last executing test programs:

5m56.058864343s ago: executing program 1 (id=341):
r0 = io_uring_setup(0x20e8, &(0x7f0000000000)={0x0, 0x8270, 0x40, 0x2, 0x117})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000280)={0x2, 0x3, 0x0, 0x9, 0xa, 0x0, 0x700, 0x0, [@sadb_address={0x3, 0x5, 0x0, 0x0, 0x0, @in={0x2, 0x4e23, @empty}}, @sadb_address={0x3, 0x6, 0xb8, 0x0, 0x0, @in={0x2, 0x3, @private}}, @sadb_sa={0x2, 0x1, 0x0, 0x0, 0x0, 0x3, 0x2, 0x20000001}]}, 0x50}, 0x1, 0x7}, 0x0)
sendmsg$NFT_MSG_GETRULE(r1, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x4008840)
unshare(0x4020400)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000280)={0x0, 0x7, 0x0, 0x81, 0xffffffff})
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_DISALLOCATE(r6, 0x5608)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/vmallocinfo\x00', 0x0, 0x0)
r8 = syz_open_dev$evdev(&(0x7f0000000100), 0x2, 0x862b01)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f00000003c0)={0x54, 0x0, 0x0, {0xffff, 0x1}, {0x4c, 0x2}, @period={0x59, 0x80, 0x100, 0xc, 0x2, {0x7, 0x2d20, 0xff91, 0x5}, 0x0, 0x0}})
write$char_usb(r8, &(0x7f0000000040)="e2", 0x2250)
pread64(r7, &(0x7f00000001c0)=""/200, 0xc8, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(0xffffffffffffffff, 0xc01864c6, &(0x7f00000003c0)={&(0x7f0000000280)=[0x0, 0x0], 0x2, 0x0, 0x0, <r9=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000580)={&(0x7f0000000480)=[0x0, 0x0, <r10=>0x0], 0x0, 0x0, 0x0, 0x3})
ioctl$DRM_IOCTL_MODE_SETCRTC(r9, 0xc06864a2, &(0x7f00000005c0)={0x0, 0x0, 0x0, r10, 0xf8, 0x8, 0x7ff, 0x6, {0x8, 0x8, 0x0, 0x5, 0x0, 0x2, 0x1, 0x1, 0x0, 0xffff, 0x8, 0x7c0, 0xffffffff, 0x77, "ba9a42184edc4097e01b52f22e2cbb318719fb31f6699332292cc81f89f07580"}})
ioctl$DRM_IOCTL_MODE_GETGAMMA(r7, 0xc02064a4, &(0x7f0000000440)={0x0, 0x5, &(0x7f00000000c0)=[0x9, 0x6, 0x873, 0x4, 0x8], &(0x7f0000000380), &(0x7f0000000400)=[0x73, 0x8, 0x3, 0x62a9, 0x5, 0x200, 0x3]})
io_uring_register$IORING_REGISTER_FILES(r0, 0x1e, 0x0, 0x0)
ioctl$EVIOCGUNIQ(r8, 0x80404508, &(0x7f00000002c0)=""/141)

5m55.54239142s ago: executing program 32 (id=342):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000000040)={0x0, 0x2710}, 0x10)
getsockopt$sock_timeval(r0, 0x1, 0x14, 0x0, &(0x7f0000000180))

5m55.154582125s ago: executing program 1 (id=344):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000180)={0x14, 0x2c, 0x1, 0x70bd26, 0x25dfdbfc, {0x6}}, 0x14}, 0x1, 0x0, 0x0, 0x4000d}, 0x20000000)

5m55.039981457s ago: executing program 1 (id=345):
r0 = syz_io_uring_setup(0x3e, &(0x7f0000000640)={0x0, 0xaddb, 0x10100, 0x1, 0x92}, &(0x7f00000001c0)=<r1=>0x0, &(0x7f00000003c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000040)=@IORING_OP_RECVMSG={0xa, 0x0, 0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x80002101})
io_uring_enter(r0, 0x540c, 0xffffe, 0x0, 0x0, 0x0)

5m54.94447284s ago: executing program 1 (id=346):
r0 = openat$sequencer2(0xffffff9c, &(0x7f0000000100), 0x28002, 0x0)
ioctl$SNDCTL_SEQ_NRMIDIS(r0, 0x8004510b, 0x0)

5m54.944173634s ago: executing program 1 (id=347):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x220)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x888000, 0x0)
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000240)='./file1\x00', 0x80c406, &(0x7f0000000540)=ANY=[@ANYBLOB='dots,dots,dmask=000000000200000,nodots,discard,nfs=nostale_ro,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c646f733178666c6f70707900000000000000003030ffffffff303030303031373737373737373756c0f39fdb37372c004c0f1208ec0c34b7df4ba1c1e6b76697434db8574db9bcaef6a61a12c3f260bebc7ac5b1b11361119b83f1cf9f686b715b8e58fd37cea6623dc422c2ddbcefe94e5c255b5e8c90613e6b598b3b7a2c05de53dab7"], 0x1, 0x291, &(0x7f0000000280)="$eJzs3M9r034YwPGn6dZ0+7Ifpy/oxQe96CXMelQPVTYQC0q3inoQMpZpaG1HErQVwZw97e8YHr0J4j+w/8LbEGSnnYyszbKs+4Wza2f7fkHJkzz5tE8SUp5PId16uv66uupbq3YgRl7FEAllR2RWXNmTiZe5dpxLtsvdgoRyY+7N9sfFZ88fFkul+bLqQnHpVkFVp698ffv+09VvwX9PPk+bpmzOvtj6Wfi++f/mpa1fS69cX11f641AbV1uNAJ7ueboiutXLdXHNcf2HXXrvuMdyK/WGmtrLbXrK1OTa57j+2rXW2pIS4OG5uOq6mpZlk5N7sZ5GSG5Px5R2SiX7eK5FIMLw/OKdlZEJg7dDZWNwVQEAAAG6fj+30j22ev/je7+X+SU/v9DvNf0l573/1lJ+v+q0+7/A6+l9kvbTff/ONHZ+n/jfIrB38iEqZV7B1KeV5w4ehD9PwAAAAAAAAAAAAAAAAAAAAAA/4KdKJqJomhmd2mISBSvmyKSTa0fMXSknq0fVunrH6VeZnyBT7j+GAKpB/fyIj/CZqVZybSXnfzCg9L8nLalHvzbbjYr2SR/s5PXg/lxmYzzhSPzObl+rZPfzd1/VErn15uVCVk5sfKwV6cAAAAAAIChZ2liNtmYl2R+b1lqSne+PX/vROH+7wNd8/sxuTzWv+MAAAAAAADH81vvqnat5nj9CbJ9/KwzByJnG347MntSRlZETtmnvCgy+BN1KDDlQpQxzMGdnr1hlBHpbBmPvwy67gIAAAAAw2V/PjDoSgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGF39+OuyQR8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcFH8DgAA//8sg70h")
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r1, 0xc018937c, &(0x7f00000000c0)={{0x1, 0x1, 0x18, r0, {0x1}}, './file0\x00'})

5m54.837908751s ago: executing program 1 (id=348):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0xc00)
sendmsg$NFT_MSG_GETSET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)={0x20, 0xa, 0xa, 0x5, 0x0, 0x0, {0xa, 0x0, 0xd}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x24048014}, 0x4800)

5m51.337950504s ago: executing program 0 (id=369):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
close_range(r0, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000080))
r1 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r1, 0x29, 0x20, &(0x7f0000000280)={@mcast1, 0x800, 0x0, 0x1, 0x1}, 0x20)
setsockopt$inet6_int(r1, 0x29, 0x1000000000021, &(0x7f0000000040)=0x5, 0x4)
sendmsg$inet6(r1, &(0x7f00000000c0)={&(0x7f00000001c0)={0xa, 0x4e23, 0x80000, @private1={0xfc, 0x1, '\x00', 0x1}}, 0x1c, 0x0, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="120000000000000029000000", @ANYRES16=r1], 0x18}, 0x40c0)

5m51.337725039s ago: executing program 0 (id=370):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0x1, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x31}, 'gretap0\x00'}}, 0x1e)
ioctl$PPPOEIOCSFWD(r0, 0x80047453, 0x0)

5m51.305856745s ago: executing program 0 (id=371):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, &(0x7f0000000340)={&(0x7f0000000180)={0x2, 0x3, 0x0, 0x0, 0x3, 0x0, 0x70bd2b, 0x0, [@sadb_x_sec_ctx={0x1, 0x18, 0x1, 0xf}]}, 0x1b}, 0x1, 0x7}, 0x0)

5m51.238093588s ago: executing program 0 (id=373):
syz_mount_image$jfs(&(0x7f0000000080), &(0x7f0000000440)='./file0\x00', 0x2000480, &(0x7f0000000480)=ANY=[], 0xfd, 0x62f4, &(0x7f00000006c0)="$eJzs3c1vHGcdB/Df7JtfQtOoh6pECLlteCmleS0hUKDtAQ5cOKBcUSLXrSJSQElAaRURV75w4I8AIXFBQogjJ/6AHrhy4w8gUoIE6qmD1n4eZzxdZ+0k3ln7+XwkZ+a3z6z3mXx3dmc9M/sEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA//MGPz1URceVX6YYTEZ+LfkQvYmlcr0TE0sqJvPwgIl6IzeZ4PiKGCxFVbnw24vWI+Ph4xP0Hd1bHN53fYz++/5d//uEnx370jz8Pz/zvr7f6b+y23O3bv/3v3+4+/voCAABAieq6rqv0Mf9k+nzf67pTAMBM5Pf/Osm3q+euXp+z/qjVarX6ENZN9WR3m0VErDfvM95ncDgeAA6Z9fik6y7QIfkXbRARx7ruBDDXqq47wIG4/+DOapXyrZrvBytb7flckB35r1fb13fsNp2mfY7JrJ5fG9GP53bpz9KM+jBPcv69dv5XttpHabmDzn9Wdst/tHXpU3Fy/v12/i1HJ//exPxLlfMf7Cv/vvwBAAAAAGCO5b//n+j4+O/Ck6/Knjzq+O/KjPoAAAAAAAAAAE/bk47/t60y/h8AAADMq/Fn9bHfHX94W/Nc/1HsvP1yFfFMa3mgMOlimeWu+wEAAAAAAAAAAAAAJRlsncN7uYoYRsQzy8t1XY9/mtr1fj3p/Q+70tcfStb1izwAAGz5+HjrWv4qYjEiLqfv+hsuLy/X9eLScr1cLy3k/dnRwmK91Phcm6fj2xZGe9ghHozq8S9bbNyvadrn5Wnt7d83fqxR3d9Dx2ajw8ABICK23o3ue0c6Yur62eh6L4fDwfZ/9Nj+2Yuun6cAAADAwavruq7S13mfTMf8e113CgCYifz+3z4uoFar1Wq1+ujVTfVkd5tFRKw37zPeZzAcPwAcMuvxSdddoEPyL9ogIl7ouhPAXKu67gAH4v6DO6tVyrdqvh+k8d3zuSA78l+vNu+X7z9pOk37HJNZPb82oh/P7dKf52fUh3mS8++187+y1T5Kyx10/rOyW/7j9TzRQX+6lvPvt/NvOTr59ybmX6qc/2Bf+fflDwAAAAAAcyz//f/EXB3/HT3u6kz1qOO/Kwf2qAAAAAAAAABwsO4/uLOar3vNx/+/MGE5138eTTn/Sv5Fyvn3Wvl/tbVcvzF/7+2H+f/nwZ3VP9769+fzdK/5L+SZKj2zqvSMqNIjVYM0fZK1+6yNYX80fqRh1esP0jk/9fDduBbXYy3O7li2l/4/Hraf29E+7ulws73ub7Wf39E+2G7P97+wo32YznSql3L76ViNn8f1eGezfdy2MGX9F6e011Pac/79p7b97+3bYG3/8yHnP2j8jPNfTu1Vazp276PeZ7b75nTS47x17Yu/OXvwqzPVRvS3161pvH4vddCfzf+TY6P45c21G6dvX71168a5SJMdt56PNHnKcv7D9LP9+v/yVnt+3W9ur/c+Gu07/3mxEYNd83+5MT9e31dm3Lcu5PxH6Sfn/05qn7z97yP/3p9mti7T5F2N3fJ/ddYdAgAAAAAAAAAAAAAAgCnqut68RPStiLiYrv/p6tpMAGC28vt/neTbZ1X3Z/x4avUhr6s5689M60/r+eqPWn0Y66Z6sjebRUT8vXmf8T7Dryf9MgBgnn0aEf/quhN0Rv4Fy9/3N56e6rozwEzd/ODDn169fn3txs2uewIAAAAAAAAAPK48/udKY/znU3Vdt0dx3jH+69ux8qTjvw7yzPYAo7sMVN3f/zo9ykZv1O81hht/MXYb/3u4Pfeo8b8HUx5vOKV9NKV9YUr74pT2iRd6NOT8X2yMd34qIk62hl9/7PFf58yjxn9uj3lfgpz/S43n8zj/r7SWa+Zf//4w59/bkf+ZW+//4szNDz587dr7V99be2/tZxfOnTt74eLFS5cunXn32vW1s1v/dtjjg5Xzz2NfOw+0LDn/nLn8y5Lz/1Kq5V+WnP+XUy3/suT88/6e/MuS88+ffeRflpz/K6mWf1ly/l9LtfzLkvN/NdXyL0vO/+upln9Zcv6vpVr+Zcn5n061/MuS8z+T6j3mv3TQ/WI2cv75CJftvyw5/3xmg/zLkvM/n2r5lyXnfyHV8i9Lzv/1VMu/LDn/b6Ra/mXJ+V9MtfzLkvP/ZqrlX5ac/6VUy78sOf9vpVr+Zcn5fzvV8i9Lzv+NVMu/LDn/76Ra/mXJ+X831fIvS87/e6mWf1ly/m+mWv5lefj9/2bMmDGTZ7p+ZQIAAAAAAAAAAAAA2mZxOnHX6wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/9mBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFfbuLkaus74f+Jl988YJiYGQv5O/CRvHhJBssuuX+IXWxYTXhreSEAp9wXa9a7PgN7x2CTSqHQVKJIxKK9qGi7aAUJubCqviglaAcoFaVaoE7QW9QVSoXERVQAGpUltBtpo5z/PszOzszK53dn3mnM9Hsn/emTPnPOfMM2f2t+vvHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg2R1vnP10LcuyWq2W37Aly26o1+smtjRued21HR8AAACwdr9o/P3CTemGQyt4UNMy/3j7d762sLCwkL1/+E9GP7+wkO6YyLLRTVnWuC+68sMP1JqXCZ7MxmtDTV8P9dj8cI/7R3rcP9rj/rEe92/qcf94j/uXHIAlrstqaWU7Gv/ckh/S7OZstHHfjg6PerK2aah+7NJjs1rjMQujx7O57GQ2m023LJ8vW2ss/4076tt6Wxa3NdS0rW31GfLTx4/FMdTCMd7Rsq3FdUY/fkM28bOfPn7sr84/f2un2vMwtKwvH+fd2+vj/GS4JR9rLduUjkkc51DTOLd1eE6GW8ZZazyu/u/2cb6wwnEOLw5zQ7U/5+PZUOPf320cp5Fa1uE4bQu3/fedWZZdWhx2+zJLtpUNZZtbbhlafH7G8xlZX0d9Kr0sG+k+TxdqLfP0jhXM03qd2dE6T9tfE/H5vyM8bmSZMTQ/TT9+Yqzpef/5wtXM06i+18u9VtrnYL9fK0WZg3FefLex0091nIM7wv4/ftfyc7Dj3OkwB9N+N83B7b3m4NDYcGPM6UmoNR6zOAd3tiw/3NhSrVGfu6v7HJw6f+rs1PzHP3Hf3KmjJ2ZPzJ7evXPn9O69e/fv3z91fO7k7HT+91Ue7eLbnA2l18D2cOzia+A1bcs2T9WFL40tOf9e7etwvMvrcEvbsv1+HY6071xtY16QS+d0/tp4b/2gj18eypZ5jTWen3vW/jpM+930Ohxpeh12fE/p8DocWcHrsL7M2XtW9j3LSNOfTmNY/r1gbXNwS9McbP9+pH0O9vv7kaLMwfEwL75/z/LvBdvCeJ+aXO33I8NL5mDa3XDuqd+Svt8f398oneblbfU7rh/LLszPnrv/saPnz5/bmYWyIV7eNFfa5+vmpn3KlszXoVXP10Nztz91W4fbt4RjNX5f/a/xZZ+r+jJ77u/+XDXe3Tofz5Zbd2Wh9Fk4ngubNuh4dno3rx/PsSz7wrefePibj3/hjcsez3q/+cmptX8vnvrSpvPv6DLn39j3v5hvL63qyeHRkfz1O5yOzmjL+bj1qRppnLtqjW2/MLWy8/Fo+LPR5+Obu5yPt7Yt2+/z8Wj7zsXzca3XTzvWpv35HA/z5OR09/NxfZmtu1Y7J0e6no/vDLUWjv9rQ6eQ+qKmubPcvE3bGhkZDfs1ErfQOk93tyw/Gnqz+rae2XV18/TuO/N1Dae9W7RR83Sibdl+z9P0s6/l5mmt10/frk778zke5sXNu7vP0/oyz+5Z+7nzuvjPpnPnWK85ODo8Vh/zaJqEjfN9tnBdnIP3Z8eyM9nJbKZx71hjPtUa25p8YGVzcCz82ehz5dYuc/DutmX7PQfT+9hyc682snTn+6D9+RwP8+LpB7rPwfoyb9rX3+9d7w63pGWavndt//nacj/zuq3tMK3XXBkJ4/z2vu4/m60vc3L/avvM7sfp3nDL9R2OU/vrd7nX1Ey2Mcdpaxjn8/uXP0718dSX+fyBFc6nQ1mWXfzog42f94bfr/zthe99reX3Lp1+p3Pxow/+5CXH/2E14wdg8L2Yl835e13Tb6ZW8vt/AAAAYCDEvn8o1ET/DwAAAKUR+/74v8IT/T8AAACURuz7R0JNKtL/b33T83MvXsxSMn8hiPenw/BQvlzMuE6HrycWFtVvf/Ars//19xdXtu2hLMt+/tDvdVx+60NxXLmJMM4rb269fYmv3beibR959GLabnN+/Yth/XF/VjoNOkVwp7Ms+8ZNn21sZ+IDlxv12YeONOrDl556sr7MCwfyr+Pjn3t5vvyfh/DvoeNHWx7/XDgOPwp1+u2dj0d83Fcvv3bbvvctbi8+rrb9xsZuP/3BfL3xc3I+92S+fDzOy43/m5955qv15R97defxXxzqPP5nwnq/Eur/vDJfvvk5qH8dH/epMP64vfi4+7/8rY7jv/LpfPmzb8mXOxJq3P7d4esdb3l+rvl4PVY72rJf2Vvz5eL2p7/3h4374/ri+tvHP374csvxaJ8fz/5rvp6ptuXj7XE70d+1bb++nub5Gbf/zB8caTnOvbZ/5eHnXllfb/v2721b7uxH72lsf3F9rZ/Y9Bef+mzH7cXxHPqbsy37c+g94XUctv/0B8N8DPf/75V8fe2frnDkPa3nn7j8F7dcbNmf6G0/y7d/5fUnGnXT+HWbr7/hJTdeelX92GXZdzfl6+u1/RN/eaZl/F+6JT8e8f6Y0W/f/nLi9s99bPL0mfkLczPpqD5+U+Ozc96RjyeO96Zwbm3/+vCZ8x+aPTcxPTGdZRPl/Qi9q/blUH+Sl0vdl15Ycga959HwfN72Z9/YfNe/fCbe/m/vzW+//Pb8fes1YbnPhdu3hOdvddtf6uk7bmm8vmvPhhEuLP284LXYtuM/969owbD/7d8XxPl+9hUfahyH+n2N9434ul7j+H8wk6/n6+G4LoRPZt5+y+L2mpePn41w+ZH89b7m4xdOc/F5/evwfL/zR/n647ji/v4gfB/zra2t57s4P75+cah9/Y1P8bgUzifZpfz+uFQ83pdfuKXj8OLnkGSXbm18/cdpPbeuajeXM//x+amTc6cvPDZ1fnb+/NT8xz9x+NSZC6fPH258lufhD/d6/OL5aXPj/DQzu3dP1jhbncnLOrvW4z/76LGZfdN3zcweP3rh+PlHz86eO3Fsfv7Y7Mz8XUePH5/9WK/Hz80c3LnrwO59uyZPzM0c3H/gwO4Dk3Onz9SHkQ+qh73TH5k8fe5w4yHzB/cc2PnAA3umJ0+dmZk9uG96evJCr8c33psm64/+3clzsyePnp87NTs5P/eJ2YM7D+zdu6vnpwGeOnt8fmLq3IXTUxfmZ89N5fsycb5xc/29r9fjKaf5f8+/n21Xyz+IL3v3vXvT57PWfeWJZVeVL9L2AaLPh8+i+aeXnt2/kq9j3z8aalKR/h8AAACqIPb9Y6Em+n8AAAAojdj3bwo10f8DAABAacS+fzzUpCL9f+ny/1svrmj78v/y/83HS/6/Yvn/R4qW/8/PF/L//bHW/L38fyD/L/8v/3+N8v/Xrzr/vxDekOT/KaKi5f9j339dllWy/wcAAIAqiH3/5lAT/T8AAACURuz7rw810f8DAABAacS+/4ZQk4r0/yvN/4/I/3cl/986fvn/zvND/l/+X/5//cn/dyf/34P8/1RWrfz/pX6O3/X/5f9Zqmj5/9j3vyTUpCL9PwAAAFRB7PtvDDXR/wMAAEBpxL7/plAT/T8AAACURuz7t4SaVKT/d/1/+X/5f/l/+f/O25f/H0xFyf9nV7l9+X/5/2ud/3f9f/l/+X/6qWj5/9j3vzTUpCL9PwAAAFRB7PtfFmqi/wcAAIDiGbm6h8W+/+WhJkv6/6vcAAAAAHDNxb7/5qwtCF6R3/+XL/9/w4q2Lf8/SPn/Tek++X/5/6yQ+f/hTP6/OIqS/3f9/6sbv/y//P8gj1/+X/6fpYqW/2/0/dl49opQk4r0/wAAAFAFse+/JdRE/w8AAAClEfv+/xdqov8HAACA0oh9/9ZQk4r0/+XL/7v+fzZg+f/RtrG7/v/i4+T/c8XP/7v+f5HI/3cn/9+D/L/8v/y//D99VbT8f+z7bw01qUj/DwAAAFUQ+/7bQk30/wAAAFAase///6Em+n8AAAAojdj3bws1qUj/L/9f8Px/TI6WOP/f+/r/8v/y//L/8v8rJ//fnfx/D/L/8v/y//L/9FXR8v+x739lqElF+n8AAACogtj33x5qov8HAACA0oh9/6tCTfT/AAAAUBqx758INalI/y//X/D8f56DHyvz9f/l/+X/5f/l//tJ/r87+f8ewmnux1mWyf/L/8v/y/+zdkXL/8e+/45Qk4r0/wAAAFAFse/fHmqi/wcAAIDSiH3/naEm+n8AAAAojdj37wg1qUj/L/8/EPn/TP5f/l/+vzz5/z+6Pv96JssWLsr/9538f3fy/z24/r/8v/y//D99VbT8f+z7Xx1qUpH+HwAAAKog9v13hZro/wEAAKA0Yt//mlAT/T8AAACURuz77w41qUj/L/8v/1+w/P9Q8+Pk/+X/sxLm/13/f33J/3cn/9+D/L/8v/y//D99VbT8f+z7XxtqUpH+HwAAAKog9v33hJro/wEAAKA0Yt9/b6iJ/h8AAABKI/b9k6EmFen/5f/l/wuW/3f9f/l/+X/5/zWR/+9O/r8H+X/5f/l/+X/6qmj5/9j33xdqUpH+HwAAAKog9v33h5ro/wEAAKA0Yt8/FWqi/wcAAIDSiH3/dKhJRfp/+X/5f/l/+f9V5f9ftbhe+f+c/H+xyP93J//fg/y//P81z/+Pyv9TKkXL/8e+f2eoSWr8xq5iLwEAAIAiiX3/rlCTivz+HwAAAKog9v27Q030/wAAAFAase/fE2pSkf5f/l/+X/5f/t/1/ztvX/5/MMn/d9f//H/cRfl/+X/5f9f/l/9nqaLl/2Pf/0CoSUX6fwAAAKiC2PfvDTXR/wMAAEBpxL5/X6iJ/h8AAABKI/b9+0NNKtL/y//L/8v/y//L/3fevvz/YJL/7871/3soXv7/9c0P38j8f31b8v/y//L/rN4jv9/8VdHy/7HvPxBqUpH+HwAAAKog9v2vCzXR/wMAAEBpxL7/l0JNuvf/m9Z3VAAAAEA/xb7/l0NNKvL7f/l/+X/5f/l/+f/O25f/H0zy/93J//dQvPx/C9f/L/b45f/l/1mqaPn/2PcfDDWpSP8PAAAAA679V0gdxb7/V0JN9P8AAABQGrHvf32oif4fAAAASiP2/YdCDTrFuUtJ/l/+fzDz/+Py//L/pcv/j8X1yv+vifx/d/L/PaxH/n+8Zf3y/+voWo9f/l/+n6WKlv+Pff8bQk38/h8AAABKI/b9D4aa6P8BAACgNGLf/8ZQE/0/AAAAlEbs+98UalKR/l/+X/5/MPP/rv+fyf+XLv/v+v/9If/fnfx/D67/L/+/fvn/nu8U8v+UUdHy/7Hvf3OoSUX6fwAAAKiC2Pe/JdRE/w8AAAClEfv+t4aa6P8BAACgNGLf/7ZQk4r0//L/8v/XMv+fuyT/L//fsC75/0v1Ay3/XyXy/93J//cg/y//7/r/8v/0VdHy/7Hv/9VQk4r0/wAAAFAFse9/KNRE/w8AAAClEfv+t4ea6P8BAACgNGLf/45Qk4r0//L/8v+u/y//X+r8v+v/V478f3cDlv//xY3hdvn/nPx/sce/2vz/SNvX65L//+Fy+f+FTe2Pl/9nPRQt/x/7/neGmlSk/wcAAIAqiH3/u0JN9P8AAABQGrHvf3eoSVP/39f/eAcAAABsuNj3/1qoSUV+/y//Xx/HYnpZ/l/+v3GD/L/8v/z/wJL/727A8v+u/99G/r/Y43f9f/l/lipa/j/2/e8JNalI/w8AAABVEPv+h0NN9P8AAABQGrHvfyTURP8PAAAApRH7/veGmlSk/5f/d/1/+X/5f/n/ztuX/x9M8v/dyf/3IP8v/1+0/P9/yP8z2IqW/499/6OhJhXp/wEAAKAKYt//vlAT/T8AAACURuz7fz3URP8PAAAApRH7/veHmlSk/5f/H5T8/8SA5v+fkP9fx/z/7Tfmy8n/y/+zSP6/O/n/HuT/5f+Llv93/X8GXNHy/7Hv/0Coycr7//EVLwkAAACso5Fl74l9/2+EmlTk9/8AAABQBbHv/81QE/0/AAAAlEbs+38r1KQi/b/8/6Dk/13/P5P/d/3/tv2R/5f/72Tj8v/xzCP/L/9frPz/llXtcKtrnZ9fq2s9/urm//N3Rvl/Oila/j/2/b8dalKR/h8AAACqIPb9Hww10f8DAADAQOj0f7Lbxb7/cKiJ/h8AAABKI/b9R0JNKtL/y//L/68u/x+PiPz/uuf//3T7P3//O+86slP+X/5f/n9VNvT6//UXv+v/y/8XLP+/Ftc6P79R468tc2kw+X/X/6f/ipb/j33/0VCTivT/AAAAUAWx7/+dUBP9PwAAAJRG7PuPhZro/wEAAKA0Yt8/E2pSkf5f/l/+3/X/C5r/H+Dr/8fjIf/fqm/5/3jSlf/vaEPz/+9bzInL/682/z/W8Vb5f/n/QR6//L/8P0sVLf8f+/7ZUJOK9P8AAABQBaHvHzqe18U79P8AAABQGrHvPxFqov8HAACA0oh9/4dCTSrS/8v/y//L/8v/u/5/5+13y//XRlaU/2/ZFdf/3xjy/90VJ//fmfy//P8gj1/+X/6fpYqW/499/1yoSUX6fwAAAKiC2Pd/ONRE/w8AAAClEfv+j4Sa6P/h/9i7ky9L67uO47egm646uHDnwo3nuPRPYCFr3evChS70HI9HQQXFmcZ5RFFxVhTnABkgEEISMk+QiYTMkIQkZB7JREhyOoeq7/fbNTz33qri3r7P8/u9Xgu+Vkn1venTAT5Uv/MAAAA0I3f/z8ctnex//b/+X/+v/9f/D7/+aJ//r/9fSP+/mP5/Cf2//l//r/9npcbW/+fu/4W4pZP9DwAAAD3I3X9N3GL/AwAAQDNy918bt9j/AAAA0Izc/b8Yt3Sy//X/+v9m+/8f1v/Pe339v/6/Zfr/xfT/S+j/9f/6f/0/KzW2/j93/y/FLZ3sfwAAAOhB7v5fjlvsfwAAAGhG7v7r4hb7HwAAAJqRu//6uKWT/X+o/9+a9dn/Z8ar/2+p//f8/7mvr/9/Dv3/5fr/sbu0/f9Nz/6VT/+v/9f/B/3/sfr/c/O+Xv9Pi8bW/+fu/5W4pZP9DwAAAD3I3f+rcYv9DwAAAM3I3X9D3GL/AwAAQDNy9/9a3NLJ/l/d8/93dj8/0f6/6P/1/7uf0P/r/+f1/2cufqz/HyfP/1+sp/7/ukevvOap+77//pO8vv5f/+/5//p/Vmts/X/u/l+PWzrZ/wAAANCD3P2/EbfY/wAAANCM3P2/GbfY/wAAANCM3P2/Fbd0sv9X1/9P+vn/Rf+v/9/9hP5f/z+v//8xz/8fO/3/Yj31/6d5ff2//l//r/9ntTbd/+cPnB/n7v/tuKWT/Q8AAAA9yN3/O3GL/Q8AAADNyN1/Y9xi/wMAAEAzcvefj1s62f/6//X3/9/R/+v/4+r/9f/6//XT/y+m/19C/6//1//r/1mpTff/hz/O3X9T3NLJ/gcAAIAe5O7/3bjF/gcAAIBm5O7/vbjF/gcAAIBm5O7//bilk/2v//f8f/2//l//P/z6+v9p0v8vpv9fQv9/rH7+7Jyv/8lrrz+r/59g/x//IKX/Zx1O2P8/s+Av26ft/8/t/zh3/x/ELZ3sfwAAAOhB7v4/jFvsfwAAAGhG7v4/ilvsfwAAAGhG7v4/jls62f/6f/2//l//f+r+/+gvvV36/2H6/0tD/7/YaPr/rTODn9b/T6P/n8fz/yfa/wf9P+swtuf/5+7/k7ilk/0PAAAAPcjd/6dxy4L9f+J/mQ8AAABsVO7+P4tbfP8fAAAAJi+rs9z9fx63dLL/9f/6f/2//t/z/4dff1H/f/++96f/Hxf9/2Kj6f/n0P/r/6f8/vX/+n+OGlv/n7v/L+KWTvY/AAAA9CB3/81xi/0PAAAAzcjd/5dxi/0PAAAAzcjd/1dxSyf7f7j/v/j/1/8fj/7/4PvX/w//+lhV/58/ov5/Yf9/tef/90n/v9il7//P6f8P/vj6/zXa9PtvvP/fWfb1+n+GjK3/z91/S9zSyf4HAACAHuTu/+u4xf4HAACAZuTu/5u4xf4HAACAZuTu/9u4pZP9v+Hn/990xbz3pf/fpf/X/3v+/zif/z+75P3/Gf3/Men/F/P8/yX0//p//b/n/7NSY+v/c/ffGrd0sv8BAACgB7c+Pdvd/X83m9n/AAAAMEX7f+/A4d9QGnL3/33cYv8DAABAM3L3/0Pc0sn+33D/v67n/59d9tr6f/3//p8v/b/+f+j1x9X/e/7/cen/F9P/L6H/X0c/f6ax/v+2eV8/hv7/Rv0/I3Og/3/w4uc31f/n7v/HuKWT/Q8AAAA9yN3/T3GL/Q8AAADNyN3/z3GL/Q8AAADNyN3/L3FLJ/t/7f3/zvzXXmP/v5T+X/+//+dL/6//H3p9/f806f8X0/8vof/3/H/P/9f/s1IH+v99NtX/5+7/17ilk/0PAAAAPcjd/29xi/0PAAAAzcjdf1vcYv8DAABAM3L3/3vc0sn+b/T5/0vp//X/+3++9P/6/6HX1/9Pk/5/Mf3/Evp//b/+f3n/f/hv1EH/z5Cx9f+5+/8jbulk/wMAAEAPcvffHrfY/wAAANCM3P3/GbfY/wAAANCM3P3/Fbd0sv/1/+vt//Pz+n/9/+wk/X98gf5/j/5f/38SU+v/D//359T9+tbQ34mOmtP/P/yz53/04Gf0//r/Zvv/nbW9/276/zn0/wwZRf9/4eI/Xebu/++4pZP9DwAAAD3I3f8/cYv9DwAAAM3I3f+/cYv9DwAAAM3I3f9/ccsJ9//3rvRdXTr6f8//1/+PsP8P+v89+n/9/0lMrf8/zPP/9f/6/+m+f/2//p+jRtH/7/s4d///xy2+/w8AAADNyN3/vLjF/gcAAIBm5O6/I26x/wEAAKAZufvvjFs62f/6f/2//l//33L/v7OB/n97Nkz/f2no/xfT/y+h/9f/6//1/6zU2Pr/3P13xS2d7H8AAADoQe7+58ct9j8AAAA0I3f/C+IW+x8AAACmJNOxQbn7Xxi3dLL/9f/6f/2//r/l/t/z//sz0f6//jI41f7/8in1/3cveAND/f+Fc/p//b/+X//PKY2t/8/d/6K4pZP9DwAAAD3I3X933GL/AwAAQDNy998Tt9j/AAAA0Izc/S+OWzrZ//p//b/+X/+v/x9+ff3/NE20/y9T7f89/1//P9P/6//1/wwYW/+fu//euKWT/Q8AAAA9yN1/X9xi/wMAAEAzcve/JG6x/wEAAKAZufvvj1s62f/6f/2//l//r/8ffn39/zStr/+fba7/f/Kyk/4wc+n/l9D/6//1//p/Vmps/X/u/pfGLZ3sfwAAAOhB7v4H4hb7HwAAAJqRu/9lcYv9DwAAAM3I3f/yuKWT/a//1/9Ps/+/ZXvo/ev/9f8z/X/3PP9/Mf3/Evp//b/+X//PSo2t/8/d/4q4pZP9DwAAAD3I3f9g3GL/AwAAQDNy978ybrH/AQAAoBm5+18Vt3Sy//X/+v+D/f9sNo3+3/P/Z/r/Fvr/7Zn+f+X0/4sdr/+/Wv8/8v7/jp29j/X/x3z/l80a6v935n69/p8xGlv/n7v/1XFLJ/sfAAAAepC7/zVxi/0PAAAADdj7vTO5+18bt9j/AAAAMGZnTvIn5+5/XdzSyf6ffv9/7tAX6v9ns9ljNzT//H/9/0z/30L/Xz+r+v/V0f8v5vn/S0yk//f8/3G+f8//1/9z1Nj6/9z9r49bOtn/AAAA0IPc/W+IW+x/AAAAaEbu/jfGLfY/AAAANCN3/5vilk72//T7/8NfqP+fPafn/+v/dz+h/9f/6/8nS/+/mP5/Cf3/0n5+a84/98z0//p//T8Dxtb/5+5/c9zSyf4HAACAHuTufyhusf8BAACgGbn7H45b7H8AAABoRu7+t8Qtnex//b/+X/8/zf5/W/+v/9f/DxpL/3/VVT/yiP5f/99i/7+I/l//r//nsLH1/7n73xq3dLL/AQAAoAe5+98Wt9j/AAAA0Izc/W+PW+x/AAAAaEbu/nfELZ3s/6P9/9nZXqG6Z6j/j0ZN/7+P/v/g+9f/D//68Px//b/+f/3G0v97/v/p3r/+X/8/5fd/ov7/B45+vf6fFo2t/8/d/0jc0sn+BwAAgB7k7n9n3GL/AwAAQDNy978rbrH/AQAAoBm5+x+NWzrZ/57/r//X/+v/9f/Dr6//nyb9/2L6/yX0//p/z/+/9qcv1/+zOmPr/3P3vztu2R1+P/g9p/yPCQAAAIxI7v73xC2dfP8fAAAAepC7/71xi/0PAAAAzcjd/764pZP9r//X/+v/9f/6/+HX1/9Pk/5/Mf3/Ev30/9tDn9x0P/9cbfr9N9P/e/4/KzS2/j93//vjlk72PwAAAPQgd/8H4hb7HwAAAJqRu/+DcYv9DwAAAM3I3f9Y3NLJ/tf/6//b7/9/Sv9/6PX1//r/lun/8+/ow/T/S/TT/w/adD8/9fev/9f/c9TY+v/c/Y/HLZ3sfwAAAOhB7v4PxS32PwAAADQjd/+H4xb7HwAAAJqRu/8jcUsn+1//31f/vzXrsf/3/H/9v/6/J9Pp/28/M/RZz//X/+v/p/v+9f/6f44aW/+fu/+JrTNd7n8AAACYqh//oZ97/Lh/7hO7f9yefTRusf8BAACgGbn7Pxa32P8AAADQjNz9H49bOtn/+v+++v8+n/+v/9f/6/97Mp3+f5j+X/+v/5/u+9f/6/85amz9f+7+J+OWfcNv8H+gBwAAAJiM3P2fiFs6+f4/AAAA9CB3/yfjliP7/8Ixf1c7AAAAMDa5+z8Vt3Ty/X/9/8j7/9ma+v/48/T/e/T/+v+h19f/T1Nr/f+52aj6/wtb+n/9/wL6f/2//p/Dxtb/5+5/4N5Zl/sfAAAAGnXg3yh8eveP27PPxC32PwAAADQjd/9n4xb7HwAAAJqRu/9zcUsn+1//P/L+/1TP/9+p/8vz/zvv/2/eHnx9/b/+v2Wt9f+e/7/3ef3/Hv3/uN+//l//z1En6P93B+m6+//c/Z+PWzrZ/wAAANCD3P1fiFvsfwAAAGhG7v4vxi32PwAAADQjd/+X4pZO9r/+fwP9/y3nZrO19v/HeP6//r+P/n/O67fT/3/flecf+omfuecu/T8XXcr+P38t6P/1/xvo/++MX3/6/xG9f/2//p+jxvb8/9z9X45bOtn/AAAA0IPc/U/FLfY/AAAANCN3/1fiFvsfAAAAmpG7/6txSyf7X//f4vP/p9n/58/1Bvr/89Pr/7Mp7r3/9/x//f9Rnv+/mP5/ien0/7sfe/7/uN6//l//z1Fj6/9z938tbulk/wMAAEAPcvd/PW7J/b914n91DwAAAIxM7v5vxC2+/w8AAADNyN3/dNzSyf7X/+v/x9L/J8//v/h1nv+/R/+v/z8J/f9i+v8l9P/6f/2//p+VGlv/n7v/m3FLJ/sfAAAAepC7/5m4xf4HAACAZuTu/1bcYv8DAABAM3L3fztu6WT/6//1//p//b/+f/j19f/TpP9fTP//rCvmvwH9v/5f/6//Z6XG1v/n7v9uAAAA//9zfVXk")
mount$overlay(0x0, &(0x7f0000001340)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
listxattr(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)

