error: -71
[  246.608528][ T5919] usb-storage 2-1:0.0: USB Mass Storage device detected
[  246.668331][ T5919] usb-storage 2-1:0.0: Quirks match for vid 05ab pid 0060: 2
[  246.679529][T10691] loop3: detected capacity change from 0 to 128
[  246.783811][ T5919] usb 2-1: USB disconnect, device number 12
[  246.792928][T10691] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  246.874248][T10677] loop2: detected capacity change from 0 to 32768
[  246.895393][T10691] ext4 filesystem being mounted at /313/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  246.997805][T10677] JBD2: Ignoring recovery information on journal
[  247.023731][ T5830] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  247.121255][T10677] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  247.551818][ T5835] ocfs2: Unmounting device (7,2) on (node local)
[  247.577970][T10719] loop5: detected capacity change from 0 to 512
[  247.652836][T10719] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  247.688285][T10720] loop3: detected capacity change from 0 to 4096
[  247.747887][T10719] ext4 filesystem being mounted at /135/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  247.764736][T10720] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  247.794440][T10720] UDF-fs: Scanning with blocksize 512 failed
[  247.831381][T10720] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  247.881296][   T30] audit: type=1800 audit(1770020725.037:44): pid=10720 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1680" name="file1" dev="loop3" ino=1334 res=0 errno=0
[  247.945340][ T8656] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.949788][T10714] loop1: detected capacity change from 0 to 40427
[  248.006808][T10714] F2FS-fs (loop1): Image doesn't support compression
[  248.014808][T10714] F2FS-fs (loop1): build fault injection rate: 690
[  248.045814][T10714] F2FS-fs (loop1): build fault injection type: 0x2
[  248.102424][T10714] F2FS-fs (loop1): invalid crc value
[  248.167259][T10727] loop5: detected capacity change from 0 to 512
[  248.228490][T10727] EXT4-fs (loop5): Test dummy encryption mode enabled
[  248.241269][T10727] EXT4-fs (loop5): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  248.267207][T10735] netlink: 'syz.3.1684': attribute type 8 has an invalid length.
[  248.322937][T10736] loop2: detected capacity change from 0 to 2048
[  248.400715][T10736] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  248.422580][T10727] EXT4-fs error (device loop5): ext4_add_entry:2415: inode #2: comm syz.5.1682: Directory hole found for htree leaf block 0
[  248.443702][T10736] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  248.457649][T10727] EXT4-fs (loop5): Remounting filesystem read-only
[  248.505224][T10714] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  248.537987][T10714] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  248.548070][ T8656] EXT4-fs (loop5): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  248.648228][   T30] audit: type=1800 audit(1770020725.797:45): pid=10714 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1677" name="file2" dev="loop1" ino=10 res=0 errno=0
[  248.738188][ T5834] syz-executor: attempt to access beyond end of device
[  248.738188][ T5834] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  248.755031][ T5834] CPU: 0 UID: 0 PID: 5834 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  248.755058][ T5834] Tainted: [L]=SOFTLOCKUP
[  248.755064][ T5834] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  248.755072][ T5834] Call Trace:
[  248.755080][ T5834]  <TASK>
[  248.755087][ T5834]  dump_stack_lvl+0xe8/0x150
[  248.755114][ T5834]  f2fs_handle_critical_error+0x37c/0x540
[  248.755140][ T5834]  f2fs_write_end_io+0xcdb/0xff0
[  248.755180][ T5834]  __submit_merged_bio+0x256/0x650
[  248.755206][ T5834]  __submit_merged_write_cond+0x3c3/0x4e0
[  248.755234][ T5834]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  248.755275][ T5834]  f2fs_write_data_pages+0x2970/0x35e0
[  248.755334][ T5834]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  248.755359][ T5834]  ? __lock_acquire+0x6b5/0x2cf0
[  248.755390][ T5834]  ? do_raw_spin_lock+0x12b/0x2f0
[  248.755434][ T5834]  ? do_raw_spin_unlock+0xf5/0x210
[  248.755453][ T5834]  ? __lock_acquire+0x6b5/0x2cf0
[  248.755485][ T5834]  ? __lock_acquire+0x6b5/0x2cf0
[  248.755523][ T5834]  ? do_raw_spin_lock+0x12b/0x2f0
[  248.755550][ T5834]  ? do_raw_spin_unlock+0xf5/0x210
