last executing test programs:

2m19.629624205s ago: executing program 0 (id=1101):
socketpair(0x1f, 0x802, 0x9, &(0x7f0000000100))
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000015c0)=ANY=[@ANYBLOB="b7020000b02300ffbfa30000000000000703000000feffff7a0af0ff2300000079a4f0ff00000000b7060000ffffffff2d6405000000000065040400010001010404000011000000b7030000000000006a0a00fe000000008500000032000000b700000001000000950000000000000075cdc4b57b0c65752a3ad50000007ddd0000cb450063dedba767ade51f7f1f66acd19100002000000000000000ff7f0000b52f17cee19d0001000000000000000000cb04fcbb4e4d0b9bafe3ba431351a58a885ba9918d37b056b9bbd11b6b9f6cf7db6d574620260000000000008062d77e85cef4a2ab938f65aac33c4d620de2c9b7dc10d7d313f9f57606b83b994fc4051ade12f41deff6df6a936b4ec3827c739bb39aad16cc75fe369258673b5df11cc2afb53611cc32a790bc0b80e80eae8f5e64be2c9d2d29db3d36dd0cf8f79a015c7bd3f15aa6aadbeab2a01685108e61aa00000000000000000000000000c67c6c6a06e828e5216f601b19db1af1b5d356d0f062137d866d11be4ba3f0151fdbbd4e97d62ecc645e143a60f10800000000000000826151e3b42bcae95239ef5ca2a730a00c87c493db0300e63fda97a296820000000001000000eecc952a3fd2c46f3c1cde71a19d1a2982492a210e00d2bfea3b8d188df2eff8d56aaae7d32a2e180022537395019f02ec4b85f6aad7faca088de9b26797a8446b16c28d85f225992dbdd5bb01ba51508951c7a7d6ca0916c3a12912715649c2b1c7192a4251b59d378d3f00000000000000665c8b7e89eddfc3783f6c9129a7c5f8ee5f50579e2f638f7eb12f63be72a3d81ab324d6e417b1c2cbfdcada0a16e31790e26cf19588a7e0496ee2782224cf30f810da86cf1a3204f4c9404f5d7321a4fefc4d1c9139ca4b65b99909950000006b42077ca60fdecb2717e21f8f187b1866108b6e8c71e2603217606637ece1fa89917e131f4034a8383e99c3568fd04201b37cd92ca6ebf94a2d8310f7032775cfd75652f87b039d5430b3c6643e9146d2478ce31344b554aca7670000000000000010c65608fda6ed5d08e7a796042aa127d874105787d0347aa37801faff5b9050803a19ff6205aa5c263e407a2f7de56f7a0000e094fa4e3f05528caab5a430c08dd810bc97204b767dd969721a26aa740000000000bc433fe2d0a6ef2a8a91cd3cb305aa80dadef8b0caca780000000000000000863e21db415a222bb1a7ab94bfe4a74157d794f9d0430c2c0eb563350559829865a3dd08fb31bd0801e09aa3ee45e61a56fc83076451cff7632e49a41eadb5044a0d5f73d6932161ae5e9ce218a35cd8e7b747887b1a74798982d0b492c3f0ff53189d80733eb04f8124877b648ff438f7d66c7efcc09a8f3330b6c22d14e80db8e5608bdeab9388b758a15f4ce70390c214bc6838798f5b9b0b500d4e8b5174f329b8501c6feb7a6982bcea74a0f2ced7fa2059234a8d10b7f0597151d5c9067d57d85f4ae933eaf5174ba122f3f702ef8695578d3c08562c9fc185f0f65d11b4c58ae52500cbe99cde3758a5cbe6093dd328ac820e2de309d25a324647aadffcecf0f3bbaeda7af4436d9ffbce1b240a2f5e346eba8812e6329e01b087bde7da4a6448f478102e90c8134f531de08d4cf4f6f35b15a202544c0ced0c1715fd3a90099f785a13a2412bedba2981dd22bd9d736c00000000000000000000000000000000eb6fec8d7d2f77f4d470a9caa5b1bfc00cd1d40830ac35f229f8ffe1c02a63d3c2d9"], &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000)={0x2}, 0x8, 0x10, &(0x7f0000000100), 0x10}, 0x57)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000140)={r0, 0x702, 0xe, 0x0, &(0x7f0000000580)="e460334470d8d400eb00c15286dd", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

2m19.459236484s ago: executing program 0 (id=1103):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000740)={{0x14, 0x10, 0x4}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}]}, @NFT_MSG_NEWSETELEM={0x4c, 0xc, 0xa, 0x301, 0x0, 0x0, {0x7, 0x0, 0x9}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x20, 0x3, 0x0, 0x1, [{0x1c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPRESSIONS={0x10, 0xb, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @cmp={{0x8}, @void}}]}]}]}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0xd0}}, 0x0)

2m19.318582522s ago: executing program 0 (id=1106):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x10)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)={0x54, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_SYNPROXY={0x1c, 0x18, 0x0, 0x1, [@CTA_SYNPROXY_TSOFF={0x8, 0x3, 0x1, 0x0, 0x841}, @CTA_SYNPROXY_ISN={0x8, 0x1, 0x1, 0x0, 0x2}, @CTA_SYNPROXY_ITS={0x8, 0x2, 0x1, 0x0, 0x5}]}]}, 0x54}}, 0x0)

2m19.218610076s ago: executing program 0 (id=1107):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_TIOCOUTQ(r0, 0x8953, 0x0)

2m19.168698876s ago: executing program 0 (id=1109):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x2, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x141a42, 0x1c2)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000200), 0xfea7)
copy_file_range(r1, 0x0, r0, 0x0, 0xffffffffa003e45c, 0x700000000000000)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r3, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f283e6d60200000000000000000000000100", [0x208]})
r4 = open(&(0x7f0000000180)='./file1\x00', 0xe0142, 0x102)
pwritev2(r4, &(0x7f0000001100)=[{&(0x7f0000001080)='\b', 0x1}], 0x1, 0x7000, 0x0, 0x3)

2m18.540174169s ago: executing program 0 (id=1111):
io_uring_setup(0x437a, &(0x7f00000002c0)={0x0, 0x698c, 0x40, 0x2, 0xfffffffe})
r0 = memfd_create(&(0x7f0000000400)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a', 0x0)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f00000000c0)='devtmpfs\x00', 0x0, 0x0)

2m3.418135881s ago: executing program 32 (id=1111):
io_uring_setup(0x437a, &(0x7f00000002c0)={0x0, 0x698c, 0x40, 0x2, 0xfffffffe})
r0 = memfd_create(&(0x7f0000000400)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a', 0x0)
execveat(r0, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', &(0x7f00000000c0)='devtmpfs\x00', 0x0, 0x0)

1m34.395244664s ago: executing program 2 (id=1627):
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000040)={0x22, 0x1, 0x2, "4f80ff259b1c2ce2d2226bfb771f00ff065e07079c5e6f426ebb117c0caba25f", 0x3436324d})

1m34.256223628s ago: executing program 2 (id=1628):
syz_mount_image$udf(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x2000003, &(0x7f0000000700)=ANY=[@ANYBLOB="6164696e6963622c756e686964652c616e63686f723d30303030303030303030303030303030333737372c6c617374626c6f636b3d30303030303030303030303030303030303030322c6769643d69676e6f72652c756e64656c6574652c766f6c756d653d30303030303030303030303030303030303030372c6769643d666f726765742c6c617374626c6f636b3d30303030303030303030303030303030303030322c008f8de171c45c3731da25711e70d9a39cf115e87406a5595e73b394be8fa66549efcbf7712e810da7d231b99e582684e1581cc79c57267310cc7c622578691b78343242db569d0845a0e756f83417725ccd5b1123804049af458093aa21229b6aa5c863b4a36c4de74cc5cc0cf9cb58bdca99d709218b65c62cb7bc6490a40511c6bfff79b45a0b42efb80e46ecf783b5236f4d855d71d86e06000000b41b9ba74c2a597dfd9d16c4d931b690884092ae02fb7195792bc5b59ebb5e4f260792c1cc5b77e928c95ccc467d01b9647487527fad08008321dccb6828702d4e14bfd5826afe91990ff0a53d78df88c49014840726855bd5d1698765f5797245ae0ddd826e47dfc33425b1ffd590b71ef2d747ee066337ac4adbe35548fcecc38b778426033d0c38153c5ff98e614dba3bd0dcb7cf82a5c7ab2ac37fd0d97d8b9f60dbf28e5ab41d453b18687e43a7c595dd01044617ac4ae9d503798daeb4a57663f57f4d08e845842a35323c85fd1ba4"], 0xde, 0xc2e, &(0x7f0000000f40)="$eJzs3U9sHNd9B/DfGy7FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIRRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cvHU6fSwWwEAPEiXR7966oz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7yWxqv3HfVL7f5bt8eGR7avdjhVNfuq8uVP/fSZs+e+9MLQ+W5eas98QP377bPx2ujVi42XZ2/OzU8tLExNNsZm2hOzk1O73sNe6291ojoBjZuv35q8fn2hceb5s5s+vj34/sATxwYvDD178plu2bHhkZHRjSL13vK1e25Ix04zPA5FEScjxXPf+2lqRUQRez8X9Qc79lsdrjpxourE2PBI1ZHpdmtmsfzwSvdEFBGNnkrN7jnafiyi1v9A+7CzZsRS2fyywSfK7o3OteZb16anGlda84vtxfbszJXUaW3Zn0YUcT5FLEfE6sDdu+uPImqR4jtH19K1iOjrnocvVhODd25HsY993IWynY3+iOXiERizA2wging1UvzsneMxka8z1bXmCxGvlvmDiLfKfCkilV+McxHvbfM94tFUiyL+shz/C2tpsroedK8rl77W+MrM9dmest3ryke8P9x1pXhI94fDW/LBOODXpnoU0aqu+Gvp3n+zAwAAAAAAAAAAAAAAAMD9djiK+EykeOU//qSaVxzVvPSjF4b+cPBX+3rKPf0h+0kR8XxELBW7m5N7KE8MvJKupPSQ5xI/zupRxJ/m+X/fetiNAQAAAAAAAAAAAAAAAAAAeKwV8ZNI8eK7x9Ny9K4p3p650bjaujbdWRW2u/Zvd8309fX19UbqZDPneM6lnMs5V3Ku5owi18/ZzDmecynncs6VnKs5oy/Xz9nMOZ5zKedyzpWcqzmjluvnbOYcz7mUcznnSs7VnHFA1u4FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPg4KaKIX0SKb39jLUWKiGbEeHRyZeBhtw4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA2kIr4fKRp/1LyzrRYRqfq343j5y7loHirzk9EcKvOlaF7M2aqy1vzWQ2g/e9OfivhxpBiov31nwPP493fe3fkaxFvf3Hj32Von+7ofDr4/8MSxoxeGRn7j6Z1ep+0acOJSe+bW7cbY8MjIaM/mWj76J3u2DebjFven60TEwhtvvt6anp6av/cX5VdgD9UfoRep9rj01IvqRdQORDMeTt95DJT3//cixe+++5/dG37n/l+PX+m8u3OHj5//2cb9/8WtO9rl/b+2tV6+/5f39O3u/0/2bHsx/26kvxZRX7w5138sor7wxpsn2zdbN6ZuTM2cO3Xqy0NDXz57qv9QRP16e3qq59V9OV0AAAAAAAAAAAAAAAAAD04q4vcjRevHa6kREber+VqDF4aePflMX/RV8602zdt+bfTqxcbLszfn5qcWFqYmG2Mz7YnZyandHq5eTfcaGx7Zl858qMP73P7D9Zdn596Yb9/448VtPz9Sv3htYXG+NbH9x3E4iohm75YTVYPHhkeqRk+3WzNV1SvbTqb/6PpTEf8VKSbONdLn87Y8/3/rDP9N8/+Xtu5on+b/f6JnW3nMlIr4eaT4nb96Oj5ftfNI3HXOcrm/ixQnzn8ul4tDZbluGzrPFejMDCzL/l+k+KdfbC7bnQ/55EbZ07s+sY+IcvyPRorv/8V34zfzts3Pf9h+/I9s3dE+jf9TPduObHpewZ67Th7/k5HipSffjt/K2z7o+R/dZ28cz4XvPJ9jn8b/Uz3bBvNxf/v+dB0AAAAAAAAAAOCR1p+K+PtI8cORWnohb9vN3/+b3Lqjffr7X5/u2TZ5f9Yr+tAXez6pAAAAAHBA9KcifhIpbiy+fWcO9eb53z3zP39vY/7ncNryafXnfL9WPTfgfv75X6/BfNzxvXcbAAAAAAAAAAAAAAAAAAAADpSUinghr6c+Xs3nn9xxPfWVSPHK/zyXy6VjZbnuOvCD1a/1y7MzJy9OT89OtBZb16anGqNzrYmpsu5TkWLtbz+X6xbV+urd9eY7a7xvrMU+HylG/qFbtrMWe3dt8qc2yp4uy34iUvz3P24u213H+lMbZc+UZf8mUnz9X7Yve2yj7Nmy7HcjxY++3uiWPVKW7T4f9dMbZZ+fmC32YVQAAAAAAAAAAAAAAAAAAAB43PSnIv48UvzvzeU7c/nz+v/9PW8rb32zZ73/LW5X6/wPVuv/7/T6Xtb/r54rsLTTUQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4OMpRRFvRoq5y2tpZaB831G/1J65dXtseGT7aodTVbOvKl/+1E+fOXvuSy8Mne/mB9e/3z4Tr41evdh4efbm3PzUwsLUZGNspj0xOzm16z3stf5WJ6oT0Lj5+q3J69cXGmeeP7vp49uD7w88cWzwwtCzJ5/plh0bHhkZ7SlT67/no98l7bD9UBTx15Hiue/9NP1wIKKIvZ+LD/nu7LfDVSdOVJ0YGx6pOjLdbs0slh9e6Z6IIqLRU6nZPUcPYCz2pBmxVDa/bPCJsnujc6351rXpqcaV1vxie7E9O3MldVpb9qcRRZxPEcsRsTpw9+76o4jXI8V3jq6lfx2I6Ouehy9eHv3qqTM7t6PYxz7uQtnORn/EcvEIjNkBNhBF/HOk+Nk7x+PfBiJq0fmJL0S8WuYPIt6Kznin8otxLuK9bb5HPJpqUcT/l+N/YS29M1BeD7rXlUtfa3xl5vpsT9nudeWRvz88SAf82lSPIn5UXfHX0r/77xoAAAAAAAAAAAAAAADgACni1yPFi+8eT9X84DtzitszNxpXW9emO9P6unP/unOm19fX1xupk82c4zmXci7nXMm5mjOKXD9ns8z6+vp4fr+UcznnSs7VnNGX6+ds5hzPuZRzOedKztWcUcv1czZzjudcyrmccyXnas44IHP3AAAAAAAAAAAAAAAAAACAj5ei+ifFt7+xltYHOutLj0cnV6wH+rH3ywAAAP//Iun4rQ==")
r0 = syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00')
read$FUSE(r0, &(0x7f0000002780)={0x2020}, 0x5ecfb203)