5m50.94459378s ago: executing program 0 (id=379):
r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x7ff, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000004c0)={0x1, @raw_data="a425e2f1a54d24f14258313560608d70566e425a6c36af37b33fac9d31c8a9c7044410d324b03e044e454d2092a62fea8f13441431ce248bfc73a6726ee61ba491d15d8f392ff66fe0b17f0e11f5d2367d5593205ab1efa97d40619a553e7da2518125b850a186ef691daa55c9e50ffaf6ddc25220ded32aeba4524cec1afbd17abba1d15ea05e97ed3dcad452db6e08a991e2c78b057f55de7fdeba7411ce65700c0a1ad7946ff7c355db87566e3e5abb7a37a06731ed19ddfa970bb58a27fd9fa194c092730319"})

5m50.67938236s ago: executing program 0 (id=381):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000117600007a"], 0x44}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

5m50.490234674s ago: executing program 33 (id=381):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000117600007a"], 0x44}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
pwrite64(0xffffffffffffffff, &(0x7f0000000000)='L', 0x1, 0x7)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

5m39.854965537s ago: executing program 34 (id=348):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0xc00)
sendmsg$NFT_MSG_GETSET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000340)={0x20, 0xa, 0xa, 0x5, 0x0, 0x0, {0xa, 0x0, 0xd}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}]}, 0x20}, 0x1, 0x0, 0x0, 0x24048014}, 0x4800)

4m26.720101367s ago: executing program 5 (id=1175):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r3 = syz_io_uring_setup(0xcaf, &(0x7f0000000300)={0x0, 0x7701, 0x1, 0x5, 0x17e}, &(0x7f0000000240)=<r4=>0x0, &(0x7f00000000c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r2, 0xc000000, &(0x7f00000001c0)=[{&(0x7f0000001600)=""/4096, 0x1000}], 0x1, 0x1e})
io_uring_enter(r3, 0x847ba, 0x20000000, 0xe, 0x0, 0x0)

4m25.689319495s ago: executing program 5 (id=1187):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000000), 0xffffffffffffffff)
r2 = socket$l2tp(0x2, 0x2, 0x73)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000340)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="230900000000000000000100000005000700000000000800090000000000060002000100000008000a000000000008001700", @ANYRES32=r2], 0x3c}}, 0x0)
close(r2)

4m25.573671983s ago: executing program 5 (id=1190):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000fdc01a40f30c74933bbc0000000109021b0001000000000904000001a7a00f00090582", @ANYRESDEC], 0x0)

4m24.341866307s ago: executing program 5 (id=1199):
syz_mount_image$udf(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x2000003, &(0x7f0000000040)={[{@adinicb}, {@unhide}, {@anchor={'anchor', 0x3d, 0xec1}}, {@lastblock={'lastblock', 0x3d, 0x2}}, {@gid_ignore}, {@undelete}, {@volume={'volume', 0x3d, 0x7}}, {@gid_forget}, {@lastblock={'lastblock', 0x3d, 0x2}}]}, 0xde, 0xc2e, &(0x7f0000000f40)="$eJzs3U9sHNd9B/DfGy7FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIRRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cvHU6fSwWwEAPEiXR7966oz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7yWxqv3HfVL7f5bt8eGR7avdjhVNfuq8uVP/fSZs+e+9MLQ+W5eas98QP377bPx2ujVi42XZ2/OzU8tLExNNsZm2hOzk1O73sNe6291ojoBjZuv35q8fn2hceb5s5s+vj34/sATxwYvDD178plu2bHhkZHRjSL13vK1e25Ix04zPA5FEScjxXPf+2lqRUQRez8X9Qc79lsdrjpxourE2PBI1ZHpdmtmsfzwSvdEFBGNnkrN7jnafiyi1v9A+7CzZsRS2fyywSfK7o3OteZb16anGlda84vtxfbszJXUaW3Zn0YUcT5FLEfE6sDdu+uPImqR4jtH19K1iOjrnocvVhODd25HsY993IWynY3+iOXiERizA2wging1UvzsneMxka8z1bXmCxGvlvmDiLfKfCkilV+McxHvbfM94tFUiyL+shz/C2tpsroedK8rl77W+MrM9dmest3ryke8P9x1pXhI94fDW/LBOODXpnoU0aqu+Gvp3n+zAwAAAAAAAAAAAAAAAMD9djiK+EykeOU//qSaVxzVvPSjF4b+cPBX+3rKPf0h+0kR8XxELBW7m5N7KE8MvJKupPSQ5xI/zupRxJ/m+X/fetiNAQAAAAAAAAAAAAAAAAAAeKwV8ZNI8eK7x9Ny9K4p3p650bjaujbdWRW2u/Zvd8309fX19UbqZDPneM6lnMs5V3Ku5owi18/ZzDmecynncs6VnKs5oy/Xz9nMOZ5zKedyzpWcqzmjluvnbOYcz7mUcznnSs7VnHFA1u4FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPg4KaKIX0SKb39jLUWKiGbEeHRyZeBhtw4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA2kIr4fKRp/1LyzrRYRqfq343j5y7loHirzk9EcKvOlaF7M2aqy1vzWQ2g/e9OfivhxpBiov31nwPP493fe3fkaxFvf3Hj32Von+7ofDr4/8MSxoxeGRn7j6Z1ep+0acOJSe+bW7cbY8MjIaM/mWj76J3u2DebjFven60TEwhtvvt6anp6av/cX5VdgD9UfoRep9rj01IvqRdQORDMeTt95DJT3//cixe+++5/dG37n/l+PX+m8u3OHj5//2cb9/8WtO9rl/b+2tV6+/5f39O3u/0/2bHsx/26kvxZRX7w5138sor7wxpsn2zdbN6ZuTM2cO3Xqy0NDXz57qv9QRP16e3qq59V9OV0AAAAAAAAAAAAAAAAAD04q4vcjRevHa6kREber+VqDF4aePflMX/RV8602zdt+bfTqxcbLszfn5qcWFqYmG2Mz7YnZyandHq5eTfcaGx7Zl858qMP73P7D9Zdn596Yb9/448VtPz9Sv3htYXG+NbH9x3E4iohm75YTVYPHhkeqRk+3WzNV1SvbTqb/6PpTEf8VKSbONdLn87Y8/3/rDP9N8/+Xtu5on+b/f6JnW3nMlIr4eaT4nb96Oj5ftfNI3HXOcrm/ixQnzn8ul4tDZbluGzrPFejMDCzL/l+k+KdfbC7bnQ/55EbZ07s+sY+IcvyPRorv/8V34zfzts3Pf9h+/I9s3dE+jf9TPduObHpewZ67Th7/k5HipSffjt/K2z7o+R/dZ28cz4XvPJ9jn8b/Uz3bBvNxf/v+dB0AAAAAAAAAAOCR1p+K+PtI8cORWnohb9vN3/+b3Lqjffr7X5/u2TZ5f9Yr+tAXez6pAAAAAHBA9KcifhIpbiy+fWcO9eb53z3zP39vY/7ncNryafXnfL9WPTfgfv75X6/BfNzxvXcbAAAAAAAAAAAAAAAAAAAADpSUinghr6c+Xs3nn9xxPfWVSPHK/zyXy6VjZbnuOvCD1a/1y7MzJy9OT89OtBZb16anGqNzrYmpsu5TkWLtbz+X6xbV+urd9eY7a7xvrMU+HylG/qFbtrMWe3dt8qc2yp4uy34iUvz3P24u213H+lMbZc+UZf8mUnz9X7Yve2yj7Nmy7HcjxY++3uiWPVKW7T4f9dMbZZ+fmC32YVQAAAAAAAAAAAAAAAAAAAB43PSnIv48UvzvzeU7c/nz+v/9PW8rb32zZ73/LW5X6/wPVuv/7/T6Xtb/r54rsLTTUQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4OMpRRFvRoq5y2tpZaB831G/1J65dXtseGT7aodTVbOvKl/+1E+fOXvuSy8Mne/mB9e/3z4Tr41evdh4efbm3PzUwsLUZGNspj0xOzm16z3stf5WJ6oT0Lj5+q3J69cXGmeeP7vp49uD7w88cWzwwtCzJ5/plh0bHhkZ7SlT67/no98l7bD9UBTx15Hiue/9NP1wIKKIvZ+LD/nu7LfDVSdOVJ0YGx6pOjLdbs0slh9e6Z6IIqLRU6nZPUcPYCz2pBmxVDa/bPCJsnujc6351rXpqcaV1vxie7E9O3MldVpb9qcRRZxPEcsRsTpw9+76o4jXI8V3jq6lfx2I6Ouehy9eHv3qqTM7t6PYxz7uQtnORn/EcvEIjNkBNhBF/HOk+Nk7x+PfBiJq0fmJL0S8WuYPIt6Kznin8otxLuK9bb5HPJpqUcT/l+N/YS29M1BeD7rXlUtfa3xl5vpsT9nudeWRvz88SAf82lSPIn5UXfHX0r/77xoAAAAAAAAAAAAAAADgACni1yPFi+8eT9X84DtzitszNxpXW9emO9P6unP/unOm19fX1xupk82c4zmXci7nXMm5mjOKXD9ns8z6+vp4fr+UcznnSs7VnNGX6+ds5hzPuZRzOedKztWcUcv1czZzjudcyrmccyXnas44IHP3AAAAAAAAAAAAAAAAAACAj5ei+ifFt7+xltYHOutLj0cnV6wH+rH3ywAAAP//Iun4rQ==")
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

4m24.097302494s ago: executing program 5 (id=1200):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010200000000000000006700000008000300", @ANYRES32=r2, @ANYBLOB="0800c300741300000800c4"], 0x30}}, 0x0)

4m23.718298281s ago: executing program 5 (id=1202):
r0 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB2(r0, 0xc06864b8, &(0x7f0000000580)={0x0, 0x2000, 0x80, 0x3231564e, 0x3, [0x2], [0x2161, 0xfffffffc], [0x0, 0x0, 0x9], [0x4fdd, 0x2000000000]})

4m23.385828101s ago: executing program 35 (id=1202):
r0 = syz_open_dev$dri(&(0x7f0000000140), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB2(r0, 0xc06864b8, &(0x7f0000000580)={0x0, 0x2000, 0x80, 0x3231564e, 0x3, [0x2], [0x2161, 0xfffffffc], [0x0, 0x0, 0x9], [0x4fdd, 0x2000000000]})

4m18.901107989s ago: executing program 4 (id=1234):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000000)={0x11, 0x3, &(0x7f00000001c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0x0, 0x8, 0x0, 0x0, 0x41100, 0xc}, 0x94)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_mptcp_buf(r0, 0x11c, 0x3, &(0x7f0000000000)=""/38, &(0x7f0000000040)=0x26)

4m18.822363902s ago: executing program 4 (id=1235):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000040)={0x0, 0xffffffffffffff8a, &(0x7f0000000000)=[{&(0x7f0000000140)="d800000010008104687da3aa7143a0b8c81d080b25000000e8fe55a11800150006001425000000120800030043250040a8002b000a00014006046109d67f6f94007134cf6ee0a000a0e408e8d8ef52a9d7c7c0b7a196e6f66112c88a2ddddbbb219c6c09136dd481c4a918d1bcf0f938baa5d060a517898516277ce06bbace80177ccbec4c2ee5a7cef4260027836b0d17a58af5d6d93424841f468430dfe1d9d322fe7c0aaa16b8ddc64193071e9f8775730d16a4683f785025ccc89e00360db70100000040fad95667e006dcabced7ad654fac9609f4fb", 0xd8}], 0x1}, 0x4004)

4m18.821938893s ago: executing program 4 (id=1237):
syz_mount_image$ext4(&(0x7f0000000ac0)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x3810744, &(0x7f0000000300)={[{@noauto_da_alloc}, {@nobh}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4}}, {}, {@nodiscard}, {@sysvgroups}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@noauto_da_alloc}, {@test_dummy_encryption}]}, 0x1, 0x479, &(0x7f0000000480)="$eJzs3M9vFFUcAPDvTLdAEGlF/AGiVtHY+IPSgsrBi0YTD5qY6AGPtS0EKdTQmgghshqDR0PinRhP/guePBnjycSrXo0hIUpM+HFxzezMwO52t9KyZdvu55Ms+97Oe/Pmy5u3+2YeQwB9ayT7I4nYFhG/RcRQnm0uMJK/Xbtydur6lbNTSdRq7/6V1MtdvXJ2qixa1runyIymEekXSdFIs/nTZ45Pzs7OnCryYwsnPhqbP33mhWMnJo/OHJ05OXHo0MED4y+/NPFiV+LMjunq7k/n9ux68/0Lb08dvvDBlqbtjXF0y0gW+N+1utZtT3e7sR77t3YrzqTS66Phdg1ERNZdg/XxPxQDcavzhuKNz3t6cMCqyr6z/2j9cPBmqloDNrAkVlQtVlYNWDvKH/rs+rd83cXpR89dfjW/AMrivla88i2VSIu/oMFVbH8kIg5Xb1zMXtFyH6LW5r4BAMCd+iGb/zy/eP6XRMSDDeWSYm1oOCLui4gdEXF/ROyMiAeKsg9FxMPLbL91aWjx/DO9tMLQbks2/3ulWNtqnv+lZZHhgSJ3bz3+weTIsdmZ/RGxPSJGY3Bzlh9vt/NyF6//+lWn9hvnf4er+XGUc8FiJ5cqmxsqnPs2f+/SpPTyZxG7K+3iT+orAUnUalnf74qI3cvb9fYycezZ7/Z0KtQc/42Li+NfQhfWmWrfRDyT9381WuIvJUuvT45tidmZ/WPlWbHYz7+cf6dT+3cUfxdk/b+1+fxvKTH0T9K4Xju//DbO//5lx2vKyv/G33L+R8T05MLkpuS9+pr1puKzTyYXFk6NR2xK3qrnmz6fuFW3zJfls/hH97Yf/zuKOln8j0REdhI/GhGPRcTjRd89ERFPRsTeJeL/6bWnPuy0bS30/3Tb77+b5/9wc/8vPzFw/MfvO7W/ZPz1b5Cs/w/Ws6NFnaz/89SWjnF1PpyyzkrPZgAAAFh/0ojYFkm672Y6Tffty/+9/M7Yms7OzS88d2Tu45PT+TMCwzGYlne6hhruh44n1WKPeX6iuFdcbj9Q3Df+urytMDU3O93DuIF8nLcb/5k/B3p9dMCq87wW9K/W8Z/26DiAu+92f/9dD8DGs9L5v3kCrH+u/6F/tRv/51ry5v6wMfn9h/5l/EP/Wjz+k+vN/z0QsFH5/Ye+dCfP9a9WorLE0/sSayUR6ao1UV0TAa7jRKULo7vHX0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABd8l8AAAD//9z/+G0=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x10)
fchown(r0, 0xffffffffffffffff, 0xffffffffffffffff)

4m18.677555345s ago: executing program 4 (id=1240):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000c40)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2901090, 0x0)
chroot(&(0x7f0000000300)='./file0\x00')
mount(0x0, &(0x7f0000000d40)='./file0/../file0/../file0\x00', &(0x7f00000000c0)='sysfs\x00', 0x2010004, 0x0)
chroot(&(0x7f0000000040)='./file0/../file0/../file0/../file0\x00')
pivot_root(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f00000001c0)='./file0/../file0/../file0\x00')

4m18.611976629s ago: executing program 4 (id=1241):
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f00000022c0)=ANY=[], 0x1, 0x6d0, &(0x7f0000001340)="$eJzs3cFvHFcdB/DvrNeOt1TBaRMaoSKsRCpIEYkTK4VwwSCEcqhQVQ49W4nTWN0kVeKitEKQAoITEof+AQXJNw4IiXtQuHApt159rITEJeIQ9bJoZmfXu/Y6Xif2OoHPJxrPe/Nm3vzmN29mvOusNsD/rctn0ryfIpfPvHG3rG+sL7Y31heP1M3tJGW5kTS7sxQ3k+JBslS2FwNTBubbfLx66a3PHm583q0166laf6q/3exYIY/Yx716ynzd3/zILafH6r/bVxVeXkxypZ4Pmxm3r6EVy6Sdrudw6Drb3NvL5jte78Czr/d0KrrPzW3mkhfqJ3P1O0F9d2hMLsKDsae7HAAAADynPr112BEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA86f+/v+inhr1PPMpet//P9NbVpefQUtjr3n/QOMAAAAAAAAAgMn4+qM8yt0c7dU7RfU3/1NV5Xi+6CRfyvu5k5XcztnczXLWspbbOZ9kbqCjmbvLa2u3z/e3LI3e8sLILS9M6ogBAAAAAAAA4H/SL9Pa/Ps/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8C4pkqjurpuP1PHNpNLPZlnvJP5PMHHa8e1CMWnh/8nEAAADAU5l9gm2+/CiPcjdHe/VOUb3m/0r1enk27+dm1rKatbSzkqv1a+jyVX9jY32xvbG+eKOcyvpwv9//957CmKl7mKpqo/Z8slqjlWtZrZaczZUqmKtpdPd9OjnZi2cgrgEflTEV36uNGVmzTmu5s9/v9C7Cvhh+K6LxmDVbm8El/Yws1LGVWx7rZqCo3qhJtmZi17PTHKrNVb1O9/d0Po3+Oz/HDyDnL9Tz8nh+c6A536t+JhqpMnGhN/rKa+bxmUi+8dc/vX29ffPd69funHl2DmkXUzss3zomFgcy8cpznYnmHtdfqDJxol+/nB/lJzmT+byZ21nNT7OctaykU7cv1+O5/Dn3+EwtDdXe3C2Smfq8dM/ZODHN54dVaTmnqm2PZjVFbuVqVvJ69e9CzufbuZiLuTRwhk/sGHd1bNVV39h61ffO9N9GBn/6m3WhvLv9dvMut/S4I95pdO6X7r2/zOuxgbx2R/3D/lrHBq6DhYEsvdTLzvTIzp/k3tj8al0o9/GrXZ4TkzVXZ6K8gHpPiV50L3cz0ayeRdvH+R865XZp3+x0ri+/t0P/97bUX6vn5bBa/9pua/eMPhX7qxwvL2W2vpMMj46y7eX+XWagrbM5lrttw0/ccrsTVVtR9K7UH+dWNQC2X6kz9e9w23u6ULW9MrJtsWo7OdA29PtWbqWdqxPIHwBP4h9v94tzeWGm9a/Wp61PWr9uXW+9MfuDI9858upMpv8+/d3mwtRrjVeLv+ST/Hzz9T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDk7nzw4bvL7fbK7dGFxs5NQ4VWti7Zqecjo/sp6i/0GWNfz0VhNsnQkup7jiYeRmtrGNsKnV8kE89P70sER6/zu7LQ3DaiRhWWhpb8eXuHH+0xwmK86+IAC41MdqdTGT0ADvGmBEzEubUb752788GH31q9sfzOyjsrN6cvXry0cOni64vnrq22Vxa6Pw87SuAgbD70DzsSAAAAAAAAAAAAYFyjPhhw6sXdPjQy1mc8/M9CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYF9cPpPm/RQ5v3B2oaxvrC+2y6lX3lyzmaTRSIqfJcWDZCndKXMD3RX544N0Ruzn49VLb332cOPzzb6a3fWTRj3f2eNbk9yrp8wnmarnT2GovytP3V/xn94xlAn7otPpLD1dfLA//hsAAP//P3v0tA==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x1ff)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f0000000000)=0x60)
truncate(&(0x7f00000000c0)='./file1\x00', 0x5)

4m18.179495417s ago: executing program 4 (id=1244):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000f40)=ANY=[@ANYBLOB="12010000dc3f6e4013080100083a000000010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)

4m18.068302153s ago: executing program 36 (id=1244):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000f40)=ANY=[@ANYBLOB="12010000dc3f6e4013080100083a000000010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)

4m3.621808817s ago: executing program 6 (id=1400):
syz_mount_image$nilfs2(&(0x7f0000000180), &(0x7f0000000a80)='./file1\x00', 0x41c, &(0x7f00000000c0)={[{@nodiscard}, {@order_strict}, {@errors_continue}, {@norecovery}, {@discard}, {@discard}, {@norecovery}, {@nodiscard}, {@nobarrier}]}, 0x1, 0xa75, &(0x7f0000000ac0)="$eJzs3V2IXNUBAOBzZ3c2f2szsUldNWpaW7Q/7roxabWpJmKglEII9KGgfQkxpiFrWhqRKkJTH0pfREHMUx9i6UtflLYU9aUEH4oUlFJahD5Z6WsKQh+koFN25pzZ2ZMZ7kyyu3dm5/vgzJl7z517zp25c+fOvecnABOr1no8cGBrCOGVt14+etur77y4POdwZ4lG63G6a6oeQiji9HS2vg+m2vEnHz13sldchP2txzQdjl3pvHZHCOFC2Bcuh0Z44bGL0++/cey918LZp48ffffN9dn6FcV6ZwAAACPg+OVDB/b866+37vrf67cfCVs689P5eSNOz8bz/iPxRDmdL9fC6umiK3SbyZabjqGWLTfVY7nufOrZctN98p/J1lvvs9yWkvynuub12m4YZ2k/boSiNr9qulabn2//Jw+t//Uzxfy5M0tPnK+ooMCa++8dIYR9giBMYmjurPoIBNCW3y+8yoW1vVPXWdv0YPlfebjW+/Vd6mtaQibC1na00ft/Tv6jnf9vfq6mAmtnE+5Nf7+ha7vS92g2Tuf3EfL6S8N+/9P68vsRg54D9LuPMC73F/qVc2qDy3Gt+pU/3y82qwdjnN6Hh7L0+D1o3U7LP9Nx+YyB3j52/V8Q1iTcXFRfhmFDs+oDEDCy8npzzSil5/X68vQtJelbS9K3laRvL0nfUZIOk+wPT70YXipWrnfl/+mHvR42m63iM0OWJ78eOWz+eb3fYV1v/nl9YhhpO/588f7HH/1bu/5/0dn/P437+7443YjfrctxgXS9ML+u3qn731idTa3Pcjdmxbmhx/Kt57tXL1fsXllP6DrOXFWOufSK9hXdnf2W27t6/Y1suW0xbM3Km5+fbM9el84/0kFxdlVpVra3nm3HTFaOdFzZFeO8HHAt0v64uv7/8t7Xqv/fuY01F+rFE2eWTt0bp9N++s5Ufcvy/MWNLjhw3QZt/zMXVrf/me3Mr9e6jws7V+YX3ceFRjZ/f5/598Xp9Dv3w6ltrfnzJ3+09PhabzxMuPPPPHv2xNLSqZ94MmpPwoUQRqAYnkzSk3RcOLFU7XEJWH8LTz3544Xzzzx7z5knT5w+dfrUucWDi/c/cHBx8esPLLTO6xe6z+43Y3VhmFwrv/5VlwQAAAAAAAAAAAAY1OkPFy794+1v/LPd/n+l/V9q/59q/qb2/7/M2v9nzfw7FYRTO8DUju+q9vZZB6sz2XL1GD6brX93ls+e7HWfi3FnHL/Y/j9ll/frmspzUzY/7783LTeXzc/7S5nJ+iApwi+2d5fvCzF+Psa/DlChYlvv2TEu69867eupfwr9Uoyn9LmlvSH1Y5Laf6f23qm/ktT/Qzr+79qAMrL2NqJdYdXbCPT2n83c/3c6iam6HIIwoqHZNIoHMBqqHv8zXfdM8bk/fWfrckiLXXl49fEy778Urseojz8p/8rH/1zT4YU7498NfPzLRszLbwAN6NDz3/13V7bhlkHzz8c/Tf1A7x4u/2/F/NPW3BUGy7/5apZ/fkNoQA9m+W8fMP+rtn/vteX/UMw/vW133zlo/u0SF7XV5civG6f7f+m68fez/A9n25/69hx6+69xoMYjMX+YZOMyzuywxmX8337yehgH43Q6EKZ6Dvl4J8OWP9WvSL8De7L1FyW/b5tw/N/mz5rNX03KOC7fjHHZ92E2fqZpf2z0mK51Tdd7vLeb9VgD4+qDzXz/Txj/sG0EynD9of2z2j0v/RhWXLZms1lpn746FK5W1e9/1f8Tqs6/6ve/TD7+b34On4//m6fn4/9+L0vPx//NX5+Pr5en5+P/5u9nPv5vnn5Ttt58fOC5kvSbS9JvKUm/tSR9b0n6bSXpny9Jv70k/Y6S9BtL0u8sSf9iSfqX+qd/3L1ov9ffXbL+L5ekb3apPcqkbj9Msrx9nu8/TI50/6ff9393STowvi6+vvjIo7//QaPd/n+mcz0k3cc7Eqfr8b/zT+N0ft87dE0vp70dpz/M0kf9egdMkrz/jPz3/a6SdGB8pXpevt8wgYrePfbk99v69VvV7zyf8fKVGH81xl+L8T0xno/xQowXY7x/g8rH+njkd3889FKx8n9/Z5Y+aH3yvD1Q3k/UfQOWJ78+MGx99rwfv2Fdb/7X2BwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgMrXW44EDc0UIr7z18tFLf/n2b5fnHO4s0Wg9TndN1TuvC+HeGE/F+FJ88slHz53sjj+NcRH2hyIUnfnh2JVOTjtCCBfCvnA5NMILj12cfv+NY++9Fs4+ffzou2+u3zvQVqx3BgAAAFCh/wcAAP//z2EOoA==")
r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)

4m3.560904218s ago: executing program 6 (id=1402):
r0 = syz_open_dev$sndpcmc(&(0x7f0000000080), 0x0, 0x0)
read$snddsp(r0, 0x0, 0x0)

4m3.455538024s ago: executing program 6 (id=1403):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x101141, 0x0)
ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f00000000c0)=0x10)

4m3.390498261s ago: executing program 6 (id=1405):
syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x200000, &(0x7f00000000c0)=ANY=[], 0xbe, 0x1e7, &(0x7f0000000200)="$eJzs201u00AYxvHHcZyUUiifG1ZILGBDAoUNO3oALsCuak1V4QIibFohIa7Bjpv0JlyglWDHCqOZuJEdJs7YwflQ/j+pzavYj99JlLE9CwvA2rph/wcKFNkqTdMv9yW9fiWp/e/+V+c9QACNSfUnBbCuwp+LHgGAxbjYDe19wFkg/fj1ef88+4s87x8udlvDYkNSLt/xzX8N7Ou9tnSey3ezQ069f/k+zD9UMX+lYv/NsfzmlFwwyg8//6MHxbxZJ21JuibpuqRtSeabvinplqP/wVj/u57jB2Zhfn0910K/Sr5Xv7+ZPW+OkviJa2M4PR9l+afuzblTyJlzh06W3/Ec76T8s5r5bpbv7b9PDhzbWzWPC/ho2flf36zzP5R+p+Pz/6V/vl0+/wGUGJycvt1LkvjjwFxsbTF6Z1IR2aKbHaFsZ3N1zL2jkhZmMeLVnaL5YsOxKSr8WpouOv/tgCrbx1y+luEL9ywuZ23zvbaThZ2SAMxJ/9Pxh/7g5PTx0fHeYXwYv9t5/uJy2W3X5f2Jq3MAK654c+4jaHZAAAAAAAAAAAAAAACgstuS7tQJ+j7gBwAAAGBplD8G9K3iw0OR5HjcqqT91hw/KgAAAAAAAAAAAAAAAAAAALDy/gYAAP//R4hAiA==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x40040, 0x6ab858183a7ef6ba)