[  248.755566][ T5834]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  248.755588][ T5834]  do_writepages+0x32e/0x550
[  248.755618][ T5834]  ? do_raw_spin_unlock+0xf5/0x210
[  248.755639][ T5834]  filemap_fdatawrite+0x1e9/0x2f0
[  248.755666][ T5834]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  248.755730][ T5834]  ? do_raw_spin_unlock+0xf5/0x210
[  248.755751][ T5834]  f2fs_sync_dirty_inodes+0x30e/0x810
[  248.755789][ T5834]  f2fs_write_checkpoint+0x9cf/0x2680
[  248.755848][ T5834]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  248.755928][ T5834]  kill_f2fs_super+0x314/0x720
[  248.755957][ T5834]  ? __pfx_kill_f2fs_super+0x10/0x10
[  248.755992][ T5834]  ? lockdep_hardirqs_on+0x7a/0x110
[  248.756024][ T5834]  deactivate_locked_super+0xbc/0x130
[  248.756048][ T5834]  cleanup_mnt+0x437/0x4d0
[  248.756070][ T5834]  ? _raw_spin_unlock_irq+0x23/0x50
[  248.756098][ T5834]  task_work_run+0x1d9/0x270
[  248.756118][ T5834]  ? __pfx_task_work_run+0x10/0x10
[  248.756145][ T5834]  exit_to_user_mode_loop+0xed/0x480
[  248.756164][ T5834]  ? rcu_is_watching+0x15/0xb0
[  248.756187][ T5834]  do_syscall_64+0x2b7/0xf80
[  248.756204][ T5834]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.756219][ T5834]  ? trace_irq_disable+0x37/0x100
[  248.756238][ T5834]  ? clear_bhb_loop+0x40/0x90
[  248.756259][ T5834]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  248.756274][ T5834] RIP: 0033:0x7f9e1c79c117
[  248.756291][ T5834] Code: a2 c7 05 7c 94 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  248.756304][ T5834] RSP: 002b:00007fffe2650788 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  248.756321][ T5834] RAX: 0000000000000000 RBX: 00007f9e1c80471f RCX: 00007f9e1c79c117
[  248.756332][ T5834] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffe2650840
[  248.756341][ T5834] RBP: 00007fffe2650840 R08: 00007fffe2651840 R09: 00000000ffffffff
[  248.756352][ T5834] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fffe26518d0
[  248.756361][ T5834] R13: 00007f9e1c80471f R14: 000000000003cb56 R15: 00007fffe2651910
[  248.756393][ T5834]  </TASK>
[  249.071185][ T5834] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  249.232645][T10756] loop0: detected capacity change from 0 to 4096
[  249.242923][T10756] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512).
[  249.325765][   T24] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  249.327640][T10760] program syz.5.1697 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  249.493612][   T24] usb 4-1: Using ep0 maxpacket: 16
[  249.512439][   T24] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  249.551788][   T24] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  249.602367][   T24] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  249.631831][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  249.652335][   T24] usb 4-1: Product: syz
[  249.662960][   T24] usb 4-1: Manufacturer: syz
[  249.681487][   T24] usb 4-1: SerialNumber: syz
[  249.690006][ T5921] hid_parser_main: 17 callbacks suppressed
[  249.690025][ T5921] hid-generic 0008:0006:0007.0014: unknown main item tag 0x0
[  249.724459][ T5921] hid-generic 0008:0006:0007.0014: unknown main item tag 0x0
[  249.751960][ T5921] hid-generic 0008:0006:0007.0014: unknown main item tag 0x0
[  249.774695][ T5921] hid-generic 0008:0006:0007.0014: unknown main item tag 0x0
[  249.809159][ T5921] hid-generic 0008:0006:0007.0014: unknown main item tag 0x0
[  249.826626][ T5921] hid-generic 0008:0006:0007.0014: unknown main item tag 0x0
[  249.843661][ T5921] hid-generic 0008:0006:0007.0014: unknown main item tag 0x0
[  249.861064][ T5921] hid-generic 0008:0006:0007.0014: unknown main item tag 0x0
[  249.873920][T10775] loop0: detected capacity change from 0 to 128
[  249.876953][ T5921] hid-generic 0008:0006:0007.0014: unknown main item tag 0x0
[  249.913097][   T24] usb 4-1: 0:2 : does not exist
[  249.921258][ T5921] hid-generic 0008:0006:0007.0014: unknown main item tag 0x0
[  249.956154][   T24] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[  249.974013][ T5921] hid-generic 0008:0006:0007.0014: hidraw0: <UNKNOWN> HID v0.0b Device [syz1] on syz1
[  250.109253][   T24] usb 4-1: USB disconnect, device number 19
[  250.165386][T10778] fido_id[10778]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  250.312134][ T6009] udevd[6009]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  250.340357][T10787] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1708'.