1m34.105992985s ago: executing program 2 (id=1632):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x15, 0x4, &(0x7f0000000080)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x13}, [@ldst={0x4, 0x0, 0x4, 0x5}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x366, 0x10, &(0x7f0000000000), 0x2b2}, 0x48)

1m33.887060963s ago: executing program 2 (id=1636):
syz_mount_image$jfs(&(0x7f0000000080), &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480)=ANY=[], 0x1, 0x6276, &(0x7f0000003680)="$eJzs3c1vHGcdB/Df7JtfStOoh6pECLlteCmleS0hUKDtAQ5cOKBcUSLXrSJSQElAaRURV75w4I8AIXFBQogjJ/6AHrhy4w8gUoIE6qmD1n4eZzxde+2k3ln7+XwkZ+Y3z4z3mXx3vLueGT8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMQPf/Dj81VEXP1VWnAy4nPRj+hFLI3rlYhYWjmZ1x9ExPOx2RzPRcRwIaLKjc9EvBYRH52IePDw7up40YV99uP7f/nnH37y1I/+8efh2f/99Xb/9d3Wu3Pnt//9273H318AAAAoUV3XdZU+5p9Kn+97XXcKAJiJ/PpfJ3m5eu7q9Tnrj1qtVquPYN1UT3avWUTEenOb8XsGp+MB4IhZj4+77gIdkn/RBhHxVNedAOZa1XUHOBQPHt5drVK+VfP1YGWrPV8LsiP/9Wr7/o7dptO0rzGZ1fNrI/rx7C79WZpRH+ZJzr/Xzv/qVvsorXfY+c/KbvmPtm59Kk7Ov9/Ov+X45N+bmH+pcv6DA+Xflz8AAAAAAMyx/Pv/kx2f/1148l3Zl73O/67MqA8AAAAAAAAA8Fl70vH/tlXG/wMAAIB5Nf6sPva7E4+WNa/1H8XO5VeqiKdb6wOFSTfLLHfdDwAAAAAAAAAAAAAoyWDrGt4rVcQwIp5eXq7revzV1K4P6km3P+pK338oWdc/5AEAYMtHJ1r38lcRixFxJf2tv+Hy8nJdLy4t18v10kJ+PztaWKyXGp9r83S8bGG0jzfEg1E9/maLje2apn1entbe/n7jxxrV/X10bDY6DBwAImLr1eiBV6Rjpq6fia7f5XA0OP6PH8c/+9H18xQAAAA4fHVd11X6c96n0jn/XtedAgBmIr/+t88LqNVqtVqtPn51Uz3ZvWYREevNbcbvGQzHDwBHzHp83HUX6JD8izaIiOe77gQw16quO8ChePDw7mqV8q2arwdpfPd8LciO/Nerze3y9pOm07SvMZnV82sj+vHsLv15bkZ9mCc5/147/6tb7aO03mHnPyu75T/ez5Md9KdrOf9+O/+W45N/b2L+pcr5Dw6Uf1/+AAAAAAAwx/Lv/0/O1fnf0ePuzlR7nf9dObRHBQAAAAAAAIDD9eDh3dV832s+//+FCeu5//N4yvlX8i9Szr/Xyv+rrfX6jfn7bz3K/z8P767+8fa/P5+n+81/Ic9U6ZlVpWdElR6pGqTpk+zdp20M+6PxIw2rXn+Qrvmph+/E9bgRa3Fux7q99P/xqP38jvZxT4eb7XV/q/3CjvbBdnve/uKO9mG60qleyu1nYjV+Hjfi7c32cdvClP1fnNJeT2nP+fcd/0XK+Q8aX+P8l1N71ZqO3f+w96njvjmd9DhvXv/ib84d/u5MtRH97X1rGu/fix30Z/P/5KlR/PLW2s0zd67dvn3zfKTJjqUXIk0+Yzn/Yfra/vn/0lZ7/rnfPF7vfzg6cP7zYiMGu+b/UmN+vL8vz7hvXcj5j9JXzv/t1D75+D9A/r0/zWxf9mOv4/+VDvoDAAAAAAAAAAAAAAAAe6nrevMW0Tcj4lK6/6erezMBgNnKr/91kpfPqu7P+PHU6iNeV3PWn5nWn9Tz1R+1+ijWTfVkbzSLiPh7c5vxe4ZfT/pmAMA8+yQi/tV1J+iM/AuW/97feHq6684AM3Xr/Q9+eu3GjbWbt7ruCQAAAAAAAADwuPL4nyuN8Z9P13V9r7XejvFf34qVJx3/dZBntgcY3WWg6v7B92kvG71Rv9cYbvyF2G387+H23F7jfw+mPN5wSvtoSvvClPbFKe0Tb/RoyPm/0Bjv/HREnGoNv/7Y47/Omb3Gf22PeV+CnP+LjefzOP+vtNZr5l///ijn39uR/9nb7/3i7K33P3j1+nvX3l17d+1nF8+fP3fx0qXLly+ffef6jbVzW/922OPDlfPPY1+7DrQsOf+cufzLkvP/UqrlX5ac/5dTLf+y5Pzz+z35lyXnnz/7yL8sOf+XUy3/suT8v5Zq+Zcl5/9KquVflpz/11Mt/7Lk/F9NtfzLkvM/k2r5lyXnfzbV+8x/6bD7xWzk/PMZLsd/WXL++coG+Zcl538h1fIvS87/YqrlX5ac/2upln9Zcv7fSLX8y5Lzv5Rq+Zcl5//NVMu/LDn/y6mWf1ly/t9KtfzLkvP/dqrlX5ac/+upln9Zcv7fSbX8y5Lz/26q5V+WnP/3Ui3/suT830i1/Mvy6O//mzFjxkye6fonEwAAAAAAAAAAAADQNovLibveRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCnt3FyPXWd4B/Mx+eeNAYiCkTmrCxjHGOJvs+iP+oHUx4bPhqySEQj+wXe/aLPgLr10CjWpHgRIJo6KKtuGiLSDU5qbCqrigFaBcoFaVKkF7QW8QFSoXURVQQKrUVsBWM+d9352ZnZ3Z9Y7XZ875/ST78c6cmfedM++c2WfX/zkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANLv7DbOfqmVZVqvV8gs2ZdmL6vWmiU2NS157Y+cHAAAArN3PG3+/cGu64PAKbtS0zT/d9e2vLiwsLGTvG/7T0c8tLKQrJrJsdEOWNa6Lrv7g/bXmbYIns/HaUNPXQz2GH+5x/UiP60d7XD/W4/oNPa4f73H9kh2wxE1ZLd3ZtsY/N+W7NLstG21ct63DrZ6sbRiq77t026zWuM3C6IlsLjuVzWbTLdvn29Ya23/97vpYb83iWENNY22pr5CfPH48zqEW9vG2lrEW7zP60euziZ/+5PHjf33h+Ts61Z67oeX+8nnu2Fqf5yfCJflca9mGtE/iPIea5rmlw3My3DLPWuN29X+3z/OFFc5zeHGa66r9OR/Phhr//k5jP43Usg77aUu47H/uybLs8uK027dZMlY2lG1suWRo8fkZz1dk/T7qS+ml2Uj3dbpQa1mnd69gndbrzLbWddr+mojP/93hdiPLzKH5afrRE2NNz/vPFq5lnUb1R73ca6V9Dfb7tVKUNRjXxXcaD/qpjmtwW3j8j29ffg12XDsd1mB63E1rcGuvNTg0NtyYc3oSao3bLK7BXS3bDzdGqjXqc9u7r8GpC6fPTc1/7OP3zZ0+dnL25OyZPbt2Te/Zt+/AgQNTJ+ZOzU7nf1/j3i6+jdlQeg1sDfsuvgZe3bZt81Jd+OLYkuPvtb4Ox7u8Dje1bdvv1+FI+4Orrc8Lcumazl8b76nv9PErQ9kyr7HG87Nz7a/D9LibXocjTa/Dju8pHV6HIyt4Hda3ObdzZd+zjDT96TSH5d8L1rYGNzWtwfbvR9rXYL+/HynKGhwP6+J7O5d/L9gS5vvU5Gq/HxlesgbTww3Hnvol6fv98QON0mld3lm/4uax7OL87Pn7Hzt24cL5XVko6+JlTWulfb1ubHpM2ZL1OrTq9Xp47q6n7uxw+aawr8bvq/81vuxzVd9m7/3dn6vGu1vn/dly6e4slD4L+3Nhwzrtz07v5vX9OZZln//WEw9/4/HPv2HZ/VnvNz8xtfbvxVNf2nT8HV3m+Bv7/l/k46W7enJ4dCR//Q6nvTPacjxufapGGseuWmPsF6ZWdjweDX/W+3h8W5fj8ea2bft9PB5tf3DxeFzr9dOOtWl/PsfDOjk13f14XN9m8+7VrsmRrsfje0Kthf3/mtAppL6oae0st27TWCMjo+FxjcQRWtfpnpbtR0NvVh/rmd3Xtk533JPf13B6dIvWa51OtG3b73Wafva13Dqt9frp27Vpfz7Hw7q4bU/3dVrf5tm9az923hT/2XTsHOu1BkeHx+pzHk2LsHG8zxZuimvw/ux4djY7lc00rh1rrKdaY6zJB1a2BsfCn/U+Vm7usgZ3tG3b7zWY3seWW3u1kaUPvg/an8/xsC6efqD7Gqxv88b9/f3edUe4JG3T9L1r+8/XlvuZ151tu+l6rZWRMM9v7e/+s9n6NqcOrLbP7L6f7g2X3NxhP7W/fpd7Tc1k67OfNod5Pn9g+f1Un099m88dXOF6Opxl2aWPPNj4eW/4/crfXfzuV1t+79LpdzqXPvLgj1984h9XM38ABt8v8rIxf69r+s3USn7/DwAAAAyE2PcPhZro/wEAAKA0Yt8f/1d4ov8HAACA0oh9/0ioSUX6/81vfH7uF5eylMxfCOL1aTc8lG8XM67T4euJhUX1yx/88ux//8OllY09lGXZzx76g47bb34ozis3EeZ59U2tly/x1ftWNPbRRy+lcZvz618I9x8fz0qXQacI7nSWZV+/9TONcSbef6VRn33oaKM+fPmpJ+vbvHAw/zre/rmX5dv/RQj/Hj5xrOX2z4X98MNQp9/WeX/E233lymu27H/v4njxdrWttzQe9tMfyO83fk7OZ5/Mt4/7ebn5f+PTz3ylvv1jr+o8/0tDnef/TLjfL4f6v6/It29+Dupfx9t9Msw/jhdvd/+Xvtlx/lc/lW9/7s35dkdDjePvCF9ve/Pzc83767HasZbHlb0l3y6OP/3dP25cH+8v3n/7/MePXGnZH+3r49l/y+9nqm37eHkcJ/r7tvHr99O8PuP4z/zR0Zb93Gv8qw8/94r6/baPf2/bduc+srMx/uL9tX5i019+8jMdx4vzOfy351oez+F3h9dxGP/pD4T1GK7/v6v5/bV/usLRd7cef+L2X9h0qeXxRG/9aT7+1dedbNQN4zdtvPlFL77l8ivr+y7LvrMhv79e45/8q7Mt8//i7fn+iNfHjH77+MuJ45//6OSZs/MX52bSXn381sZn57w9n0+c763h2Nr+9ZGzFz44e35iemI6yybK+xF61+xLof44L5e7b72w5Ai689HwfN7551/fuP1fPx0v//f35JdfeVv+vvXqsN1nw+WbwvO3uvGXevru2xuv79qzYYYLSz8veC22bPuvAyvaMDz+9u8L4no/9/IPNvZD/brG+0Z8Xa9x/t+fye/na2G/LoRPZt56++J4zdvHz0a48kj+el/z/guHufi8/k14vt/xw/z+47zi4/1++D7mm5tbj3dxfXzt0lD7/Tc+xeNyOJ5kl/Pr41Zxf1954faO04ufQ5JdvqPx9Z+k+7ljVQ9zOfMfm586NXfm4mNTF2bnL0zNf+zjR06fvXjmwpHGZ3ke+VCv2y8enzY2jk8zs/v2Zo2j1dm8XGc3ev7nHj0+s396+8zsiWMXT1x49Nzs+ZPH5+ePz87Mbz924sTsR3vdfm7m0K7dB/fs3z15cm7m0IGDB/ccnJw7c7Y+jXxSPeyb/vDkmfNHGjeZP7T34K4HHtg7PXn67Mzsof3T05MXe92+8d40Wb/170+enz117MLc6dnJ+bmPzx7adXDfvt09Pw3w9LkT8xNT5y+embo4P3t+Kn8sExcaF9ff+3rdnnKa/4/8+9l2tfyD+LJ33bsvfT5r3ZefWPau8k3aPkD0+fBZNP/8knMHVvJ17PtHQ00q0v8DAABAFcS+fyzURP8PAAAApRH7/g2hJvp/AAAAKI3Y94+HmlSk/y9d/n/zpRWNL/8v/9+8v+T/K5b/f6Ro+f/8eCH/3x9rzd/L/wfy//L/8v8Dk/9fCG9I8v8UUdHy/7HvvynLKtn/AwAAQBXEvn9jqIn+HwAAAEoj9v03h5ro/wEAAKA0Yt//olCTivT/8v/y//L/8v/y/53Hl/8fTPL/3cn/9yD/P5VVK/9/uZ/zd/5/+X+WKlr+P/b9Lw41qUj/DwAAAFUQ+/5bQk30/wAAAFAase+/NdRE/w8AAAClEfv+TaEmFen/5f/l/+X/5f/l/zuPL/8/mOT/u5P/70H+3/n/5f/l/+mrouX/Y9//klCTivT/AAAAUAWx739pqIn+HwAAAIpn5NpuFvv+l4WaLOn/r3EAAAAA4IaLff9tWVsQvCK//5f/l/8vfv5/Q7pO/l/+Pytk/n84k/8vDvn/7uT/e5D/l/+X/5f/p6+Klv9v9P3ZePbyUJOK9P8AAABQBbHvvz3URP8PAAAApRH7/l8KNdH/AwAAQGnEvn9zqElF+n/5f/n/G53/H22bu/P/L95O/j9X/Py/8/8Xifx/d/L/Pcj/y//L/8v/01dFy//Hvv+OUJOK9P8AAABQBbHvvzPURP8PAAAApRH7/l8ONdH/AwAAQGnEvn9LqElF+n/5/4Ln/2NytMT5/97n/5f/l/+X/5f/Xzn5/+7k/3uQ/5f/l/+X/6evipb/j33/K0JNKtL/AwAAQBXEvv+uUBP9PwAAAJRG7PtfGWqi/wcAAIDSiH3/RKhJRfp/+f+C5//zHPxYmc//L/8v/y//L//fT/L/3cn/9xAOcz/Kskz+X/5f/l/+n7UrWv4/9v13h5pUpP8HAACAKoh9/9ZQE/0/AAAAlEbs++8JNdH/AwAAQGnEvn9bqElF+n/5/4HI/2fy//L/8v/y//L/KyP/3538fw/O/y//L/8v/09fFS3/H/v+V4WaVKT/BwAAgCqIff/2UBP9PwAAAJRG7PtfHWqi/wcAAIDSiH3/jlCTivT/8v/y//L/8v/y/53Hl/8fTPL/3cn/9yD/L/8v/y//T18VLf8f+/7