4m3.331585773s ago: executing program 6 (id=1406):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace(0x10, r0)
ptrace$peeksig(0x4209, r0, &(0x7f0000000080)={0x200000, 0x0, 0xffffff0c}, &(0x7f00000002c0)=[{}])

4m2.932032879s ago: executing program 6 (id=1412):
r0 = socket$inet(0x2, 0x3, 0x6)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @dev}, {0x1, @local}, 0x4a, {0x2, 0x0, @dev}})

4m2.792384558s ago: executing program 37 (id=1412):
r0 = socket$inet(0x2, 0x3, 0x6)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @dev}, {0x1, @local}, 0x4a, {0x2, 0x0, @dev}})

3m18.523051391s ago: executing program 7 (id=1858):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e22, 0xd, @loopback, 0x6}, 0x1c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x33, &(0x7f0000000100)=0x80000001, 0x4)
r1 = dup(r0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), r1)

3m18.37652742s ago: executing program 7 (id=1861):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x21081e, &(0x7f0000000240)={[{@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80000}}, {@quota}]}, 0x1, 0x4ff, &(0x7f0000000ac0)="$eJzs3cFvG1kZAPDPTpw4aXaTXfYACHbL7kJBVZ3E3Y1We4DlhBBaCbFHkNqQuFEUO45ipzShh/TMFYlKnODIH8C5J+5cENy4lANSgQjUIHEwmvEkdVO7iZrEzsa/nzSa9+ZN/L3XdN6rvyZ+AQytqxGxGxFjEXE7Iqaz67nsiE/aR3Lf0737S/t795dy0Wp99s9c2p5ci46vSVzJXrMYET/6XsRPcy/GbWzvrC1Wq5XNrD7brG3MNrZ3bqzWFlcqK5X1cnlhfmHuo5sfls9srO/UxrLSVx//cfdbP0+6NZVd6RzHWWoPvXAYJzEaET84j2ADMJKNZ2zQHeGV5CPizYh4N33+p2Mk/W4CAJdZqzUdrenOOgBw2eXTHFguX8pyAVORz5dK7RzeWzGZr9Ybzet36lvry+1c2UwU8ndWq5W5LFc4E4VcUp9Py8/q5SP1mxHxRkT8cnwirZeW6tXlQf7DBwCG2JUj6/9/xtvrPwBwyRUH3QEAoO+s/wAwfKz/ADB8rP8AMHza6//EoLsBAPSR9/8AMHys/wAwVH746afJ0drPPv96+e721lr97o3lSmOtVNtaKi3VNzdKK/X6SvqZPbXjXq9ar2/MfxBb92a+vdFozja2d27V6lvrzVvp53rfqhTSu3b7MDIAoJc33nn0l1yyIn88kR7RsZdDYaA9A85bftAdAAZmZNAdAAbGbl8wvE7xHl96AD7vuuzN202x2y8ItVqt1jl0CeiPa1+S/4dh1ZH/91PAMGTk/2F4yf/D8Gq1cifd8z9OeiMAcLHJ8QM9fgzgzez8u+w/B36yfPSOh+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwWETNRyN1ZrVbmIuL1iPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3+1HNNb185LI5FxM9+/dmv7i02m5t/ihjL/Wv84HrzYXa93P/eAwDHO1in03PHG/mne/eXDo5+9ufJdyOi2I6/vzcW+4fxR2M0PRejEBGT/85l9bZcR+7iNHYfRMQXu40/F1NpDqS98+nR+Ens1/oaP/9c/Hza1j4nfxZfOIO+wLB5lMw/n3R7/vJxNT13f/6L6Qx1etn8l7zU0n46Bz6LfzD/jfSY/66eNMYHf/h+uzSRffGz3Z6fPIj48mjEQez9jvnnIH6uR/z3Txj/r195+91eba3fRFyL7vE7Y802axuzje2dG6u1xZXKSmW9XF6YX5j76OaH5dk0Rz3bezX4x8fXX+/Vlox/skf84jHj//oJx//b/93+8ddeEv+b73WLn4+3XhI/WRO/ccL4i5O/L/ZqS+Iv9xj/cd//6yeM//hvOy9sGw4ADE5je2dtsVqtbCooXPxC8lf2AnSja+E7/Yo1Ft2bfvFe+5k+0tRqvVKsXjPGWWTdgIvg8KGPiP8OujMAAAAAAAAAAAAAAEBX/fiNpUGPEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgMvr/wEAAP//M+fPJQ==")
setsockopt$XDP_UMEM_COMPLETION_RING(0xffffffffffffffff, 0x11b, 0x6, 0x0, 0x0)
quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0x3, 0x84d0, 0x2000000000000000, 0x200002, 0x2, 0x2, 0x7b, 0xfffffffffffffffd, 0x107ff})
mkdir(&(0x7f0000000200)='./bus\x00', 0x18b)

3m17.983655586s ago: executing program 7 (id=1863):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={<r0=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f00000000c0)={'wg1\x00', &(0x7f0000000580)=@ethtool_gstrings={0x1b, 0x8}})

3m17.617609359s ago: executing program 7 (id=1865):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x151}}]}, 0x1, 0x5d8, &(0x7f00000005c0)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000008b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f0000000380)='./bus\x00', 0x322020, &(0x7f0000000140)=ANY=[], 0x1, 0x0, 0x0)
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0)

3m17.456909981s ago: executing program 7 (id=1868):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r0, &(0x7f0000002800)=[{{&(0x7f0000000000)={0xa, 0x4e23, 0x6, @dev={0xfe, 0x80, '\x00', 0x2a}, 0x5}, 0x1c, &(0x7f0000000480)=[{&(0x7f0000000100)="93", 0x1}], 0x1}}, {{&(0x7f00000004c0)={0xa, 0x4e22, 0x6, @private2, 0x8}, 0x1c, &(0x7f0000000a40)=[{&(0x7f0000000500)='J', 0x1}], 0x1}}], 0x2, 0xc010)
shutdown(r0, 0x1)
getsockopt$bt_hci(r0, 0x84, 0x6c, &(0x7f0000001280)=""/4107, &(0x7f00000000c0)=0x100b)

3m17.125477438s ago: executing program 7 (id=1875):
syz_read_part_table(0x106a, &(0x7f0000000000)="$eJzsz71JBUEUBeAzO2/X2dQGbMPQQDAxVOzFRAVLsALBxMhYO7ALwQq2gZFdRLABfcH3RffnwOWGfzUP7fAlOb6vD2lJbpNcjUnqNCUpP8G39/O1GR+XdpBSc7Lbxv316fqz977WNdmdLRcZ+0356MO2L6dz+3VwuDvq3/nUy+e//BUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9tVXAAAA//88gxiI")

3m17.032597744s ago: executing program 38 (id=1875):
syz_read_part_table(0x106a, &(0x7f0000000000)="$eJzsz71JBUEUBeAzO2/X2dQGbMPQQDAxVOzFRAVLsALBxMhYO7ALwQq2gZFdRLABfcH3RffnwOWGfzUP7fAlOb6vD2lJbpNcjUnqNCUpP8G39/O1GR+XdpBSc7Lbxv316fqz977WNdmdLRcZ+0356MO2L6dz+3VwuDvq3/nUy+e//BUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9tVXAAAA//88gxiI")

1m41.821230632s ago: executing program 3 (id=3102):
pselect6(0x40, &(0x7f0000000340)={0x10000000000006, 0x38, 0x7, 0xfffffffffffffff9, 0x5, 0xd, 0xffffffffffffffc9, 0xd6}, 0xfffffffffffffffe, 0x0, 0x0, 0x0)

1m41.820469358s ago: executing program 3 (id=3104):
syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./file0\x00', 0x100000a, &(0x7f0000000180)=ANY=[@ANYBLOB="6a6f75726e616c5f6173796e635f636f6d6d69742c6865617274626561743d6e6f6e652c67727071756f74612c696e6f646536342c61636c2c6c6f63616c666c6f636b732c005ea7501d3984f30800000034dd9b5f52523eb71133652077aca5d26b513822020aa04ceba373f5ce95c0d1d4d8d88b077307143bab05b944c8717fae9043000a828674b0cdb1a82528e59e857c2049a73f8389f4eb91af6e2f93e4894cc0e776da52222dc59219"], 0x0, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzJ6vZpMl2P9ImafoxSQQXLcumT9X6ENeqjabNh7bVVFlnN9vN6uzMujujBYPUIIiCoARBxQ+qQulLLYiBvtQiFPxAWoVSUbS+iBSq4INBG+jKzNybnXtntneyk7S0/f2gnb3n3nPumf3vPXfOPZNCrHZqYaW4sFIsVYrV2ftXbil+rlquL86FwqvktT4/vbkSOcn+tXPkfR/4yD23hPCHY1/70Orq6mpoGA5dHWj7+fy/T8+2vyYKmTqNdru31vLH+iMv/fwtr3REnhMhhB0d/WrYFEL42C9C2BxCGInLRuPXLSGEbSGEKITw6G/+9ePBfrrQ5uy9Lzx37MzhfWemHn/smQvzR9c9MArhu+XdN88vvrh/023Pv+MynR4AAF7RB48fufvo5IHwZBSGzg10fl7fGb8mn4/vfNun7np4YG3/Kr3Z9CqGCgAAABlr8//h6OUu63XJylqyJPjEAyfufipa229i+/p26K4jt79/8kC8/ht17L81Lvrnezc111Cz677Z9d+RTP3u679r53n4q8/+svLWjfc/6V9y3uEQFSZS24XCxEQIx6Za27uirYVydaX2zvur9crJjZ/3jSKdf3b1fm1Bv9f8RzPV89b/d3/i8z/bMtDPOxgL2b/axnax80+ZLtL5rz+W/+RLUU/5j2Xq5eV/x9Pbz/9qcz/vIHtGLkU6/9aFuK/9gGJrAGjk/82B/Px3ZNrPy//7U+cePbGB7/80xpnhqNHXwdQI8HJcvs5XmMhI598KIjV0xr/I9a7//2XyvybTfl7+d1b/8bu/9XH/X2/8H5/qp803j3T+rSCKqSPWrv+RQv71f22m/bz8f3vqz89+sq97dWf+jf6Pu//3JJ1/fCNOD57N32Sv4//OTPt5+e8au++hhQ30+8Nb4n4ORWGs7Vun5xq3sKG19ermlKaxe2kDJ3kTSOff+q2lLp2h1kvz+h/OH/93ZdrPy/+hPV9/z+m+vv/bffyfNP73JJ3/lmbZpeT/Uib/3Zn28/L/4em//+W+yzz+N7YPyr8n6fy3duxfe/5T6Gn+d12mft7zn32jTz3y1z7m/0n/kvMmz3+S5xDjUev5D92l879q3eN6vf/vydTLu/6/9Z/nn97fz/gfDXoC0Id0/ttahV0mgL3mf32m/bz8v3DPlz/+pw3M/5qf+AaT/Nvm/5tb5UeN/z1J57+9VZj6x1APNv/fvP9Hnbn/N5P/DZn28/K/cGhi4CuX+f7f6P94l0fZdErnP7TucY38f9/D/f/GTL28/L+496cv3tzX5/8QJs31Nyyd/9XrHte8/gfz878pUy8v/+9849dPPNhH/9/eR12y+bfu9anLKf5s3uv8v5hpPy//H42fP7v/Csz/bnX/70k6/9aq+aXkn53/7820n5f/9478YHngCjz/uUP+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzIavw6HqDCR2i4UJiZCGIu3d4Wt0Uzp5PRMuTr7mZUQdsTlxTAazZerM6Xy9EKlenJuulQuV2dDuCbevyMMRivlam16sbR07cW2tkSn5krLtZm5Ui2EsDMuvz5sT9qaWagtlpaaxyZ1ropKn61Xa6WJ+srccth9sXxbUj6/XK0vXXexrasL1eWlU6XK9MmF5XdPTk5Ohj0X+zwSzT1Qm6vUWr1t7W3USeoOR21vprn7hrbzfbpaX66Uys3yG9vqlKuzpXJbnZvazldbrldmS7W56XJ1Pjlfsa1u23tr7t4b7xsPI6n3l9TNOhi/3n7o+EePHz7Qsb8YpfOu1BfnJrd3/5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4I3rydve9e0QwkBrqxBCOJj8EMX/pZy994Xnjp05vO/M1OOPPXNh/mi3YwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYuZ+XKro4DsBnxve+FkgpbYRcBoaI6E7Cgn4RSeU1smWb1kGtEjIoCgwjWhYEQVC7qCBoFVT+BVELl62qTS1aGERQMTqTlzvCDS90zHkeGM4Mc++ZLwzcO3M+hwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB+nN2x2JW1l3ZtXtq6+0PozM/9H0IYTZb3P+/tCD0hhK9fZk6HVdpCT1P/bybnxstXTX7v7R9/eH00WXv9xXeL63aHJB1qON6ZpOnQ0Nr736juDD6bHkxCSGMXQhQLY0/O1EIIHbELIYqfH+cvZr/v/8UuhCj6P9ztyu5/LXYhRLF196e+Wv6MR/Wcr18YbPzvb/UI3sYjOuvQ25NX3qVuauW9zN//k3zzPlgNsyeOvH8euwiimZ2bOhq7BgAA4O861yL/D1uW9+9fTkJPdzn3/9aU//c29b96/r/i3vYbYzNthRDbSmOT2fHwvnb63PhODVy9/bpmvKeq5P/VJv+vNvl/tcn/q03+X23yfzKv5P+V9PjmnsUXsYsgGvk/AABUz6HjE1P14ZHs5X/Tj85yXt+Xt/U8T39wa3rgUcO4kfzw33b42MSBg8Mj+X0vDwiurP+QLp39ns/3aG4Lk03zLlqt/9D7dGH+Wmf5E/U/nL9R1Fdc1/oPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAvdueehkEwCsPod1sRtdGqaMLCT4IPNDAiACnMaEAHEwZgIAQUMJBzlnuTZ3kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5/tXeV18f2mM9Foj0lR22bV/jqfZz9y3w/I+e9y4FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZ24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KkAAAD//8Oayzs=")
newfstatat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, <r0=>0x0}, 0x6000)
quotactl$Q_GETNEXTQUOTA(0xffffffff80000901, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, r0, 0x0)

1m41.275035152s ago: executing program 3 (id=3106):
socket$packet(0x11, 0x2, 0x300)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0x200105d0}], 0x1}, 0x1f00)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0xfffffff5, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
write$cgroup_devices(r1, 0x0, 0x9)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)

1m40.139016891s ago: executing program 3 (id=3128):
syz_mount_image$hfsplus(&(0x7f0000007340), &(0x7f0000000040)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1600008, &(0x7f00000005c0)=ANY=[@ANYBLOB="756d61736b3d30303030303030303030303030303030303030303030332c6e6f6465636f6d706f73652c706172743d3078303030303030303030303030303030372c6e6f6465636f6d706f73652c6e6f626172726965722c6e6c733d69736f383835392d312c747970653d25f205c12c00fda5eb202594d6f03492c5dcec5e93ca946d5a3d8bbeec226c4181fafb5335bb19b76d77eb7bc1c165aa4c68f1d1b50606d7b18ed3ee238f9a213a127ba2ee94bf17debc420923f0416b4030338c3765578df725ee58a6bd52d54b6d53b0"], 0x3, 0x656, &(0x7f0000001280)="$eJzs3UtsI2cdAPD/OI4TB7RN22y7oEpEXakgInbzUBbCheUhlEOFqnLgHO16G2u9aZW4KK0QCi9x4MKh4lwOuXFC6j3ScoYL2muOK4H2sgeUm9GMx46TOHbeduD3W42/7/M38z3+mZedjSaA/1vLM1HciSSWZ97dTMu72wu13e2Fsby6FhFpvhBRbCaRrEUkT5vV99OXr6Rv5usnx/XzWXXp/Wcvd583S8XWxkkpzY0fv10/zQ238iWmI2IkT48aPWmrB9p7cGx73fz7D90H2RxoOufbrcDBoDWO2DrN5mc+boHhkTSvm0dMRkxkV+jmfUDkZ4fC1Y7u4mXzuPazAAAAgN5e2Yu9rUajMehxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwHWSP/8/yZdCKz8dSev5/6WO1UsDHOqF2Bn0AAAAAAAAAADgTBojnaWv7cVebMaNdm2S/c7/7awwlb1+KT6OjajEetyJzViJetRjPeYiYrKjodLmSr2+PneCLee7bjl/qZMGAAAAAAAAgP91v47l/d//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAMEgiRppJtky18pNRKEbEeESU0vW2Iv7Ryl9nO4MeAAAAAFyBV/ZiLzbjRqvcSLLP/G9kn/vH4+NYi3pUox61qMTD7LuA5qf+wu72Qm13e+FJuhxt90//aWR6dl5s57IWo/ndQ/eeb2VrlONRVLN37sSD+DBq5c72brXG031cv3qRtv293AkD9DBP05n/MU+Hw2QWkdF2RGbzsaVxfLV3JL7/4qw9TdfGIuai0P7mZ+oSYj6Rp8mhtKsk+zLqihyO+XwUsnin3ugdiYivf/GXn63W1h6vPtqYGZ7d6IyakWg0mpEYy0qtSLzZNxJjcTAS9658/BdnNpv7zXZ5OX4cP42ZmI73Yj2q8fNYiXpUYjp+lOVW8v05fZ08FKnCwabvHyi9128kpfzn0jyLnm5Mb2fb3ohq/CQ+jIdRiXvZv/mYi2/HYizGUsdP+OYJjvrC6Y7629/IM+kp/fd5OhzSuL7aEdfOc+5kVtf5zn6UXrv4c2Pxq3km7eM3EfHDC5zn+RyORHqV+OLLzbrXe0fiz9l9wkZt7fH66spHJ+zvnTxNj6PfDdWVOd1fXmvf3xzcO9K617vWzWV1U+26wpG6m+26fkdqKb+HO9rSfFb3Zte6hazuVkfdkfut9v0QAENs4psTpfK/yn8vf17+bXm1/O74D8a+M/ZWKUb/Nvrd4uzIO4W3kr/G5/HL/c//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA2W188unjlVqtst4303re2olW7si0HufUe+UkitmDfE7TskytVhmPoRjGqTK1f0Z0vJNcXl+tpxUOfMp9M2PDtvMP7pwEXI279Scf3d345NNvVZ+sfFD5oLI2uri4NLu0eG/h7qNqbSTS18rsoEcJXIb9i35WHB30eAAAAAAAAAAAAID+ev8ZQOu/A57vzwkGPEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgmlueieJOJDE3e2c2Le9uL9TSpZXfX7MYEYWISH4RkTyNuB/NJSY7mkuO6+ez6tL7z17uPt9vq9hav9Bru4gY7T+LrXyJ6YgYydNzONDeg3O3l7RnmAbsdul8g4ML898AAAD//01ZBII=")
mount$bind(0x0, 0x0, 0x0, 0x109041, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc13, 0x0)

1m40.038634618s ago: executing program 3 (id=3130):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=ANY=[@ANYBLOB="fc000000190001002dbd70000000000000000000000000000000000000000000ac1414aa00000000000000000000000000000000000000020a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000c00000000000000000300000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000a000000000000feffffffff7f400002000000000000080000000000000000010000000000000044000500ac1414bb000000000000000000000000000004d43c00000002000000ffffffff0000000000000000000000000600000004"], 0xfc}}, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x70bd2d, 0x0, {{@in6=@loopback, @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xc, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x407ffffffffffe, 0x800000000000002}, 0x0, 0x0, 0x1, 0x1}}, 0xb8}}, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000080)={@local, @dev, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "ab0001", 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x2, 0x5, 0x0, 0xa388}}}}}}}, 0x0)

1m39.77071391s ago: executing program 3 (id=3134):
syz_mount_image$f2fs(&(0x7f00000004c0), &(0x7f0000000240)='./file0\x00', 0x450, &(0x7f0000005f80)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5e0b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31ee56a4bc5fdcd2dad721eb3b32dcc92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c84268030000000000000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd970140400000000000000", @ANYRES32], 0x1, 0x5558, &(0x7f0000000a00)="$eJzs3EtvG9UXAPBju2n/ff4jxIJdR6qQEqm26vQh2BVoxUO0qngsWIFju5Zb2xPFrhOyQoIlYsE3QSCxQmLDZ2DBmh1iAWKHBPLMmBLCo5XdOGl/P2l85t65PnPvyEp0ZiwH8MRaTn75qRRn4nhEVCLiVCmy/VKxZa7m4ZmIOBsR5T9tpaL/j46jEXEiIs5Mkkd8PczHTA59en587vKPr/381bfHjpz87MvvFrdqYNGejYj+Rr6/1c9j2snjnaK/Me5msX9pXMT8QP9u0U7zuNVezzJsNabjGlm82MnHpxv3hpN4u9doTmKnezvr3xjkJxyOO9M82RvuNDazdqu9nsXuMM1iZyef1/ZO/vdyZzjK87SKfO9n6WM0msa8v73dztezcTeLzcGo6M/zpq329iSOi1icLpppr5XNY32WK32wvd4d3NtOxu3NYTcdJJdr9edq9SvV+mbaao/al6qNfuvKpWSl05sMq47ajf7VTpp2eu1aM+2vJiudZrNarycr19rr3cYgqddrF2sXqpdXi73zycs33056rWRlEl/sDu4d7faGye10M8nfsZqs1S4+v5qcqydv3riV3Hrj+vUbt95699o7N1+48epLxaA900pW1i6srVXrF6pr9dUDsP7J/90HXP9olvV/VEz6IdZfmu3ywL/zAQN4aHvq/5hv/V8J9T+w12Gv/2Oe9f+kpFL//3f9W569/p+p/j2o9f8hXj/MRP0PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDE+n7p81eyneW8fbLoP110PVW0SxFRjojf/kYlju7KWSnyLP3D+KW/zOGbUmQZJuc4VmwnIuJqsf36/0d9FQAAAODx9cUHZz/Jq/X8ZXnRE2I/5Tdtyqfem1O+UkQsLf8wp2zlycvTc0qWfb6PxPacsmU3sP43p2T5Lbcj88r2QCrT8OHp+53Zgkp5KO/rdAAAgH1R2RX2twoBAABgP3286AmwGKWYPsqcPgvOvnl//9Hm8V3HAAAAgEOotOgJAAAAAI9cVv/7/T8AAAB4vOW//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzOzv3kpg1EcQB+NhjoPxVV3fcq3cExeoQuuywcoJfgCPQKuQBnILvss4kgwh4hOQIpCuNYoO+TbDM2+s0MsHljYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjSfbWe///749+lObv9ZfLMBgAAADhlW63n9Ytp0/6Uzn9Jp76ldhERZUScqt0HMWplDlJOdeb91Ysx3EXUCYc+xmn7GBE/0/b0tetPAQAAAG7XZrmaNdV6s5v2PSDeU7NoU37+lSmviIhq+pAprTzsvmcKq3/fw/iTKa1ewJpkCmuW3Ianr41yddI2aB3STCaL+kusW2U3/QIAAH1qVwJnqhAAAABuwO++B0A/iuPueJ9x3BzSDcEPrRYAAABwhYq+BwAAAAB0rq7/r+H5f4/+lgAAAABv1jz/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/V8s1zNzl1fvDJnt79MvhkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8sz/3KBACYQxAs4u/ncz9DysRLa1t3oOBkDDFBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8OZ3v/yfcDVHkqltw9x6JFk6NaydGrbODXs/jK+vAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABO9uclBUIgCKJgzvjfSd//sJKgZxAhAhoeVdSiAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC+6He//J+YGmeSudPG0vFIsnbV2Lpq7D1oHD0Yb/8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAudu6fN24yDAD4c77z9Q8gQkAZAqhIDLDQ5FpaOsIAihj4CEhReimBK4U2A60iUBaYUOYuCEaEkEBh63fo3EhdytYhQ5CYQfbZV7e90qM09tH8ftJ773O2877P67OiPLETAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKO2+Ey8lRdzOXmaGcbntxt7GStbv3NNnrm3dnM9aFrceNtE3bz/+5Kfby9U3x+Yqb76qPxkAAAAOhnZZ30fErXR7KeuTmbz+T8tjspr/+2eGcVnP31v37+xtHC52zZf1/2+/3n5hNNHMcJ5s0NW1QX/x/lQ6+7TEqffsQ4/o5Gc+/91LO/9Akvc3n99N8/PZ+vb69Xe7eXiojmwBgEdxvOyLoPx5KOt7TSYGwIHRqRTeZf3fnmk2JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA67G7GU2Xcioj5zp04s7O3sTKuv7Z1c75sp69e3aqOmQ2RRsTq2qCf1riWaXfp8pVPlgeD/sWxQcQDd/334FhE7M/IDwhizK4PJ/jyiH8+prg8o55V/LugNR1pNBokxedTbOnWe9Xtb1Bee49/5Ia+IQEA8MRKi5bV9bfS7aVsW2s24q8f7q7/X6vEMWH9f/uj0zeqc1Xr/15tK5x+C+vnP1u4dPnKG2vnl8/1z/U/ffNE763eyTOnTp1ZyM7V4sJqJP3FptMEAADgf6xbtGr9n8zef///aCWOCev/z7/rfVmdq63+H+vOTb+mMwEAADiIuqPouVf+/KM15ohWtxtfLK+vX+wNX0fvTwxfa033ER0qWrX+b882nRUAAABQh93N1l33/89W4pjw/v/TP774c3XMdkQcibgQEf3jKxcGZ+tbzlSr4w+V84m6Ta8UAACAphwpWvX+f5o//5+MHnlIIuL1V4dx+b+uJqn/2+99/VN1rurz/yfrW+JUSuaG5yPv5yI6c01nBAAAwJPscNGyYv/3dHvp41+OftD1/D8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3f4OAAD//1AjNPw=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x2000, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x148)
pwrite64(r2, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
sendfile(r0, r1, 0x0, 0x20fffe80)

1m39.545060867s ago: executing program 39 (id=3134):
syz_mount_image$f2fs(&(0x7f00000004c0), &(0x7f0000000240)='./file0\x00', 0x450, &(0x7f0000005f80)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5e0b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31ee56a4bc5fdcd2dad721eb3b32dcc92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c84268030000000000000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd970140400000000000000", @ANYRES32], 0x1, 0x5558, &(0x7f0000000a00)="$eJzs3EtvG9UXAPBju2n/ff4jxIJdR6qQEqm26vQh2BVoxUO0qngsWIFju5Zb2xPFrhOyQoIlYsE3QSCxQmLDZ2DBmh1iAWKHBPLMmBLCo5XdOGl/P2l85t65PnPvyEp0ZiwH8MRaTn75qRRn4nhEVCLiVCmy/VKxZa7m4ZmIOBsR5T9tpaL/j46jEXEiIs5Mkkd8PczHTA59en587vKPr/381bfHjpz87MvvFrdqYNGejYj+Rr6/1c9j2snjnaK/Me5msX9pXMT8QP9u0U7zuNVezzJsNabjGlm82MnHpxv3hpN4u9doTmKnezvr3xjkJxyOO9M82RvuNDazdqu9nsXuMM1iZyef1/ZO/vdyZzjK87SKfO9n6WM0msa8v73dztezcTeLzcGo6M/zpq329iSOi1icLpppr5XNY32WK32wvd4d3NtOxu3NYTcdJJdr9edq9SvV+mbaao/al6qNfuvKpWSl05sMq47ajf7VTpp2eu1aM+2vJiudZrNarycr19rr3cYgqddrF2sXqpdXi73zycs33056rWRlEl/sDu4d7faGye10M8nfsZqs1S4+v5qcqydv3riV3Hrj+vUbt95699o7N1+48epLxaA900pW1i6srVXrF6pr9dUDsP7J/90HXP9olvV/VEz6IdZfmu3ywL/zAQN4aHvq/5hv/V8J9T+w12Gv/2Oe9f+kpFL//3f9W569/p+p/j2o9f8hXj/MRP0PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDE+n7p81eyneW8fbLoP110PVW0SxFRjojf/kYlju7KWSnyLP3D+KW/zOGbUmQZJuc4VmwnIuJqsf36/0d9FQAAAODx9cUHZz/Jq/X8ZXnRE2I/5Tdtyqfem1O+UkQsLf8wp2zlycvTc0qWfb6PxPacsmU3sP43p2T5Lbcj88r2QCrT8OHp+53Zgkp5KO/rdAAAgH1R2RX2twoBAABgP3286AmwGKWYPsqcPgvOvnl//9Hm8V3HAAAAgEOotOgJAAAAAI9cVv/7/T8AAAB4vOW//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzOzv3kpg1EcQB+NhjoPxVV3fcq3cExeoQuuywcoJfgCPQKuQBnILvss4kgwh4hOQIpCuNYoO+TbDM2+s0MsHljYQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOjSfbWe///749+lObv9ZfLMBgAAADhlW63n9Ytp0/6Uzn9Jp76ldhERZUScqt0HMWplDlJOdeb91Ysx3EXUCYc+xmn7GBE/0/b0tetPAQAAAG7XZrmaNdV6s5v2PSDeU7NoU37+lSmviIhq+pAprTzsvmcKq3/fw/iTKa1ewJpkCmuW3Ianr41yddI2aB3STCaL+kusW2U3/QIAAH1qVwJnqhAAAABuwO++B0A/iuPueJ9x3BzSDcEPrRYAAABwhYq+BwAAAAB0rq7/r+H5f4/+lgAAAABv1jz/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/V8s1zNzl1fvDJnt79MvhkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8sz/3KBACYQxAs4u/ncz9DysRLa1t3oOBkDDFBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8OZ3v/yfcDVHkqltw9x6JFk6NaydGrbODXs/jK+vAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABO9uclBUIgCKJgzvjfSd//sJKgZxAhAhoeVdSiAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC+6He//J+YGmeSudPG0vFIsnbV2Lpq7D1oHD0Yb/8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAudu6fN24yDAD4c77z9Q8gQkAZAqhIDLDQ5FpaOsIAihj4CEhReimBK4U2A60iUBaYUOYuCEaEkEBh63fo3EhdytYhQ5CYQfbZV7e90qM09tH8ftJ773O2877P67OiPLETAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKO2+Ey8lRdzOXmaGcbntxt7GStbv3NNnrm3dnM9aFrceNtE3bz/+5Kfby9U3x+Yqb76qPxkAAAAOhnZZ30fErXR7KeuTmbz+T8tjspr/+2eGcVnP31v37+xtHC52zZf1/2+/3n5hNNHMcJ5s0NW1QX/x/lQ6+7TEqffsQ4/o5Gc+/91LO/9Akvc3n99N8/PZ+vb69Xe7eXiojmwBgEdxvOyLoPx5KOt7TSYGwIHRqRTeZf3fnmk2JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA67G7GU2Xcioj5zp04s7O3sTKuv7Z1c75sp69e3aqOmQ2RRsTq2qCf1riWaXfp8pVPlgeD/sWxQcQDd/334FhE7M/IDwhizK4PJ/jyiH8+prg8o55V/LugNR1pNBokxedTbOnWe9Xtb1Bee49/5Ia+IQEA8MRKi5bV9bfS7aVsW2s24q8f7q7/X6vEMWH9f/uj0zeqc1Xr/15tK5x+C+vnP1u4dPnKG2vnl8/1z/U/ffNE763eyTOnTp1ZyM7V4sJqJP3FptMEAADgf6xbtGr9n8zef///aCWOCev/z7/rfVmdq63+H+vOTb+mMwEAADiIuqPouVf+/KM15ohWtxtfLK+vX+wNX0fvTwxfa033ER0qWrX+b882nRUAAABQh93N1l33/89W4pjw/v/TP774c3XMdkQcibgQEf3jKxcGZ+tbzlSr4w+V84m6Ta8UAACAphwpWvX+f5o//5+MHnlIIuL1V4dx+b+uJqn/2+99/VN1rurz/yfrW+JUSuaG5yPv5yI6c01nBAAAwJPscNGyYv/3dHvp41+OftD1/D8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3f4OAAD//1AjNPw=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x2000, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x181242, 0x148)
pwrite64(r2, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
sendfile(r0, r1, 0x0, 0x20fffe80)

3.742718894s ago: executing program 2 (id=4419):
r0 = syz_open_dev$vim2m(&(0x7f0000000300), 0x105, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000000c0)={0x1, @pix={0x0, 0x0, 0x34324142}})

3.608642199s ago: executing program 2 (id=4421):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000080)={0xfffffffc, "5e5c3446aa0ecd604c893eba3198600b1891109654fe9676d14574be70b6225c", <r1=>0xffffffffffffffff})
ioctl$SYNC_IOC_FILE_INFO(r1, 0xc0383e04, &(0x7f0000000580)={""/32, 0x0, 0x0, 0xffffffffffffff2e, 0x0, 0xffffffffffffffff})

3.607990288s ago: executing program 2 (id=4423):
r0 = syz_usb_connect(0x5, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000096d5c4004233e0269d7010203010902120001000000000904"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000600)={0x44, &(0x7f0000000000)=ANY=[@ANYBLOB="800001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000140)={0x1, 0x7, 0x5, &(0x7f0000000100)={0x17, "537a1468df08000000758bd16868e0bf22c7b844c1b1f10186854fff98d2870c38"}})