[  250.352250][T10788] loop1: detected capacity change from 0 to 256
[  250.422598][T10788] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  250.574024][T10797] loop0: detected capacity change from 0 to 16
[  250.584963][T10794] loop5: detected capacity change from 0 to 2048
[  250.597603][T10799] exFAT-fs (loop1): start_clu is invalid cluster(0xffffffff)
[  250.606427][T10798] program syz.3.1714 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  250.614202][T10794] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  250.626078][T10797] erofs (device loop0): mounted with root inode @ nid 36.
[  250.773457][ T5822] VFS_WARN_ON_INODE(strlen(link) != linklen): inode:ffff888058c89548 fs:erofs mode:120777 opflags:0x8 flags:0x0 state:0x1 count:1
[  250.782298][T10802] loop3: detected capacity change from 0 to 64
[  250.816204][ T5822] ------------[ cut here ]------------
[  250.821722][ T5822] 1
[  250.821751][ T5822] WARNING: ./include/linux/fs.h:953 at erofs_iget+0x1fce/0x2bb0, CPU#0: syz-executor/5822
[  250.836103][ T5822] Modules linked in:
[  250.841325][ T5822] CPU: 0 UID: 0 PID: 5822 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  250.853311][ T5822] Tainted: [L]=SOFTLOCKUP
[  250.858473][ T5822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  250.868776][ T5822] RIP: 0010:erofs_iget+0x1fce/0x2bb0
[  250.874086][ T5822] Code: 0f 8c e4 e1 ff ff 48 89 df e8 fe a6 e1 fd e9 d7 e1 ff ff e8 74 45 78 fd 48 8b 7c 24 10 48 c7 c6 00 9b 1e 8c e8 83 3e fc fd 90 <0f> 0b 90 e9 3c fe ff ff e8 55 45 78 fd 48 8b 7c 24 10 48 c7 c6 80
[  250.894123][ T5822] RSP: 0018:ffffc90003fff780 EFLAGS: 00010246
[  250.900270][ T5822] RAX: f6e7598fe9288900 RBX: 0000000000000017 RCX: f6e7598fe9288900
[  250.908318][ T5822] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  250.916427][ T5822] RBP: ffffc90003fff9a0 R08: ffffc90003fff367 R09: 1ffff920007ffe6c
[  250.924412][ T5822] R10: dffffc0000000000 R11: fffff520007ffe6d R12: 0000000000000027
[  250.932480][ T5822] R13: 1ffff1100b1912b3 R14: 0000000000000027 R15: ffff8880371bec80
[  250.940835][ T5822] FS:  000055557094a500(0000) GS:ffff888125296000(0000) knlGS:0000000000000000
[  250.950546][ T5822] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  250.957688][ T5822] CR2: 00007fc1c05d5000 CR3: 000000005f9fa000 CR4: 00000000003526f0
[  250.965768][ T5822] Call Trace:
[  250.969067][ T5822]  <TASK>
[  250.972008][ T5822]  ? erofs_put_metabuf+0x17a/0x290
[  250.978631][ T5822]  ? __pfx_erofs_iget+0x10/0x10
[  250.983511][ T5822]  ? __pfx_erofs_namei+0x10/0x10
[  250.988588][ T5822]  ? __pfx_d_alloc_parallel+0x10/0x10
[  250.993981][ T5822]  ? do_raw_spin_lock+0x12b/0x2f0
[  250.995805][   T30] audit: type=1800 audit(1770020728.127:46): pid=10802 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1715" name="file1" dev="loop3" ino=5 res=0 errno=0
[  250.999080][ T5822]  erofs_lookup+0x186/0x320
[  251.023844][ T5822]  __lookup_slow+0x2b7/0x410