XhJpUpP8HAACAKoh9/85QE/0/AAAAlEbs++8NNdH/AwAAQGnEvn8y1KQi/b/8v/y//L/8v/x/5/Hl/weT/H938v89yP/L/8v/y//TV0XL/8e+/75Qk4r0/wAAAFAFse+/P9RE/w8AAAClEfv+qVAT/T8AAACURuz7p0NNKtL/y//L/8v/y/+vKv//ysX7lf/Pyf8Xi/x/d/L/Pcj/y//f8Pz/qPw/pVK0/H/s+3eFmqTGb+waHiUAAABQJLHv3x1qUpHf/wMAAEAVxL5/T6iJ/h8AAABKI/b9e0NNKtL/y//L/8v/y/87/3/n8eX/B5P8f3f9z//Hhyj/L/8v/+/8//L/LFW0/H/s+x8INalI/w8AAABVEPv+faEm+n8AAAAojdj37w810f8DAABAacS+/0CoSUX6f/l/+X/5f/l/+f/O48v/Dyb5/+6c/7+H4uX/X9d88/XM/9fHkv+X/5f/Z/Ue+cPmr4qW/499/8FQk4r0/wAAAFAFse9/baiJ/h8AAABKI/b9vxJq0r3/33B9ZwUAAAD0U+z7fzXUpCK//5f/l/+X/5f/l//vPL78/2CS/+9O/r+H4uX/Wzj/f7HnL/8v/89SRcv/x77/UKhJRfp/AAAAqILY9/9aqIn+HwAAAEoj9v2vCzXR/wMAAEBpxL7/cKhBpzh3Kcn/y/8PZv5/XP5f/r90+f+xeL/y/2si/9+d/H8P8v/y//L/8v/0VdHy/7Hvf32oid//AwAAQGnEvv/BUBP9PwAAAJRG7PvfEGqi/wcAAIDSiH3/G0NNKtL/y//L/w9m/t/5/zP5/9Ll/53/vz/k/7uT/+9B/l/+X/5f/p++Klr+P/b9bwo1qUj/DwAAAFUQ+/43h5ro/wEAAKA0Yt//llAT/T8AAACURuz73xpqUpH+X/5f/v9G5v9zl+X/5f8b5P/l//tB/r87+f8e5P/l/+X/5f/pq6Ll/2Pf/+uhJhXp/wEAAKAKYt//UKiJ/h8AAABKI/b9bws10f8DAABAacS+/+2hJhXp/+X/5f+d/1/+X/6/8/jy/4NJ/r+7Acv///yWcLn8f07+v9jzX23+f6Tt6+uS///Bcvn/hQ3tt5f/53ooWv4/9v3vCDWpSP8PAAAAVRD7/neGmuj/AQAAoDRi3/+uUJOm/r+v//EOAAAAWHex7/+NUJOK/P5f/r8+j8X0svy//H/jAvl/+X/5/4El/9/dgOX/nf+/jfx/sefv/P/y/yxVtPx/7PvfHWpSkf4fAAAAqiD2/Q+Hmuj/AQAAoDRi3/9IqIn+HwAAAEoj9v3vCTWpSP8v/+/8//L/8v/y/53Hl/8fTPL/3cn/9yD/L/9ftPz/f8r/M9iKlv+Pff+joSYV6f8BAACgCmLf/95QE/0/AAAAlEbs+38z1ET/DwAAAKUR+/73hZpUpP+X/x+U/P/EgOb/n5D/v475/7tuybeT/5f/Z5H8f3fy/z3I/8v/Fy3/7/z/DLii5f9j3//+UJOV9//jK94SAAAAuI5Glr0m9v2/FWpSkd//AwAAQBXEvv+3Q030/wAAAFAase//nVCTivT/8v+Dkv93/v9M/t/5/9sej/y//H8n65f/j0ce+X/5/2Ll/zet6gG3utH5+bW60fOvbv4/f2eU/6eTouX/Y9//u6EmFen/AQAAoApi3/+BUBP9PwAAAAyETv8nu13s+4+Emuj/AQAAoDRi33801KQi/b/8v/y//H9B8/9/tvVfvvftdx7dJf8v/y//vyrrev7/+ovf+f/l/wuW/1+LG52fX6/515Y5NZj8v/P/039Fy//Hvv9YqElF+n8AAACogtj3/16oif4fAAAASiP2/cdDTfT/AAAAUBqx758JNalI/y//L/8v/1/Q/P8An/8/7g/5/1Z9y//Hg678f0frmv9/72JOXP5/tfn/sY6Xyv/L/w/y/OX/5f9Zqmj5/9j3z4aaVKT/BwAAgCoIff/QibwuXqH/BwAAgNKIff/JUBP9PwAAAJRG7Ps/GGpSkf5f/l/+X/5f/t/5/zuP3y3/Xxtx/v+ikv/vrjj5/87k/+X/B3n+8v/y/yxVtPx/7PvnQk0q0v8DAABAFcS+/0OhJvp/AAAAKI3Y93841ET/DwAAAKUR+/5ToSYV6f/l/+X/5f/l/+X/O49f2PP/y/93Jf/fnfx/D/L/8v/y//L//8/enXxZWtd3HL8FDV19yCK7LLLJOVnmT2AR1sk+WWSTRXJOTs4JRFFxpnEeUVScFcVZwQEEERXnCZxQnEFFxXnECVFPe6j6fr9dw1P3VlXf6vs8v9/rteCbrlB9r31a6E9Xv31YqrH1/7n7/y9u6WT/AwAAQA9y918ct9j/AAAA0Izc/ZfELfY/AAAANCN3///HLZ3sf/2//r/Z/v+f9f97vb7+X//fMv3/fPr/BfT/+n/9v/6fpRpb/5+7/2FxSyf7HwAAAHqQu//hcYv9DwAAAM3I3X9p3GL/AwAAQDNy9z8ibulk/+/o/9dmffb/mfHq/1vq/z3/f8/X1/+fQf9/rv5/7M5u/3/FQ//k0//r//X/Qf+/r/7/+F6fr/+nRWPr/3P3PzJu6WT/AwAAQA9y9z8qbrH/AQAAoBm5+y+LW+x/AAAAaEbu/kfHLZ3s/+U9///Exscn2v8X/b/+f+MD+n/9/179/7HT39b/j5Pn/8/XU/9/6V0XXHz/zX9/y0FeX/+v//f8f/0/yzW2/j93/2Pilk72PwAAAPQgd/9j4xb7HwAAAJqRu/9xcYv9DwAAAM3I3f/4uKWT/b+8/n/Sz/8v+n/9/8YH9P/6/736/3/z/P+x0//P11P/f5jX1//r//X/+n+Wa9X9f37H+e3c/U+IWzrZ/wAAANCD3P1PjFvsfwAAAGhG7v7L4xb7HwAAAJqRu/9k3NLJ/tf/H33//xf9v/4/rv5f/6//P3r6//n0/wvo//X/+n/9P0u16v5/57dz918Rt3Sy/wEAAKAHufufFLfY/wAAANCM3P1PjlvsfwAAAGhG7v6nxC2d7H/9v+f/6//1//r/4dfX/0+T/n8+/f8C+v8z7efP0/9PsP+PX0jp/zkKB+z/H5zzj+2l9P+5+58at3Sy/wEAAKAHufufFrfY/wAAANCM3P1Pj1vsfwAAAGhG7v5nxC2d7H/9v/5f/6//P3T/v/un3gb9/zD9/9mh/59vNP3/2rHBD+v/J9//e/7/FPv/oP/nKIzt+f+5+58Zt3Sy/wEAAKAHufufFbfM2f8H/s18AAAAYKVy9z87bvH1fwAAAJi8rM5y9z8nbulk/+v/9f/6f/2/5/8Pv/68/v+WLe9P/z8u+v/5RtP/70H/r/+f8vvX/+v/2W1s/X/u/ufGLZ3sfwAAAOhB7v4r4xb7HwAAAJqRu/95cYv9DwAAAM3I3f/8uKWT/T/c/5/+/+v/90f/v/396/+Hf34sq//P71H/P7f/v8jz//uk/5/v7Pf/x/X/279//f8RWvX7b7z/P7Ho8/X/DBlb/5+7/6q4pZP9DwAAAD3I3f+CuMX+BwAAgGbk7n9h3GL/AwAAQDNy978obulk/6/4+f9XnL/X+9L/b9D/6/89/3+cz/+fnfX+/5j+f5/0//N5/v8C+n/9v/7f8/9ZqrH1/7n7r45bOtn/AAAA0IOrH5ht7P4Xz2b2PwAAAEzR1j87sPMPlIbc/S+JW+x/AAAAaEbu/pfGLZ3s/xX3/0f1/P/zFr22/l//v/XHS/+v/x96/XH1/57/v1/6//n0/wvo/4+inz/WWP9/zV6fP4b+/3L9PyOzrf+/7fTHV9X/5+5/WdzSyf4HAACAHuTuf3ncYv8DAABAM3L3vyJusf8BAACgGbn7Xxm3dLL/j7z/P7H3ax9h/7+Q/l//v/XHS/+v/x96ff3/NOn/59P/L6D/9/x/z//X/7NU2/r/LVbV/+fuf1Xc0sn+BwAAgB7k7n913GL/AwAAQDNy918Tt9j/AAAA0Izc/a+JWzrZ/40+/38h/b/+f+uPl/5f/z/0+vr/adL/z6f/X0D/r//X/y/u/3f+izro/xkytv4/d/9r45ZO9j8AAAD0IHf/tXGL/Q8AAADNyN3/urjF/gcAAIBm5O5/fdzSyf7X/x9t/58f1//r/2cH6f/jE/T/m/T/+v+DmFr/v/O/P4fu19eG/k202x79/x3/c/Jft39E/6//1//r/z3/nyUYRf9/6vSvLnP3vyFu6WT/AwAAQA9y978xbrH/AQAAoBm5+98Ut9j/AAAA0Izc/W+OWw64//92qe/q7NH/e/6//n+E/X/Q/2/S/+v/D2Jq/f9Onv+v/9f/T/f96//1/+w2iv5/y7dz978lbvH1fwAAAGhG7v63xi32PwAAADQjd//b4hb7HwAAAJqRu/+6uKWT/a//1//r//X/+v/h1z9s/78+G6b/Pzv0//Pp/xfQ/+v/9f/6f5ZqbP1/7v7r45ZO9j8AAAD0IHf/2+MW+x8AAACakbv/HXGL/Q8AAABTkunYoNz974xbOtn/+n/9v/5f/6//H359z/+fpon2//WPwan2/+dOqf+/Yc4bGOr/Tx3X/+v/9f/6fw5pbP1/7v53xS2d7H8AAADoQe7+G+IW+x8AAACakbv/xrjF/gcAAIBm5O5/d9zSyf7X/+v/9f/6f/3/8Ovr/6dpov1/mWr/7/n/+v+Z/l//r/9nwNj6/9z9N8Utnex/AAAA6EHu/pvjFvsfAAAAmpG7/z1xi/0PAAAAzcjdf0vc0sn+1//r//X/+n/9//Dr6/+n6ej6/9nq+v/7zjnod7Mn/f8C+n/9v/5f/89Sja3/z93/3rilk/0PAAAAPcjdf2vcYv8DAABAM3L3vy9usf8BAACgGbn73x+3dLL/9f/6/2n2/1etD71//b/+f6b/757n/8+n/19A/6//1//r/1mqsfX/ufs/ELd0sv8BAACgB7n7b4tb7H8AAABoRu7+D8Yt9j8AAAA0I3f/h+KWTva//l//v73/n82m0f97/v9M/99C/78+0/8vnf5/vv31/xfp//X/bfX/58wa6v9P7Pn5+n/GaGz9f+7+D8ctnex/AAAA6EHu/o/ELfY/AAAANGDzz87k7v9o3GL/AwAAwJgdO8jfnLv/Y3FLJ/t/+v3/8R2fqP+fzWZ3X9b88//1/zP9fwv9f/2o6v+XR/8/n+f/L6D/b7P/9/x//T8rM7b+P3f/x+OWTvY/AAAA9CB3/yfiFvsfAAAAmpG7/5Nxi/0PAAAAzcjd/6m4pZP9P/3+f+cn6v9nZ/T8f/3/xgf0//p//f9k6f/n0/8voP9f2M+v7fHrnpn+X/+v/2fA2Pr/3P2fjls62f8AAADQg9z9t8ct9j8AAAA0I3f/HXGL/Q8AAADNyN3/mbilk/2v/9f/6/+n2f+v6//1//r/QWPp/y+88F/u1P/r/1vs/+fR/+v/9f/sNLb+P3f/Z+OWTvY/AAAA9CB3/+fiFvsfAAAAmpG7//Nxi/0PAAAAzcjd/4W4pZP9v7v/P2+2WahuGur/o1HT/2+h/9/+/vX/wz8/PP9f/6//P3pj6f89//9w71//r/+f8vs/UP//D7s/X/9Pi8bW/+fuvzNu6WT/AwAAQA9y938xbrH/AQAAoBm5+78Ut9j/AAAA0Izc/XfFLZ3sf8//1//r//X/+v/h19f/T5P+fz79/wL6f/2/5/9f8l/n6v9ZnrH1/7n7vxy3bAy/f/ybQ/7HBAAAAEYkd/9X4pZOvv4PAAAAPcjd/9W4xf4HAACAZuTu/1rc0sn+1//r//X/+n/9//Dr6/+nSf8/n/5/gX76//WhD666nz9Tq37/zfT/nv/PEo2t/8/d//W4pZP9DwAAAD3I3f+NuMX+BwAAgGbk7v9m3GL/AwAAQDNy998dt3Sy//X/+v/2+///1P/veH39v/6/Zfr//Df6MP3/Av30/4NW3c9P/f3r//X/7Da2/j93/z1xSyf7HwAAAHqQu/9bcYv9DwAAAM3I3f/tuMX+BwAAgGbk7v9O3NLJ/tf/99X/r8167P89/1//r//vyXT6/2uPDX3U8//1//r/6b5//b/+n93G1v/n7r937ViX+x8AAACm6t//6X/v2e/fe+/GX9dn341b7H8AAABoRu7+78Ut9j8AAAA0I3f/9+OWTva//r+v/r/P5//r//X/+v+eTKf/H6b/1//r/6f7/vX/+n92G1v/n7v/vrhly/Ab/B/oAQAAACYjd/8P4pZOvv4PAAAAPcjd/8O4Zdf+P7XPP9UOAAAAjE3u/h/FLZ18/V//P/L+f3ZE/X/8ffr/Tfp//f/Q6+v/p6m1/v/4bFT9/6k1/b/+fw79v/5f/89OY+v/c/ffetOsy/0PAAAAjdr2Owo/3vjr+uwncYv9DwAAAM3I3f/TuMX+BwAAgGbk7v9Z3NLJ/tf/j7z/P9Tz/0/U/+X5/533/1euD76+/l//37LW+n/P/9/8uP5/k/5/3O9f/6//Z7cD9P8bg/So+//c/T+PWzrZ/wAAANCD3P2/iFvsfwAAAGhG7v5fxi32PwAAADQjd/+v4pZO9r/+fwX9/1XHZ7Mj7f/38fx//X8f/f8er99O//93F5y8/T/++8br9f+cdjb7//y5oP/X/6+g/78ufv7p/0f0/vX/+n92G9vz/3P3/zpu6WT/AwAAQA9y998ft9j/AAAA0Izc/b+JW+x/AAAAaEbu/t/GLZ3sf/1/i8//n2b/nz/WK+j/T06v/8+muPf+3/P/9f+7ef7/fPr/BabT/2982/P/x/X+9f/6f3YbW/+fu/93cUsn+x8AAAB6kLv/93FL7v+1A//WPQAAADAyufv/ELf4+j8AAAA0I3f/A3FLJ/tf/6//H0v/nzz///Tnef7/Jv2//v8g9P/z6f8X0P/r//X/+n+Wamz9f+7+P8Ytnex/AAAA6EHu/gfjFvsfAAAAmpG7/09xi/0PAAAAzcjd/+e4pZP9r//X/+v/9f/6/+HX1/9Pk/5/Pv3/Q87f+w3o//X/+n/9P0s1tv4/d/9fAwAA//+9M2Fu")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000200)='./file0\x00')
mkdir(&(0x7f0000000200)='./file1\x00', 0x0)