1.852665266s ago: executing program 2 (id=4441):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002140)={0x2020, 0x0, <r1=>0x0}, 0x2020)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x4000040)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)={0x50, 0x3, 0x1, 0x101, 0x0, 0x0, {0x2}, [@CTA_TUPLE_REPLY={0x30, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}, {0x14, 0x4, @ipv4={'\x00', '\xff\xff', @remote}}}}]}, @CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x4, 0x2, 0x292}]}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000040}, 0x4000000)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000600), 0x0, 0xfffffffb}, 0x38)
syz_fuse_handle_req(r0, &(0x7f0000008400)="92756f43b31ffe542788ef586b7c5a344424e3acac2590be6bbe37adface4a8f2e534ffe76a83a93f0b3680a72fddfde83f96d01982384e8d689219cb9669b14dbaa1b799f82ea1fc926126a4163618e16d4f94143a4e0f27c44fcef3920a0b3805ed4e78098d8689cc7791bd86648070718d238664332948d87866c8d2590fc0f017f9853abd9ed60b99f1aa6ae2dbd24ab6dbcebdb055246815ace147cc50fa3b2861148fcda374d5b203e51d72c45e4dde3e9ee9a47ffe458baf7bb49035135a8194aa1f0a83fa2abed56398f90daff679634619453f533f22583a6e0a4dc09e9de46684d5e0136e229510f3702cf3a4cd0065d3e5d3c419e38a80b070ca55010e082a9c510fd18cc0b26bb5e8e459e747befbc5c6b60ace80bf41417b7b78cf57e5b3984f0cdddc615c5e0000454d3f4a196fb6d18aa629cf0b0245f95ba958d86dc175616f8cd3ac473057dc3a5ff7107973326350107f4468e7ecd48d689b82c12d22ae5f1858302a1b4cfde8fd347a99ddcde40d1c49d9b5099fbccf09e782212be4b2ce36a2bc3c9ee794abffe72a5501e6c4f3f7f68b74761ffd6620609224a3bf11f655dadb5c8a5813b02fb46830e9ac6825f5d0e89910352eb3a58c0dd82d094f94dd2c85666f684a8f437bbd0e66b9f4d366117b67a054d212c4fbc287848cb0578391335d5d616b14d99a2e3df8e8a152d5de99bcefcaab5bb5cc71f3ddd66b379c104648e190e0b28a180d3aecc5423575d4ba7dbf31215c717da7b87dd454b6efcd36c91aaa631127f5bd88723d221752f102bc0c7ac6c5c7a1ad6747af40d01b6d39eab7b0e1292b44683c586386ad00acf60fb8f9bac551a6eb5bab7317b5d89f64db10bd9018dfa6d65d93862e851afbc30fd70fe5f0de322462045177231852ca80e4e78da4fea0c79ba354333026c8bc77d308a8d256a19ec45d2088c196691d3f9aac28ded36004a65ee1ce49ba9599ceee84534bb61d02d04a6732f1e27d72962f74b59f3522bf844c5022986d55934e48b8681b7f5b7532391448caeef00315d28320a46d8bd7813544e1e4bf994e14a519c2654ff20b42bdb69c262897e28eca528f0999840b00ed8256597d27cfc20d71d5f40d0bbca759f7594c6034aa1e16a84ed152fad0fdc1c303a7f61225712714f823afc5ea241d482d3585759623af8c97ca6a84a2033b3d7314ea0ef7ba9b288b362a294c92c8b9736829c16f61c5a1ee04aca965d71162292274595ea62c9c2918e8279c99f5d2830c617c58211fd7452330184b9428d5ec1d5cd75ddcc6de3326fdc70e891104b3b013c30ffccfaf3308d9671b01f6b080a930dac2052c6f39817a662121d90d40d6a1facfb50bec7d408030b6d0ae3e744f3bcc327c35dc43cf86b743db78ff2e593b19923235ed6467f299b08718fe1840c16a748935dff941150fb08b30573b37bf9af5c86cc8d9e229a832e4ef25ec91f71120f2b3e9062485976c280a2d172386029e2f2a4801197fca0a13514edacf5ddbac5a62e8bb13dd1572657a821a8739297f72e29239d1cdddf3e30cbe9af3141f2275ee4ae85d86ec888fe9a6751f252057e95b8beb055e276439581afee93cd44f1e92f70e5f725451d3ab662918ffbb1269509fbd511e95a00ec717f9d60d643864abd6ad1cc4dd7f933379a6078a86c2158db8076e7b660366fca7b1c46d09d2c8e67a6494bfb4c2c6750e76593895b5e2b2bc78093840c3c4a807826bc2750a96b4e1dd5b82b492bb2215518c92064d1763c37132604e52e73fac3f4511f791753aeecfbb19816e0da7a1bfbea9eeaa0f256eaedcb119a61f7d0ea0f5cd4969d45cb014800f2c888d5c2217cf0f69a7507779883b57352bb8883cc584891950d6e792537074f4fc4337aa19b9bf60e18edd939d289fb4a6b7aa6c66da20774e249ca4f779d3c910b1a9a8e4c38af6adecc87d5481d181fd66023ffff246f4e2556b218fe8110acebe20b1675f1de6f265b6d1d8514a53522396bf0e2f2b153c498e48b36d16f8b9bd56f45d7f5b9397d7f1339117a176d0bad0b68e800682416d3e18fe2197c7f8dc20600feb95cc6ba86ad47f113e159bd4389e30eab2874bd27eebc56020c4dab9973b13f3e82aa62a7e0a151d73de48cb811e32be63ffd303f5a6ea6f097ed763fbf36c430821e451146de79922348354ce285af0997bf3c66e6ef02942e24b8f1ccdd542f09cfe65c0da0094c0b5fd26bbc061538b41e5ed2cbb390ee29b10a4b7a696009e1b5b86c44c0a561a257c15415feaeb1433ea275ed6e4b228503fe71ee5942665164faaed6697112206be0fe7863aebd4bbe951d5dea1da294dba0793196385f4d5141c9d6c4b0fa22b2e200cfb70b52aca31655e71e5a576ccb8ccb5b1364748aa981edbb81a813b1aebc67be1f7619e7e197622d981280429f6ca5145c5b3b05e6bace9191e5c58fbf140f71f594cbfd4db0e9f6923f1758ff9474a61a720a5d4f09c622c3ce3f5d0d3a1d191111168108f41f12b16e9eaf3617c353715cd35260560cbfd0555d51ce5c40bbdb7c95ceaeadadb8902974de50b0863348183864f5ea682e678286a06a6f396af29a7c7fb33a3579e25835963612f3c0d4cf369d85959a0adeda94d35824050e6fba7f83f90867583f713d7783323c7010e94c9be331f860db395dbde6face5bfdb616fcefa9c6b01f6963daa840a31ff554a458c0c50cb5e09f91f54f63234589decaf45bbfbaef0dcbff4ae6e65ca26a530261c491ef8eb9a855a1d7463391c9b66be96cf24c3c321ee5a5bdc857f60b582683c6ae1e3775b62a9f19ff8fa51380ca8a2a3c6de79012f5727ba12025e7e6723a23a81e067ca6e54c7b38ff64880d235d21e7ee5258953dcbf9e2a962f006ca4ffe870859242c850cbae4222b3b72c4f86934379ba2ead1dcde906241b994d95c88355af5a9a30ace9c933a6942f341ad221dd825846a8fd44c03e2eaa9311c26e15a1bd7cbba961a22ef23d7ebba0e34cec5ef09b1ce72814a97e33bd29f3d9ec80a4f45d1d29486accf15c11f1a800bd84918e7626f678275d7c7acb02cc0e6e34bb766ba6b75c3ad14fca9352e09c3b69390c045cfc842ff9ade8ca693c07fadc7047a946e6e570c3afc5b501c964103397f5ddadc2d59a048348dd42f07cfe31bc9b5ae453f5086bb41bba4c8a3e518e30b0855184b053f923025dd72ce1bcbf41231978b34a8547c71d7313992165078903c61d312b0d9469413c9fd97ccdf0ea270fb6c47ec8861a1c8d909eeace761b5a06ba46e25785ff87f867777abb237c6c980687991f1ed0157d58492260c712cec34c1fc0962103955db4d5090b6e8409cf3c3c79d0e691cf4fbc0b2251a016dcd456969cd32e5429533bf0d6f8bda84c05f0e2040de8b53bfb8676eec4b76c3df6f46b1e43732035dda577e75f640777f6ae90fd2f1af42ba462dac732019c599bfef01acd6a0d4d1796bcb8f58519d6f9ad9a3206704a94d472516b988141f44ecd2e6f28a49aa0c449db87972fc995a97379914546ea43143ea2cf779a9cbe81f111fe89129db3610492164ab2598eca7e60d9a6963d8ba03a86729db86e420fd96d61b8fb11edc2b339b57a740074ae5b775eaf60cd85dc934e604bf2b4bd58ee01205b4df57ac20ff8db45a05982b579643882407050c005102a2e71f1e56dc76dbf5331112e83e48bfb5cf2a78a893190d78426175c162ffaa7278a43b9932318fc17fb8cb0dfac610b1ad235b91f9cb7623b155117e07f7b876a3c37627aa31eafed141cc0c5491c4f621a66b6d837a144d78719c46511c04a093cf65fce9fabe5bd6d499eceb63538ece3cf19053550a239bf978c08c879f9954485a4e3e0d5bedb84b407ced85c4dfc4d75af116815992c29f0bc927c4a990c38ae4fcc9feb90fec1b1b555e04d010423010855394d5ccfc8ed21164190cd8f83be5debb70290c3547f07e4dc42814f1e001798e6ceee2558b0c6ff8c1759f90269ee226131116332b99ac8dd104c92088e1f91ace3198c0f59bfb75c4e4a697660eed43a29c831a552de37fce6dce96fa51b6e2111f3071a4e94422d15e102e5f67da7ca6cae6bed7743ebffacb8a811a143605791d17232181a517e872f71262c3c73668f0ef83aad498f67fa26bae698cf78f24c2dbecd399a190e6b8d0684e929f2e8083765eb2c67793a1adbb89d36b58bfb197cdc5f3c894ac9d886e8f3b0936fabd233c09de8fab8099f72a74d908ba5c5e4d39790b0bf9e45b710f5587b7c937c76690c5c5fce621a53a9fd03b0a4ee6d8d1abbe2ed561820a77f12a08cad0755540ab6dd1604b7c30a8652995ab80b85e919011de9438a4637eb0291124ed4b745e782cff98510cb03be79c2a81351abf276584d75cdd96b9c97e73eb71000b3ab7c3c19c2cab4497298fcb3052b5d4503d05e7f310318be6f848547b1a4f4db82caee190801478be28065036aa4d91f290c1f396343e73a5fe8bb5ccf0a317177ed1f77acda1a4a49dccfcab8d1b5d79f015f788b6d5e9f8228a8bcdc0696e6b19f5edffbcd7e9509c87fbe1f726b93bf8c6d8d37428763e142560c46c9e894f7317859000c25abc4f3691ebcd020171e0d4911b5d97a238109aedeb00b2eb475c1e7b45175f8aa85193b5c0f43b434c15de01610c4d022646cd6e3637f349a434a77f571ac1c5d698452d1b991e267f78dca5e592ecd31ccafcad84e4e98d134b4adc525b81bd6843428883023a6ea407201738c8bf16b541ff7280274a34d4cf14819f2dbae167ca0cae8471c495e006b45194ad91c4516f21cbb10e0d26fd5d734cd7725df5b3fbe92955f4a9bb3b9b813aeeff79d6ed5db92def19d060a208c3ec8c42c110786f1e1496c50a7249b03fc792764366894a35320b99d0bef9fd0b6a246c36a357c6b985dc83a37a8d9b8b9ad643dea94860cbe763bb73cc8422b69d4d12332242c8954075fb7117a6679638073617abcdb4619855b2036af160647f66b3531645a3bf047ae290d6ae2249f114e7a8464278bae1486022bcc7c37390c8d9a0efb0e1cfa0da8ef7a5e072f99a47ecc75e4e442880375193db49bb82ba34901286ca473ed5b63e4048db4dc455e74b3fdd2e7898ca3f4c3a02d435cde6141eea645055123a7dcf0d22057f8d425701afc55859f5147954e719d58c7486b1e02ac16cb799b77632c66bb78e6e52e11017c1736424fa4d433f1e19b4c881d23f0b2a12d5fae3ae24339088088d9b496ad97bd9f6e20a8597d1452a0c72dcf43dbbda8f18166585c06d21fbffe5fe7b55f71c9b9f1b34a02bd05ca63c7c1b1bebbb9dd24fb10291b04c665d45154dd28b85d821ce7e613119128996785e1006a8dabc4899b10d2671107d5a0658ed363b9d4b39d02f8cc5e350fbf0a31048adecd1f9e2ca749bd86f195eb48e9b4605f050de03d642940d79184618f7f88a9a0a4683ad84d6134e395305bc1d4d9d17cc334b97653529d6682a87a5fac80a6d46d6e72fc22e58be7b8f8617b3372ef2622110ab1ec448717118b257acffe55d18c7855e9e8710ad977a6792b2315a189eb4468c68641e9b60c0dab7016ac1ad63cd8004b6eca8fc88b1e4263acc00499255c16b11487a0af858075f9c892dc8044c4146e5a5677c4a2cb24bde5e078985020d4ab1e4c87492e76b7e6f4bbd71d84bab1885c9702849e70cf728776b1a94c2a8fb8c7ca01b6111ef6f2032a290949bfe473fe215273b8b5b3ad540f187490f63077dccbca6f62f0a7a66717c596cdef412f2560b10685ede967b3ee68b8c951959aeb1d7564c3b9d806b2ce858381393a79916b78f7e90beadae30ffc0b2b614380f1c2cc551a44565209db3516be379ef566ab00c673fd8aaeeecdcf1168c1960e9a477b9e13757498a44ff089351d1f27abf9fd76816f924504647d1247715ca861ebe624172c322146d66eb2b247f8ecb3e1b5ddca89b287c57510cec40fcf89d802cf4368a861af320e01e34f7a6177d4bc549181b5e87ecdfe02f78c9a59a3bf91ebb6364023ec06410e7b4476ec4e3685bfa3bfe9ef9ecc12dcd899abe0f3c7f16b4686801c0c0a949aa26bed57df56f2bc54ef19af7fcbc7b0d691075f42a4a67acf980b568acb2342f42249f7c1ee3527c13182b096064ecd250887a942d26f637e1c4041b139659d2462a68680bb04387a3b399e396b9fe74de10356125fa47d0a20827370cbf36a79b6fffade91c439dd6cfff4bbe0dd3efefb61c491ee32f935d62307cba369ac8c20f6fe3d4857ce6d240ece5e4d149f0587155a8350fcc18efae2ff11cdbe15218a82499a1996df8b5462ee170b284321e76bbe5c3f4158387644d95f087c598e3d46fbe27f63fa784bda239512113424045a2c5dbc6bc3662ca730a86d13cf8f6fe2743224ca7b535caf6b4701a7dae9cfad3d7290104bbba15b6a064ae6e909a099f75fbe47c9e654d8e3b8dc0f3dbffe829e6c56f7a241e565136812a857f59ab565a9991c6b1d8abcc94c6b33bba314f6e5060e657e4647f969a551dd6c51dfca0ff5d9e4f401fedbc2c927eb1ed95ef25f4e5accba4999322ba1539499310dd5875433a22835cfd42fd77fd4680b7fe767d7aa5c33acde04a65bd3a663fcde4c80e9f2af498f13bf9abbaa1c1265edc691e94abdcc92270c05811cd2a8104eb18efbfec9e4ba9ae5cde211b9b93082ce034b6cd5fbe9cfbac4f7e2404ef159766124f73017cc3600f3c81cd78db25fc3459629eaf20dfdb062c7e502aa69412381d847a9d254d5befc451cda3606f0bc8ae62e0aee928f9ed0b21d705a8d31b899e16445ee064563d32f7b6bb5ad197023cf528d9b329ec67815c6ddf27d2a6ffa7328bb993407cde3d166159fd49fe469254b84c2916daea8df9d69bef019f1351b9bce193e30278835b82ea5f60dc0bdd7f7452b7a820ae7cd6dc29d7ac6a6c1b6411711a96338b1e769146b2a385d282bfaae61b041166efafab2d89a4567b9460cc22d752f8e9aacaaa0db7c84879f5359662d55df6570d4214740851c74574ced733807cbb54571110410892394c3dea07bd4154d0e5689d57c3360207dac951f96a358e9c466a5c5113f3a632e184f57f075edef4dcc9721b963beb95df09dedf848260cbc1ebfdc7408218eaba6d2c51928cd37c4c0c9f321fbb0994a56947cfd9643056db5dbea60a241f8f004c932bc8e645b2ec2eb9bc4e9e2f4156293234d05e70cb26b8a370b0206c756bda6defc11c5eb386640f535a4ffb714168defc6d82f40d8f5ba8768537ead5773c53bd779ca899a2dd31c9138569ff5107c2fb12b804375c3b3dc9b828bfd550328adf358f71e86a0c49fb119f5ef9e06c13855cbfc7d1a62ca2ea655ed912a6dc7bb8b18656e8923fc7a1702ab36947d79384d681c31923e98cf40209f776bc2b219a7ccd139e756a905aa351e6eaae90770c8a193f96cd5c66e4d77a357985556e14333716d80204a5c390e0d76f4081afe917f99ad8a0976b3342f51854b374b4baa9a7f22124d2b82749446e30d9795acb9c3c3a305a6d273ac528e8e9c95c37a78e765fdda55982c2961fbc85a14fc095a78b4654ee6dfc3298749a639ab9c8e155af3a77f8a409ce174532a492ef550a140f774d77d732b3b4ca5bc41fa4488ce5957ce219b032ae1f585273748d81b19edcf3e6cb9a93ec24e41c6b3c472f9baf3ca46cb8b9a91df18acebe7d83bd4473750c4f26806da2f95b9ea48b342460af729ab15e9f033eda67feec645f985d4b9489cf6ceec1b100d007bf46c74be53c7ea17296f9c5b5cbae736491213c93b513009ebdecfcd60d46d7b86c6e3b5e288f2ba5867c07936e7bd1b00de52191eb8630ff82ccafb27a59295164751811bf74eff1e5e2abdf3c93bc5dc9814be83b2562477935e2fa30db7ebb6ec380170cf10c1f98f8c5eb71c730c2b31b55a1dd1c12a64802ab95b63c529e0a96cec8f38680221d6089926d8309796c79994d63b67bfb62f66b4a502f30ed12be41e896e88bc45a160a526fbd5f002e677322f116ec5740d7563cd23ee853c008b84998e38fdf158556e28a532573956e7c00f91f08ca245c295a3d5e003a99ea727f61d12893b435d4c8f2f5cce00c6a3091e2a47f290c07168975c53d7529b71d10faf42d2bac9db8d53669cf59c709c25e9e40b5feaed4c37dde8b84c4961c00712326fb6aaa06e80d766b40b72480f3971def61d1d129676df2478e778d899ed317426ec33e496d1fdd2ec27128f8faee92828e13da72d6aee8330a7988ea1cc8b64ec4d8b20990864c16c52c4be6d00b304b87d97bffdd9c66a740b517223089d9f3f414abedc53c768dab9220b980e6c18d5f20ba8994cc8886d7bdee213442f456d79fce1b1eb48fbf600a666c8ade24d118e6328251cf7b57a6285c650e019850f392b1c29aec5c8fc489a3819d60d5de377d4c11b8ee5625b7c02c5d50d2af3397006f2e2a41a06f039229eef5878ed91f9f6be7e988924dbaeb8455f616275e8698d93fb536e2c839b203aa69bceceddbf9c53f8addba53d50ca0f7a4729a42ac6eb757f1b408ad4a0147546173e62f7621eb18a9e1681510cceb48e0a30ab7a1bf71d56742d5f034f2d725e7ea68a011dbb100fa6eefe4ee093873de366d34f4240ca027a25c5b979c9ac47dd1dcb6ed82c4aee09dcc23cf329a8644f89b5cf00e5683934b1837574e9b39b31b1009f276e15aa040959fdf100838ca3f5ab17e45036668d06044e3a13f3a0a6f68579e50d5b0164f900d7bcfcde78396cf30f0b1dff76dc397ab1a5a44b207eb1eaaf73b945c575029ae2dce20724991e6550155ded6a42672609f2439c5aab4882b2ffaf7da787b71d05d15516bd68c6f1a9d79b675395845f24ee853f877e72c14b6c6702f7b8775ca1bfabbbcf4019f7bccf07f1c211531dfc66a7a1df79e92a20dd1cbe1b22e1209e7e3ecb9d3c2450fc22a57bfe09bd735f61c361cdac2488ae0adc7885edc0712655daaf535e1de96ccbe7869d531d8bf3db512fbd17c772332a3f8cf1e052ee0202eb99a36a0f8d7219888acbb57090cdaf3b28e1e62e8fc2ec237bdf18592a7afe4d8390dcb5e7fcc31bf4f797e6f5710070902265cc2e8c459b7da1451046abd6c8c5b02c0be2d2f505a65376266563ac7b59ef3b4e2570a6cb0bd94d46ad861317c743ce1de12bfa2295a98cdded4414d87a1580b1e4675bbdf73a22cac4a1d8d456d089e0b60cbfd16158f073bd1dac481db49fa5d8801d0fb0844b4afec1bab4e61fa0f381fa667880a1cd8163953be7b591cc9dfd7f91902370b783ae8a0f3c7cbefa7d229a37c00f523529e159b11d2e240629b64af2d11404773e991207a722c320221ce23baed7cbe40a440c5680814b122cfba9092fe03478f85adcbdeacb76d6cbf2491eafae98327b278e267821a0e1cd06ef90cb0328e246c19d8c63b9332291a89bc9f989effc675c79a870ac024756c6f5a7e32babd69625d61487ae7399490b70dd0fade7d70ad9b0757300a2dde77abaff4f63a0303853589d44efa968e10d36561f04408ad0cc227fc6b2f904cead189a0fcca9b2e6cbde5498652e0b3bc9d8b7921474403718feb5cc750dc70f5a9b1a0ae2c642015b6a1a8ab0572182b4e39e0c869cbdc60c9465f5d564d18ba2f5b3bc3e05a458744077430c5ea031ee02dd8f0a65d7dd8d90dd9b8717f77d202239a5778719423fb2aec7ca86eb07c39de65a34b988d65377a7473e9145f16d79593e96903330bbf3a8024fc15519d9baa0fae2018786f4b1846fca355ff0fccf65cccad1896309a5ccf2056dd542c929850cc91cd655962360fe316557ab3fb378328f77a07d9da24447d3fa2020b382ed2e808ec9529a01273434c64b0b7c35a06a019e4ab51cdc9c0f266ab25b6984338a0ba910d1060283b636c5d7e8a3f969c1ee1c99b54bba7ff3679fbeecbb70349f076480a867cc4ee4cacaea39c80f642533599486d2ffb77b8c9109a9d25fa0b06e58eca764f7d56469eb9547036bbea9d5c3d35b4c1fbc3d39a372c2b7ad184965cad3819c8928f1588d00949949c0c4c93d30ac7f6665247c0108bd89dff3aafe780ac66febfacc8c6a3cc387d09da6de700487a80e2c8d56df94d7ebd3e1d9e06411a6c5f7eb6da41c6f52997b5ad47ba985261103fdf12eb4a2828b248f652ef00b6abccab2eb161b878b9dbc0aa911405b6f67adda83c16187748d7b524ffe6381f489f432d592e6171bd9ccb2cd52f977143f57fbf2ab0b823d449ae55f02440972334344cda01837b93afa4f46a2fdefe27e92764cf9596780846de2e3b1ea83e62ee43b1c05aee675e25363504addfaa68e7c53ed685413f5ba951f120d0a646e474872c81e5a887464c19f8460ae814ffff24cb51dd2dca28d597ab2ea60949f8dbbe67f263e722fdb51bce4e328a19f5ff1218e1f63b8da6d40dbd5490964499b2522ea323310634893ead661407966207a66ab13adfcf1a725ed14339c46011c0e0401f2386b47cd9f902fdf84bc85e74d3ae7cc544e4d65670a554a537712c6ee9f75191631d2a4c4da06fc38423b1d5b828d7201235b2974164f52aa16bee70ee509250752f4fdd6b9f8d021943df8320682a6f80ff0d67ab7a4ceea807bd5b3b7b6380b0c7f0caa67b0208ba71317f0355a3b755af0e2c007186389438615df80b7b25104a733fc90625b62682198733c0f1625dfaa08cf81e3df043094b7b5a098b3b36f803b5b0f10a057bf814ae3579932c0a5f208985bab3d817f975283b8838ae5cb709be72b58df7425e059fdbf4e0ee51b3da01fe0b44963c1196baee5ec5909ad80d9d1660f3edd90374952a0bf8b3bece2c2f944593f4de7de5e05ded096b8f4f05d65dfc2e806f78220d84b3db564fb12f4e5e8f5eab316591f004e9374cce8e787263bc3827affe6793c130b8621d3bbb2a86fd87f070ea21718281ee7aec4bb3bb71af4bf5721cecd139c4be8c9df4ec8dfb09a5cf1d86a25d39faa9f064a997c214f334e4410917fc3b4d67ada8d87a38c0f86b02bf653dddaeb5b75b300f8bcfd792858bef8ab23e063421939c59212964c9ed5dd56e215db58cef53d31a966bb8ce4ed56287fecb3a85ba435e0b41b20ba1164b9c9f2c49fa0f7b17a89e0ec47eefe992d63ee29c8c0a1ece2664fee8edadd43636a54c48519b4fcf55b0d9103602b92441a5f85cf8c5e406d0f5815f8f37309934bd78fbc2acf0a03b051b4528db4f7c09de7d0aabafca3736b8259c818ca338ca6754e0747717c2794d664a1cacc1e9c52764a308e6df73d975638630b74cce6c49b1bac16454e96852c4f9d8ed118e86d2f1c8dc33bccd4a07be128db5e80f5684ddcc1158e744411acde590f902f0987cfb750bb5bfeed53bff076868986b566d7701f48ddfcacbd325c8d930bcef26713bf60585d5c991e2a6cc33ccbc27f7ddfba18f998497c2eb378cc8f2cc07a1b4f141c5e0fb6f52e18242e505bcf6dd20e33a469d056a0b4fd5e72d0da9d0bcce1e2f9e9dc7d1c7b6cb0f3604287eca", 0x2000, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000440)={0x90, 0x0, 0xfffffffffffffffd, {0x2, 0x0, 0x0, 0xa6, 0x4000, 0x3, {0x3, 0x100000000000, 0xb, 0x0, 0x2, 0x0, 0x0, 0x1, 0x1, 0x6000, 0x0, 0x0, 0x0, 0x800}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000001240)={0x50, 0x0, r1, {0x7, 0x2b, 0xfff, 0x83120, 0x3, 0x107, 0x1ff, 0x9, 0x0, 0x0, 0x0, 0x8}}, 0x50)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000a80)='./file0/file0\x00', 0x0, 0x0)
ioctl(r4, 0x2272, 0x0)

1.488982514s ago: executing program 9 (id=4442):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x2, &(0x7f0000000000)=@raw=[@call={0x85, 0x0, 0x0, 0x8b}, @exit], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, 0x24}, 0x94)

1.119386758s ago: executing program 9 (id=4445):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
close(0x3)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
close(0x3)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r2, 0x84, 0x81, &(0x7f0000000000)="0000000000000002", 0x8)
setsockopt(r1, 0x84, 0x80, &(0x7f0000000000)="1400000009000000", 0x8)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000280)="1a00000002000000", 0x8)

1.04199607s ago: executing program 9 (id=4447):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r0, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={<r1=>0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000740)={r1, 0x5, 0x10}, 0xc)

932.356211ms ago: executing program 9 (id=4448):
r0 = socket(0xa, 0x1, 0x0)
getsockopt(r0, 0x0, 0x40, &(0x7f0000b3ffac)=""/84, &(0x7f0000001ffc)=0x54)
syz_read_part_table(0x1055, &(0x7f0000001080)="$eJzszzGKwkAYBeC3JDubsEXAS9jYiqWnsPcoXsFrWHk+QSKTsfAEkuL7iv/9MzwGJqzCtcX2nv1j83E/vPO5zK6OcuzrOmRO8p+pFfqMNX7y287zX3JYtnN9oyu7JJcxmfqUVik53b7yOQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABYuVcAAAD//3TbCLM=")
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x6, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYRES32, @ANYRES32], 0x50)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x181002, 0x0)
ioctl$TCSETAF(r1, 0x5408, &(0x7f0000000080)={0x49de, 0x0, 0xfffc, 0xbfff, 0x19, "ec28a144f13d7607"})
write$binfmt_aout(r1, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000dc0)={0x0, 0xfffffffc, 0x0, 0x0, 0x10, "0062ba5d8200"})

583.537737ms ago: executing program 2 (id=4451):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000040)={0x0, 0x7, 0xfa00, {0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_ADDR(r0, &(0x7f0000000280)={0x15, 0x110, 0xfa00, {r1, 0x0, 0x0, 0x30, 0x0, @in6={0x1b, 0x0, 0x7, @empty, 0x3aa7}, @ib={0x1b, 0xffff, 0x0, {}, 0x0, 0xfffffffffffffffc, 0x6}}}, 0x118)
write$RDMA_USER_CM_CMD_QUERY(r0, &(0x7f00000001c0)={0x13, 0x10, 0xfa00, {&(0x7f00000005c0), r1, 0x2}}, 0x18)

522.75182ms ago: executing program 2 (id=4454):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000540)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000480), 0x84, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

403.39826ms ago: executing program 8 (id=4455):
syz_mount_image$ext4(&(0x7f0000002180)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008802, &(0x7f0000000000)={[{@jqfmt_vfsv1}, {@abort}, {@discard}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@data_ordered}, {@mblk_io_submit}, {@usrquota}, {@nodioread_nolock}, {@errors_remount}, {}, {@auto_da_alloc}]}, 0x9, 0x606, &(0x7f0000000600)="$eJzs3c1vVFUbAPDnTD9oKe/bQt68igtpYgwkSksLGGJcwNaQBj/ixo2VFoIUaGiNFk0oCW5MjBtjTFy5EP8LJbJlpW5cuHFlSIgaliaOudM7pdPeaenH9Fbm90uGnnvu3J5zpzxzzj1zzp0A2tZg9k8lYn9ETKeI/jS/uK8z8p2DC8978OeHZ7NHimr1td9TpDyv/vyU/+zLD+6JiB++T7GvY2W5M3PXLo5PTU1ezbeHZy9ND8/MXTt84dL4+cnzk5dHXxg9cfzY8RMjRzZ0XtcL8k7ffOe9/o/H3vz6y7/SyDe/jKU4GS/nT1x6HltlMAZrr0lauavvxFYXVqLOZdtpeQY7Vkf+9+uKiCeiPzqW/DX746NXSq0c0FLVFFEF2lRaR/xnvYVW1gXYTvV+QP3afvl1cKWUXgmwHe6fWhgAWBn/nQtjg9FTGxvY/SA1jPOkiNjYyFyjPRFx987YzXN3xm5Gi8bhgGLzNyLiyaL4T7X4H4ieGKjFf6Uh/rN+wZn8Z5b/6gZ7CsuHisU/bJ+F+O9ZNf6jSfy/tST+395EHfJLkeu9DfHf6+oDAAAAAAAA1un2qYh4vujz/8ri/J8omP/TFxEnt6D8wWXbKz//r9zbgmKAAvdPRbxUOP+3Uv/8faAjT/2nNh+gK527MDV5JCL+GxGHomtXtj2yShmHP9n3RbN9g/n8v/ojK/9uPhcwr8e9zl2Nx0yMD45v9ryBiPs3Ip4qnP+bFtv/VND+Z+8H049Yxr5nb51ptm/t+AdapfpVxMHC9v/hXSvS6vfnGK71B4brvYKVnv7g02+blb/R+HeLCdi8rP3fvXr8D6Sl9+uZWfXXzRdlHp3rrDY7YGP9/9nx7vR67a5C3Xne++Ozs1dHIrrT6Y4styF/dK1XAR4zPxVn1+OhHi9Z/B96ZvXxv6L+f29BsKc/GtcU1/3/775fm1VT/x/Kk8X/xLra//UnRm8NfNes/Edr/4/V2vpDeU7W/rfuFYF/j8/rYdrdmF8Qjp1Fu7a7vgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwOKhExJ5IlaHFdKUyNBTRFxH/i92VqSszs8+du/Lu5YlsX+37/yv1b/rtX9hOte//r2Tph9uj0bh9NCL2RsRnHb217aGzV6Ymyj55AAAAAAAAAAAAAAAAAAAA2CH6mqz/z/zWUXbtgJbrLLsCQGkK4v/HMuoBbD/tP7SvDcV/mt/6igDbTvsP7Uv8Q/sS/9C+xD+0L/EP7WrZOH4qqx4AAAAAAMAW2Xvg9s8pIuZf7K09Mt35vq5Sawa0WqXsCgClcYsfaF+m/kH7co0PrDXrt6fpQZuZLzx9dhMHAwAAAAAAAAAAAEDbObjf+n9oV9b/Q/uy/h/aV339/4GS6wFsP9f4QKyxkr9w/f+aRwEAAAAAAAAAAAAAW2mmuitiamry6szctYvjLUt0R0SLi9h04o2dUY2iRG+LfnO1Wr2e/S8o/QQfj0R9KvxOqc+yRH2t36MdVd57EgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0OifAAAA//8sxicA")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
fsetxattr$system_posix_acl(r0, &(0x7f0000000600)='system.posix_acl_access\x00', &(0x7f0000000400)={{}, {0x1, 0x7}, [], {0x4, 0x3}, [], {0x10, 0x3}}, 0x24, 0x1)

353.56363ms ago: executing program 8 (id=4456):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000c40)="18000000140081044e81f782db44b9042d02200802110000", 0x18}], 0x1, 0x0, 0x0, 0x7400}, 0x4009044)

353.2854ms ago: executing program 8 (id=4457):
r0 = syz_open_dev$swradio(&(0x7f0000000040), 0x0, 0x2)
ioctl$VIDIOC_S_FREQUENCY(r0, 0x402c5639, &(0x7f0000000380)={0x1, 0x5, 0x6})

271.947313ms ago: executing program 8 (id=4458):
r0 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000a40)=ANY=[@ANYBLOB="2c0000001d00070f000000000000000007000000", @ANYRES32=r1, @ANYBLOB="00005200060005000100000008000880"], 0x2c}}, 0x20008000)