[  251.028651][ T5822]  ? __pfx___lookup_slow+0x10/0x10
[  251.033811][ T5822]  ? down_read+0x272/0x2e0
[  251.038700][ T5822]  lookup_slow+0x53/0x70
[  251.043059][ T5822]  path_lookupat+0x3f5/0x8c0
[  251.047776][ T5822]  filename_lookup+0x256/0x5d0
[  251.053112][ T5822]  ? __pfx_filename_lookup+0x10/0x10
[  251.058892][ T5822]  ? strncpy_from_user+0x150/0x2b0
[  251.064035][ T5822]  ? do_getname+0x151/0x250
[  251.068623][ T5822]  user_path_at+0x40/0x160
[  251.073151][ T5822]  __x64_sys_umount+0xf6/0x170
[  251.078078][ T5822]  ? __pfx___x64_sys_umount+0x10/0x10
[  251.083486][ T5822]  do_syscall_64+0xe2/0xf80
[  251.088088][ T5822]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.094167][ T5822]  ? trace_irq_disable+0x37/0x100
[  251.099340][ T5822]  ? clear_bhb_loop+0x40/0x90
[  251.104039][ T5822]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.110033][ T5822] RIP: 0033:0x7f549799c117
[  251.114461][ T5822] Code: a2 c7 05 7c 94 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  251.134239][ T5822] RSP: 002b:00007ffff9f4cfb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  251.142970][ T5822] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f549799c117
[  251.151228][ T5822] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffff9f4d070
[  251.160176][ T5822] RBP: 00007ffff9f4d070 R08: 00007ffff9f4e070 R09: 00000000ffffffff
[  251.169007][ T5822] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffff9f4e160
[  251.177388][ T5822] R13: 00007f5497a0471f R14: 000055557094a4e8 R15: 00007ffff9f50320
[  251.185409][ T5822]  </TASK>
[  251.188547][ T5822] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  251.196011][ T5822] CPU: 0 UID: 0 PID: 5822 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  251.207414][ T5822] Tainted: [L]=SOFTLOCKUP
[  251.211830][ T5822] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/24/2026
[  251.221909][ T5822] Call Trace:
[  251.225198][ T5822]  <TASK>
[  251.228255][ T5822]  vpanic+0x56c/0xa60
[  251.232268][ T5822]  ? __pfx__printk+0x10/0x10
[  251.237050][ T5822]  ? __pfx_vpanic+0x10/0x10
[  251.241833][ T5822]  ? is_bpf_text_address+0x292/0x2b0
[  251.247560][ T5822]  ? is_bpf_text_address+0x26/0x2b0
[  251.252801][ T5822]  panic+0xc5/0xd0
[  251.256549][ T5822]  ? __pfx_panic+0x10/0x10
[  251.261017][ T5822]  __warn+0x315/0x4a0
[  251.265024][ T5822]  ? erofs_iget+0x1fce/0x2bb0
[  251.269812][ T5822]  ? erofs_iget+0x1fce/0x2bb0
[  251.274488][ T5822]  __report_bug+0x29a/0x540
[  251.278983][ T5822]  ? erofs_iget+0x1fce/0x2bb0
[  251.283672][ T5822]  ? __pfx___report_bug+0x10/0x10
[  251.288692][ T5822]  ? strncpy_from_kernel_nofault+0x103/0x1c0
[  251.294657][ T5822]  ? dump_inode+0x379/0x450
[  251.299240][ T5822]  ? erofs_iget+0x1fce/0x2bb0
[  251.303896][ T5822]  report_bug+0x16a/0x220
[  251.308231][ T5822]  ? erofs_iget+0x1fce/0x2bb0
[  251.312890][ T5822]  ? erofs_iget+0x1fd0/0x2bb0
[  251.317548][ T5822]  handle_bug+0x98/0x200