1m33.266344725s ago: executing program 2 (id=1647):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000540)={0x28, r1, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x28}}, 0x0)

1m32.710406044s ago: executing program 2 (id=1654):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWSET={0x70, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xb}, @NFTA_SET_EXPRESSIONS={0x2c, 0x12, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @last={{0x9}, @val={0x4}}}, {0x14, 0x1, 0x0, 0x1, @counter={{0xc}, @val={0x4}}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x130}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x98}, 0x1, 0x0, 0x0, 0x4044050}, 0x40)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSET(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000005c0)={0x14, 0xa, 0xa, 0x101}, 0x14}}, 0x0)

1m32.47583153s ago: executing program 33 (id=1654):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWSET={0x70, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xb}, @NFTA_SET_EXPRESSIONS={0x2c, 0x12, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @last={{0x9}, @val={0x4}}}, {0x14, 0x1, 0x0, 0x1, @counter={{0xc}, @val={0x4}}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x130}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x98}, 0x1, 0x0, 0x0, 0x4044050}, 0x40)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSET(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000005c0)={0x14, 0xa, 0xa, 0x101}, 0x14}}, 0x0)

1m29.597232915s ago: executing program 3 (id=1675):
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r0 = socket$kcm(0x11, 0x200000000000003, 0x300)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f00000003c0), 0x4)
recvmsg$kcm(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000006c0), 0x60}, 0x0)
r1 = socket$inet6(0xa, 0x800000000000002, 0x0)
connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e1d, 0x1, @mcast1, 0x8}, 0x1c)
setsockopt$inet6_udp_int(r1, 0x11, 0x67, &(0x7f0000000000)=0x28, 0x4)
sendto$inet6(r1, 0x0, 0x0, 0x400ad80, &(0x7f00000000c0)={0xa, 0x4e23, 0x5b3, @ipv4={'\x00', '\xff\xff', @multicast1}, 0x8}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000001ec0)=[{{0x0, 0x0, &(0x7f0000000540)=[{&(0x7f00000001c0)="b3ab706204ee39c9dae21a1718ee351ebc92d2f0d482a863ae5c0b4d768ffe745af2c53a083d9b761b", 0x29}], 0x1}}], 0x1, 0x0)

1m29.394084381s ago: executing program 3 (id=1678):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newlink={0x3c, 0x10, 0xffffff1f, 0x0, 0x1, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @veth={{0x9}, {0x4, 0x2, 0x0, 0x1, @void}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x3c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="3c0000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="a4280400000000001400350076657468305f746f5f626f6e6400000008000a00", @ANYRES32=r2], 0x3c}, 0x1, 0x0, 0x0, 0x4008800}, 0x8000)

1m29.026106697s ago: executing program 3 (id=1679):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="00222200000096231306e53f070c00d1192a94010706001600377f0f6e460b09007a15b3"], 0x0}, 0x0)

1m27.336282129s ago: executing program 3 (id=1684):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0xa048c1, &(0x7f0000000340)={[{@fat=@quiet}, {@shortname_winnt}, {@rodir}, {@fat=@showexec}, {@shortname_mixed}, {@shortname_winnt}, {@numtail}, {@fat=@dmask={'dmask', 0x3d, 0x2}}, {@fat=@tz_utc}, {@uni_xlate}, {@uni_xlateno}, {@shortname_winnt}]}, 0x0, 0x274, &(0x7f0000000a00)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==")
r0 = syz_open_procfs(0x0, &(0x7f0000000540)='mounts\x00')
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000500)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1333404, 0x0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x11080, 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1005848, 0x0)
read$FUSE(r0, &(0x7f0000002140)={0x2020}, 0x2100)

1m27.126606901s ago: executing program 3 (id=1685):
syz_emit_ethernet(0x110, &(0x7f00000004c0)={@link_local, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "00af00", 0xda, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_na={0x88, 0x0, 0x0, 0x0, '\x00', @empty, [{0x0, 0x15, "a72dcca9d0e289f84eb7f1cdde3f25f3a398c9b10810cb7895aa26bea2dbe09b0e7c0b8a538e88853cd9487c6c1f91a93d856c44788465e03843c9a0535cb599a9b43d32afb7a77943630bcae2d5d18edb24af4fcb6437742bf443690125f903de9d372ed7d5817179a0d5cda2773868c383f8ecfda6ba5bea53d51b9bd34ebb9973d3d53f1b360f59a8b3a668f4397963323a1d00ec4b8c5be219182b685d9d4c15b1a85dd526"}, {0x3, 0x3, "2553e1adb2111ada8a500cb7b9d777b11876e37d94067c"}]}}}}}}, 0x0)

1m26.488512096s ago: executing program 3 (id=1687):
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000006118bc000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xf, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1m26.14276245s ago: executing program 34 (id=1687):
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000006118bc000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0xf, '\x00', 0x0, @fallback=0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

2.050332061s ago: executing program 1 (id=2584):
r0 = socket$inet(0x2, 0x3, 0x4)
unshare(0x24020400)
signalfd4(r0, &(0x7f0000001180)={[0x8000000000000001]}, 0x8, 0x800)

1.990390625s ago: executing program 1 (id=2587):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0x9}]}, &(0x7f00000002c0)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r1, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000300)=0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r0, 0x84, 0x22, &(0x7f0000000180)={0x3, 0x0, 0x7, 0x2, r2}, 0x10)

1.410923537s ago: executing program 4 (id=2590):
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1)
setsockopt$nfc_llcp_NFC_LLCP_RW(r0, 0x118, 0x1000000, 0x0, 0x0)

1.360077476s ago: executing program 4 (id=2591):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x20, &(0x7f0000001b80)={@ipv4={'\x00', '\xff\xff', @multicast2}, 0x9, 0x0, 0x2, 0xd, 0x4, 0x3}, &(0x7f0000001bc0)=0x20)