271.742938ms ago: executing program 8 (id=4459):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_tcp_int(r0, 0x6, 0x9, 0x0, &(0x7f0000000040))

201.337011ms ago: executing program 8 (id=4460):
prlimit64(0x0, 0x6, &(0x7f0000000140), 0x0)
setreuid(0xee01, 0x0)
pselect6(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setresuid(0xee01, 0x0, 0x0)
setrlimit(0x6, &(0x7f0000000040)={0x1ff, 0x330})
execveat(0xffffffffffffffff, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x1000)

53.94738ms ago: executing program 9 (id=4461):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18020000fb0800000000000000000000850000002c000000850000005000000095"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x46, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x2100, 0x0, &(0x7f0000000100), 0x0, 0x1008, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

0s ago: executing program 9 (id=4462):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file3\x00', 0xcc0, &(0x7f00000001c0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6865617274626561743d6e6f6e652c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c636f686572656e63793d62756666657265642c6572726f72733d636f6e74696e75652c757365725f78617474722c626172726965723d30303030303030303030303030303032363131352c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030362c696e74722c6a6f75726e616c5f6173796e635f636f6d6d69742c00535d4e036013ec9e6e7ecdee3849b40884b95e94f35cec9600cd19beb0"], 0x1, 0x442a, &(0x7f0000008940)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZM3cRObaNQQ6EmliZTSUmixptrGeNkusG3RhW1gMR56wFsTTyYejIdGE2+cGg5e65/gxWM9N9GDFxOTRszuzgIz7IaVsGDr53NgmOc3+5159pnD8MSJyp25pdzcUq6wkCvP3Fo6k/u4XFqeL4Z4nzTt/9D+9U97OnGdHPS190929fzFd2+cCeH72R+frK+vr4eq7tDU0Jbff/v13szWY0OcqVNtt3lre+WDEMLJbeOq6gohvP9dCFEI4VySNpoce0MIx0I978a9z27m9mg0Dx8Xz+afTt1fGz49ufpgrfXfHoXwVel/r92e//nFruGfXtmj7gEAAAAAAAAAAAAAAAAAeMaNX7t6/Z3BofAoCt2r0fb3dceTY6v3Y9f3zAud/2MBAAAAAAAAAAAAAAAAAADgb2rz/f9cdKLJ+/9jyXGkRf31tzo/Rjpn4u2rYxcGh5L936Nt+a8nSb+c6wr9TfZ9z+7/fi5Tv/n+79v72a3G+Br99oUoHkidx/HAQAjfJBu/n4qOxKXyUuXVW+Xlhdk9G8YzKx3/+u79qegkG/q3G//RTPud3///v9uupur5zb27xJ5r6fh3tSz37adRW/E/n6m3H/Fn99Lx766l9W4tMFKfAKrx/7x75/iPZdrvVPyPhxByUXWsudQMUF3DVNNbrVdIS8f/UC0tNXUmH2Sr+//3TPwvZNo/qPl/JftFRFPp+P+rltaTKrF5//fHO9//FzPtH0T8q+Nf8f3flnT8D9cTu1NFap9ku/P/eKb9TsX/epyM83iUugJWo3p6q/9XR1o6/j3b8jef/+K21n+XMvX36/mv0W/j+a8x/b8c1Z//aC4d/96W5dq9/ycy9To9/4/U1n/sVjr+R2pp6bVzX+1nu/GfzLTfqfjXViU9jfhvzid/HK6nf23915Z0/P9dT4y3llip/ayt/6Kd1/+XM+0fxPqvOv6VuLO9Pi/S8T/aslw1/j+08f1/JVOv8/EPYdBaf9fS8T/Wslzt/u/ZOf5TmXqdjv9LnWwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Bkwmhz7QhQPpM7jeGAghPPJ+alwJJouzOanS+WZj5ZCGEvSc+FEdLtUni6U8nML5dlivlAqlWdCuJDknww90VKpXMnPF+5e3GirN7pTLCxWpouFSghhPEn/fzjWaGt6rjJfuBtCuLSR95+4vHj3TmEhPzu3+Obg4OBgmNgYQ39U/KRSXKjUe6/nhjC5Ubcv2jK4WvbljbEcjT4sLy8uFEq19Ctb6pTKM4XSljpTSd4XoT+qLC4vzBQqxXypfLvR30EaSY5jE9feu3ZlaFv+zah+HN3fYQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFz0afuPLEEJ3/SwOIYw0fomalX/4uHg2/3Tq/trw6cnVB2tPWpUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+JMdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7NIxSgNBFAbgN2Ohdh7DatntbFcU0cIVwRPoMTyMHsVLeIcUKdKmCIFkFsJmF7ZJqu9rHszPzHswDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHme3ruPt7qJSHG1uYz4+/pfHOYvpf7cj9+/OMOMnM7za/fwWDfl39NRfleOlm3epevV92eM1N7vYE+G+7TX97menGtq36bm6/veRMpVRLQlv005V9W8twAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgyw4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRR9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD///4CHxA=")
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x6, 0x2)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r0, 0x0, 0xeffb, 0x9)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/mdstat\x00', 0x0, 0x0)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x6200, 0x0)
sendfile(r1, r2, 0x0, 0x20fffe82)

kernel console output (not intermixed with test programs):