[  251.321871][ T5822]  exc_invalid_op+0x1a/0x50
[  251.326360][ T5822]  asm_exc_invalid_op+0x1a/0x20
[  251.331200][ T5822] RIP: 0010:erofs_iget+0x1fce/0x2bb0
[  251.336478][ T5822] Code: 0f 8c e4 e1 ff ff 48 89 df e8 fe a6 e1 fd e9 d7 e1 ff ff e8 74 45 78 fd 48 8b 7c 24 10 48 c7 c6 00 9b 1e 8c e8 83 3e fc fd 90 <0f> 0b 90 e9 3c fe ff ff e8 55 45 78 fd 48 8b 7c 24 10 48 c7 c6 80
[  251.356163][ T5822] RSP: 0018:ffffc90003fff780 EFLAGS: 00010246
[  251.362306][ T5822] RAX: f6e7598fe9288900 RBX: 0000000000000017 RCX: f6e7598fe9288900
[  251.370360][ T5822] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  251.378322][ T5822] RBP: ffffc90003fff9a0 R08: ffffc90003fff367 R09: 1ffff920007ffe6c
[  251.386286][ T5822] R10: dffffc0000000000 R11: fffff520007ffe6d R12: 0000000000000027
[  251.394280][ T5822] R13: 1ffff1100b1912b3 R14: 0000000000000027 R15: ffff8880371bec80
[  251.402264][ T5822]  ? erofs_put_metabuf+0x17a/0x290
[  251.407377][ T5822]  ? __pfx_erofs_iget+0x10/0x10
[  251.412217][ T5822]  ? __pfx_erofs_namei+0x10/0x10
[  251.417154][ T5822]  ? __pfx_d_alloc_parallel+0x10/0x10
[  251.422528][ T5822]  ? do_raw_spin_lock+0x12b/0x2f0
[  251.427586][ T5822]  erofs_lookup+0x186/0x320
[  251.432089][ T5822]  __lookup_slow+0x2b7/0x410
[  251.436694][ T5822]  ? __pfx___lookup_slow+0x10/0x10
[  251.441815][ T5822]  ? down_read+0x272/0x2e0
[  251.446226][ T5822]  lookup_slow+0x53/0x70
[  251.450458][ T5822]  path_lookupat+0x3f5/0x8c0
[  251.455148][ T5822]  filename_lookup+0x256/0x5d0
[  251.459928][ T5822]  ? __pfx_filename_lookup+0x10/0x10
[  251.465235][ T5822]  ? strncpy_from_user+0x150/0x2b0
[  251.470367][ T5822]  ? do_getname+0x151/0x250
[  251.474871][ T5822]  user_path_at+0x40/0x160
[  251.479282][ T5822]  __x64_sys_umount+0xf6/0x170
[  251.484147][ T5822]  ? __pfx___x64_sys_umount+0x10/0x10
[  251.489616][ T5822]  do_syscall_64+0xe2/0xf80
[  251.494365][ T5822]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.500419][ T5822]  ? trace_irq_disable+0x37/0x100
[  251.505519][ T5822]  ? clear_bhb_loop+0x40/0x90
[  251.510179][ T5822]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  251.516056][ T5822] RIP: 0033:0x7f549799c117
[  251.520461][ T5822] Code: a2 c7 05 7c 94 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  251.540223][ T5822] RSP: 002b:00007ffff9f4cfb8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  251.548620][ T5822] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f549799c117
[  251.556576][ T5822] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffff9f4d070
[  251.564717][ T5822] RBP: 00007ffff9f4d070 R08: 00007ffff9f4e070 R09: 00000000ffffffff
[  251.572715][ T5822] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffff9f4e160
[  251.580804][ T5822] R13: 00007f5497a0471f R14: 000055557094a4e8 R15: 00007ffff9f50320
[  251.588864][ T5822]  </TASK>
[  251.592228][ T5822] Kernel Offset: disabled
[  251.596535][ T5822] Rebooting in 86400 seconds..