1.300310346s ago: executing program 4 (id=2592):
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, 0x0, 0x0)

1.219840309s ago: executing program 4 (id=2593):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="640000001000810500"/20, @ANYRES32=0x0, @ANYBLOB="00000000000000004400128009000100626f6e64000000003400028008000300810000000800050000000000080004000000000008000f00ff01"], 0x64}}, 0x0)

1.060340111s ago: executing program 1 (id=2594):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file1\x00', 0x101880a, &(0x7f0000005a80)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c61636c2c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474722c6673796e635f6d6f64653d706f7369782c646973636172645f756e69743d7365676d656e742c6261636b67726f756e645f67633d6f6e2c6e6f696e6c696e655f78617474722c646973636172645f756e69743d626c6f636b2c6673796e635f6d6f64653d7374726963742c617467632c657874656e745f63616368652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303031343033302c00271d57a599b8b169a579679e220c689eaaec4fa6229021e75c68a687d319b615573b0b0ceefba8e2e2419434463974ef8174b66469344931de0ccad650792761"], 0x1, 0x550b, &(0x7f0000000540)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x0)
fdatasync(r0)

1.011650659s ago: executing program 5 (id=2595):
r0 = syz_open_dev$sndctrl(&(0x7f0000000100), 0xb, 0x101a00)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0xfc, {"a2e3ad21ed0d1bf91b29550987f70e06d038e7ff7fc6e5539b0d3d0e8b089b3f3b096c060890e0878f0e1ac6e7049b096e959b449a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070b075d0d36cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130f91850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f4077fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a81aa1020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b21052010689af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153fae46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c343f7f140f319539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474b0679dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691951264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d984836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a70500be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x8f5}}, 0x1006)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f0000000340)={{0xfffffffe, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x3, 0x2, 0x4, 0x0, 0x22, 0x0, 'syz1\x00', 0x0})

1.009042647s ago: executing program 4 (id=2596):
syz_open_procfs(0x0, &(0x7f00000000c0)='smaps\x00')
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[], 0x2, 0x5505, &(0x7f0000002480)="$eJzs3M1rI2UYAPAn/djtfrgW8eBtBxahhU1o+rHoreoufmCXsurBk6ZJGrKbZEqTprUnDx7Fg/+JKHjy6N/gwbM38aB4E5TMTHXrBwhNm+3294PJM++bN888b1gWnpmSAC6s+eTXn0txI65ExHREXI/IzkvFkVnPwwsRcTMiph47SsX8nxOXIuJqRNwYJc9zloq3Pr89vLX201u/fPPd5ZlrX3z9/eR2DUzaixHR3cnP97t5TFt5fFjM14btLHZXh0XM3+g+KsZpHvebW1mG/drRuloWV1r5+nRnrz+K251afRRb7e1sfqeXX7A/bB3lyT7wsLabjRvNrSy2+2kWW4d5XQeH+f9th/1BnqdR5PsoSx+DwVHM55sHzXw/O4+yWO8Nivk8b9poHozisIjF5aKedhpZHVsn+aafbG+3e3sHybC522+nvWStUn2pUr1Tru6mjeaguVqudRt3VpOFVme0rDxo1rrrrTRtdZqVetpdTBZa9Xq5Wk0W7ja32rVeUq1WVipL5bXF4ux28vr995JOI1kYxVfbvb1Bu9NPttPdJP/EYrJcWXl5MblVTd7Z2Ew2H9y7t7H57gd337//ysabrxWL/lFWsrC8tLxcri6Vl6uLF2j/nxRFj3H/cCKlSRcAcP7o/4FJOL3+f/dBxOn3/6H/H4tz1f9e9P7/FPYPJ6L/BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4sH6Y/fKN7GQ+H18r5p8ppp4rxqWImIqI3//FdFw6lnO6yDP7H+tn/1bDt6XIMoyucbk4rkbEenH89uxpfwsAAADw9Prq45uf5d16/jI/6YI4S/lNm6nrH44p31xEzM7/OKZsU6OX58eULPv3PRMHY8qW3cCaG1Oy/JbbzLiy/S/Tx8LcY6GUh6kzLQcAADgTxzuBs+1CAAAAOEufTroAJqMUR48yj54FZ395/9cDwSvHRgAAAMA5VJp0AQAAAMCpy/p/v/8HAAAAT7f89/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgD3bu5zZxIIoD8LPBC/tPi1Z731b2BmVsCXvcY0QBaYICciAtpAFqILeUEEGExyEQcYjksa1E3yc5k7HMjzcIDjMjDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KX7ar24vfp93TZnt28nz2gAAACAS7bVelH/M0v9r839782tn02/iIgyIi7N3Ufx6Sxz1ORUL8/fnD5fvarhLqJOOLzHpLm+RMSf5nr80fWnAAAAAB/XZrmap9l6+jMbuiD6lBZtym9/M+UVEVHNHjKllYe8X5nC6u/3OP5nSqsXsKaZwtKS2zhX2pvUP/fjqt30pClSU1582bHIbGMHAAB6NDpr+p2FAAAA0Kd/QxfAMIp43so8bgVOUtNs730+6wEAAADvUDF0AQAAAEDn6vl/T+f/7Z3/BwAAAMNI5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQpW21XmyWq3nbnN2+nTyjAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCf25x0FQiAMwmDv+s5k7n9YadDU1KQKhI+/MRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjzu7/8n5gaZ5K518bS80iydmpsnRp758bRH8bXrwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNiflxQIgSCIgjnjfyd9/8NKgp5BhAhoeFRRiwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvuh3v/yfmBpnkrnTxtLxSLJ21di6auw9aBw9GG//BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuNi5n9c4qjgA4G9mdra2Kq5R9hARBQ96sdttbe1NPCjBg3+CENJtjd36o83BliLm4k1y7kX0KCIo8db/IecEcom3HPYQwbMyszPZyQ9w/TWzST4fePO+Owzzvm8WQr7zXgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBp9PYkTrJDZxzHxbnNvYdLWb91qM88Xtuez1oWR3UmfTK8WP0QdZtLBAAAgLMjKev7EMJOur6Q9XEnr//T8pqs5v/26XFc1vOH6/6yL2v/rP3y8+7z+wN1xuNkN725PBxcOppK6/+b5Wx75i+vaOVPPn/3kuRfSPze6nOjNH+e0dcbG++08/BcHdkCAP/ExbIvgvL3oazvN5kYAGdGq1J4l/V/0mk2JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA6jFbDk2UchRDmW5M4s7X3cOm4/vHa9nzZrj16tBa+nNwzu0UaQri5PBxcqnU2s+3e/Qe3F4fDwd36g5dCCE2N/lYx/dsfTHFxCI08H8F/FMTFlz0r+ZyMoMEfSgAAnEpp0bK6fiddX8jORXMh/PHdwfr/1Uocpqz/dz+8tlkdq1r/92ub4ezrrdz5tHfv/oPXl+8s3hrcGnz8xuX+m/0r169evd7L35X0vDEBAADg32kXrVr/x3NH1/8vVOIwZf3/2Tf9L6pjJer/Y00W/ZrOBAAA4Gx79uXff4uOOR+12+HzxZWVu/3xcf/z5fGxgVT/tnNFq9b/yVzTWQEAAAB1GK1GB9b/b1TiMOX6/1Pfv/Bj9Z5JCOF8sf5/cemT4Y36pjPT6vhz4qbnCAAAQLPOF626/p/m+//j/S0PcQjhtVfGcfFvAKeq/5N3v/qhOlZ1//+V+qY4k+Lu+HnkfTeEVrfpjAAAADjNnihaVuz/mq4vfPTThffb9v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1O3PAAAA//9WwT6Z")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0xf50f, &(0x7f0000000080)={@desc={0x1, 0x0, @desc1}})

547.927121ms ago: executing program 4 (id=2597):
r0 = syz_usb_connect$hid(0x0, 0x90, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000000000105804165000000000000109022400010000c04009040000010300000009210900000122a00009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000000)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="0000d2"], 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x80)
ioctl$HIDIOCSUSAGES(r1, 0x501c4814, 0x0)

400.422814ms ago: executing program 5 (id=2598):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x10, 0x4, &(0x7f0000000080)=ANY=[@ANYBLOB="180200000a00000000000000feffffffd40e00001000000095"], &(0x7f0000000000)='GPL\x00', 0x8, 0x0, 0x0, 0x41000, 0x4}, 0x94)

400.106543ms ago: executing program 5 (id=2599):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x2000a840}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000ff0000000000000a58000000060a0b040000000000000000020000002c0004802800018007000100637400001c000280050003001b000000080002400000000d08000440000000040900010073797a30000000000900020073797a32"], 0x80}}, 0x0)

260.072052ms ago: executing program 5 (id=2600):
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x12, 0xc, 0x0, 0x0, 0x2, 0x0, 0x0, 0x1e00, 0x61, '\x00', 0x0, @cgroup_sock_addr=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

149.983965ms ago: executing program 1 (id=2601):
syz_mount_image$ext4(&(0x7f0000000500)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x0, &(0x7f0000000180)={[{}]}, 0x1, 0x453, &(0x7f0000001040)="$eJzs3U9sFFUcB/DvbrslAbRg/IP4r4JKEaW2NUESTCTKSS4GE88NLYRYqKE1EUKMJh68eTHx7EG5eeTgyXjAoyZ48aaejJEYIvGk1sx2ly5lt3RD26nu55PM7pud132/mdffzO7ryzRAzxoqHirJ1iTfJxlcWL25wtDC0/VrF47/ee3C8Urm54/9XqnX++PahePNqs2f21I8VJPhalL9oJKH2rQ7e+78mxPT01NnG+sjc6ffGpk9d/7ZU6cnTk6dnDozeuDgC+OjB8bGx1dtX1+9+O6xLa+9dOSjySu/zVz86csi3q2Nba37sVqGMnTzsWzx1Go3VrL7WsqV/hIDoSt9SYruqtXzfzB9Wey8wXzzY6nBAWtqvrCp4+b35oH/sUrKjgAoR/NCX3z/bS7r9dmD8l09vPAFsOj3641lYUt/qo06tSXf71fTUJJDl458USxZo3EYAAAAgF721eEkz7Qb/6vm/pZ6RfmBJDuSPJhkZ1Kf1/NwkkeSPJrkseZ8oi4srb90/KfSaQINq+Lq4eRQY27XzeN/zdG/bOtrrN1VrKRWOXFqeuq5JHcnGU5tU7E+ukwbl7/957tO21rH/4qlaL85FtiI49f+JX+fnpyYm7iTfWbR1feTnf3t+r9yYyZQkYKPJ9nVzRvXFos/79p7slO12/c/a2n+02RP2/xvnHivHKw/LTM/c6R+PhhpnhVu9eHo2Cud2tf/5Sryf/Ny/Z9sq7TO153tvo3LOy692Glb9+f/Hz4rzv8DldfrAQ40Xn1nYm7u7GgyUDl66+tj3cf839b5Q1PzeDSPV9H/w7vbX//vaXm33UmeSPJkY+7ynvq1P9mb5Okk+5aJ5u+XD7zRaZv8L1fR/5Nt8//G1IAl+d994dD2T452an9l+f98/Rd6uPGKz3+3t9IOKjtOAAAAAAAAAFZHtX4PvEp1/41ytbp//8I9/O7N5ur0zOzcvhMzb5+ZXLhX3rbUqs2ZXoMt80FH6+XF9bEl6+NJtif5uO+vxp0HZqYny9556HFbOuR/4Ze+sqMD1pz7tULvWkH+19YjDmD9uf5D75L/0LvkP/Qu+Q+9S/5D75L/0LtWnv8DaxoHsP5c/6En3cl9/TZaoT8bIoy2heb8qZLCaP5L/g1yNDZm4fOvk3Voqy/JRtnlZQplnpUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANo5/AwAA//9EA9s8")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x18)
chdir(&(0x7f0000000240)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='net_prio.prioidx\x00', 0x275a, 0x0)
write$P9_RSTATu(r1, &(0x7f0000000b00)=ANY=[@ANYBLOB=']'], 0x5d)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x10012, r1, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
getdents64(r0, 0x0, 0x0)

149.6439ms ago: executing program 5 (id=2602):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000002f9b0000000000000000b50000000f004083c5000000a0000a4095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000002c0)='io_uring_register\x00', r0}, 0x2a)
r1 = io_uring_setup(0x931, &(0x7f0000000000)={0x0, 0x0, 0x80, 0x1, 0x328})
io_uring_register$IORING_REGISTER_NAPI(r1, 0x1b, 0x0, 0x1)

59.647029ms ago: executing program 1 (id=2603):
mkdir(&(0x7f0000000100)='./file1\x00', 0x53)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd'])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))