 error -22
[  340.359154][T11198] usb 10-1: USB disconnect, device number 13
[  340.839670][T13909] loop3: detected capacity change from 0 to 4096
[  340.966108][T13913] loop9: detected capacity change from 0 to 512
[  341.012024][T13913] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  341.037528][T13913] ext4 filesystem being mounted at /323/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  341.074608][T13913] EXT4-fs error (device loop9): ext4_empty_dir:3080: inode #12: comm syz.9.2955: Directory hole found for htree leaf block 0
[  341.088639][T13913] EXT4-fs (loop9): Remounting filesystem read-only
[  341.099512][T13920] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2956'.
[  341.118059][T11194] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  341.126545][   T26] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  341.130770][   T26] Quota error (device loop9): write_blk: dquota write failed
[  341.137516][   T26] Quota error (device loop9): free_dqentry: Can't write quota data block 5
[  341.142791][   T26] EXT4-fs (loop9): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  341.158033][   T26] Quota error (device loop9): write_blk: dquota write failed
[  341.161089][   T26] Quota error (device loop9): free_dqentry: Can't write quota data block 5
[  341.401764][T13931] loop9: detected capacity change from 0 to 4096
[  341.406849][T13931] ntfs3(loop9): Different NTFS sector size (1024) and media sector size (512).
[  341.532876][T13933] netlink: 16186 bytes leftover after parsing attributes in process `syz.9.2962'.
[  341.545793][   T24] usb 4-1: new high-speed USB device number 42 using dummy_hcd
[  341.705390][   T24] usb 4-1: Using ep0 maxpacket: 8
[  341.709039][   T24] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  341.719047][   T24] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[  341.723329][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8E has an invalid bInterval 0, changing to 7
[  341.747403][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  341.752941][   T24] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  341.761853][   T24] usb 4-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[  341.768091][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[  341.770975][   T24] usb 4-1: Product: syz
[  341.772521][   T24] usb 4-1: Manufacturer: syz
[  341.774196][   T24] usb 4-1: SerialNumber: syz
[  341.787813][   T24] usb 4-1: config 0 descriptor??
[  342.007268][   T24] radio-si470x 4-1:0.0: DeviceID=0x6e38 ChipID=0x8e9d
[  342.046623][T13951] loop9: detected capacity change from 0 to 32768
[  342.211483][   T24] radio-si470x 4-1:0.0: si470x_get_report: usb_control_msg returned -71
[  342.215549][   T24] radio-si470x 4-1:0.0: si470x_get_scratch: si470x_get_report returned -71
[  342.218575][   T24] radio-si470x 4-1:0.0: probe with driver radio-si470x failed with error -5
[  342.224494][   T24] usb 4-1: USB disconnect, device number 42
[  342.758305][T13960] loop3: detected capacity change from 0 to 128
[  342.767494][T13960] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  342.772506][T13960] ext4 filesystem being mounted at /797/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  342.803700][ T6853] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  342.984854][T13974] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.2980'.
[  343.056806][T13977] vxcan1: tx address claim with dest, not broadcast
[  343.374433][T13984] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2984'.
[  343.377691][T13984] netlink: 'syz.3.2984': attribute type 29 has an invalid length.
[  343.380272][T13984] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2984'.
[  343.387594][T13984] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2984'.
[  343.390271][T13984] netlink: 'syz.3.2984': attribute type 29 has an invalid length.
[  343.393596][T13984] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2984'.
[  343.517381][T13992] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2988'.
[  343.632330][T14002] loop3: detected capacity change from 0 to 512
[  343.635662][T14002] EXT4-fs (loop3): Test dummy encryption mode enabled
[  343.637666][T14002] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  343.654171][T14002] EXT4-fs (loop3): 1 truncate cleaned up
[  343.666918][T14002] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  343.707312][ T6853] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  344.872024][T14042] loop3: detected capacity change from 0 to 764
[  344.881712][T14042] rock: directory entry would overflow storage
[  344.884035][T14042] rock: sig=0x4654, size=5, remaining=4
[  345.048226][T14045] ISOFS: unable to read i-node block
[  345.079157][T14044] loop9: detected capacity change from 0 to 32768
[  345.782413][T14058] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  345.873921][T14062] loop3: detected capacity change from 0 to 256
[  345.898987][T14062] FAT-fs (loop3): Directory bread(block 64) failed
[  345.903556][T14062] FAT-fs (loop3): Directory bread(block 65) failed
[  345.913552][T14062] FAT-fs (loop3): Directory bread(block 66) failed
[  345.916862][T14062] FAT-fs (loop3): Directory bread(block 67) failed
[  345.919352][T14062] FAT-fs (loop3): Directory bread(block 68) failed
[  345.921768][T14062] FAT-fs (loop3): Directory bread(block 69) failed
[  345.924336][T14062] FAT-fs (loop3): Directory bread(block 70) failed
[  345.928153][T14062] FAT-fs (loop3): Directory bread(block 71) failed
[  345.930651][T14062] FAT-fs (loop3): Directory bread(block 72) failed
[  345.933121][T14062] FAT-fs (loop3): Directory bread(block 73) failed
[  345.951622][T14062] syz.3.3017: attempt to access beyond end of device
[  345.951622][T14062] loop3: rw=524288, sector=1160, nr_sectors = 4 limit=256
[  345.965974][T14062] syz.3.3017: attempt to access beyond end of device
[  345.965974][T14062] loop3: rw=0, sector=1160, nr_sectors = 4 limit=256
[  345.977949][   T34] audit: type=1800 audit(1762823456.727:90): pid=14062 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.3017" name="file0" dev="loop3" ino=1048715 res=0 errno=0
[  346.527883][T14086] loop3: detected capacity change from 0 to 40427
[  346.531371][T14086] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  346.534453][T14086] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  346.538868][T14086] F2FS-fs (loop3): invalid crc value
[  346.573221][T14086] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  346.577193][T14086] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  346.579413][T14086] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  346.737643][T14091] loop9: detected capacity change from 0 to 32768
[  346.759077][T14091] JBD2: Ignoring recovery information on journal
[  346.784212][T14091] ocfs2: Mounting device (7,9) on (node local, slot 0) with ordered data mode.
[  346.858808][T11194] ocfs2: Unmounting device (7,9) on (node local)
[  346.970352][T14116] overlayfs: failed to clone upperpath
[  347.013482][T14124] netlink: 'syz.8.3044': attribute type 28 has an invalid length.
[  347.028397][T14124] netlink: 'syz.8.3044': attribute type 3 has an invalid length.
[  347.030664][T14124] netlink: 132 bytes leftover after parsing attributes in process `syz.8.3044'.
[  347.118458][T14134] Device name not specified.
[  347.118458][T14134] 
[  347.244550][T14143] netlink: 16 bytes leftover after parsing attributes in process `syz.3.3053'.
[  347.254684][T14143] gtp0: entered promiscuous mode
[  348.270498][T14145] comedi comedi1: reset error (fatal)
[  348.334468][T14162] loop9: detected capacity change from 0 to 1024
[  348.337113][   T33] usb 4-1: new high-speed USB device number 43 using dummy_hcd
[  348.364730][T14162] hfsplus: inconsistency in B*Tree (9,1,255,1,0)
[  348.375256][T14162] hfsplus: xattr searching failed
[  348.381235][T14162] hfsplus: inconsistency in B*Tree (9,1,255,1,0)
[  348.383283][T14162] hfsplus: xattr search failed
[  348.402039][   T26] hfsplus: b-tree write err: -5, ino 4
[  348.503071][   T33] usb 4-1: config 0 has an invalid interface number: 142 but max is 0
[  348.512484][   T33] usb 4-1: config 0 has no interface number 0
[  348.514370][   T33] usb 4-1: New USB device found, idVendor=05ac, idProduct=0246, bcdDevice=62.09
[  348.517978][   T33] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  348.524880][   T33] usb 4-1: config 0 descriptor??
[  348.543830][T14174] kAFS: unable to lookup cell 'syz0.riX<̧+R!K+K4[Ed<6c7(n@8A5W/7|{?hT8#&3r?3U<G`-ǾQ8%$lHYL5еY^!!\p"3!
[  348.543830][T14174] h1#-*E=)"6<H#.L([1huC8yaH'(lړ+#-nоYM%'
[  348.649095][T14181] netlink: 36 bytes leftover after parsing attributes in process `syz.8.3070'.
[  348.880987][T14194] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  348.885784][T14194] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  348.889159][T14194] overlayfs: inode number too big (/, ino=4611686018427387905, xinobits=3)
[  349.139035][T14205] netlink: 28 bytes leftover after parsing attributes in process `syz.9.3081'.
[  349.142071][T14205] netlink: 28 bytes leftover after parsing attributes in process `syz.9.3081'.
[  349.517485][T14216] IPv6: NLM_F_CREATE should be specified when creating new route
[  349.522248][T14216] IPv6: Can't replace route, no match found
[  350.559246][   T33] usb 4-1: string descriptor 0 read error: -71
[  350.635679][   T33] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.142/input/input21
[  350.925059][ T5248] bcm5974 4-1:0.142: could not read from device
[  351.010351][T14221] loop9: detected capacity change from 0 to 764
[  351.074042][ T5248] bcm5974 4-1:0.142: could not read from device
[  351.387284][   T33] usb 4-1: USB disconnect, device number 43
[  351.413733][ T5248] bcm5974 4-1:0.142: could not read from device
[  351.467792][ T5829] udevd[5829]: Error opening device "/dev/input/event3": No such device
[  351.470516][ T5829] udevd[5829]: Unable to EVIOCGABS device "/dev/input/event3"
[  351.492520][ T5829] udevd[5829]: Unable to EVIOCGABS device "/dev/input/event3"
[  351.497972][ T5829] udevd[5829]: Unable to EVIOCGABS device "/dev/input/event3"
[  351.500724][ T5829] udevd[5829]: Unable to EVIOCGABS device "/dev/input/event3"
[  351.552094][T14250] netlink: 24 bytes leftover after parsing attributes in process `syz.8.3101'.
[  351.687669][T14246] loop9: detected capacity change from 0 to 32768
[  351.690673][T14246] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.3099 (14246)
[  351.700248][T14246] BTRFS info (device loop9): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  351.709962][T14246] BTRFS info (device loop9): using sha256 (sha256-lib) checksum algorithm
[  351.767100][T14246] BTRFS info (device loop9): rebuilding free space tree
[  351.776863][T14246] BTRFS info (device loop9): disabling free space tree
[  351.779479][T14246] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  351.783087][T14246] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  351.790636][T14246] BTRFS info (device loop9): enabling ssd optimizations
[  351.793297][T14246] BTRFS info (device loop9): turning on async discard
[  351.796593][T14246] BTRFS info (device loop9): force clearing of disk cache
[  351.799356][T14246] BTRFS info (device loop9): enabling auto defrag
[  351.801790][T14246] BTRFS info (device loop9): max_inline set to 4096
[  351.838578][T14256] loop3: detected capacity change from 0 to 32768
[  351.853303][T14256] (syz.3.3104,14256,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  351.875382][T14256] (syz.3.3104,14256,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  351.912156][T11194] BTRFS info (device loop9): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  351.918843][T14256] JBD2: Ignoring recovery information on journal
[  351.959059][T14256] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  352.105467][ T6853] ocfs2: Unmounting device (7,3) on (node local)
[  352.221702][T14280] netlink: 6032 bytes leftover after parsing attributes in process `syz.9.3108'.
[  352.618645][T14299] program syz.9.3115 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  352.701316][   T34] audit: type=1326 audit(1762823463.447:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14300 comm="syz.9.3116" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d67b8efc9 code=0x7ffc0000
[  352.710048][   T34] audit: type=1326 audit(1762823463.447:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14300 comm="syz.9.3116" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d67b8efc9 code=0x7ffc0000
[  352.720542][   T34] audit: type=1326 audit(1762823463.457:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14300 comm="syz.9.3116" exe="/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7f9d67b8efc9 code=0x7ffc0000
[  352.765320][   T34] audit: type=1326 audit(1762823463.457:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14300 comm="syz.9.3116" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d67b8efc9 code=0x7ffc0000
[  352.783590][   T34] audit: type=1326 audit(1762823463.457:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14300 comm="syz.9.3116" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d67b8efc9 code=0x7ffc0000
[  352.791845][   T34] audit: type=1326 audit(1762823463.467:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14300 comm="syz.9.3116" exe="/syz-executor" sig=0 arch=c000003e syscall=69 compat=0 ip=0x7f9d67b8efc9 code=0x7ffc0000
[  352.801370][   T34] audit: type=1326 audit(1762823463.467:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14300 comm="syz.9.3116" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d67b8efc9 code=0x7ffc0000
[  352.811052][T14303] netlink: 536 bytes leftover after parsing attributes in process `syz.9.3117'.
[  352.816271][   T34] audit: type=1326 audit(1762823463.467:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14300 comm="syz.9.3116" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d67b8efc9 code=0x7ffc0000
[  352.824380][   T34] audit: type=1326 audit(1762823463.467:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14300 comm="syz.9.3116" exe="/syz-executor" sig=0 arch=c000003e syscall=70 compat=0 ip=0x7f9d67b8efc9 code=0x7ffc0000
[  352.853352][   T34] audit: type=1326 audit(1762823463.467:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14300 comm="syz.9.3116" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9d67b8efc9 code=0x7ffc0000
[  353.008127][T14315] loop9: detected capacity change from 0 to 512
[  353.026553][T14315] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  353.035189][T14315] ext4 filesystem being mounted at /391/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  353.050364][T14315] EXT4-fs error (device loop9): ext4_xattr_block_find:1874: inode #15: comm syz.9.3123: corrupted xattr block 32: overlapping e_value 
[  353.087884][T11194] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  353.313959][T14329] loop3: detected capacity change from 0 to 1024
[  353.322834][T14330] netlink: 'syz.9.3129': attribute type 10 has an invalid length.
[  353.347932][T14330] bridge0: port 3(dummy0) entered disabled state
[  353.351401][T14330] dummy0: left allmulticast mode
[  353.353097][T14330] dummy0: left promiscuous mode
[  353.353260][ T6853] hfsplus: bad catalog entry type
[  353.354703][T14330] bridge0: port 3(dummy0) entered disabled state
[  353.360778][ T6853] hfsplus: bad catalog entry type
[  353.370801][T14330] team0: Port device dummy0 added
[  353.376715][T14331] netlink: 'syz.9.3129': attribute type 10 has an invalid length.
[  353.385837][T14331] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  353.400622][T14331] team0: Failed to send options change via netlink (err -105)
[  353.403548][T14331] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  353.408859][T14331] team0: Port device dummy0 removed
[  353.440801][T14331] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  353.565526][T14335] loop9: detected capacity change from 0 to 8
[  353.582077][T14335] SQUASHFS error: Failed to read block 0x33c: -5
[  353.592138][T14335] SQUASHFS error: Unable to read metadata cache entry [33a]
[  353.594878][T14335] SQUASHFS error: Unable to read inode 0xa7
[  354.026318][   T55] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  354.034795][   T55] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  354.042043][   T55] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  354.048595][   T55] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  354.052087][   T55] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  354.106585][T14345] lo speed is unknown, defaulting to 1000
[  354.230986][T14345] chnl_net:caif_netlink_parms(): no params data found
[  354.290396][T14345] bridge0: port 1(bridge_slave_0) entered blocking state
[  354.292660][T14345] bridge0: port 1(bridge_slave_0) entered disabled state
[  354.295444][T14345] bridge_slave_0: entered allmulticast mode
[  354.298206][T14345] bridge_slave_0: entered promiscuous mode
[  354.301798][T14345] bridge0: port 2(bridge_slave_1) entered blocking state
[  354.304175][T14345] bridge0: port 2(bridge_slave_1) entered disabled state
[  354.306772][T14345] bridge_slave_1: entered allmulticast mode
[  354.310158][T14345] bridge_slave_1: entered promiscuous mode
[  354.335330][T14345] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  354.341552][T14345] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  354.369444][T14345] team0: Port device team_slave_0 added
[  354.372977][T14345] team0: Port device team_slave_1 added
[  354.393957][T14345] batman_adv: batadv0: Adding interface: batadv_slave_0
[  354.397167][T14345] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  354.405999][T14345] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  354.411763][T14345] batman_adv: batadv0: Adding interface: batadv_slave_1
[  354.414311][T14345] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  354.425283][T14345] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  354.466014][T14345] hsr_slave_0: entered promiscuous mode
[  354.468379][T14345] hsr_slave_1: entered promiscuous mode
[  354.470624][T14345] debugfs: 'hsr0' already exists in 'hsr'
[  354.472409][T14345] Cannot create hsr debugfs directory
[  355.217353][T14345] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  355.227799][T14345] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  355.246913][T14345] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  355.261831][T14345] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  355.480034][T14345] 8021q: adding VLAN 0 to HW filter on device bond0
[  355.520931][T14345] 8021q: adding VLAN 0 to HW filter on device team0
[  355.529546][   T41] bridge0: port 1(bridge_slave_0) entered blocking state
[  355.532506][   T41] bridge0: port 1(bridge_slave_0) entered forwarding state
[  355.542385][   T41] bridge0: port 2(bridge_slave_1) entered blocking state
[  355.545191][   T41] bridge0: port 2(bridge_slave_1) entered forwarding state
[  356.069460][T14345] 8021q: adding VLAN 0 to HW filter on device batadv0
[  356.124794][T14345] veth0_vlan: entered promiscuous mode
[  356.141600][ T5822] Bluetooth: hci1: command tx timeout
[  356.156129][T14345] veth1_vlan: entered promiscuous mode
[  356.180039][T14345] veth0_macvtap: entered promiscuous mode
[  356.191769][T14345] veth1_macvtap: entered promiscuous mode
[  356.210794][T14345] batman_adv: batadv0: Interface activated: batadv_slave_0
[  356.220799][T14345] batman_adv: batadv0: Interface activated: batadv_slave_1
[  356.232762][ T5848] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  356.254454][ T5848] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  356.259333][ T5848] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  356.262564][ T5848] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  356.326997][T14436] netlink: 'syz.8.3158': attribute type 13 has an invalid length.
[  356.330444][   T65] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  356.330617][T14436] netlink: 'syz.8.3158': attribute type 17 has an invalid length.
[  356.335919][T14436] netlink: 'syz.8.3158': attribute type 27 has an invalid length.
[  356.347530][   T65] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  356.449152][   T27] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  356.455589][   T27] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  356.573682][T14451] loop9: detected capacity change from 0 to 512
[  356.581390][T14451] EXT4-fs: Ignoring removed mblk_io_submit option
[  356.584524][T14451] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  356.589742][T14453] loop2: detected capacity change from 0 to 256
[  356.599535][T14451] EXT4-fs (loop9): 1 truncate cleaned up
[  356.635410][T14453] FAT-fs (loop2): Directory bread(block 64) failed
[  356.637467][T14453] FAT-fs (loop2): Directory bread(block 65) failed
[  356.639512][T14453] FAT-fs (loop2): Directory bread(block 66) failed
[  356.643532][T14453] FAT-fs (loop2): Directory bread(block 67) failed
[  356.644681][T14451] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  356.646603][T14453] FAT-fs (loop2): Directory bread(block 68) failed
[  356.657892][T14453] FAT-fs (loop2): Directory bread(block 69) failed
[  356.660739][T14453] FAT-fs (loop2): Directory bread(block 70) failed
[  356.666545][T14453] FAT-fs (loop2): Directory bread(block 71) failed
[  356.683610][T14453] FAT-fs (loop2): Directory bread(block 72) failed
[  356.707982][T14453] FAT-fs (loop2): Directory bread(block 73) failed
[  356.785349][T14459] EXT4-fs (loop9): shut down requested (2)
[  356.918501][T11194] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  357.732773][T14475] loop9: detected capacity change from 0 to 32768
[  357.773606][T14475] 
[  357.773606][T14475]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  357.773606][T14475] 
[  357.832262][T11194] 
[  357.832262][T11194]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  357.832262][T11194] 
[  357.841844][T11194] 
[  357.841844][T11194]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  357.841844][T11194] 
[  358.225568][ T5822] Bluetooth: hci1: command tx timeout
[  358.777457][  T127] block nbd0: Possible stuck request ffff888108ac0000: control (read@0,1024B). Runtime 150 seconds
[  358.780983][  T127] block nbd0: Possible stuck request ffff888108ac0200: control (read@1024,1024B). Runtime 150 seconds
[  358.784639][  T127] block nbd0: Possible stuck request ffff888108ac0400: control (read@2048,1024B). Runtime 150 seconds
[  358.788680][  T127] block nbd0: Possible stuck request ffff888108ac0600: control (read@3072,1024B). Runtime 150 seconds
[  358.919231][T14530] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  360.207037][T14574] loop2: detected capacity change from 0 to 16
[  360.214183][T14574] erofs (device loop2): algorithm 1 isn't enabled on this kernel
[  360.295944][ T5822] Bluetooth: hci1: command tx timeout
[  360.430697][T14584] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  360.434195][T14584] overlayfs: fs on '.' does not support file handles, falling back to index=off,nfs_export=off.
[  360.438450][T14586] ip6tnl1: entered promiscuous mode
[  360.440134][T14586] ip6tnl1: entered allmulticast mode
[  360.512571][T14588] bridge1: entered promiscuous mode
[  360.514318][T14588] bridge1: entered allmulticast mode
[  360.518309][T14588] team0: Port device bridge1 added
[  360.545831][T14588] bridge0: port 3(team0) entered blocking state
[  360.550564][T14588] bridge0: port 3(team0) entered disabled state
[  360.552818][T14588] team0: entered allmulticast mode
[  360.566980][T14588] team_slave_0: entered allmulticast mode
[  360.571267][T14588] team_slave_1: entered allmulticast mode
[  360.576724][T14588] team0: entered promiscuous mode
[  360.578241][T14588] team_slave_0: entered promiscuous mode
[  360.579986][T14588] team_slave_1: entered promiscuous mode
[  360.582504][T14588] bridge0: port 3(team0) entered blocking state
[  360.585403][T14588] bridge0: port 3(team0) entered forwarding state
[  360.592311][T14588] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3202'.
[  360.595275][T14588] team0: left allmulticast mode
[  360.596878][T14588] team_slave_0: left allmulticast mode
[  360.598648][T14588] team_slave_1: left allmulticast mode
[  360.600685][T14588] team0: left promiscuous mode
[  360.602467][T14588] team_slave_0: left promiscuous mode
[  360.604576][T14588] team_slave_1: left promiscuous mode
[  360.622097][T14588] bridge0: port 3(team0) entered disabled state
[  360.627347][T14588] bridge_slave_1: left allmulticast mode
[  360.629041][T14588] bridge_slave_1: left promiscuous mode
[  360.632055][T14588] bridge0: port 2(bridge_slave_1) entered disabled state
[  360.643672][T14588] bridge_slave_0: left allmulticast mode
[  360.646479][T14588] bridge_slave_0: left promiscuous mode
[  360.648661][T14588] bridge0: port 1(bridge_slave_0) entered disabled state
[  361.389872][T14619] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3215'.
[  361.531419][T14617] loop9: detected capacity change from 0 to 32768
[  361.533945][T14617] BTRFS warning: excessive commit interval 2147483648, use with care
[  361.538141][T14617] btrfs: Deprecated parameter 'usebackuproot'
[  361.540058][T14617] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  361.554654][T14617] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.3214 (14617)
[  361.569127][T14617] BTRFS info (device loop9): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  361.577403][T14617] BTRFS info (device loop9): using crc32c (crc32c-lib) checksum algorithm
[  361.708119][   T65] BTRFS warning (device loop9): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  361.722538][T14617] BTRFS error (device loop9): failed to load root extent
[  361.734059][T14617] BTRFS warning (device loop9): try to load backup roots slot 1
[  361.748491][ T1092] BTRFS warning (device loop9): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  361.872207][T14617] BTRFS warning (device loop9): couldn't read tree root
[  361.878221][T14617] BTRFS warning (device loop9): try to load backup roots slot 2
[  361.881101][ T1092] BTRFS error (device loop9): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  361.884475][T14617] BTRFS warning (device loop9): couldn't read tree root
[  361.887120][T14617] BTRFS warning (device loop9): try to load backup roots slot 3
[  361.893620][T14617] BTRFS info (device loop9): rebuilding free space tree
[  361.905931][T14617] BTRFS info (device loop9): checking UUID tree
[  361.909149][T14617] BTRFS info (device loop9): setting nodatasum
[  361.911036][T14617] BTRFS info (device loop9): enabling ssd optimizations
[  361.913060][T14617] BTRFS info (device loop9): turning off barriers
[  361.915155][T14617] BTRFS info (device loop9): turning on flush-on-commit
[  361.917224][T14617] BTRFS info (device loop9): turning on async discard
[  361.919202][T14617] BTRFS info (device loop9): enabling free space tree
[  361.921133][T14617] BTRFS info (device loop9): force clearing of disk cache
[  361.923139][T14617] BTRFS info (device loop9): enabling auto defrag
[  361.925419][T14617] BTRFS info (device loop9): trying to use backup root at mount time
[  362.204202][T11194] BTRFS info (device loop9): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  362.385822][ T5822] Bluetooth: hci1: command tx timeout
[  362.499754][T14668] loop9: detected capacity change from 0 to 128
[  362.529457][T14668] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  362.534936][T14668] ext4 filesystem being mounted at /424/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  362.553410][T11194] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  362.651711][T14675] loop9: detected capacity change from 0 to 1024
[  362.656559][T14675] hfsplus: invalid btree flag
[  362.658157][T14675] hfsplus: failed to load extents file
[  362.692423][T14677] loop2: detected capacity change from 0 to 512
[  362.706266][T14677] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  362.721300][T14677] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.3231: bad orphan inode 32
[  362.724453][T14677] ext4_test_bit(bit=31, block=4) = 0
[  362.726647][T14677] EXT4-fs (loop2): 1 orphan inode deleted
[  362.733510][T14677] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  362.772957][T14345] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  362.965644][ T5881] usb 10-1: new full-speed USB device number 14 using dummy_hcd
[  362.972312][T14692] loop2: detected capacity change from 0 to 256
[  363.000281][T14692] FAT-fs (loop2): Directory bread(block 64) failed
[  363.002892][T14692] FAT-fs (loop2): Directory bread(block 65) failed
[  363.008749][T14692] FAT-fs (loop2): Directory bread(block 66) failed
[  363.011392][T14692] FAT-fs (loop2): Directory bread(block 67) failed
[  363.015299][T14692] FAT-fs (loop2): Directory bread(block 68) failed
[  363.018046][T14692] FAT-fs (loop2): Directory bread(block 69) failed
[  363.020804][T14692] FAT-fs (loop2): Directory bread(block 70) failed
[  363.023317][T14692] FAT-fs (loop2): Directory bread(block 71) failed
[  363.026409][T14692] FAT-fs (loop2): Directory bread(block 72) failed
[  363.029009][T14692] FAT-fs (loop2): Directory bread(block 73) failed
[  363.126829][ T5881] usb 10-1: config 0 has an invalid interface number: 46 but max is 0
[  363.129105][ T5881] usb 10-1: config 0 has no interface number 0
[  363.130800][ T5881] usb 10-1: config 0 interface 46 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  363.145232][ T5881] usb 10-1: config 0 interface 46 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  363.152008][ T5881] usb 10-1: New USB device found, idVendor=045a, idProduct=5210, bcdDevice= 1.01
[  363.155468][ T5881] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  363.158697][ T5881] usb 10-1: Product: syz
[  363.160265][ T5881] usb 10-1: Manufacturer: syz
[  363.161929][ T5881] usb 10-1: SerialNumber: syz
[  363.167052][ T5881] usb 10-1: config 0 descriptor??
[  363.172990][ T5881] ums-karma 10-1:0.46: USB Mass Storage device detected
[  363.263144][ T5881] ums-karma 10-1:0.46: probe with driver ums-karma failed with error -5
[  363.324249][T14701] loop2: detected capacity change from 0 to 512
[  363.345883][T14701] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities
[  363.411941][ T3147] usb 10-1: USB disconnect, device number 14
[  363.502650][T14711] loop2: detected capacity change from 0 to 64
[  363.526845][   T34] kauditd_printk_skb: 1 callbacks suppressed
[  363.526862][   T34] audit: type=1804 audit(1762823474.277:102): pid=14711 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.3246" name="/newroot/29/file0/file1" dev="loop2" ino=1 res=1 errno=0
[  364.034699][T14717] IPv6: NLM_F_CREATE should be specified when creating new route
[  364.266687][T14732] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  365.389676][T14771] loop2: detected capacity change from 0 to 1764
[  365.462676][   T24] hid-generic 0003:0004:0000.0016: unknown main item tag 0x0
[  365.475334][   T24] hid-generic 0003:0004:0000.0016: unknown main item tag 0x0
[  365.481275][   T24] hid-generic 0003:0004:0000.0016: unknown main item tag 0x0
[  365.485132][   T24] hid-generic 0003:0004:0000.0016: unknown main item tag 0x0
[  365.487758][   T24] hid-generic 0003:0004:0000.0016: unknown main item tag 0x0
[  365.490052][   T24] hid-generic 0003:0004:0000.0016: unknown main item tag 0x0
[  365.492381][   T24] hid-generic 0003:0004:0000.0016: unknown main item tag 0x0
[  365.494763][   T24] hid-generic 0003:0004:0000.0016: unknown main item tag 0x0
[  365.497384][   T24] hid-generic 0003:0004:0000.0016: unknown main item tag 0x0
[  365.499811][   T24] hid-generic 0003:0004:0000.0016: unknown main item tag 0x0
[  365.513125][   T24] hid-generic 0003:0004:0000.0016: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  366.488638][T14788] netlink: 180 bytes leftover after parsing attributes in process `syz.8.3280'.
[  366.632555][T14794] loop2: detected capacity change from 0 to 16
[  366.637464][T14794] erofs (device loop2): mounted with root inode @ nid 36.
[  366.647556][T14794] erofs (device loop2): bogus lookback distance 1388 @ lcn 42 of nid 36
[  366.651533][T14794] erofs (device loop2): read error -117 @ 43 of nid 36
[  366.896921][T14802] erofs (device loop2): readahead error at folio 6 @ nid 36
[  366.899776][T14802] erofs (device loop2): readahead error at folio 4 @ nid 36
[  366.903002][T14802] erofs (device loop2): bogus lookback distance 1 @ lcn 0 of nid 36
[  366.905821][T14802] erofs (device loop2): readahead error at folio 0 @ nid 36
[  366.908643][T14802] syz.2.3283: attempt to access beyond end of device
[  366.908643][T14802] loop2: rw=524288, sector=296, nr_sectors = 16 limit=16
[  366.914892][T14802] syz.2.3283: attempt to access beyond end of device
[  366.914892][T14802] loop2: rw=524288, sector=1049264, nr_sectors = 16 limit=16
[  366.919773][T14802] syz.2.3283: attempt to access beyond end of device
[  366.919773][T14802] loop2: rw=524288, sector=16, nr_sectors = 8 limit=16
[  366.924769][T14802] syz.2.3283: attempt to access beyond end of device
[  366.924769][T14802] loop2: rw=524288, sector=720, nr_sectors = 16 limit=16
[  366.930668][T14802] erofs (device loop2): failed to decompress -45 in[55, 4041] out[4055]
[  366.941919][T14802] erofs (device loop2): bogus lookback distance 1 @ lcn 0 of nid 36
[  366.946742][T14802] syz.2.3283: attempt to access beyond end of device
[  366.946742][T14802] loop2: rw=0, sector=296, nr_sectors = 8 limit=16
[  366.952512][T14802] erofs (device loop2): read error -5 @ 0 of nid 36
[  366.955269][T14802] erofs (device loop2): failed to readdir of logical block 0 of nid 36
[  367.249137][T14807] autofs: Bad value for 'fd'
[  367.680000][T14819] nbd: device at index 9 is going down
[  367.771486][T14825] xt_policy: too many policy elements
[  368.211643][T14851] IPVS: Unknown mcast interface: vcan0
[  368.306966][ T3147] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  368.352655][T14857] loop9: detected capacity change from 0 to 2048
[  368.360249][T14857] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  368.458465][ T3147] usb 3-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  368.463469][ T3147] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  368.469858][ T3147] usb 3-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  368.475815][ T3147] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  368.479140][ T3147] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  368.508214][ T3147] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  368.550448][ T3147] snd-usb-audio 3-1:27.0: probe with driver snd-usb-audio failed with error -2
[  368.588813][T14867] netlink: 16 bytes leftover after parsing attributes in process `syz.8.3316'.
[  368.724643][ T3147] usb 3-1: USB disconnect, device number 8
[  369.153677][T14888] delete_channel: no stack
[  370.286217][T14931] loop9: detected capacity change from 0 to 4096
[  370.304339][T14931] ntfs3(loop9): Mark volume as dirty due to NTFS errors
[  370.313442][T14931] ntfs3(loop9): Failed to load $Extend (-22).
[  370.315692][T14931] ntfs3(loop9): Failed to initialize $Extend.
[  370.910058][ T5822] Bluetooth: hci0: unexpected event for opcode 0x0c5a
[  371.668119][T14963] loop9: detected capacity change from 0 to 1024
[  371.671713][T14963] EXT4-fs: Ignoring removed orlov option
[  371.691336][T14963] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  371.711685][   T34] audit: type=1804 audit(1762823482.457:103): pid=14963 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.9.3358" name="/newroot/464/file1/file1" dev="loop9" ino=15 res=1 errno=0
[  371.744616][T11194] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  372.035186][ T3147] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[  372.195098][ T3147] usb 10-1: Using ep0 maxpacket: 8
[  372.198214][ T3147] usb 10-1: config 162 has an invalid interface number: 239 but max is 0
[  372.201087][ T3147] usb 10-1: config 162 has no interface number 0
[  372.205611][ T3147] usb 10-1: New USB device found, idVendor=10fd, idProduct=de00, bcdDevice= 0.01
[  372.208670][ T3147] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  372.211051][ T3147] usb 10-1: Product: syz
[  372.213097][ T3147] usb 10-1: Manufacturer: syz
[  372.214934][ T3147] usb 10-1: SerialNumber: syz
[  372.429150][ T3147] go7007 10-1:162.239: The Lifeview TV Walker Ultra is not supported. Sorry!
[  372.435565][ T3147] usb 10-1: USB disconnect, device number 15
[  373.718255][T15003] netlink: 'syz.8.3376': attribute type 10 has an invalid length.
[  373.723489][T15003] 8021q: adding VLAN 0 to HW filter on device team0
[  373.732112][T15003] bond0: (slave team0): Enslaving as an active interface with an up link
[  373.906859][T15016] loop2: detected capacity change from 0 to 64
[  373.954160][T15016] BFS-fs: bfs_iget(): Bad inode number loop2:00000002
[  374.114864][T15023] loop9: detected capacity change from 0 to 512
[  374.160593][T15023] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  374.170378][T15023] ext4 filesystem being mounted at /470/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  374.189189][T15023] EXT4-fs error (device loop9): ext4_validate_block_bitmap:441: comm syz.9.3386: bg 0: block 360: padding at end of block bitmap is not set
[  374.198054][T15023] Quota error (device loop9): write_blk: dquota write failed
[  374.202274][T15023] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[  374.208456][T15023] EXT4-fs error (device loop9): ext4_acquire_dquot:6945: comm syz.9.3386: Failed to acquire dquot type 0
[  374.240511][T11194] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  374.432575][T15037] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  374.629948][T15052] overlayfs: failed to clone upperpath
[  375.241351][T15076] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3408'.
[  375.785149][ T9120] usb 10-1: new high-speed USB device number 16 using dummy_hcd
[  375.941016][ T9120] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  375.944570][ T9120] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  375.951015][ T9120] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  375.955946][ T9120] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  375.958828][ T9120] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  375.966079][ T9120] usb 10-1: config 0 descriptor??
[  376.125237][   T24] usb 3-1: new full-speed USB device number 9 using dummy_hcd
[  376.278140][   T24] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA3, changing to 0x83
[  376.283062][   T24] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  376.288223][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  376.297056][   T24] usb 3-1: config 0 descriptor??
[  376.300984][T15096] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  376.810919][   T24] ath6kl: Failed to submit usb control message: -71
[  376.813219][   T24] ath6kl: unable to send the bmi data to the device: -71
[  376.817604][ T9120] plantronics 0003:047F:FFFF.0017: reserved main item tag 0xe
[  376.819936][ T9120] hid_parser_main: 8 callbacks suppressed
[  376.819946][ T9120] plantronics 0003:047F:FFFF.0017: unknown main item tag 0x0
[  376.829014][   T24] ath6kl: Unable to send get target info: -71
[  376.836777][   T24] ath6kl: Failed to init ath6kl core: -71
[  376.839667][   T24] ath6kl_usb 3-1:0.0: probe with driver ath6kl_usb failed with error -71
[  376.856164][   T24] usb 3-1: USB disconnect, device number 9
[  376.874296][ T9120] plantronics 0003:047F:FFFF.0017: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.9-1/input0
[  376.940189][ T9120] usb 10-1: USB disconnect, device number 16
[  377.639728][T15109] loop2: detected capacity change from 0 to 131072
[  377.702918][T15109] F2FS-fs (loop2): Test dummy encryption mode enabled
[  377.709660][T15109] F2FS-fs (loop2): invalid crc value
[  377.726322][T15109] F2FS-fs (loop2): invalid journal entries nats 0 sits 255
[  377.729319][T15109] F2FS-fs (loop2): Failed to initialize F2FS segment manager (-22)
[  378.261085][T15118] netlink: 212368 bytes leftover after parsing attributes in process `syz.8.3424'.
[  378.573736][ T5848] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  378.621037][ T1362] ieee802154 phy1 wpan1: encryption failed: -22
[  378.719320][T15132] loop9: detected capacity change from 0 to 16
[  378.725981][T15132] MTD: Attempt to mount non-MTD device "/dev/loop9"
[  379.051813][T15150] overlayfs: upper fs does not support file handles, falling back to index=off.
[  379.056246][    T9] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  379.058909][T15150] overlayfs: fs on '.' does not support file handles, falling back to xino=off.
[  379.100005][T15152] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  379.215613][    T9] usb 3-1: Using ep0 maxpacket: 16
[  379.218587][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  379.221728][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  379.227540][T15158] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3444'.
[  379.227887][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  379.234502][    T9] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  379.243766][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  379.249671][    T9] usb 3-1: config 0 descriptor??
[  379.536385][T15170] overlayfs: workdir and upperdir must reside under the same mount
[  379.653476][T15174] loop9: detected capacity change from 0 to 512
[  379.667436][    T9] microsoft 0003:045E:07DA.0018: unbalanced delimiter at end of report description
[  379.670802][    T9] microsoft 0003:045E:07DA.0018: parse failed
[  379.672317][T15174] EXT4-fs error (device loop9): ext4_xattr_inode_iget:446: comm syz.9.3452: error while reading EA inode 32 err=-116
[  379.672738][    T9] microsoft 0003:045E:07DA.0018: probe with driver microsoft failed with error -22
[  379.691882][T15174] EXT4-fs (loop9): Remounting filesystem read-only
[  379.694788][T15174] EXT4-fs warning (device loop9): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  379.712691][T15174] EXT4-fs (loop9): 1 orphan inode deleted
[  379.717333][T15174] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  379.744044][T11194] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.889664][    T9] usb 3-1: USB disconnect, device number 10
[  380.265774][T15200] xt_TCPMSS: Only works on TCP SYN packets
[  380.328760][T15204] loop9: detected capacity change from 0 to 4096
[  380.333882][T15204] EXT4-fs: Ignoring removed nomblk_io_submit option
[  380.362331][T15204] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  380.386257][T11194] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  380.634405][T15222] loop2: detected capacity change from 0 to 512
[  380.664134][T15222] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  380.677909][T15222] ext4 filesystem being mounted at /78/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  380.697030][   T55] Bluetooth: hci2: command 0x0406 tx timeout
[  380.745941][T14345] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  380.915210][T15238] loop2: detected capacity change from 0 to 1024
[  380.924686][T15238] EXT4-fs: Ignoring removed orlov option
[  380.940722][T15238] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  381.059774][   T34] audit: type=1804 audit(1762823491.807:104): pid=15244 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3478" name="/newroot/80/file1/file1" dev="loop2" ino=15 res=1 errno=0
[  381.278342][T15233] loop9: detected capacity change from 0 to 32768
[  381.346825][T15233] ocfs2: Mounting device (7,9) on (node local, slot 0) with ordered data mode.
[  381.360503][T15233] (syz.9.3476,15233,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is too small for name_len - offset=16, inode=65, rec_len=16, name_len=64
[  381.378903][T15233] (syz.9.3476,15233,0):ocfs2_prepare_dir_for_insert:4302 ERROR: status = -2
[  381.383001][T15233] (syz.9.3476,15233,0):ocfs2_mknod:301 ERROR: status = -2
[  381.392295][T15233] (syz.9.3476,15233,0):ocfs2_mknod:505 ERROR: status = -2
[  381.397292][T15233] (syz.9.3476,15233,0):ocfs2_create:678 ERROR: status = -2
[  381.531078][T11194] ocfs2: Unmounting device (7,9) on (node local)
[  382.218295][T14345] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  382.236143][T15252] loop9: detected capacity change from 0 to 4096
[  382.273559][T15252] ntfs3(loop9): Mark volume as dirty due to NTFS errors
[  382.282296][T15252] ntfs3(loop9): Failed to load $Extend (-22).
[  382.290049][T15252] ntfs3(loop9): Failed to initialize $Extend.
[  382.333662][T15252] ntfs3(loop9): ino=1b, "file0" ntfs_readdir
[  382.508721][T15260] loop2: detected capacity change from 0 to 32768
[  382.515126][T15260] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.3484 (15260)
[  382.527454][T15260] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  382.537824][T15260] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  382.621718][T15260] BTRFS info (device loop2): enabling ssd optimizations
[  382.623795][T15260] BTRFS info (device loop2): turning on async discard
[  382.625895][T15260] BTRFS info (device loop2): enabling free space tree
[  382.641007][T15294] netlink: 'syz.9.3492': attribute type 30 has an invalid length.
[  382.786163][T15260] BTRFS info (device loop2): balance: start -d -m
[  382.795588][T15260] BTRFS info (device loop2): relocating block group 6881280 flags data|metadata
[  382.844469][T15260] BTRFS info (device loop2): relocating block group 5242880 flags data|metadata
[  382.898357][T15260] BTRFS info (device loop2): found 9 extents, stage: move data extents
[  382.919417][T15260] BTRFS info (device loop2): found 1 extents, stage: update data pointers
[  382.935738][T15260] BTRFS info (device loop2): balance: ended with status: 0
[  383.174869][T15309] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3496'.
[  383.459686][T15311] loop9: detected capacity change from 0 to 64
[  383.466158][T15311] BFS-fs: bfs_fill_super(): loop9 is unclean, continuing
[  383.591037][T14345] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  383.752135][T15313] loop9: detected capacity change from 0 to 40427
[  383.884055][T15313] F2FS-fs (loop9): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  383.887455][   T10] IPVS: starting estimator thread 0...
[  383.892392][T15313] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  383.987763][T15319] IPVS: using max 64 ests per chain, 153600 per kthread
[  383.992229][T11194] syz-executor: attempt to access beyond end of device
[  383.992229][T11194] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  383.998770][T11194] CPU: 1 UID: 0 PID: 11194 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  383.998791][T11194] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  383.998802][T11194] Call Trace:
[  383.998810][T11194]  <TASK>
[  383.998818][T11194]  dump_stack_lvl+0x189/0x250
[  383.998850][T11194]  ? __pfx_dump_stack_lvl+0x10/0x10
[  383.998868][T11194]  ? __pfx_queue_work_on+0x10/0x10
[  383.998886][T11194]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  383.998903][T11194]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  383.998927][T11194]  f2fs_handle_critical_error+0x37c/0x540
[  383.998952][T11194]  f2fs_write_end_io+0x886/0xb60
[  383.998987][T11194]  __submit_merged_bio+0x27a/0x6a0
[  383.999011][T11194]  __submit_merged_write_cond+0x255/0x530
[  383.999064][T11194]  f2fs_write_data_pages+0x261d/0x3000
[  383.999114][T11194]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  383.999168][T11194]  ? __mod_zone_page_state+0xd7/0x140
[  383.999199][T11194]  ? folios_put_refs+0x58b/0x670
[  383.999226][T11194]  ? __pfx_folios_put_refs+0x10/0x10
[  383.999247][T11194]  ? rcu_is_watching+0x15/0xb0
[  383.999271][T11194]  ? __lock_acquire+0xab9/0xd20
[  383.999302][T11194]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  383.999320][T11194]  do_writepages+0x32e/0x550
[  383.999346][T11194]  ? do_raw_spin_unlock+0x4d/0x240
[  383.999369][T11194]  filemap_fdatawrite+0x199/0x240
[  383.999390][T11194]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  383.999449][T11194]  ? do_raw_spin_unlock+0x4d/0x240
[  383.999470][T11194]  f2fs_sync_dirty_inodes+0x31f/0x830
[  383.999502][T11194]  f2fs_write_checkpoint+0x93e/0x2440
[  383.999521][T11194]  ? __lock_acquire+0xab9/0xd20
[  383.999553][T11194]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  383.999619][T11194]  kill_f2fs_super+0x2cc/0x6d0
[  383.999642][T11194]  ? __pfx_kill_f2fs_super+0x10/0x10
[  383.999677][T11194]  ? shrinker_free+0x2ce/0x3e0
[  383.999697][T11194]  deactivate_locked_super+0xbc/0x130
[  383.999713][T11194]  cleanup_mnt+0x425/0x4c0
[  383.999735][T11194]  ? lockdep_hardirqs_on+0x9c/0x150
[  383.999755][T11194]  task_work_run+0x1d4/0x260
[  383.999779][T11194]  ? __pfx_task_work_run+0x10/0x10
[  383.999796][T11194]  ? __x64_sys_umount+0x122/0x160
[  383.999813][T11194]  ? exit_to_user_mode_loop+0x40/0x130
[  383.999832][T11194]  exit_to_user_mode_loop+0xe9/0x130
[  383.999846][T11194]  do_syscall_64+0x2bd/0xfa0
[  383.999862][T11194]  ? lockdep_hardirqs_on+0x9c/0x150
[  383.999876][T11194]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  383.999889][T11194]  ? exc_page_fault+0xab/0x100
[  383.999906][T11194]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  383.999922][T11194] RIP: 0033:0x7f9d67b902f7
[  383.999938][T11194] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  383.999950][T11194] RSP: 002b:00007ffc11d77ff8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  383.999967][T11194] RAX: 0000000000000000 RBX: 00007f9d67c11d7d RCX: 00007f9d67b902f7
[  383.999977][T11194] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc11d780b0
[  383.999984][T11194] RBP: 00007ffc11d780b0 R08: 0000000000000000 R09: 0000000000000000
[  383.999994][T11194] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc11d79140
[  384.000005][T11194] R13: 00007f9d67c11d7d R14: 000000000005db6c R15: 00007ffc11d79180
[  384.000059][T11194]  </TASK>
[  384.000067][T11194] F2FS-fs (loop9): Stopped filesystem due to reason: 3
[  384.001493][T15324] can0: slcan on ttyS3.
[  384.325811][T15325] can0 (unregistered): slcan off ttyS3.
[  384.952515][T15348] loop9: detected capacity change from 0 to 32768
[  384.956903][T15348] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.3503 (15348)
[  384.985208][T15348] BTRFS info (device loop9): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  384.991582][T15348] BTRFS info (device loop9): using sha256 (sha256-lib) checksum algorithm
[  385.029031][T15348] BTRFS info (device loop9): enabling ssd optimizations
[  385.031898][T15348] BTRFS info (device loop9): turning on async discard
[  385.034063][T15348] BTRFS info (device loop9): enabling free space tree
[  385.167718][T11194] BTRFS info (device loop9): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  385.545129][    T9] usb 10-1: new high-speed USB device number 17 using dummy_hcd
[  385.552728][T15376] loop2: detected capacity change from 0 to 32768
[  385.683040][T15376] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  385.699767][    T9] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  385.705876][    T9] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  385.709499][    T9] usb 10-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  385.724768][    T9] usb 10-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  385.734650][    T9] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  385.746857][    T9] usb 10-1: config 0 descriptor??
[  385.904571][T15376] XFS (loop2): Ending clean mount
[  386.101500][T14345] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  386.182518][    T9] plantronics 0003:047F:FFFF.0019: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.9-1/input0
[  386.349711][T15396] netlink: 16 bytes leftover after parsing attributes in process `syz.8.3517'.
[  386.420538][T15400] xt_ipcomp: unknown flags 1D
[  386.472725][    T9] usb 10-1: USB disconnect, device number 17
[  386.837654][T15414] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3525'.
[  387.084323][T15437] netlink: 28 bytes leftover after parsing attributes in process `syz.2.3536'.
[  388.155810][T15464] loop2: detected capacity change from 0 to 40427
[  388.162607][T15464] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  388.164905][T15464] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  388.184366][T15464] F2FS-fs (loop2): invalid crc value
[  388.251592][T15464] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  388.256891][T15464] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  388.259067][T15464] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  388.678652][T15492] loop2: detected capacity change from 0 to 164
[  388.895248][  T127] block nbd0: Possible stuck request ffff888108ac0000: control (read@0,1024B). Runtime 180 seconds
[  388.898579][  T127] block nbd0: Possible stuck request ffff888108ac0200: control (read@1024,1024B). Runtime 180 seconds
[  388.901938][  T127] block nbd0: Possible stuck request ffff888108ac0400: control (read@2048,1024B). Runtime 180 seconds
[  388.905276][  T127] block nbd0: Possible stuck request ffff888108ac0600: control (read@3072,1024B). Runtime 180 seconds
[  389.635154][ T9120] usb 10-1: new high-speed USB device number 18 using dummy_hcd
[  389.785123][ T9120] usb 10-1: Using ep0 maxpacket: 16
[  389.789707][ T9120] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  389.794081][ T9120] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 2
[  389.798522][ T9120] usb 10-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  389.807013][ T9120] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  389.811501][ T9120] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  389.814197][ T9120] usb 10-1: Product: syz
[  389.821178][ T9120] usb 10-1: Manufacturer: syz
[  389.822977][ T9120] usb 10-1: SerialNumber: syz
[  389.991335][T15510] loop2: detected capacity change from 0 to 4096
[  390.032502][T15511] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  390.088779][T15510] overlayfs: upper fs does not support tmpfile.
[  390.119939][T15512] overlayfs: upperdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  390.127989][T15510] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  390.130736][T15510] overlayfs: failed to set xattr on upper
[  390.132902][T15510] overlayfs: ...falling back to redirect_dir=nofollow.
[  390.142632][T15512] overlayfs: workdir is in-use as upperdir/workdir of another mount, accessing files from both mounts will result in undefined behavior.
[  390.152249][ T9120] cdc_ncm 10-1:1.0: CDC Union missing and no IAD found
[  390.154863][ T9120] cdc_ncm 10-1:1.0: bind() failure
[  390.158859][T15510] overlayfs: ...falling back to index=off.
[  390.169632][T15510] overlayfs: ...falling back to uuid=null.
[  390.184231][ T9120] usb 10-1: USB disconnect, device number 18
[  390.198879][T15512] overlayfs: upper fs does not support tmpfile.
[  390.229528][T15512] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  390.235134][T15512] overlayfs: failed to set xattr on upper
[  390.239388][T15512] overlayfs: ...falling back to redirect_dir=nofollow.
[  390.242089][T15512] overlayfs: ...falling back to uuid=null.
[  390.497627][T15508] overlayfs: failed to clone upperpath
[  390.597809][T15520] overlayfs: unescaped trailing colons in lowerdir mount option.
[  390.772832][T15532] bond1: option downdelay: invalid value (18446744073709551609)
[  390.777335][T15532] bond1: option downdelay: allowed values 0 - 2147483647
[  390.783358][T15532] bond1 (unregistering): Released all slaves
[  390.895196][   T33] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  390.917298][T15535] loop9: detected capacity change from 0 to 512
[  390.921414][T15535] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  390.932814][T15535] EXT4-fs (loop9): 1 truncate cleaned up
[  390.939079][T15535] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  391.000855][T11194] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  391.045248][   T33] usb 3-1: Using ep0 maxpacket: 8
[  391.056869][   T33] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  391.060126][   T33] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  391.062946][   T33] usb 3-1: Product: syz
[  391.064441][   T33] usb 3-1: Manufacturer: syz
[  391.067717][   T33] usb 3-1: SerialNumber: syz
[  391.071406][   T33] usb 3-1: config 0 descriptor??
[  391.111020][T15541] nbd: illegal input index -1495182229
[  391.154265][T15543] netlink: 24 bytes leftover after parsing attributes in process `syz.9.3581'.
[  391.282446][   T33] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  392.006229][   T33] dvb_usb_rtl28xxu 3-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  392.013800][   T33] usb 3-1: USB disconnect, device number 11
[  392.310946][T15559] loop9: detected capacity change from 0 to 40427
[  392.319760][T15565] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3591'.
[  392.322058][T15559] F2FS-fs (loop9): invalid crc value
[  392.360290][T15559] F2FS-fs (loop9): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  392.363297][T15559] F2FS-fs (loop9): Start checkpoint disabled!
[  392.366934][T15559] F2FS-fs (loop9): f2fs_disable_checkpoint() finish, err:0
[  392.369843][T15559] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e6
[  392.423625][ T6350] kworker/u9:7: attempt to access beyond end of device
[  392.423625][ T6350] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  392.431358][ T6350] CPU: 0 UID: 0 PID: 6350 Comm: kworker/u9:7 Not tainted syzkaller #0 PREEMPT(full) 
[  392.431379][ T6350] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  392.431388][ T6350] Workqueue: writeback wb_workfn (flush-7:9)
[  392.431451][ T6350] Call Trace:
[  392.431459][ T6350]  <TASK>
[  392.431466][ T6350]  dump_stack_lvl+0x189/0x250
[  392.431492][ T6350]  ? __pfx_dump_stack_lvl+0x10/0x10
[  392.431511][ T6350]  ? __pfx_queue_work_on+0x10/0x10
[  392.431527][ T6350]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  392.431543][ T6350]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  392.431569][ T6350]  f2fs_handle_critical_error+0x37c/0x540
[  392.431594][ T6350]  f2fs_write_end_io+0x886/0xb60
[  392.431630][ T6350]  __submit_merged_bio+0x27a/0x6a0
[  392.431654][ T6350]  __submit_merged_write_cond+0x255/0x530
[  392.431677][ T6350]  f2fs_write_data_pages+0x261d/0x3000
[  392.431727][ T6350]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  392.431757][ T6350]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  392.431809][ T6350]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  392.431838][ T6350]  ? trace_f2fs_writepages+0x7f/0x200
[  392.431856][ T6350]  ? f2fs_write_node_pages+0x478/0x6e0
[  392.431877][ T6350]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  392.431898][ T6350]  ? __lock_acquire+0xab9/0xd20
[  392.431919][ T6350]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  392.431938][ T6350]  do_writepages+0x32e/0x550
[  392.431962][ T6350]  ? reacquire_held_locks+0x127/0x1d0
[  392.431977][ T6350]  ? writeback_sb_inodes+0x384/0x1010
[  392.432002][ T6350]  __writeback_single_inode+0x145/0xff0
[  392.432019][ T6350]  ? do_raw_spin_unlock+0x4d/0x240
[  392.432042][ T6350]  writeback_sb_inodes+0x6c7/0x1010
[  392.432083][ T6350]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  392.432139][ T6350]  ? rcu_is_watching+0x15/0xb0
[  392.432165][ T6350]  wb_writeback+0x43b/0xaf0
[  392.432188][ T6350]  ? queue_io+0x3a1/0x590
[  392.432207][ T6350]  ? __pfx_wb_writeback+0x10/0x10
[  392.432230][ T6350]  ? _raw_spin_unlock_irq+0x23/0x50
[  392.432249][ T6350]  wb_workfn+0x409/0xef0
[  392.432284][ T6350]  ? __pfx_wb_workfn+0x10/0x10
[  392.432309][ T6350]  ? __lock_acquire+0xab9/0xd20
[  392.432333][ T6350]  ? process_scheduled_works+0x9ef/0x17b0
[  392.432356][ T6350]  ? _raw_spin_unlock_irq+0x23/0x50
[  392.432368][ T6350]  ? process_scheduled_works+0x9ef/0x17b0
[  392.432382][ T6350]  ? process_scheduled_works+0x9ef/0x17b0
[  392.432431][ T6350]  process_scheduled_works+0xae1/0x17b0
[  392.432476][ T6350]  ? __pfx_process_scheduled_works+0x10/0x10
[  392.432508][ T6350]  worker_thread+0x8a0/0xda0
[  392.432548][ T6350]  kthread+0x711/0x8a0
[  392.432572][ T6350]  ? __pfx_worker_thread+0x10/0x10
[  392.432587][ T6350]  ? __pfx_kthread+0x10/0x10
[  392.432607][ T6350]  ? _raw_spin_unlock_irq+0x23/0x50
[  392.432621][ T6350]  ? lockdep_hardirqs_on+0x9c/0x150
[  392.432634][ T6350]  ? __pfx_kthread+0x10/0x10
[  392.432654][ T6350]  ret_from_fork+0x4bc/0x870
[  392.432672][ T6350]  ? __pfx_ret_from_fork+0x10/0x10
[  392.432695][ T6350]  ? __switch_to_asm+0x39/0x70
[  392.432706][ T6350]  ? __switch_to_asm+0x33/0x70
[  392.432717][ T6350]  ? __pfx_kthread+0x10/0x10
[  392.432735][ T6350]  ret_from_fork_asm+0x1a/0x30
[  392.432765][ T6350]  </TASK>
[  392.432771][ T6350] F2FS-fs (loop9): Stopped filesystem due to reason: 3
[  393.234439][T15579] loop2: detected capacity change from 0 to 32768
[  393.246772][T15579] XFS (loop2): DAX unsupported by block device. Turning off DAX.
[  393.252733][T15579] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  393.316311][T15579] XFS (loop2): Ending clean mount
[  393.320495][T15579] XFS (loop2): Quotacheck needed: Please wait.
[  393.402736][T15579] XFS (loop2): Quotacheck: Done.
[  393.445951][T14345] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  393.674736][T15606] loop9: detected capacity change from 0 to 1024
[  393.716855][T15606] hfsplus: invalid length 32517 has been corrected to 255
[  393.744272][T15606] hfsplus: invalid length 32517 has been corrected to 255
[  393.748289][T15606] hfsplus: invalid length 32517 has been corrected to 255
[  393.774932][ T1201] hfsplus: b-tree write err: -5, ino 4
[  394.076863][T15618] loop2: detected capacity change from 0 to 40427
[  394.091975][T15618] F2FS-fs (loop2): invalid crc value
[  394.154113][T15630] netlink: 'syz.8.3612': attribute type 4 has an invalid length.
[  394.161734][T15618] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  394.164874][T15630] netlink: 'syz.8.3612': attribute type 4 has an invalid length.
[  394.164938][T15618] F2FS-fs (loop2): Start checkpoint disabled!
[  394.171529][   T33] lo speed is unknown, defaulting to 1000
[  394.172267][T15618] F2FS-fs (loop2): f2fs_disable_checkpoint() finish, err:0
[  394.175264][   T33] syz0: Port: 1 Link ACTIVE
[  394.179529][T15618] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  394.210761][T15618] F2FS-fs (loop2): Stopped filesystem due to reason: 0
[  395.050281][T15644] loop9: detected capacity change from 0 to 2048
[  395.122628][T15644] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  395.144002][T11194] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  395.638338][T15687] loop9: detected capacity change from 0 to 64
[  396.567156][T15717] bond2: option broadcast_neighbor: mode dependency failed, not supported in mode balance-rr(0)
[  396.572974][T15717] bond2 (unregistering): Released all slaves
[  396.958056][T15731] netlink: 16 bytes leftover after parsing attributes in process `syz.8.3652'.
[  396.965935][T15731] netlink: 16 bytes leftover after parsing attributes in process `syz.8.3652'.
[  397.282520][T15744] openvswitch: netlink: Flow key attribute not present in set flow.
[  397.347984][T15748] netlink: 188 bytes leftover after parsing attributes in process `syz.2.3661'.
[  397.530404][T15758] loop2: detected capacity change from 0 to 4096
[  397.543854][T15758] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  397.578707][T15758] ntfs3(loop2): Failed to initialize $Extend/$Reparse.
[  397.703576][T15750] loop9: detected capacity change from 0 to 32768
[  397.726313][T15750] XFS (loop9): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  397.759693][T15750] XFS (loop9): Ending clean mount
[  397.762637][T15780] ipvlan1: entered allmulticast mode
[  397.764695][T15780] veth0_vlan: entered allmulticast mode
[  397.767531][T15750] XFS (loop9): Quotacheck needed: Please wait.
[  397.822935][T15750] XFS (loop9): Quotacheck: Done.
[  397.859456][T11194] XFS (loop9): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  398.045565][    T9] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  398.195129][    T9] usb 3-1: Using ep0 maxpacket: 16
[  398.199018][    T9] usb 3-1: config 0 interface 0 altsetting 66 endpoint 0x81 has an invalid bInterval 112, changing to 10
[  398.203108][    T9] usb 3-1: config 0 interface 0 has no altsetting 0
[  398.205824][    T9] usb 3-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  398.209260][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  398.214694][    T9] usb 3-1: config 0 descriptor??
[  398.423267][    T9] usb 3-1: string descriptor 0 read error: -71
[  398.431399][    T9] usbhid 3-1:0.0: can't add hid device: -71
[  398.433801][    T9] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  398.439638][    T9] usb 3-1: USB disconnect, device number 12
[  399.382859][   T13] nci: nci_rf_discover_ntf_packet: unsupported rf_tech_and_mode 0x10
[  399.844214][T15824] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  399.973115][T15834] loop9: detected capacity change from 0 to 1764
[  400.244900][T15849] program syz.9.3699 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  400.865319][T15890] loop9: detected capacity change from 0 to 32768
[  400.885679][T15890] JBD2: Ignoring recovery information on journal
[  400.914663][T15890] ocfs2: Mounting device (7,9) on (node local, slot 0) with ordered data mode.
[  400.974456][T11194] ocfs2: Unmounting device (7,9) on (node local)
[  402.276724][T15927] netlink: 'syz.8.3731': attribute type 8 has an invalid length.
[  402.644604][T15929] loop2: detected capacity change from 0 to 4096
[  402.647951][T15929] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  402.751294][T15935] netlink: 148 bytes leftover after parsing attributes in process `syz.2.3739'.