353.737µs ago: executing program 5 (id=2604):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x800700, &(0x7f00000000c0)={[{@data_err_ignore}, {@dioread_nolock}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5a}}, {@sysvgroups}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x3}}]}, 0x1, 0x46f, &(0x7f0000000bc0)="$eJzs281rHOUfAPDvTF7a/vqS/Gp9aa0aLUJQTJq0ag9eFAWRioIe6jEm2xK6baSJYmuxqYgnQQp6Fo+if4E3EUQ9CV49eZJC0V7aeorM7Ey72WYTYzadmP18YHafZ+bZnee7z7w8+zy7AXStoewhidgREb9GxEAju7jAUOPp+tXzkzeunp9MYmHhtT+SvNy1q+cny6Ll67YXmeE0Iv0wKXay2OzZcycn6vXamSI/OnfqrdHZs+eeeOfUxInaidrp8SNHDh8ae/qp8Sc7EmcW17V978/s3/viG5denjx26c0fv87qu6PY3hxHpwxlgf+5kGvd9mind1axnU3ppLfCirAqPRGRNVdffv4PRE/caryBeOGDSisHrKvs3rSl/eb5BWATS6LqGgDVKG/02fffcrlDXY8N4cqzjS9AWdzXi6WxpTfSokxfy/fbThqKiGPzf32eLbFO4xAAAM0+nvzsaH9EvHfjq5eyvsdARJTjQffkj7/lj7uKOZTBiPh/ROyOiLsiYk9E3F2UvTci7ltjfW7v/6SX1/iWy8r6f88Uc1uL+39l7y8Ge4rczjz+vuT4dL12sPhMhqNvS5YfW2Yf3z7/yyfttjX3/7Il23/ZFyzqcbm3ZYBuamJuIu+UdsCVixH7epeKP7k5E5BExN6I2Le6t95VJqYf+3J/u0Irx7+MDswzLXyRhTefxT8fLfGXkub5yenb5idHt0a9dnC0PCpu99PPH73abv9rir8DrtQaz03t31pkMGmer53t7P7/5fGf9iev5/PM/cW6dyfm5s6MRfQnR/P8ovXjt15b5svy2fE/fGDp83938Zos/vsjIjuIH4iIByPioaLuD0fEIxFxYJkYf3hu5fgjraj9L0ZMLXn9u3n8t7T/6hM9J7//pt3+/1n7H85Tw8Wa/Pq3gqWqk10uWiu4ls8OAAAA/ivS/DfwSTpyM52mIyON3/Dvif+l9ZnZucePz7x9eqrxW/nB6EvLka6BYjy0Pl2vjSXzxTs2xkfHi7Hicrz0UDFu/GnPtjw/MjlTn6o4duh229uc/5nfe6quHbDOti25drz/jlcEqEDrPHq6OHvhlXAxgM3K/7Whe61w/jf/DwbYZNz/oXstdf5faMmbC4DNyf0fupfzH7pU+l3VNQAq5P4PXWkt/+tfx8TWjVGNahIbtVHyRESZSDdEfSTWKVH1lQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAz/g4AAP//K2Lmiw==")

0s ago: executing program 1 (id=2605):
r0 = socket(0x1d, 0x2, 0x6)
setsockopt$ALG_SET_AEAD_AUTHSIZE(r0, 0x6a, 0x2, 0x20000000, 0x8)

kernel console output (not intermixed with test programs):

0 to HW filter on device team0
[  172.935676][   T70] bridge0: port 1(bridge_slave_0) entered blocking state
[  172.938241][   T70] bridge0: port 1(bridge_slave_0) entered forwarding state
[  172.951008][   T70] bridge0: port 2(bridge_slave_1) entered blocking state
[  172.953769][   T70] bridge0: port 2(bridge_slave_1) entered forwarding state
[  173.132021][ T8883] 8021q: adding VLAN 0 to HW filter on device batadv0
[  173.191873][ T8883] veth0_vlan: entered promiscuous mode
[  173.209223][ T8883] veth1_vlan: entered promiscuous mode
[  173.245826][ T8883] veth0_macvtap: entered promiscuous mode
[  173.250359][ T8883] veth1_macvtap: entered promiscuous mode
[  173.268993][ T8883] batman_adv: batadv0: Interface activated: batadv_slave_0
[  173.284536][ T8883] batman_adv: batadv0: Interface activated: batadv_slave_1
[  173.291814][   T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  173.294534][   T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  173.338403][ T8939] openvswitch: netlink: IP tunnel dst address not specified
[  173.357599][ T5683] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  173.380990][ T5683] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  173.448313][   T52] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  173.455183][   T52] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  173.503726][ T3950] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  173.512636][ T3950] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  173.699280][ T8957] loop3: detected capacity change from 0 to 256
[  173.729652][ T8957] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x76dfe2a7, utbl_chksum : 0xe619d30d)
[  173.745251][ T8957] exFAT-fs (loop3): failed to load alloc-bitmap
[  173.747094][ T8957] exFAT-fs (loop3): failed to recognize exfat type
[  174.722653][ T8982] bond1 (unregistering): Released all slaves
[  174.985015][   T56] Bluetooth: hci3: command tx timeout
[  174.995099][ T8987] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1341'.
[  175.015179][ T8987] netlink: 60 bytes leftover after parsing attributes in process `syz.1.1341'.
[  175.090603][ T8989] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  175.630804][ T9001] loop3: detected capacity change from 0 to 512
[  175.667842][ T9001] EXT4-fs: old and new quota format mixing
[  176.420197][ T9047] loop3: detected capacity change from 0 to 2048
[  176.423321][ T9047] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  176.448221][ T9048] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  176.528568][ T9048] NILFS (loop3): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  176.537462][ T9048] NILFS error (device loop3): nilfs_bmap_propagate: broken bmap (inode number=4)
[  176.563257][ T9048] Remounting filesystem read-only
[  176.567046][ T8883] NILFS (loop3): disposed unprocessed dirty file(s) when stopping log writer
[  177.015140][ T5900] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  177.064906][   T56] Bluetooth: hci3: command tx timeout
[  177.185612][ T5900] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  177.189816][ T5900] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  177.193374][ T5900] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  177.204350][ T5900] usb 4-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  177.209363][ T5900] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.212950][ T5900] usb 4-1: Product: syz
[  177.215077][ T5900] usb 4-1: Manufacturer: syz
[  177.216875][ T5900] usb 4-1: SerialNumber: syz
[  177.225543][ T5900] usb 4-1: config 0 descriptor??
[  177.235866][ T5900] adutux 4-1:0.0: interrupt endpoints not found
[  177.287822][ T9078] loop2: detected capacity change from 0 to 8
[  177.301662][ T9078] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  177.326487][ T9078] cramfs: Error -3 while decompressing!
[  177.329633][ T9078] cramfs: ffffffff998d1f28(26)->ffff8881bdd05000(4096)
[  177.332216][ T9078] cramfs: Error -3 while decompressing!
[  177.334551][ T9078] cramfs: ffffffff998d1f42(26)->ffff8881bdd08000(4096)
[  177.338204][ T9078] cramfs: Error -3 while decompressing!
[  177.340596][ T9078] cramfs: ffffffff998d1f5c(16)->ffff8881be963000(4096)
[  177.343885][ T9078] cramfs: Error -3 while decompressing!
[  177.346374][ T9078] cramfs: ffffffff998d1f28(26)->ffff8881bdd05000(4096)
[  177.425320][ T9082] netlink: 'syz.2.1383': attribute type 12 has an invalid length.
[  177.428349][ T9082] netlink: 'syz.2.1383': attribute type 29 has an invalid length.
[  177.431277][ T9082] netlink: 148 bytes leftover after parsing attributes in process `syz.2.1383'.
[  177.438078][ T5879] usb 4-1: USB disconnect, device number 2
[  177.447997][ T9082] netlink: 'syz.2.1383': attribute type 2 has an invalid length.
[  177.453785][ T9082] netlink: 'syz.2.1383': attribute type 3 has an invalid length.
[  177.457306][ T9082] netlink: 7 bytes leftover after parsing attributes in process `syz.2.1383'.
[  177.571000][ T9088] loop2: detected capacity change from 0 to 1024
[  177.597525][ T9088] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  177.623217][ T9088] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  177.632738][ T9088] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 1 with error 28
[  177.637217][ T9088] EXT4-fs (loop2): This should not happen!! Data will be lost
[  177.637217][ T9088] 
[  177.639988][ T9088] EXT4-fs (loop2): Total free blocks count 0
[  177.641765][ T9088] EXT4-fs (loop2): Free/Dirty block details
[  177.643680][ T9088] EXT4-fs (loop2): free_blocks=68451041280
[  177.645840][ T9088] EXT4-fs (loop2): dirty_blocks=32
[  177.647464][ T9088] EXT4-fs (loop2): Block reservation details
[  177.650145][ T9088] EXT4-fs (loop2): i_reserved_data_blocks=2
[  177.655329][ T9088] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  177.748166][ T9092] netlink: 'syz.2.1387': attribute type 1 has an invalid length.
[  177.754997][ T9092] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1387'.
[  178.008279][ T9102] 9pnet_fd: Insufficient options for proto=fd
[  178.138581][ T9110] can0: slcan on ttyS3.
[  178.215529][ T9110] can0 (unregistered): slcan off ttyS3.
[  178.247255][ T9112] can0: slcan on ttyS3.
[  178.356590][ T9109] can0 (unregistered): slcan off ttyS3.
[  178.429333][ T9122] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1396'.
[  178.435005][ T9122] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  178.492468][ T9122] batman_adv: batadv0: Removing interface: batadv_slave_1
[  179.025330][ T5879] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  179.092778][ T9142] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1398'.
[  179.095567][ T9142] netlink: 348 bytes leftover after parsing attributes in process `syz.1.1398'.
[  179.098199][ T9142] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1398'.
[  179.100812][ T9142] netlink: 348 bytes leftover after parsing attributes in process `syz.1.1398'.
[  179.103927][ T9142] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1398'.
[  179.162006][   T56] Bluetooth: hci3: command tx timeout
[  179.174046][ T9143] loop2: detected capacity change from 0 to 8
[  179.237466][ T9143] SQUASHFS error: Unable to read inode 0xa7
[  179.316481][ T5879] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  179.321616][ T5879] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  179.324677][ T5879] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.327630][ T5879] usb 4-1: Product: syz
[  179.328885][ T5879] usb 4-1: Manufacturer: syz
[  179.330622][ T5879] usb 4-1: SerialNumber: syz
[  179.514774][ T5866] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  179.724821][ T5866] usb 3-1: Using ep0 maxpacket: 32
[  179.729086][ T5866] usb 3-1: unable to get BOS descriptor or descriptor too short
[  179.732795][ T5866] usb 3-1: config 128 has an invalid interface number: 127 but max is 3
[  179.744811][ T5866] usb 3-1: config 128 has an invalid descriptor of length 0, skipping remainder of the config
[  179.748361][ T5866] usb 3-1: config 128 has 1 interface, different from the descriptor's value: 4
[  179.751542][ T5866] usb 3-1: config 128 has no interface number 0
[  179.753414][ T5866] usb 3-1: config 128 interface 127 altsetting 14 endpoint 0x5 has an invalid bInterval 0, changing to 7
[  179.764758][ T5866] usb 3-1: config 128 interface 127 altsetting 14 endpoint 0x5 has invalid wMaxPacketSize 0
[  179.767790][ T5866] usb 3-1: config 128 interface 127 has no altsetting 0
[  179.777723][ T5866] usb 3-1: New USB device found, idVendor=0582, idProduct=295c, bcdDevice=d4.55
[  179.780375][ T5866] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  179.782731][ T5866] usb 3-1: Product: syz
[  179.783945][ T5866] usb 3-1: Manufacturer: syz
[  179.796000][ T5866] usb 3-1: SerialNumber: syz
[  180.037634][ T5866] usb 3-1: USB disconnect, device number 27
[  180.093864][ T5819] udevd[5819]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:128.127/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  180.350379][ T5879] cdc_ncm 4-1:1.0: MAC-Address: 42:42:42:42:42:42
[  180.352891][ T5879] cdc_ncm 4-1:1.0: dwNtbInMaxSize=16 is too small. Using 2048
[  180.357587][ T5879] cdc_ncm 4-1:1.0: setting rx_max = 2048
[  180.444076][ T9165] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  180.468567][ T9165] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1413'.
[  180.752562][ T5879] cdc_ncm 4-1:1.0: setting tx_max = 88
[  180.773490][ T5879] cdc_ncm 4-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.3-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  180.805526][ T5879] usb 4-1: USB disconnect, device number 3
[  180.808082][ T5879] cdc_ncm 4-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.3-1, CDC NCM (NO ZLP)
[  181.217974][ T9197] RDS: rds_bind could not find a transport for fec0:ffff::1, load rds_tcp or rds_rdma?
[  182.071612][ T9229] netlink: 'syz.1.1440': attribute type 18 has an invalid length.
[  182.807711][ T9242] loop2: detected capacity change from 0 to 2048
[  182.814607][ T9242] UDF-fs: error (device loop2): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  182.830299][ T9242] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  182.841462][ T9242] UDF-fs: Scanning with blocksize 512 failed
[  182.846089][ T9242] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  183.028940][ T9252] loop3: detected capacity change from 0 to 2048
[  183.066937][ T9252] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  183.074607][ T9252] ext4 filesystem being mounted at /35/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  183.095814][ T9256] loop2: detected capacity change from 0 to 512
[  183.119963][ T8883] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.181319][ T9256] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  183.248112][ T5820] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  183.358307][ T9263] ip6erspan0: entered allmulticast mode
[  183.434542][ T9268] loop2: detected capacity change from 0 to 1024
[  183.477951][ T9268] hfsplus: invalid secondary volume header
[  183.480155][ T9268] hfsplus: unable to find HFS+ superblock
[  183.529234][ T9272] 9p: Unknown Cache mode or invalid value m
[  183.670435][ T9279] openvswitch: netlink: Flow key attribute not present in set flow.
[  183.716395][ T9284] loop3: detected capacity change from 0 to 512
[  183.723496][ T9284] ext4: Bad value for 'sb'
[  183.729068][ T9286] netlink: 'syz.1.1465': attribute type 17 has an invalid length.
[  183.830816][ T9290] loop3: detected capacity change from 0 to 1024
[  183.841463][ T9290] EXT4-fs: Ignoring removed bh option
[  183.843285][ T9290] EXT4-fs: inline encryption not supported
[  183.853553][ T9290] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  183.876051][ T9290] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  183.889875][ T9290] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 2: comm syz.3.1467: lblock 2 mapped to illegal pblock 2 (length 1)
[  183.899187][ T9290] Quota error (device loop3): qtree_write_dquot: dquota write failed
[  183.902263][ T9290] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm syz.3.1467: lblock 0 mapped to illegal pblock 48 (length 1)
[  183.907260][ T9290] Quota error (device loop3): v2_write_file_info: Can't write info structure
[  183.911574][ T9290] EXT4-fs error (device loop3): ext4_acquire_dquot:6945: comm syz.3.1467: Failed to acquire dquot type 0
[  183.916200][ T9290] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  183.922405][ T9290] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.1467: mark_inode_dirty error
[  183.926867][ T9290] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  183.930614][ T9290] EXT4-fs (loop3): 1 orphan inode deleted
[  183.933296][ T9290] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  183.937037][ T5280] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  183.940086][   T70] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 1: comm kworker/u10:2: lblock 1 mapped to illegal pblock 1 (length 1)
[  183.958573][   T70] Quota error (device loop3): remove_tree: Can't read quota data block 1
[  183.960902][   T70] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u10:2: Failed to release dquot type 0
[  183.975926][ T9290] EXT4-fs error (device loop3): __ext4_get_inode_loc:4832: comm syz.3.1467: Invalid inode table block 1 in block_group 0
[  183.983633][ T9290] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  184.002194][ T8883] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.015570][  T151] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 1: comm kworker/u9:4: lblock 1 mapped to illegal pblock 1 (length 1)
[  184.028214][  T151] Quota error (device loop3): remove_tree: Can't read quota data block 1
[  184.031392][  T151] EXT4-fs error (device loop3): ext4_release_dquot:6981: comm kworker/u9:4: Failed to release dquot type 0
[  184.056318][ T8883] EXT4-fs error (device loop3): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[  184.067498][ T8883] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  184.085325][ T8883] EXT4-fs error (device loop3): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  184.097537][ T5280] usb 3-1: Using ep0 maxpacket: 32
[  184.101040][ T5280] usb 3-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  184.105514][ T5280] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.119535][ T5280] gspca_main: nw80x-2.14.0 probing 055f:d001
[  184.338998][ T9318] loop3: detected capacity change from 0 to 512
[  184.342371][ T9318] EXT4-fs (loop3): Test dummy encryption mode enabled
[  184.357384][ T9318] EXT4-fs (loop3): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  184.368929][ T9318] EXT4-fs error (device loop3): htree_dirblock_to_tree:1051: inode #2: comm syz.3.1479: Directory hole found for htree leaf block 0
[  184.387892][ T9318] EXT4-fs (loop3): Remounting filesystem read-only
[  184.428845][ T8883] EXT4-fs (loop3): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  184.445302][ T9321] IPv6: NLM_F_CREATE should be specified when creating new route
[  184.547948][ T9325] __nla_validate_parse: 2 callbacks suppressed
[  184.547964][ T9325] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1482'.
[  184.608301][ T9325] bond3 (unregistering): Released all slaves
[  185.187667][ T9349] netlink: 348 bytes leftover after parsing attributes in process `syz.1.1493'.
[  185.334453][ T5280] gspca_nw80x: reg_w err -71
[  185.336245][ T5280] nw80x 3-1:3.0: probe with driver nw80x failed with error -71
[  185.344415][ T9345] loop3: detected capacity change from 0 to 32768
[  185.346824][ T5280] usb 3-1: USB disconnect, device number 28
[  185.372828][ T9345] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  185.404105][ T9345] XFS (loop3): Ending clean mount
[  185.423280][ T8883] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  186.044250][ T9384] loop2: detected capacity change from 0 to 512
[  186.065248][ T5900] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  186.082138][ T9384] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  186.090843][ T9384] ext4 filesystem being mounted at /459/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  186.150521][ T5820] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  186.228990][ T5900] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  186.234669][ T5900] usb 4-1: config 0 has no interface number 0
[  186.238360][ T5900] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  186.241746][ T5900] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  186.244383][ T5900] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  186.260511][ T5900] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.271581][ T5900] usb 4-1: config 0 descriptor??
[  186.454373][ T9392] loop2: detected capacity change from 0 to 8192
[  186.518312][ T5816]  loop2: p1 < > p2 p4 < p5 >
[  186.520209][ T5816] loop2: partition table partially beyond EOD, truncated
[  186.527955][ T5816] loop2: p1 start 8388608 is beyond EOD, truncated
[  186.530449][ T5816] loop2: p2 size 16128 extends beyond EOD, truncated
[  186.541192][ T5816] loop2: p5 size 16128 extends beyond EOD, truncated
[  186.563430][ T9392]  loop2: p1 < > p2 p4 < p5 >
[  186.565757][ T9392] loop2: partition table partially beyond EOD, truncated
[  186.568966][ T9392] loop2: p1 start 8388608 is beyond EOD, truncated
[  186.571474][ T9392] loop2: p2 size 16128 extends beyond EOD, truncated
[  186.579219][ T9392] loop2: p5 size 16128 extends beyond EOD, truncated
[  186.708221][ T5900] uclogic 0003:256C:006D.0009: hidraw0: USB HID v0.00 Device [HID 256c:006d] on usb-dummy_hcd.3-1/input1
[  186.781470][ T9399] loop2: detected capacity change from 0 to 4096
[  186.782465][ T5819] udevd[5819]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  186.787510][ T6167] udevd[6167]: inotify_add_watch(7, /dev/loop2p5, 10) failed: No such file or directory
[  186.794210][ T5816] udevd[5816]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  186.832420][ T9402] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  186.852468][ T6167] udevd[6167]: inotify_add_watch(7, /dev/loop2p5, 10) failed: No such file or directory
[  186.853991][ T5816] udevd[5816]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  186.860638][ T5819] udevd[5819]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  186.920128][ T5900] usb 4-1: USB disconnect, device number 4
[  187.059639][ T9408] syz.2.1513 uses obsolete (PF_INET,SOCK_PACKET)
[  187.070411][ T9408] syzkaller1: entered promiscuous mode
[  187.072511][ T9408] syzkaller1: entered allmulticast mode
[  188.183530][ T9432] loop3: detected capacity change from 0 to 32768
[  188.191904][ T9432] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1524 (9432)
[  188.223799][ T9432] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  188.231715][ T9432] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  188.279912][ T9432] BTRFS info (device loop3): enabling ssd optimizations
[  188.282227][ T9432] BTRFS info (device loop3): turning on async discard
[  188.289335][ T9432] BTRFS info (device loop3): enabling free space tree
[  188.496134][ T8883] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  189.735927][ T9465] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1531'.
[  189.799863][ T5683] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  189.803236][ T5683] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  189.809103][ T9465] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1531'.
[  189.813381][ T5683] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  189.824078][ T5683] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  190.263875][ T9476] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1536'.
[  190.333020][ T9481] loop2: detected capacity change from 0 to 1024
[  190.354300][ T9481] EXT4-fs: Ignoring removed orlov option
[  190.394387][ T9481] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  190.437338][ T9481] EXT4-fs error (device loop2): __ext4_new_inode:1279: comm syz.2.1538: failed to insert inode 15: doubly allocated?
[  190.471178][ T9481] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[  190.560607][ T5820] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.614424][ T9497] loop3: detected capacity change from 0 to 16