[  402.789055][T15935] netlink: 148 bytes leftover after parsing attributes in process `syz.2.3739'.
[  402.998447][T15931] loop9: detected capacity change from 0 to 32768
[  403.009700][T15931] lmLogInit: exit(-22)
[  403.010956][T15931] lmLogOpen: exit(-22)
[  403.322221][T15942] loop2: detected capacity change from 0 to 40427
[  403.360896][T15942] F2FS-fs (loop2): invalid crc value
[  403.469457][T15942] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  403.473693][T15942] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  403.692160][T15965] loop9: detected capacity change from 0 to 32768
[  403.740878][T15965] XFS (loop9): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  403.787540][T15965] XFS (loop9): Ending clean mount
[  403.870435][T11194] XFS (loop9): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  404.057492][T15999] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  404.065105][T15999] CIFS mount error: No usable UNC path provided in device string!
[  404.065105][T15999] 
[  404.084047][T15999] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  404.524639][T16028] loop2: detected capacity change from 0 to 164
[  404.548147][T16028] ISOFS: Bad logical zone size 25856
[  405.031392][T16023] loop9: detected capacity change from 0 to 40427
[  405.050015][T16023] F2FS-fs (loop9): invalid crc value
[  405.132752][T16023] F2FS-fs (loop9): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  405.138310][T16023] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  405.155504][   T34] audit: type=1800 audit(1762823515.897:105): pid=16023 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.3777" name="file1" dev="loop9" ino=10 res=0 errno=0
[  405.176807][T11194] syz-executor: attempt to access beyond end of device
[  405.176807][T11194] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  405.186549][T11194] CPU: 0 UID: 0 PID: 11194 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  405.186574][T11194] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  405.186583][T11194] Call Trace:
[  405.186591][T11194]  <TASK>
[  405.186599][T11194]  dump_stack_lvl+0x189/0x250
[  405.186630][T11194]  ? __pfx_dump_stack_lvl+0x10/0x10
[  405.186649][T11194]  ? __pfx_queue_work_on+0x10/0x10
[  405.186666][T11194]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  405.186683][T11194]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  405.186707][T11194]  f2fs_handle_critical_error+0x37c/0x540
[  405.186755][T11194]  f2fs_write_end_io+0x886/0xb60
[  405.186790][T11194]  __submit_merged_bio+0x27a/0x6a0
[  405.186813][T11194]  __submit_merged_write_cond+0x255/0x530
[  405.186836][T11194]  f2fs_write_data_pages+0x261d/0x3000
[  405.186880][T11194]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  405.186931][T11194]  ? __mod_zone_page_state+0xd7/0x140
[  405.186959][T11194]  ? folios_put_refs+0x58b/0x670
[  405.186985][T11194]  ? __lock_acquire+0xab9/0xd20
[  405.187007][T11194]  ? do_raw_spin_lock+0x121/0x290
[  405.187032][T11194]  ? do_raw_spin_unlock+0x4d/0x240
[  405.187051][T11194]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  405.187071][T11194]  do_writepages+0x32e/0x550
[  405.187098][T11194]  ? do_raw_spin_unlock+0x4d/0x240
[  405.187120][T11194]  filemap_fdatawrite+0x199/0x240
[  405.187140][T11194]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  405.187193][T11194]  ? do_raw_spin_unlock+0x4d/0x240
[  405.187215][T11194]  f2fs_sync_dirty_inodes+0x31f/0x830
[  405.187247][T11194]  f2fs_write_checkpoint+0x93e/0x2440
[  405.187266][T11194]  ? __lock_acquire+0xab9/0xd20
[  405.187301][T11194]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  405.187365][T11194]  kill_f2fs_super+0x2cc/0x6d0
[  405.187389][T11194]  ? __pfx_kill_f2fs_super+0x10/0x10
[  405.187421][T11194]  ? shrinker_free+0x2ce/0x3e0
[  405.187439][T11194]  deactivate_locked_super+0xbc/0x130
[  405.187454][T11194]  cleanup_mnt+0x425/0x4c0
[  405.187502][T11194]  ? lockdep_hardirqs_on+0x9c/0x150
[  405.187524][T11194]  task_work_run+0x1d4/0x260
[  405.187549][T11194]  ? __pfx_task_work_run+0x10/0x10
[  405.187566][T11194]  ? __x64_sys_umount+0x122/0x160
[  405.187585][T11194]  ? exit_to_user_mode_loop+0x40/0x130
[  405.187605][T11194]  exit_to_user_mode_loop+0xe9/0x130
[  405.187619][T11194]  do_syscall_64+0x2bd/0xfa0
[  405.187637][T11194]  ? lockdep_hardirqs_on+0x9c/0x150
[  405.187652][T11194]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.187667][T11194]  ? exc_page_fault+0xab/0x100
[  405.187684][T11194]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  405.187699][T11194] RIP: 0033:0x7f9d67b902f7
[  405.187715][T11194] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  405.187734][T11194] RSP: 002b:00007ffc11d77ff8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  405.187752][T11194] RAX: 0000000000000000 RBX: 00007f9d67c11d7d RCX: 00007f9d67b902f7
[  405.187762][T11194] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc11d780b0
[  405.187773][T11194] RBP: 00007ffc11d780b0 R08: 0000000000000000 R09: 0000000000000000
[  405.187781][T11194] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc11d79140
[  405.187791][T11194] R13: 00007f9d67c11d7d R14: 0000000000062e4f R15: 00007ffc11d79180
[  405.187816][T11194]  </TASK>
[  405.187923][T11194] F2FS-fs (loop9): Stopped filesystem due to reason: 3
[  405.535111][   T33] usb 3-1: new low-speed USB device number 13 using dummy_hcd
[  405.686535][   T33] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  405.690199][   T33] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  405.694696][   T33] usb 3-1: New USB device found, idVendor=258a, idProduct=0036, bcdDevice= 0.00
[  405.699741][   T33] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  405.707015][   T33] usb 3-1: config 0 descriptor??
[  406.141384][   T33] glorious 0003:258A:0036.001A: hidraw0: USB HID v0.00 Device [Glorious Model O] on usb-dummy_hcd.2-1/input0
[  406.360669][ T3147] usb 3-1: USB disconnect, device number 13
[  407.040011][T16072] loop2: detected capacity change from 0 to 128
[  407.045665][T16072] EXT4-fs: Ignoring removed nobh option
[  407.076400][T16072] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  407.088413][T16072] ext4 filesystem being mounted at /155/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  407.138366][   T34] audit: type=1804 audit(1762823517.887:106): pid=16072 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.3794" name="/newroot/155/mnt/file1" dev="loop2" ino=12 res=1 errno=0
[  407.158041][T16078] loop9: detected capacity change from 0 to 256
[  407.159344][T14345] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  407.161094][T16078] exfat: Deprecated parameter 'utf8'
[  407.175354][T16078] exfat: Deprecated parameter 'utf8'
[  407.177145][T16078] exfat: Deprecated parameter 'utf8'
[  407.218787][T16078] exFAT-fs (loop9): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d)
[  407.575757][T16099] netlink: 32 bytes leftover after parsing attributes in process `syz.8.3806'.
[  409.025494][   T33] usb 3-1: new full-speed USB device number 14 using dummy_hcd
[  409.182789][   T33] usb 3-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  409.194129][   T33] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  409.198502][   T33] usb 3-1: Product: syz
[  409.200108][   T33] usb 3-1: Manufacturer: syz
[  409.201856][   T33] usb 3-1: SerialNumber: syz
[  409.223543][   T33] usb 3-1: config 0 descriptor??
[  409.678564][   T33] airspy 3-1:0.0: Board ID: 00
[  409.680429][   T33] airspy 3-1:0.0: Firmware version: 
[  409.960640][T16153] netlink: 24 bytes leftover after parsing attributes in process `syz.9.3829'.
[  410.490197][   T33] airspy 3-1:0.0: usb_control_msg() failed -71 request 0f
[  410.498398][   T33] airspy 3-1:0.0: Registered as swradio24
[  410.500317][   T33] airspy 3-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[  410.507000][   T33] usb 3-1: USB disconnect, device number 14
[  410.792013][T16158] loop9: detected capacity change from 0 to 256
[  410.805960][T16158] exFAT-fs (loop9): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  410.811302][T16158] exFAT-fs (loop9): valid_size(150994954) is greater than size(10)
[  412.178307][T16234] loop2: detected capacity change from 0 to 4096
[  412.208628][T16239] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  412.460946][T16243] loop2: detected capacity change from 0 to 32768
[  412.472526][T16243] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.3868 (16243)
[  412.484973][T16243] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  412.488382][T16243] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  412.517717][T16243] BTRFS info (device loop2): enabling ssd optimizations
[  412.520500][T16243] BTRFS info (device loop2): turning on async discard
[  412.523105][T16243] BTRFS info (device loop2): enabling free space tree
[  412.526283][T16243] BTRFS info (device loop2): use zlib compression, level 3
[  412.604950][T14345] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  412.782768][T16264] loop9: detected capacity change from 0 to 1024
[  414.011029][T16316] loop2: detected capacity change from 0 to 512
[  414.165189][    T9] usb 10-1: new high-speed USB device number 19 using dummy_hcd
[  414.338661][    T9] usb 10-1: Using ep0 maxpacket: 32
[  414.348905][    T9] usb 10-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  414.356594][    T9] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  414.359578][    T9] usb 10-1: Product: syz
[  414.361183][    T9] usb 10-1: Manufacturer: syz
[  414.363076][    T9] usb 10-1: SerialNumber: syz
[  414.376682][    T9] usb 10-1: config 0 descriptor??
[  414.381944][    T9] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  414.584098][    T9] gspca_ov534_9: reg_w failed -71
[  414.842493][T16352] IPVS: lblc: FWM 3 0x00000003 - no destination available
[  414.879428][ T3147] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  415.035132][    T9] gspca_ov534_9: Unknown sensor 0000
[  415.035226][    T9] ov534_9 10-1:0.0: probe with driver ov534_9 failed with error -22
[  415.042438][ T3147] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  415.056101][    T9] usb 10-1: USB disconnect, device number 19
[  415.060116][ T3147] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  415.063345][ T3147] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  415.079182][ T3147] usb 3-1: config 0 descriptor??
[  415.094890][ T3147] pwc: Askey VC010 type 2 USB webcam detected.
[  415.493494][ T3147] pwc: recv_control_msg error -32 req 02 val 2b00
[  415.502168][ T3147] pwc: recv_control_msg error -32 req 02 val 2700
[  415.516048][ T3147] pwc: recv_control_msg error -32 req 02 val 2c00
[  415.519332][ T3147] pwc: recv_control_msg error -32 req 04 val 1000
[  415.723977][ T3147] pwc: recv_control_msg error -32 req 04 val 1400
[  415.758551][T16380] loop9: detected capacity change from 0 to 32768
[  415.772487][T16380] XFS (loop9): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  415.787343][T16380] XFS (loop9): Ending clean mount
[  415.830766][T11194] XFS (loop9): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  415.936490][ T3147] pwc: recv_control_msg error -71 req 02 val 2100
[  415.939317][ T3147] pwc: recv_control_msg error -71 req 04 val 1500
[  415.954805][ T3147] pwc: recv_control_msg error -71 req 02 val 2500
[  415.958811][ T3147] pwc: recv_control_msg error -71 req 02 val 2400
[  415.972444][ T3147] pwc: recv_control_msg error -71 req 02 val 2600
[  415.976005][ T3147] pwc: recv_control_msg error -71 req 02 val 2900
[  415.978627][ T3147] pwc: recv_control_msg error -71 req 02 val 2800
[  415.981388][ T3147] pwc: recv_control_msg error -71 req 04 val 1100
[  415.984125][ T3147] pwc: recv_control_msg error -71 req 04 val 1200
[  415.988194][ T3147] pwc: Registered as video103.
[  415.996810][ T3147] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input23
[  416.021328][ T3147] usb 3-1: USB disconnect, device number 15
[  416.094017][T16407] loop9: detected capacity change from 0 to 512
[  416.105773][T16407] EXT4-fs: Ignoring removed mblk_io_submit option
[  416.109604][T16407] EXT4-fs (loop9): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  416.113398][T16407] EXT4-fs (loop9): revision level too high, forcing read-only mode
[  416.116320][T16407] EXT4-fs (loop9): orphan cleanup on readonly fs
[  416.119573][T16407] EXT4-fs error (device loop9): ext4_read_block_bitmap_nowait:483: comm syz.9.3932: Invalid block bitmap block 0 in block_group 0
[  416.129424][T16407] EXT4-fs error (device loop9): ext4_read_block_bitmap_nowait:483: comm syz.9.3932: Invalid block bitmap block 0 in block_group 0
[  416.133639][T16407] EXT4-fs error (device loop9): ext4_read_block_bitmap_nowait:483: comm syz.9.3932: Invalid block bitmap block 0 in block_group 0
[  416.139356][T16407] Quota error (device loop9): write_blk: dquota write failed
[  416.141518][T16407] Quota error (device loop9): qtree_write_dquot: Error -28 occurred while creating quota
[  416.144374][T16407] EXT4-fs error (device loop9): ext4_acquire_dquot:6945: comm syz.9.3932: Failed to acquire dquot type 1
[  416.152302][T16407] EXT4-fs (loop9): 1 orphan inode deleted
[  416.154263][   T27] Quota error (device loop9): do_check_range: Getting block 0 out of range 1-5
[  416.156999][   T27] EXT4-fs error (device loop9): ext4_release_dquot:6981: comm kworker/u10:0: Failed to release dquot type 1
[  416.164043][T16407] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  416.190673][T11194] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  416.321622][T16416] netlink: 40 bytes leftover after parsing attributes in process `syz.8.3935'.
[  416.372836][T16420] loop9: detected capacity change from 0 to 256
[  416.391521][T16420] exFAT-fs (loop9): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  416.414871][T16420] exFAT-fs (loop9): valid_size(150994954) is greater than size(10)
[  419.361747][  T127] block nbd0: Possible stuck request ffff888108ac0000: control (read@0,1024B). Runtime 210 seconds
[  419.370324][  T127] block nbd0: Possible stuck request ffff888108ac0200: control (read@1024,1024B). Runtime 210 seconds
[  419.373647][  T127] block nbd0: Possible stuck request ffff888108ac0400: control (read@2048,1024B). Runtime 210 seconds
[  419.377526][  T127] block nbd0: Possible stuck request ffff888108ac0600: control (read@3072,1024B). Runtime 210 seconds
[  419.626662][T16481] loop9: detected capacity change from 0 to 128
[  420.270656][T16493] loop2: detected capacity change from 0 to 16
[  420.277525][T16493] erofs (device loop2): mounted with root inode @ nid 36.
[  420.293844][T16493] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  420.462117][T16502] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3972'.
[  420.572174][T16507] loop9: detected capacity change from 0 to 128
[  420.580080][T16507] Invalid source name
[  420.581614][T16507] UBIFS error (pid: 16507): cannot open "/dev/loop9", error -22
[  420.764776][T16523] loop2: detected capacity change from 0 to 1024
[  421.409983][T16544] loop9: detected capacity change from 0 to 256
[  421.412335][T16544] exfat: Deprecated parameter 'namecase'
[  421.414096][T16544] exfat: Deprecated parameter 'namecase'
[  421.418692][T16544] exfat: Deprecated parameter 'namecase'
[  421.421166][T16544] exFAT-fs (loop9): Medium has reported failures. Some data may be lost.
[  421.427144][T16544] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d)
[  421.517165][T16549] netlink: 8 bytes leftover after parsing attributes in process `syz.9.3993'.
[  421.945454][T16557] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3996'.
[  421.978357][T16559] netlink: 'syz.8.3997': attribute type 1 has an invalid length.
[  421.998073][T16559] 8021q: adding VLAN 0 to HW filter on device bond2
[  422.188674][T16571] netlink: 4 bytes leftover after parsing attributes in process `syz.8.4002'.
[  422.318080][T16577] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  422.320590][T16577] overlayfs: failed to set xattr on upper
[  422.322595][T16577] overlayfs: ...falling back to redirect_dir=nofollow.
[  422.324874][T16577] overlayfs: ...falling back to index=off.
[  422.330324][T16577] overlayfs: ...falling back to uuid=null.
[  422.332265][T16577] overlayfs: ...falling back to xino=off.
[  422.334003][T16577] overlayfs: maximum fs stacking depth exceeded
[  422.551760][T16591] netlink: 20 bytes leftover after parsing attributes in process `syz.9.4012'.
[  422.611632][T16595] netlink: 20 bytes leftover after parsing attributes in process `syz.9.4014'.
[  422.670212][T16600] @: renamed from vlan0 (while UP)
[  423.035921][T16629] netlink: 8 bytes leftover after parsing attributes in process `syz.2.4030'.
[  423.123815][T16644] netlink: 24 bytes leftover after parsing attributes in process `syz.9.4037'.
[  423.128583][T16644] bond0: invalid ARP target 0.0.0.0 specified for addition
[  423.130875][T16644] bond0: option arp_ip_target: invalid value (0)
[  423.197016][T16650] netlink: 4268 bytes leftover after parsing attributes in process `syz.8.4040'.
[  423.201063][T16650] netlink: 4268 bytes leftover after parsing attributes in process `syz.8.4040'.
[  423.725204][   T10] usb 10-1: new high-speed USB device number 20 using dummy_hcd
[  423.880062][   T10] usb 10-1: config 0 has an invalid interface number: 122 but max is 0
[  423.884498][   T10] usb 10-1: config 0 has no interface number 0
[  423.890244][   T10] usb 10-1: config 0 interface 122 has no altsetting 0
[  423.902569][   T10] usb 10-1: New USB device found, idVendor=13d3, idProduct=3219, bcdDevice=7a.67
[  423.916976][   T10] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  423.920278][   T10] usb 10-1: Product: syz
[  423.923471][   T10] usb 10-1: Manufacturer: syz
[  423.936165][   T10] usb 10-1: SerialNumber: syz
[  423.958894][   T10] usb 10-1: config 0 descriptor??
[  424.174656][   T10] dvb_usb_m920x 10-1:0.122: probe with driver dvb_usb_m920x failed with error -71
[  424.182286][   T10] usb 10-1: USB disconnect, device number 20
[  424.541504][ T5822] Bluetooth: hci0: ACL packet for unknown connection handle 200
[  424.802737][T16687] netlink: 24 bytes leftover after parsing attributes in process `syz.9.4054'.
[  425.076712][   T10] usb 10-1: new high-speed USB device number 21 using dummy_hcd
[  425.147166][T16705] 8021q: adding VLAN 0 to HW filter on device bond1
[  425.225098][   T10] usb 10-1: Using ep0 maxpacket: 8
[  425.229222][   T10] usb 10-1: config 0 interface 0 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  425.233263][   T10] usb 10-1: config 0 interface 0 has no altsetting 0
[  425.237556][   T10] usb 10-1: New USB device found, idVendor=1532, idProduct=010d, bcdDevice= 0.00
[  425.240429][   T10] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  425.252610][   T10] usb 10-1: config 0 descriptor??
[  425.877405][   T10] razer 0003:1532:010D.001B: failed to enable macro keys: -71
[  425.885256][   T10] razer 0003:1532:010D.001B: hidraw0: USB HID v0.00 Device [HID 1532:010d] on usb-dummy_hcd.9-1/input0
[  425.896851][   T10] usb 10-1: USB disconnect, device number 21
[  426.624339][T16744] loop9: detected capacity change from 0 to 1024
[  426.647862][T16744] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  426.655207][T16744] ext4 filesystem being mounted at /673/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  426.665964][T16744] EXT4-fs (loop9): Online resizing not supported with bigalloc
[  426.775216][T11194] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  426.968493][T16756] __nla_validate_parse: 1 callbacks suppressed
[  426.968511][T16756] netlink: 36 bytes leftover after parsing attributes in process `syz.8.4084'.
[  427.780434][T16780] ip6gretap0: entered promiscuous mode
[  427.784416][T16780] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4094'.
[  427.817156][ T3147] usb 10-1: new high-speed USB device number 22 using dummy_hcd
[  427.965285][ T3147] usb 10-1: Using ep0 maxpacket: 16
[  427.970300][ T3147] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  427.974292][ T3147] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  427.997244][ T3147] usb 10-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  428.001411][ T3147] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  428.003741][ T3147] usb 10-1: Product: syz
[  428.005513][ T3147] usb 10-1: Manufacturer: syz
[  428.007455][ T3147] usb 10-1: SerialNumber: syz
[  428.011507][ T3147] usb 10-1: config 0 descriptor??
[  428.022226][ T3147] em28xx 10-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  428.025485][ T3147] em28xx 10-1:0.0: Audio interface 0 found (Vendor Class)
[  428.333590][T16792] loop2: detected capacity change from 0 to 32768
[  428.336667][T16792] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4100 (16792)
[  428.342247][T16792] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  428.345560][T16792] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  428.374451][T16792] BTRFS info (device loop2): enabling ssd optimizations
[  428.377206][T16792] BTRFS info (device loop2): turning on async discard
[  428.379906][T16792] BTRFS info (device loop2): enabling free space tree
[  428.381818][T16792] BTRFS info (device loop2): use lzo compression, level 1
[  428.463298][T14345] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  428.631233][ T3147] em28xx 10-1:0.0: chip ID is em2870
[  428.856242][ T3147] usb 10-1: USB disconnect, device number 22
[  428.859904][ T3147] em28xx 10-1:0.0: Disconnecting em28xx
[  428.877989][ T3147] em28xx 10-1:0.0: Freeing device
[  429.369174][T16846] loop2: detected capacity change from 0 to 32768
[  429.380323][T16846] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  429.410040][T16846] XFS (loop2): Ending clean mount
[  429.423511][T16846] XFS (loop2): Quotacheck needed: Please wait.
[  429.483313][T16846] XFS (loop2): Quotacheck: Done.
[  429.948377][T16846] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  430.094609][T16881] netlink: 48 bytes leftover after parsing attributes in process `syz.8.4130'.
[  430.098421][T16881] netlink: 48 bytes leftover after parsing attributes in process `syz.8.4130'.
[  430.109062][T16883] netem: change failed
[  430.795174][ T3147] usb 10-1: new high-speed USB device number 23 using dummy_hcd
[  430.948731][ T3147] usb 10-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  430.952163][ T3147] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  430.956630][ T3147] usb 10-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  430.959874][ T3147] usb 10-1: config 1 has no interface number 1
[  430.962184][ T3147] usb 10-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  430.970822][ T3147] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  430.977446][ T3147] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  431.053438][ T3147] usb 10-1: Product: syz
[  431.055828][ T3147] usb 10-1: Manufacturer: syz
[  431.057645][ T3147] usb 10-1: SerialNumber: syz
[  431.284593][ T3147] usb 10-1: Quirk or no altset; falling back to MIDI 1.0
[  431.293886][ T3147] usb 10-1: MIDIStreaming interface descriptor not found
[  431.335378][ T3147] usb 10-1: USB disconnect, device number 23
[  431.882410][T16940] loop2: detected capacity change from 0 to 256
[  431.884739][T16940] exfat: Deprecated parameter 'utf8'
[  431.890683][T16940] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  431.936122][T16942] devpts: Bad value for 'max'
[  431.968636][T16944] syzkaller1: entered promiscuous mode
[  431.970396][T16944] syzkaller1: entered allmulticast mode
[  432.345100][   T33] usb 10-1: new high-speed USB device number 24 using dummy_hcd
[  432.526734][   T33] usb 10-1: Using ep0 maxpacket: 16
[  432.561052][   T33] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  432.565610][   T33] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[  432.571378][   T33] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  432.574845][   T33] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  432.577933][   T33] usb 10-1: Product: syz
[  432.579512][   T33] usb 10-1: Manufacturer: syz
[  432.581229][   T33] usb 10-1: SerialNumber: syz
[  432.586088][T16964] netlink: 12 bytes leftover after parsing attributes in process `syz.8.4167'.
[  432.589484][T16964] netlink: 440 bytes leftover after parsing attributes in process `syz.8.4167'.
[  432.990303][T16982] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  432.999940][   T33] usb 10-1: cannot find UAC_HEADER
[  433.016816][   T33] snd-usb-audio 10-1:1.0: probe with driver snd-usb-audio failed with error -22
[  433.182605][T16996] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4183'.
[  433.221508][ T3147] usb 10-1: USB disconnect, device number 24
[  433.462449][T17008] netlink: 'syz.2.4188': attribute type 30 has an invalid length.
[  433.475228][T17008] bond2: option arp_missed_max: mode dependency failed, not supported in mode balance-alb(6)
[  433.482771][T17008] bond2 (unregistering): Released all slaves
[  434.165167][ T3147] usb 10-1: new high-speed USB device number 25 using dummy_hcd
[  434.215632][ T5822] Bluetooth: hci1: command tx timeout
[  434.315248][ T3147] usb 10-1: Using ep0 maxpacket: 16
[  434.322739][ T3147] usb 10-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 7.00
[  434.326280][ T3147] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  434.329229][ T3147] usb 10-1: Product: syz
[  434.330941][ T3147] usb 10-1: Manufacturer: syz
[  434.332719][ T3147] usb 10-1: SerialNumber: syz
[  434.337000][ T3147] usb 10-1: config 0 descriptor??
[  434.341524][ T3147] ftdi_sio 10-1:0.0: FTDI USB Serial Device converter detected
[  434.346773][ T3147] usb 10-1: Detected FT2232H
[  434.763715][ T3147] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  434.777920][ T3147] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  434.784210][ T3147] usb 10-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  434.788204][T17041] netlink: 'syz.2.4203': attribute type 10 has an invalid length.
[  434.792726][T17041] bridge0: port 2(bridge_slave_1) entered disabled state
[  434.793218][ T3147] usb 10-1: USB disconnect, device number 25
[  434.795986][T17041] bridge_slave_1: left allmulticast mode
[  434.799680][T17041] bridge_slave_1: left promiscuous mode
[  434.802082][T17041] bridge0: port 2(bridge_slave_1) entered disabled state
[  434.802269][ T3147] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  434.810342][ T3147] ftdi_sio 10-1:0.0: device disconnected
[  434.812846][T17041] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  435.185164][   T24] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  435.342156][   T24] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  435.348714][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  435.352587][   T24] usb 3-1: Product: syz
[  435.354206][   T24] usb 3-1: Manufacturer: syz
[  435.356085][   T24] usb 3-1: SerialNumber: syz
[  435.568751][   T24] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO
[  435.573167][   T24] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): lan78xx_setup_irq_domain() failed : -71
[  435.577839][   T24] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  435.582900][   T24] lan78xx 3-1:1.0: probe with driver lan78xx failed with error -71
[  435.594842][   T24] usb 3-1: USB disconnect, device number 16
[  435.798148][T17103] netlink: 'syz.8.4232': attribute type 1 has an invalid length.
[  435.821556][T17103] bond3: entered promiscuous mode
[  435.823511][T17103] bond3: entered allmulticast mode
[  435.834773][T17103] bond3: (slave dummy0): making interface the new active one
[  435.837909][T17103] dummy0: entered promiscuous mode
[  435.839968][T17103] dummy0: entered allmulticast mode
[  435.843011][T17103] bond3: (slave dummy0): Enslaving as an active interface with an up link
[  436.290191][T17125] netlink: 212368 bytes leftover after parsing attributes in process `syz.9.4242'.
[  436.425457][   T33] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  436.578030][   T33] usb 3-1: unable to get BOS descriptor or descriptor too short
[  436.582296][   T33] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  436.585803][   T24] usb 10-1: new full-speed USB device number 26 using dummy_hcd
[  436.588762][   T33] usb 3-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  436.593870][   T33] usb 3-1: config 1 interface 0 has no altsetting 1
[  436.600184][   T33] usb 3-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[  436.603575][   T33] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  436.606698][   T33] usb 3-1: Product: syz
[  436.608327][   T33] usb 3-1: Manufacturer: syz
[  436.610078][   T33] usb 3-1: SerialNumber: syz
[  436.617307][   T33] smsusb:smsusb_probe: board id=8, interface number 0
[  436.767628][   T24] usb 10-1: config 0 has an invalid interface number: 200 but max is 0
[  436.770914][   T24] usb 10-1: config 0 has no interface number 0
[  436.773325][   T24] usb 10-1: config 0 interface 200 altsetting 2 endpoint 0x4 has invalid wMaxPacketSize 0
[  436.777018][   T24] usb 10-1: config 0 interface 200 has no altsetting 0
[  436.782215][   T24] usb 10-1: New USB device found, idVendor=0b57, idProduct=852a, bcdDevice=6d.39
[  436.785695][   T24] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  436.788788][   T24] usb 10-1: Product: syz
[  436.790505][   T24] usb 10-1: Manufacturer: syz
[  436.792366][   T24] usb 10-1: SerialNumber: syz
[  436.797828][   T24] usb 10-1: config 0 descriptor??
[  436.824931][   T33] smsusb:smsusb_probe: Device initialized with return code -19
[  436.957086][T17136] x_tables: ip6_tables: mh match: only valid for protocol 135
[  437.011266][   T24] input: Hanwang Art Master III 1308 as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:0.200/input/input24
[  437.019376][   T24] usb 10-1: USB disconnect, device number 26
[  437.042925][ T3147] usb 3-1: USB disconnect, device number 17
[  437.691333][T17145] loop9: detected capacity change from 0 to 32768
[  437.711042][T17145] overlayfs: upper fs needs to support d_type.
[  437.713732][T17145] overlayfs: upper fs does not support tmpfile.
[  437.720667][T17145] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  437.729518][T17145] ERROR: (device loop9): dbAlloc: the hint is outside the map
[  437.729518][T17145] 
[  437.736561][T17145] ERROR: (device loop9): remounting filesystem as read-only
[  437.738814][T17145] overlayfs: failed to set uuid (/file0, err=-5); falling back to uuid=null.
[  438.002876][T17157] loop9: detected capacity change from 0 to 32768
[  438.292166][T17178] loop9: detected capacity change from 0 to 512
[  438.309897][T17178] FAT-fs (loop9): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[  438.316539][T17180] loop2: detected capacity change from 0 to 16
[  438.318772][T17180] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  438.448654][T17185] netlink: 'syz.2.4269': attribute type 1 has an invalid length.
[  438.527892][T17190] loop9: detected capacity change from 0 to 512
[  438.530480][T17190] FAT-fs (loop9): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  438.666470][T17194] openvswitch: netlink: IP tunnel dst address not specified
[  439.341280][ T6348] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  439.349124][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  439.359644][ T3147] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  440.006490][T17211] netlink: 16 bytes leftover after parsing attributes in process `syz.8.4281'.
[  440.009855][T17211] netlink: 32 bytes leftover after parsing attributes in process `syz.8.4281'.
[  440.013335][T17211] netlink: 288 bytes leftover after parsing attributes in process `syz.8.4281'.
[  440.020804][T17211] netlink: 32 bytes leftover after parsing attributes in process `syz.8.4281'.
[  440.057322][ T4208] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  440.061667][ T6348] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  440.065290][ T1362] ieee802154 phy1 wpan1: encryption failed: -22
[  440.130147][T17209] loop2: detected capacity change from 0 to 40427
[  440.133142][T17209] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  440.135701][T17209] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  440.140786][T17209] F2FS-fs (loop2): invalid crc value
[  440.148261][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  440.154969][   T33] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  440.263564][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  440.268013][   T33] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  440.271400][T17209] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  440.286303][T17209] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  440.289087][T17209] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  440.398995][T17224] trusted_key: encrypted_key: master key parameter is missing
[  440.649832][T17228] loop9: detected capacity change from 0 to 512
[  440.659802][T17228] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  440.664043][T17228] ext4 filesystem being mounted at /710/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  440.673891][T17228] EXT4-fs error (device loop9): ext4_do_update_inode:5632: inode #2: comm syz.9.4287: corrupted inode contents
[  440.686557][T17228] EXT4-fs error (device loop9): ext4_dirty_inode:6517: inode #2: comm syz.9.4287: mark_inode_dirty error
[  440.691541][T17228] EXT4-fs error (device loop9): ext4_do_update_inode:5632: inode #2: comm syz.9.4287: corrupted inode contents
[  440.697228][T17228] EXT4-fs error (device loop9): __ext4_ext_dirty:206: inode #2: comm syz.9.4287: mark_inode_dirty error
[  440.722550][T11194] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  441.027837][T17234] loop9: detected capacity change from 0 to 32768
[  441.041620][T17234] ocfs2: Mounting device (7,9) on (node local, slot 0) with ordered data mode.
[  441.054698][ T5848] (kworker/u8:3,5848,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: directory entry overrun - offset=0, inode=72, rec_len=65296, name_len=7
[  441.063540][T17234] (syz.9.4288,17234,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: directory entry overrun - offset=0, inode=72, rec_len=65296, name_len=7
[  441.070582][T17234] (syz.9.4288,17234,0):ocfs2_prepare_dir_for_insert:4302 ERROR: status = -2
[  441.073774][T17234] (syz.9.4288,17234,0):__ocfs2_prepare_orphan_dir:2183 ERROR: status = -2
[  441.078246][T17234] (syz.9.4288,17234,0):ocfs2_prepare_orphan_dir:2227 ERROR: status = -2
[  441.081233][T17234] (syz.9.4288,17234,0):ocfs2_prepare_orphan_dir:2243 ERROR: status = -2
[  441.084516][T17234] (syz.9.4288,17234,0):ocfs2_rename:1467 ERROR: status = -2
[  441.091739][T17234] (syz.9.4288,17234,0):ocfs2_rename:1702 ERROR: status = -2
[  441.130972][T11194] ocfs2: Unmounting device (7,9) on (node local)
[  441.803120][T17258] loop9: detected capacity change from 0 to 32768
[  441.829346][T17258] XFS (loop9): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  441.900334][T17258] XFS (loop9): Ending clean mount
[  441.926897][T11194] XFS (loop9): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  442.525392][   T24] usb 10-1: new high-speed USB device number 27 using dummy_hcd
[  442.675145][   T24] usb 10-1: Using ep0 maxpacket: 8
[  442.687510][   T24] usb 10-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77
[  442.695345][   T24] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=239
[  442.698485][   T24] usb 10-1: Product: syz
[  442.700168][   T24] usb 10-1: Manufacturer: syz
[  442.701996][   T24] usb 10-1: SerialNumber: syz
[  442.707415][   T24] usb 10-1: config 0 descriptor??
[  442.712476][   T24] gspca_main: sq905-2.14.0 probing 2770:9120
[  442.794885][T17286] loop2: detected capacity change from 0 to 32768
[  442.815667][T17286] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  442.832711][T17286] XFS (loop2): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x50.
[  442.843608][T17286] XFS (loop2): Starting recovery (logdev: internal)
[  442.863277][T17286] XFS (loop2): Ending recovery (logdev: internal)
[  442.889243][T14345] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  443.273306][T17302] bridge0: port 1(bridge_slave_0) entered disabled state
[  443.330626][   T24] gspca_sq905: sq905_command: usb_control_msg failed (-71)
[  443.333361][   T24] sq905 10-1:0.0: probe with driver sq905 failed with error -71
[  443.341290][   T24] usb 10-1: USB disconnect, device number 27
[  443.608854][T17308] loop2: detected capacity change from 0 to 32768
[  443.614664][T17308] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  443.626360][T17308] XFS (loop2): Ending clean mount
[  443.630848][T17308] XFS (loop2): Quotacheck needed: Please wait.
[  443.662922][T17308] XFS (loop2): Quotacheck: Done.
[  443.684145][T14345] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  443.874773][T17321] x_tables: ip_tables: ah match: only valid for protocol 51
[  443.952983][T17330] loop9: detected capacity change from 0 to 256
[  443.961110][T17330] vfat: Bad value for 'nonumtail'
[  444.021688][T17334] netlink: 'syz.2.4317': attribute type 10 has an invalid length.
[  444.024688][T17334] netlink: 40 bytes leftover after parsing attributes in process `syz.2.4317'.
[  444.255963][   T24] usb 10-1: new full-speed USB device number 28 using dummy_hcd
[  444.374597][T17346] loop2: detected capacity change from 0 to 32768
[  444.378698][T17346] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4323 (17346)
[  444.384950][T17346] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  444.389356][T17346] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  444.422246][T17346] BTRFS info (device loop2): enabling ssd optimizations
[  444.426793][T17346] BTRFS info (device loop2): turning on async discard
[  444.429745][T17346] BTRFS info (device loop2): enabling free space tree
[  444.448238][   T24] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  444.452242][   T24] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  444.456790][   T24] usb 10-1: New USB device found, idVendor=172f, idProduct=0500, bcdDevice= 0.00
[  444.459481][   T24] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  444.463336][   T24] usb 10-1: config 0 descriptor??
[  444.521359][T14345] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  444.552355][   T33] net_ratelimit: 6 callbacks suppressed
[  444.552367][   T33] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  444.692785][T17369] loop2: detected capacity change from 0 to 4096
[  444.696098][T17369] EXT4-fs (loop2): Test dummy encryption mode enabled
[  444.699937][T17369] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  444.702639][T17369] System zones: 0-5
[  444.706058][T17369] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  444.744262][T14345] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  444.864742][T17377] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  444.868714][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  444.876175][   T24] waltop 0003:172F:0500.001C: hidraw0: USB HID v0.00 Device [HID 172f:0500] on usb-dummy_hcd.9-1/input0
[  445.080044][   T10] usb 10-1: USB disconnect, device number 28
[  445.148332][T17394] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4337'.
[  445.151655][T17394] netlink: 24 bytes leftover after parsing attributes in process `syz.8.4337'.
[  445.178799][ T6360] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  445.183360][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  445.187361][ T3147] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  445.579140][T17414] IPv6: NLM_F_CREATE should be specified when creating new route
[  445.580072][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  445.582180][T17414] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  445.587901][T17414] IPv6: NLM_F_CREATE should be set when creating new route
[  445.590645][T17414] IPv6: NLM_F_CREATE should be set when creating new route
[  445.593305][T17414] IPv6: NLM_F_CREATE should be set when creating new route
[  445.602374][T17414] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  445.869577][T17427] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4352'.
[  446.016489][T17435] netlink: 'syz.9.4356': attribute type 1 has an invalid length.
[  446.019546][T17435] netlink: 'syz.9.4356': attribute type 2 has an invalid length.
[  446.059320][T17437] netlink: 165 bytes leftover after parsing attributes in process `syz.9.4357'.
[  446.062503][T17437] netlink: 277 bytes leftover after parsing attributes in process `syz.9.4357'.
[  446.151791][T17443] loop9: detected capacity change from 0 to 512
[  446.154599][T17443] EXT4-fs: inline encryption not supported
[  446.158501][T17443] EXT4-fs warning (device loop9): read_mmp_block:115: Error -117 while reading MMP block 17
[  446.194906][T17445] xt_TCPMSS: path-MTU clamping only supported in FORWARD, OUTPUT and POSTROUTING hooks
[  446.376051][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  446.792969][ T9120] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  447.462582][T17496] loop9: detected capacity change from 0 to 164
[  447.482764][T17496] ISOFS: unable to read i-node block
[  447.637783][T17506] netlink: 'syz.8.4390': attribute type 10 has an invalid length.
[  447.640661][T17506] netlink: 40 bytes leftover after parsing attributes in process `syz.8.4390'.
[  447.644538][T17506] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[  447.647478][T17506] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  447.658138][T17506] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[  447.801152][T17502] loop9: detected capacity change from 0 to 32768
[  447.805541][T17502] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.4388 (17502)
[  447.813081][T17502] BTRFS info (device loop9): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  447.817340][T17502] BTRFS info (device loop9): using crc32c (crc32c-lib) checksum algorithm
[  447.820657][T17502] BTRFS warning (device loop9): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  447.862515][T17502] BTRFS info (device loop9): rebuilding free space tree
[  447.874103][T17502] BTRFS info (device loop9): disabling free space tree
[  447.877023][T17502] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  447.880559][T17502] BTRFS info (device loop9): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  447.889571][T17502] BTRFS info (device loop9): enabling ssd optimizations
[  447.892125][T17502] BTRFS info (device loop9): turning off barriers
[  447.894452][T17502] BTRFS info (device loop9): turning on flush-on-commit
[  447.898909][T17502] BTRFS info (device loop9): enabling disk space caching
[  447.901486][T17502] BTRFS info (device loop9): force clearing of disk cache
[  447.904956][T17502] BTRFS info (device loop9): use zlib compression, level 3
[  447.950954][T11194] BTRFS info (device loop9): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  448.314217][T17530] loop2: detected capacity change from 0 to 32768
[  448.319098][T17530] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4394 (17530)
[  448.324479][T17530] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  448.328519][T17530] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  448.381484][T17530] BTRFS info (device loop2): enabling ssd optimizations
[  448.383554][T17530] BTRFS info (device loop2): turning on async discard
[  448.386591][T17530] BTRFS info (device loop2): enabling free space tree
[  448.573743][T17555] loop9: detected capacity change from 0 to 128
[  448.588667][T17555] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535)
[  448.763423][T17555] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[  448.807975][T11194] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  448.938592][T17569] netlink: 28 bytes leftover after parsing attributes in process `syz.9.4404'.
[  448.941271][T17569] netlink: 'syz.9.4404': attribute type 7 has an invalid length.
[  448.943699][T17569] netlink: 'syz.9.4404': attribute type 8 has an invalid length.
[  448.947782][T17569] netlink: 4 bytes leftover after parsing attributes in process `syz.9.4404'.
[  449.093285][T14345] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  449.298321][T17578] loop9: detected capacity change from 0 to 1024
[  449.309318][T17580] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  449.519763][T17589] loop9: detected capacity change from 0 to 4096
[  449.530481][T17593] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  449.656486][  T127] block nbd0: Possible stuck request ffff888108ac0000: control (read@0,1024B). Runtime 240 seconds
[  449.659618][  T127] block nbd0: Possible stuck request ffff888108ac0200: control (read@1024,1024B). Runtime 240 seconds
[  449.663635][  T127] block nbd0: Possible stuck request ffff888108ac0400: control (read@2048,1024B). Runtime 240 seconds
[  449.689089][  T127] block nbd0: Possible stuck request ffff888108ac0600: control (read@3072,1024B). Runtime 240 seconds
[  449.776569][T17610] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4422'.
[  449.779896][T17610] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4422'.
[  450.081788][   T33] net_ratelimit: 3 callbacks suppressed
[  450.081801][   T33] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  450.368565][ T3147] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  450.548635][ T3147] usb 3-1: New USB device found, idVendor=2304, idProduct=023e, bcdDevice=d7.69
[  450.551316][ T3147] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  450.553700][ T3147] usb 3-1: Product: syz
[  450.554937][ T3147] usb 3-1: Manufacturer: syz
[  450.556431][ T3147] usb 3-1: SerialNumber: syz
[  450.559324][ T3147] usb 3-1: config 0 descriptor??
[  450.561941][ T3147] hub 3-1:0.0: bad descriptor, ignoring hub
[  450.563760][ T3147] hub 3-1:0.0: probe with driver hub failed with error -5
[  450.768271][ T3147] dvb-usb: found a 'Pinnacle PCTV Hybrid Stick Solo' in warm state.
[  450.772827][ T3147] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  450.777031][ T3147] dvbdev: DVB: registering new adapter (Pinnacle PCTV Hybrid Stick Solo)
[  450.781797][ T3147] usb 3-1: media controller created
[  450.793032][ T3147] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  450.814518][T17626] loop9: detected capacity change from 0 to 40427
[  450.819510][ T3147] DVB: Unable to find symbol dib7000p_attach()
[  450.820012][T17626] F2FS-fs (loop9): invalid crc value
[  450.821530][ T3147] dvb-usb: no frontend was attached by 'Pinnacle PCTV Hybrid Stick Solo'
[  450.867250][ T3147] rc_core: IR keymap rc-dib0700-rc5 not found
[  450.869421][ T3147] Registered IR keymap rc-empty
[  450.870948][ T3147] dvb-usb: could not initialize remote control.
[  450.873663][ T3147] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully initialized and connected.
[  450.876583][T17626] F2FS-fs (loop9): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  450.880878][T17626] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  450.914610][T11194] syz-executor: attempt to access beyond end of device
[  450.914610][T11194] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  450.920070][T11194] CPU: 1 UID: 0 PID: 11194 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  450.920120][T11194] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  450.920129][T11194] Call Trace:
[  450.920137][T11194]  <TASK>
[  450.920143][T11194]  dump_stack_lvl+0x189/0x250
[  450.920169][T11194]  ? __pfx_dump_stack_lvl+0x10/0x10
[  450.920193][T11194]  ? __pfx_queue_work_on+0x10/0x10
[  450.920210][T11194]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  450.920226][T11194]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  450.920249][T11194]  f2fs_handle_critical_error+0x37c/0x540
[  450.920272][T11194]  f2fs_write_end_io+0x886/0xb60
[  450.920310][T11194]  __submit_merged_bio+0x27a/0x6a0
[  450.920333][T11194]  __submit_merged_write_cond+0x255/0x530
[  450.920350][T11194]  f2fs_write_data_pages+0x261d/0x3000
[  450.920401][T11194]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  450.920444][T11194]  ? stack_trace_save+0x9c/0xe0
[  450.920455][T11194]  ? __pfx_stack_trace_save+0x10/0x10
[  450.920472][T11194]  ? kasan_save_stack+0x4d/0x60
[  450.920484][T11194]  ? kasan_save_stack+0x3e/0x60
[  450.920494][T11194]  ? kasan_record_aux_stack+0xbd/0xd0
[  450.920510][T11194]  ? __lock_acquire+0xab9/0xd20
[  450.920527][T11194]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  450.920538][T11194]  do_writepages+0x32e/0x550
[  450.920555][T11194]  ? do_raw_spin_unlock+0x4d/0x240
[  450.920568][T11194]  filemap_fdatawrite+0x199/0x240
[  450.920579][T11194]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  450.920613][T11194]  ? do_raw_spin_unlock+0x4d/0x240
[  450.920626][T11194]  f2fs_sync_dirty_inodes+0x31f/0x830
[  450.920661][T11194]  f2fs_write_checkpoint+0x93e/0x2440
[  450.920673][T11194]  ? __lock_acquire+0xab9/0xd20
[  450.920695][T11194]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  450.920735][T11194]  kill_f2fs_super+0x2cc/0x6d0
[  450.920750][T11194]  ? __pfx_kill_f2fs_super+0x10/0x10
[  450.920770][T11194]  ? shrinker_free+0x2ce/0x3e0
[  450.920782][T11194]  deactivate_locked_super+0xbc/0x130
[  450.920793][T11194]  cleanup_mnt+0x425/0x4c0
[  450.920807][T11194]  ? lockdep_hardirqs_on+0x9c/0x150
[  450.920818][T11194]  task_work_run+0x1d4/0x260
[  450.920833][T11194]  ? __pfx_task_work_run+0x10/0x10
[  450.920842][T11194]  ? __x64_sys_umount+0x122/0x160
[  450.920854][T11194]  ? exit_to_user_mode_loop+0x40/0x130
[  450.920864][T11194]  exit_to_user_mode_loop+0xe9/0x130
[  450.920872][T11194]  do_syscall_64+0x2bd/0xfa0
[  450.920882][T11194]  ? lockdep_hardirqs_on+0x9c/0x150
[  450.920890][T11194]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  450.920898][T11194]  ? exc_page_fault+0xab/0x100
[  450.920908][T11194]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  450.920916][T11194] RIP: 0033:0x7f9d67b902f7
[  450.920924][T11194] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  450.920933][T11194] RSP: 002b:00007ffc11d77ff8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  450.920943][T11194] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f9d67b902f7
[  450.920948][T11194] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc11d780b0
[  450.920953][T11194] RBP: 00007ffc11d780b0 R08: 0000000000000000 R09: 0000000000000000
[  450.920958][T11194] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc11d79140
[  450.920963][T11194] R13: 00007f9d67c11d7d R14: 000000000006e0f9 R15: 00007ffc11d79180
[  450.920979][T11194]  </TASK>
[  450.921727][T11194] F2FS-fs (loop9): Stopped filesystem due to reason: 3
[  450.989746][ T3147] usb 3-1: USB disconnect, device number 18
[  451.056572][ T3147] dvb-usb: Pinnacle PCTV Hybrid Stick Solo successfully deinitialized and disconnected.
[  451.077222][T17634] __nla_validate_parse: 1 callbacks suppressed
[  451.077232][T17634] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4431'.
[  451.100441][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  451.160815][T17638] netlink: 8 bytes leftover after parsing attributes in process `syz.8.4433'.
[  451.271751][T17647] loop9: detected capacity change from 0 to 8
[  451.279426][T17647] SQUASHFS error: lzo decompression failed, data probably corrupt
[  451.282580][T17647] SQUASHFS error: Failed to read block 0x62b: -5
[  451.284714][T17647] SQUASHFS error: Unable to read metadata cache entry [629]
[  451.287404][T17647] SQUASHFS error: Unable to read inode 0x11f
[  451.318995][T17649] netlink: 'syz.9.4437': attribute type 6 has an invalid length.
[  451.376849][T17653] netlink: 7064 bytes leftover after parsing attributes in process `syz.9.4439'.
[  451.380428][T17653] openvswitch: netlink: Missing key (keys=40, expected=200000)
[  451.629607][T17658] netlink: 'syz.2.4441': attribute type 2 has an invalid length.
[  451.639965][T17655] loop9: detected capacity change from 0 to 32768
[  451.685154][T17655] JBD2: Ignoring recovery information on journal
[  451.801205][T17655] ocfs2: Mounting device (7,9) on (node local, slot 0) with ordered data mode.
[  451.951413][T11194] ocfs2: Unmounting device (7,9) on (node local)
[  452.146691][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  452.458037][ T3147] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  452.657800][T17676] loop9: detected capacity change from 0 to 8192
[  452.699416][T17676]  loop9: p1 < > p2 < > p3 p4 < >
[  452.701303][T17676] loop9: partition table partially beyond EOD, truncated
[  452.703646][T17676] loop9: p1 start 67108864 is beyond EOD, truncated
[  452.705748][T17676] loop9: p2 start 4278190080 is beyond EOD, truncated
[  452.707785][T17676] loop9: p3 start 100859904 is beyond EOD, truncated
[  453.178783][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  453.548123][T17707] loop9: detected capacity change from 0 to 32768
[  453.564581][T17707] ocfs2: Mounting device (7,9) on (node local, slot 0) with ordered data mode.
[  453.664673][T17707] 
[  453.665468][T17707] ======================================================
[  453.667524][T17707] WARNING: possible circular locking dependency detected
[  453.669730][T17707] syzkaller #0 Not tainted
[  453.671235][T17707] ------------------------------------------------------
[  453.674159][T17707] syz.9.4462/17707 is trying to acquire lock:
[  453.676424][T17707] ffff8881bf379840 (&ocfs2_sysfile_lock_key[ORPHAN_DIR_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_del_inode_from_orphan+0x134/0x740
[  453.680623][T17707] 
[  453.680623][T17707] but task is already holding lock:
[  453.682615][T17707] ffff88801f5da360 (&ocfs2_quota_ip_alloc_sem_key){++++}-{4:4}, at: ocfs2_dio_end_io+0x389/0x10f0
[  453.685513][T17707] 
[  453.685513][T17707] which lock already depends on the new lock.
[  453.685513][T17707] 
[  453.688491][T17707] 
[  453.688491][T17707] the existing dependency chain (in reverse order) is:
[  453.691411][T17707] 
[  453.691411][T17707] -> #3 (&ocfs2_quota_ip_alloc_sem_key){++++}-{4:4}:
[  453.694596][T17707]        lock_acquire+0x120/0x360
[  453.696193][T17707]        down_write+0x96/0x1f0
[  453.697903][T17707]        ocfs2_create_local_dquot+0x19d/0x1a40
[  453.699991][T17707]        ocfs2_acquire_dquot+0x80f/0xb30
[  453.701666][T17707]        dqget+0x7b1/0xf10
[  453.702951][T17707]        __dquot_initialize+0x3b3/0xcb0
[  453.704542][T17707]        ocfs2_get_init_inode+0x13b/0x1b0
[  453.706176][T17707]        ocfs2_mknod+0x863/0x2050
[  453.707604][T17707]        vfs_mknod+0x37f/0x3c0
[  453.709024][T17707]        do_mknodat+0x385/0x4d0
[  453.710438][T17707]        __x64_sys_mknodat+0xa7/0xc0
[  453.711972][T17707]        do_syscall_64+0xfa/0xfa0
[  453.713438][T17707]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  453.715276][T17707] 
[  453.715276][T17707] -> #2 (&dquot->dq_lock){+.+.}-{4:4}:
[  453.717914][T17707]        lock_acquire+0x120/0x360
[  453.719556][T17707]        __mutex_lock+0x187/0x1350
[  453.721270][T17707]        dqget+0x72a/0xf10
[  453.722903][T17707]        __dquot_initialize+0x3b3/0xcb0
[  453.724973][T17707]        ocfs2_get_init_inode+0x13b/0x1b0
[  453.727080][T17707]        ocfs2_mknod+0x863/0x2050
[  453.728771][T17707]        vfs_mknod+0x37f/0x3c0
[  453.730179][T17707]        do_mknodat+0x385/0x4d0
[  453.731619][T17707]        __x64_sys_mknodat+0xa7/0xc0
[  453.733582][T17707]        do_syscall_64+0xfa/0xfa0
[  453.735463][T17707]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  453.737833][T17707] 
[  453.737833][T17707] -> #1 (&ocfs2_sysfile_lock_key[INODE_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}:
[  453.741261][T17707]        lock_acquire+0x120/0x360
[  453.742735][T17707]        down_write+0x96/0x1f0
[  453.744282][T17707]        ocfs2_evict_inode+0x153d/0x4100
[  453.745918][T17707]        evict+0x504/0x9c0
[  453.747294][T17707]        ocfs2_dentry_iput+0x247/0x370
[  453.748897][T17707]        __dentry_kill+0x209/0x660
[  453.750369][T17707]        dput+0x19f/0x2b0
[  453.751622][T17707]        ovl_get_workdir+0xac3/0x17b0
[  453.753199][T17707]        ovl_fill_super+0x154a/0x3da0
[  453.754758][T17707]        get_tree_nodev+0xbb/0x150
[  453.756257][T17707]        vfs_get_tree+0x92/0x2b0
[  453.757696][T17707]        do_new_mount+0x302/0xa10
[  453.759155][T17707]        __se_sys_mount+0x313/0x410
[  453.760676][T17707]        do_syscall_64+0xfa/0xfa0
[  453.762141][T17707]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  453.764062][T17707] 
[  453.764062][T17707] -> #0 (&ocfs2_sysfile_lock_key[ORPHAN_DIR_SYSTEM_INODE]){+.+.}-{4:4}:
[  453.767352][T17707]        validate_chain+0xb9b/0x2140
[  453.769166][T17707]        __lock_acquire+0xab9/0xd20
[  453.770537][T17707]        lock_acquire+0x120/0x360
[  453.772040][T17707]        down_write+0x96/0x1f0
[  453.773445][T17707]        ocfs2_del_inode_from_orphan+0x134/0x740
[  453.775296][T17707]        ocfs2_dio_end_io+0x479/0x10f0
[  453.776890][T17707]        dio_complete+0x25b/0x790
[  453.778352][T17707]        __blockdev_direct_IO+0x2e63/0x3490
[  453.780061][T17707]        ocfs2_direct_IO+0x25f/0x2d0
[  453.781581][T17707]        generic_file_direct_write+0x1db/0x3e0
[  453.783424][T17707]        __generic_file_write_iter+0x11d/0x230
[  453.785295][T17707]        ocfs2_file_write_iter+0x157a/0x1d10
[  453.787015][T17707]        iter_file_splice_write+0x975/0x10e0
[  453.788810][T17707]        direct_splice_actor+0x101/0x160
[  453.790484][T17707]        splice_direct_to_actor+0x5a8/0xcc0
[  453.792407][T17707]        do_splice_direct+0x181/0x270
[  453.794086][T17707]        do_sendfile+0x4da/0x7e0
[  453.795543][T17707]        __se_sys_sendfile64+0x13e/0x190
[  453.797370][T17707]        do_syscall_64+0xfa/0xfa0
[  453.798971][T17707]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  453.800820][T17707] 
[  453.800820][T17707] other info that might help us debug this:
[  453.800820][T17707] 
[  453.803788][T17707] Chain exists of:
[  453.803788][T17707]   &ocfs2_sysfile_lock_key[ORPHAN_DIR_SYSTEM_INODE] --> &dquot->dq_lock --> &ocfs2_quota_ip_alloc_sem_key
[  453.803788][T17707] 
[  453.808816][T17707]  Possible unsafe locking scenario:
[  453.808816][T17707] 
[  453.810995][T17707]        CPU0                    CPU1
[  453.812827][T17707]        ----                    ----
[  453.814703][T17707]   lock(&ocfs2_quota_ip_alloc_sem_key);
[  453.816782][T17707]                                lock(&dquot->dq_lock);
[  453.819253][T17707]                                lock(&ocfs2_quota_ip_alloc_sem_key);
[  453.821755][T17707]   lock(&ocfs2_sysfile_lock_key[ORPHAN_DIR_SYSTEM_INODE]);
[  453.823920][T17707] 
[  453.823920][T17707]  *** DEADLOCK ***
[  453.823920][T17707] 
[  453.826534][T17707] 3 locks held by syz.9.4462/17707:
[  453.828515][T17707]  #0: ffff8881ba73a420 (sb_writers#12){.+.+}-{0:0}, at: direct_splice_actor+0x49/0x160
[  453.832317][T17707]  #1: ffff88801f5da6c0 (&sb->s_type->i_mutex_key#20){++++}-{4:4}, at: ocfs2_file_write_iter+0x429/0x1d10
[  453.836548][T17707]  #2: ffff88801f5da360 (&ocfs2_quota_ip_alloc_sem_key){++++}-{4:4}, at: ocfs2_dio_end_io+0x389/0x10f0
[  453.840640][T17707] 
[  453.840640][T17707] stack backtrace:
[  453.842904][T17707] CPU: 1 UID: 0 PID: 17707 Comm: syz.9.4462 Not tainted syzkaller #0 PREEMPT(full) 
[  453.842925][T17707] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  453.842936][T17707] Call Trace:
[  453.842944][T17707]  <TASK>
[  453.842953][T17707]  dump_stack_lvl+0x189/0x250
[  453.842978][T17707]  ? __pfx_dump_stack_lvl+0x10/0x10
[  453.842997][T17707]  ? __pfx__printk+0x10/0x10
[  453.843012][T17707]  ? print_lock_name+0xde/0x100
[  453.843027][T17707]  print_circular_bug+0x2ee/0x310
[  453.843046][T17707]  check_noncircular+0x134/0x160
[  453.843065][T17707]  validate_chain+0xb9b/0x2140
[  453.843081][T17707]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  453.843100][T17707]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  453.843118][T17707]  __lock_acquire+0xab9/0xd20
[  453.843132][T17707]  ? ocfs2_del_inode_from_orphan+0x134/0x740
[  453.843152][T17707]  lock_acquire+0x120/0x360
[  453.843165][T17707]  ? ocfs2_del_inode_from_orphan+0x134/0x740
[  453.843189][T17707]  ? do_raw_spin_unlock+0x4d/0x240
[  453.843208][T17707]  down_write+0x96/0x1f0
[  453.843227][T17707]  ? ocfs2_del_inode_from_orphan+0x134/0x740
[  453.843246][T17707]  ? __pfx_down_write+0x10/0x10
[  453.843265][T17707]  ocfs2_del_inode_from_orphan+0x134/0x740
[  453.843286][T17707]  ? ocfs2_dio_end_io+0x389/0x10f0
[  453.843306][T17707]  ? __pfx_ocfs2_del_inode_from_orphan+0x10/0x10
[  453.843328][T17707]  ? down_write+0x162/0x1f0
[  453.843343][T17707]  ? __pfx_down_write+0x10/0x10
[  453.843360][T17707]  ? ocfs2_direct_IO+0x25f/0x2d0
[  453.843378][T17707]  ? __generic_file_write_iter+0x11d/0x230
[  453.843393][T17707]  ? ocfs2_file_write_iter+0x157a/0x1d10
[  453.843410][T17707]  ? iter_file_splice_write+0x975/0x10e0
[  453.843430][T17707]  ocfs2_dio_end_io+0x479/0x10f0
[  453.843453][T17707]  ? __pfx_ocfs2_dio_end_io+0x10/0x10
[  453.843479][T17707]  ? __lock_acquire+0xab9/0xd20
[  453.843494][T17707]  ? do_raw_spin_lock+0x121/0x290
[  453.843514][T17707]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  453.843529][T17707]  ? lockdep_hardirqs_on+0x9c/0x150
[  453.843543][T17707]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  453.843557][T17707]  ? __pfx_ocfs2_dio_end_io+0x10/0x10
[  453.843577][T17707]  dio_complete+0x25b/0x790
[  453.843597][T17707]  __blockdev_direct_IO+0x2e63/0x3490
[  453.843626][T17707]  ? __pfx___blockdev_direct_IO+0x10/0x10
[  453.843643][T17707]  ? __pfx_invalidate_inode_pages2_range+0x10/0x10
[  453.843665][T17707]  ? __pfx_ocfs2_dio_wr_get_block+0x10/0x10
[  453.843686][T17707]  ? filemap_write_and_wait_range+0x18a/0x320
[  453.843707][T17707]  ? __pfx_filemap_write_and_wait_range+0x10/0x10
[  453.843736][T17707]  ? current_time+0x222/0x370
[  453.843765][T17707]  ? __pfx_ocfs2_dio_wr_get_block+0x10/0x10
[  453.843788][T17707]  ocfs2_direct_IO+0x25f/0x2d0
[  453.843811][T17707]  generic_file_direct_write+0x1db/0x3e0
[  453.843828][T17707]  ? file_update_time+0x2da/0x490
[  453.843852][T17707]  __generic_file_write_iter+0x11d/0x230
[  453.843896][T17707]  ? ocfs2_file_write_iter+0x1551/0x1d10
[  453.843917][T17707]  ocfs2_file_write_iter+0x157a/0x1d10
[  453.843936][T17707]  ? __kmalloc_noprof+0x41d/0x800
[  453.843955][T17707]  ? iter_file_splice_write+0x1c6/0x10e0
[  453.843971][T17707]  ? direct_splice_actor+0x101/0x160
[  453.843992][T17707]  ? __pfx_ocfs2_file_write_iter+0x10/0x10
[  453.844018][T17707]  ? splice_from_pipe_next+0x61d/0x670
[  453.844037][T17707]  ? __asan_memset+0x22/0x50
[  453.844057][T17707]  iter_file_splice_write+0x975/0x10e0
[  453.844082][T17707]  ? __pfx_iter_file_splice_write+0x10/0x10
[  453.844100][T17707]  ? rcu_read_lock_any_held+0xb3/0x120
[  453.844119][T17707]  ? direct_splice_actor+0x10c/0x160
[  453.844138][T17707]  ? __pfx_iter_file_splice_write+0x10/0x10
[  453.844154][T17707]  direct_splice_actor+0x101/0x160
[  453.844172][T17707]  splice_direct_to_actor+0x5a8/0xcc0
[  453.844197][T17707]  ? __pfx_direct_splice_actor+0x10/0x10
[  453.844215][T17707]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  453.844235][T17707]  do_splice_direct+0x181/0x270
[  453.844253][T17707]  ? __pfx_do_splice_direct+0x10/0x10
[  453.844271][T17707]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  453.844292][T17707]  ? rw_verify_area+0x255/0x4d0
[  453.844307][T17707]  do_sendfile+0x4da/0x7e0
[  453.844329][T17707]  ? __pfx_do_sendfile+0x10/0x10
[  453.844350][T17707]  ? __se_sys_futex+0x36f/0x400
[  453.844370][T17707]  __se_sys_sendfile64+0x13e/0x190
[  453.844390][T17707]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  453.844408][T17707]  ? do_syscall_64+0xbe/0xfa0
[  453.844426][T17707]  do_syscall_64+0xfa/0xfa0
[  453.844440][T17707]  ? lockdep_hardirqs_on+0x9c/0x150
[  453.844456][T17707]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  453.844473][T17707]  ? exc_page_fault+0xab/0x100
[  453.844489][T17707]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  453.844504][T17707] RIP: 0033:0x7f9d67b8efc9
[  453.844519][T17707] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  453.844533][T17707] RSP: 002b:00007f9d68a4e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  453.844549][T17707] RAX: ffffffffffffffda RBX: 00007f9d67de5fa0 RCX: 00007f9d67b8efc9
[  453.844562][T17707] RDX: 0000000000000000 RSI: 0000000000000007 RDI: 0000000000000005
[  453.844571][T17707] RBP: 00007f9d67c11f91 R08: 0000000000000000 R09: 0000000000000000
[  453.844581][T17707] R10: 0000000020fffe82 R11: 0000000000000246 R12: 0000000000000000
[  453.844591][T17707] R13: 00007f9d67de6038 R14: 00007f9d67de5fa0 R15: 00007ffc11d78d68
[  453.844609][T17707]  </TASK>
[  454.216995][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  454.241782][T11194] ocfs2: Unmounting device (7,9) on (node local)
[  454.775306][   T10] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  455.267357][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  455.505710][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  456.296659][ T9120] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  457.337057][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  458.377099][   T33] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  458.535720][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  459.417304][   T33] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  460.457151][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  461.495559][   T33] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  461.575320][    T9] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  462.537063][ T9120] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  463.577076][   T33] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog

VM DIAGNOSIS:
01:12:44  Registers:
info registers vcpu 0

CPU#0
RAX=978619cba38ed400 RBX=ffffffff81968eb7 RCX=978619cba38ed400 RDX=0000000000000001
RSI=ffffffff8bbf12c0 RDI=ffffffff81968eb7 RBP=ffffffff8dc07ea8 RSP=ffffffff8dc07d80
R8 =ffff888121232fdb R9 =1ffff110242465fb R10=dffffc0000000000 R11=ffffed10242465fc
R12=ffffffff8f7d1670 R13=0000000000000000 R14=0000000000000000 R15=1ffffffff1b92a40
RIP=ffffffff8b478dd3 RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88818eb32000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00005613853bf000 CR3=0000000170942000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 00000000000001a4 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 0000000000000000 XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000034 RBX=0000000000000034 RCX=0000000000000000 RDX=00000000000003f8
RSI=000000000000e0e8 RDI=000000000000e0e9 RBP=00000000000003f8 RSP=ffffc900073e6130
R8 =ffff888103728237 R9 =1ffff110206e5046 R10=dffffc0000000000 R11=ffffffff8515efb0
R12=dffffc0000000000 R13=ffffffff997e290a R14=ffffffff99af5f20 R15=0000000000000000
RIP=ffffffff8515f02c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f9d68a4e6c0 ffffffff 00c00000
GS =0000 ffff8882a9f32000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000000110c46f514 CR3=00000001b9422000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f9d67db7498 00007f9d67db7470 XMM03=00007f9d67db74a8 00007f9d67db74a0
XMM04=00007f9d6891d100 00007f9d67db7460 XMM05=00007f9d67db7478 00007f9d67db74c0
XMM06=00007f9d67db74b8 00007f9d67db74b0 XMM07=00007f9d67db74a8 00007f9d67db74a0
XMM08=0000000000000000 00001b7d1475bf98 XMM09=0000000000000000 00007f9d67c1315a
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