[  190.629289][ T9497] erofs (device loop3): mounted with root inode @ nid 36.
[  190.691526][ T9501] 9pnet_fd: Insufficient options for proto=fd
[  191.504843][ T5879] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  191.625034][ T5202] Bluetooth: hci1: command 0x0406 tx timeout
[  191.657504][ T5879] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  191.665865][ T5879] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  191.669425][ T5879] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  191.674517][ T5879] usb 3-1: New USB device found, idVendor=0eef, idProduct=72d0, bcdDevice= 0.00
[  191.678208][ T5879] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.685155][ T5879] usb 3-1: config 0 descriptor??
[  192.103333][ T5879] hid-multitouch 0003:0EEF:72D0.000A: unbalanced collection at end of report description
[  192.121532][ T5879] hid-multitouch 0003:0EEF:72D0.000A: probe with driver hid-multitouch failed with error -22
[  192.308776][ T5879] usb 3-1: USB disconnect, device number 29
[  192.561670][ T9549] loop3: detected capacity change from 0 to 32768
[  192.566088][ T9549] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1566 (9549)
[  192.579575][ T9549] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  192.583318][ T9549] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  192.746890][ T9549] BTRFS info (device loop3): enabling ssd optimizations
[  192.749671][ T9549] BTRFS info (device loop3): turning on async discard
[  192.752167][ T9549] BTRFS info (device loop3): enabling free space tree
[  193.211094][   T34] audit: type=1800 audit(1764306112.393:6982): pid=9570 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1566" name="file2" dev="loop3" ino=261 res=0 errno=0
[  193.463336][ T8883] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  194.079498][ T9587] loop3: detected capacity change from 0 to 32768
[  194.110349][ T9599] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1581'.
[  194.113714][ T9599] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1581'.
[  194.179877][ T9587] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  194.213129][   T34] audit: type=1800 audit(1764306113.433:6983): pid=9587 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1573" name="file1" dev="loop3" ino=17058 res=0 errno=0
[  194.307652][   T34] audit: type=1800 audit(1764306113.533:6984): pid=9607 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1573" name="file1" dev="loop3" ino=17058 res=0 errno=0
[  194.554146][ T9587] syz.3.1573 (9587) used greatest stack depth: 17944 bytes left
[  194.669288][ T1362] ieee802154 phy0 wpan0: encryption failed: -22
[  194.671671][ T1362] ieee802154 phy1 wpan1: encryption failed: -22
[  194.679722][ T8883] ocfs2: Unmounting device (7,3) on (node local)
[  194.889113][ T9625] loop2: detected capacity change from 0 to 1024
[  195.194443][ T9635] loop3: detected capacity change from 0 to 512
[  195.215973][ T9635] EXT4-fs (loop3): 1 truncate cleaned up
[  195.219388][ T9635] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.269445][ T9635] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.1594: invalid indirect mapped block 234881024 (level 0)
[  195.329653][ T8883] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.032759][ T9642] loop2: detected capacity change from 0 to 512
[  196.098100][ T9642] Quota error (device loop2): v2_read_file_info: Can't read info structure
[  196.110753][ T9642] EXT4-fs warning (device loop2): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-5, ino=4). Please run e2fsck to fix.
[  196.141203][ T9642] EXT4-fs (loop2): mount failed
[  196.183385][ T9647] binder: 9643:9647 ioctl 4018620d 0 returned -22
[  196.236673][ T9647] bridge0: port 2(bridge_slave_1) entered disabled state
[  196.244305][ T9647] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.202798][ T9672] loop2: detected capacity change from 0 to 1024
[  198.350742][ T1173] hfsplus: b-tree write err: -5, ino 4
[  198.415400][ T5879] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  198.566800][ T5879] usb 4-1: config 0 has an invalid interface number: 84 but max is 0
[  198.570431][ T5879] usb 4-1: config 0 has no interface number 0
[  198.577442][ T5879] usb 4-1: New USB device found, idVendor=8086, idProduct=0b63, bcdDevice=ca.f3
[  198.580447][ T5879] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  198.582720][ T5879] usb 4-1: Product: syz
[  198.588275][ T5879] usb 4-1: Manufacturer: syz
[  198.591123][ T5879] usb 4-1: SerialNumber: syz
[  198.601689][ T5879] usb 4-1: config 0 descriptor??
[  198.605810][ T5879] ljca 4-1:0.84: bulk endpoints not found
[  198.643894][ T9675] loop2: detected capacity change from 0 to 32768
[  198.648733][ T9675] (syz.2.1611,9675,0):ocfs2_read_blocks:239 ERROR: status = -12
[  198.651413][ T9675] (syz.2.1611,9675,0):ocfs2_map_slot_buffers:388 ERROR: status = -12
[  198.653902][ T9675] (syz.2.1611,9675,0):ocfs2_init_slot_info:426 ERROR: status = -12
[  198.656718][ T9675] (syz.2.1611,9675,0):ocfs2_initialize_super:2222 ERROR: status = -12
[  198.659506][ T9675] (syz.2.1611,9675,0):ocfs2_fill_super:1177 ERROR: status = -12
[  198.708703][ T9683] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1615'.
[  198.715689][ T9683] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1615'.
[  198.813500][ T5879] usb 4-1: USB disconnect, device number 5
[  199.774588][ T9701] loop3: detected capacity change from 0 to 32768
[  199.779677][ T9701] (syz.3.1624,9701,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  199.792306][ T9701] (syz.3.1624,9701,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  199.831641][ T9701] JBD2: Ignoring recovery information on journal
[  199.878918][ T9701] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  199.899802][ T9711] loop2: detected capacity change from 0 to 2048
[  199.938813][ T9711] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  200.069095][ T8883] ocfs2: Unmounting device (7,3) on (node local)
[  200.753498][ T9725] loop2: detected capacity change from 0 to 32768
[  200.762721][ T9725] 
[  200.762721][ T9725]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  200.762721][ T9725] 
[  200.826401][ T5820] non-latin1 character 0x3ff found in JFS file name
[  200.829565][ T5820] mount with iocharset=utf8 to access
[  200.833694][ T5820] 
[  200.833694][ T5820]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  200.833694][ T5820] 
[  200.875668][ T5820] 
[  200.875668][ T5820]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  200.875668][ T5820] 
[  200.888408][ T5820] 
[  200.888408][ T5820]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  200.888408][ T5820] 
[  200.892464][ T5820] 
[  200.892464][ T5820]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  200.892464][ T5820] 
[  200.907489][  T116] 
[  200.907489][  T116]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  200.907489][  T116] 
[  200.928454][ T5820] read_mapping_page failed!
[  200.930373][ T5820] ERROR: (device loop2): txCommit: 
[  200.930373][ T5820] 
[  200.955059][ T5820] ERROR: (device loop2): remounting filesystem as read-only
[  201.200619][ T5820] team0: Port device macvlan2 removed
[  201.315806][ T9759] netlink: 'syz.1.1652': attribute type 21 has an invalid length.
[  201.318912][ T9759] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1652'.
[  201.345511][ T9758] netlink: 'syz.3.1653': attribute type 9 has an invalid length.
[  201.455133][ T5683] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.624272][ T5683] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.691005][ T9765] loop3: detected capacity change from 0 to 512
[  201.719701][ T9765] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.1657: inode has both inline data and extents flags
[  201.768009][ T9765] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1657: couldn't read orphan inode 15 (err -117)
[  201.789632][ T5683] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.795966][ T9765] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  201.860847][ T8883] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.867987][ T5683] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.899731][ T5202] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  201.907971][ T5202] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  201.915028][ T5202] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  201.918480][ T5202] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  201.921398][ T5202] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  202.116012][ T9776] loop3: detected capacity change from 0 to 1024
[  202.136979][ T9776] EXT4-fs (loop3): bad geometry: first data block 0 is beyond end of filesystem (0)
[  202.337733][ T5683] bridge_slave_1: left allmulticast mode
[  202.339750][ T5683] bridge_slave_1: left promiscuous mode
[  202.344451][ T5683] bridge0: port 2(bridge_slave_1) entered disabled state
[  202.396012][ T5683] bridge_slave_0: left allmulticast mode
[  202.398318][ T5683] bridge_slave_0: left promiscuous mode
[  202.400721][ T5683] bridge0: port 1(bridge_slave_0) entered disabled state
[  202.518032][ T9785] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  202.997969][ T9801] loop3: detected capacity change from 0 to 32768
[  203.006457][ T9801] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1671 (9801)
[  203.012277][ T9801] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  203.015496][ T9801] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  203.123412][ T9801] BTRFS info (device loop3): enabling ssd optimizations
[  203.125694][ T9801] BTRFS info (device loop3): turning on async discard
[  203.127926][ T9801] BTRFS info (device loop3): enabling free space tree
[  203.854397][ T8883] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  203.944962][   T56] Bluetooth: hci2: command tx timeout
[  204.342367][ T9825] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.1673'.
[  204.498202][ T5683] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  204.505563][ T5683] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  204.513559][ T5683] bond0 (unregistering): Released all slaves
[  204.630472][ T9771] chnl_net:caif_netlink_parms(): no params data found
[  204.694854][ T5900] IPVS: starting estimator thread 0...
[  204.796103][ T9836] IPVS: using max 64 ests per chain, 153600 per kthread
[  204.805563][ T9841] netlink: 'syz.3.1678': attribute type 1 has an invalid length.
[  204.886534][ T9841] 8021q: adding VLAN 0 to HW filter on device bond1
[  204.932045][ T9847] bond1: (slave veth3): Enslaving as an active interface with a down link
[  204.988894][ T9841] bond1: (slave veth0_to_bond): making interface the new active one
[  205.005280][ T9841] veth0_to_bond: entered promiscuous mode
[  205.007862][ T9841] bond1: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  205.152243][ T9771] bridge0: port 1(bridge_slave_0) entered blocking state
[  205.160866][ T9771] bridge0: port 1(bridge_slave_0) entered disabled state
[  205.163133][ T9771] bridge_slave_0: entered allmulticast mode
[  205.166272][ T9771] bridge_slave_0: entered promiscuous mode
[  205.170096][ T9771] bridge0: port 2(bridge_slave_1) entered blocking state
[  205.172292][ T9771] bridge0: port 2(bridge_slave_1) entered disabled state
[  205.174493][ T9771] bridge_slave_1: entered allmulticast mode
[  205.178290][ T9771] bridge_slave_1: entered promiscuous mode
[  205.231249][ T9771] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  205.247369][ T5683] hsr_slave_0: left promiscuous mode
[  205.250795][ T5683] hsr_slave_1: left promiscuous mode
[  205.252910][ T5683] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  205.257483][ T5683] batman_adv: batadv0: Removing interface: batadv_slave_0
[  205.264016][ T5683] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  205.267002][ T5683] batman_adv: batadv0: Removing interface: batadv_slave_1
[  205.298590][ T5683] veth1_macvtap: left promiscuous mode
[  205.301126][ T5683] veth0_macvtap: left promiscuous mode
[  205.303288][ T5683] veth1_vlan: left promiscuous mode
[  205.306367][ T5683] veth0_vlan: left promiscuous mode
[  205.335512][ T5866] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  205.488094][ T5866] usb 4-1: Using ep0 maxpacket: 16
[  205.506517][ T5866] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  205.510081][ T5866] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  205.514929][ T5866] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  205.523866][ T5866] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  205.537139][ T5866] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.552729][ T5866] usb 4-1: config 0 descriptor??
[  206.027042][   T56] Bluetooth: hci2: command tx timeout
[  206.081857][ T5866] microsoft 0003:045E:07DA.000B: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[  206.094311][ T5866] microsoft 0003:045E:07DA.000B: no inputs found
[  206.097580][ T5866] microsoft 0003:045E:07DA.000B: could not initialize ff, continuing anyway
[  206.193721][ T2212] usb 4-1: USB disconnect, device number 6
[  206.357120][ T5683] team0 (unregistering): Port device team_slave_1 removed
[  206.413002][ T5683] team0 (unregistering): Port device team_slave_0 removed
[  206.830791][ T9862] loop3: detected capacity change from 0 to 128
[  207.281943][ T9771] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  207.439656][ T9771] team0: Port device team_slave_0 added
[  207.444646][ T9771] team0: Port device team_slave_1 added
[  207.538256][ T9864] overlayfs: failed to resolve './file0': -2
[  207.619088][ T9771] batman_adv: batadv0: Adding interface: batadv_slave_0
[  207.622088][ T9771] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  207.644989][ T9771] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  207.656726][ T9771] batman_adv: batadv0: Adding interface: batadv_slave_1
[  207.659196][ T9771] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  207.688903][ T9771] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  207.820876][ T9771] hsr_slave_0: entered promiscuous mode
[  207.826039][ T9771] hsr_slave_1: entered promiscuous mode
[  207.964036][ T5683] IPVS: stop unused estimator thread 0...
[  208.105064][   T56] Bluetooth: hci2: command tx timeout
[  208.186207][ T5202] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  208.193182][ T5202] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  208.199502][ T5202] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  208.205098][ T5202] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  208.213446][ T5202] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  208.319635][ T5683] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  208.323751][ T5683] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.563171][ T5683] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  208.567676][ T5683] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.637052][ T9771] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  208.696307][ T5683] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  208.700353][ T5683] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.708163][ T9771] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  208.720093][ T9771] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  208.738380][ T9771] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  208.837709][ T5683] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  208.854994][ T5683] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  208.911031][ T9913] 9pnet: Found fid 0 not clunked
[  209.103611][ T9879] chnl_net:caif_netlink_parms(): no params data found
[  209.262284][ T5683] bridge_slave_1: left allmulticast mode
[  209.264332][ T5683] bridge_slave_1: left promiscuous mode
[  209.275068][ T5683] bridge0: port 2(bridge_slave_1) entered disabled state
[  209.288846][ T5683] bridge_slave_0: left allmulticast mode
[  209.290821][ T5683] bridge_slave_0: left promiscuous mode
[  209.292848][ T5683] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.185379][   T56] Bluetooth: hci2: command tx timeout
[  210.236352][ T5683] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  210.255786][ T5683] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  210.265027][   T56] Bluetooth: hci3: command tx timeout
[  210.277641][ T5683] bond0 (unregistering): Released all slaves
[  210.662137][ T5683] bond1 (unregistering): (slave veth3): Releasing active interface
[  210.670263][ T5683] bond1 (unregistering): (slave veth0_to_bond): Releasing active interface
[  210.697018][ T5683] bond1 (unregistering): Released all slaves
[  210.708106][ T9940] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1710'.
[  210.867902][ T9879] bridge0: port 1(bridge_slave_0) entered blocking state
[  210.874357][ T9879] bridge0: port 1(bridge_slave_0) entered disabled state
[  210.877976][ T9879] bridge_slave_0: entered allmulticast mode
[  210.881831][ T9879] bridge_slave_0: entered promiscuous mode
[  211.003215][ T9771] 8021q: adding VLAN 0 to HW filter on device bond0
[  211.017179][ T9771] 8021q: adding VLAN 0 to HW filter on device team0
[  211.019572][ T9879] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.022307][ T9879] bridge0: port 2(bridge_slave_1) entered disabled state
[  211.027617][ T9879] bridge_slave_1: entered allmulticast mode
[  211.030646][ T9879] bridge_slave_1: entered promiscuous mode
[  211.081475][ T3950] bridge0: port 1(bridge_slave_0) entered blocking state
[  211.083816][ T3950] bridge0: port 1(bridge_slave_0) entered forwarding state
[  211.160722][ T9879] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  211.187324][ T3950] bridge0: port 2(bridge_slave_1) entered blocking state
[  211.190174][ T3950] bridge0: port 2(bridge_slave_1) entered forwarding state
[  211.198024][ T9879] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  211.270887][ T5683] hsr_slave_0: left promiscuous mode
[  211.273687][ T5683] hsr_slave_1: left promiscuous mode
[  211.278073][ T5683] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  211.280728][ T5683] batman_adv: batadv0: Removing interface: batadv_slave_0
[  211.303170][ T5683] veth1_macvtap: left promiscuous mode
[  211.305942][ T5683] veth0_macvtap: left promiscuous mode
[  211.308122][ T5683] veth1_vlan: left promiscuous mode
[  211.310175][ T5683] veth0_vlan: left promiscuous mode
[  211.974128][ T5683] team0 (unregistering): Port device team_slave_1 removed
[  212.027311][ T5683] team0 (unregistering): Port device team_slave_0 removed
[  212.344940][   T56] Bluetooth: hci3: command tx timeout
[  212.725975][ T9879] team0: Port device team_slave_0 added
[  212.746049][ T9879] team0: Port device team_slave_1 added
[  212.817346][ T9960] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1716'.
[  212.865633][ T9879] batman_adv: batadv0: Adding interface: batadv_slave_0
[  212.867999][ T9879] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  212.895020][ T9879] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  212.918234][ T9879] batman_adv: batadv0: Adding interface: batadv_slave_1
[  212.920276][ T9879] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  212.935134][ T9879] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  213.159486][ T9879] hsr_slave_0: entered promiscuous mode
[  213.165386][ T9879] hsr_slave_1: entered promiscuous mode
[  213.171255][ T9879] debugfs: 'hsr0' already exists in 'hsr'
[  213.175406][ T9879] Cannot create hsr debugfs directory
[  213.323260][ T9771] 8021q: adding VLAN 0 to HW filter on device batadv0
[  213.540442][ T9879] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  213.552719][ T9879] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  213.566270][ T9879] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  213.575792][ T9879] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  213.642499][ T9771] veth0_vlan: entered promiscuous mode
[  213.668471][ T9771] veth1_vlan: entered promiscuous mode
[  213.707111][ T9879] 8021q: adding VLAN 0 to HW filter on device bond0
[  213.712401][ T9771] veth0_macvtap: entered promiscuous mode
[  213.721403][ T9771] veth1_macvtap: entered promiscuous mode
[  213.743414][ T9879] 8021q: adding VLAN 0 to HW filter on device team0
[  213.757565][  T151] bridge0: port 1(bridge_slave_0) entered blocking state
[  213.760277][  T151] bridge0: port 1(bridge_slave_0) entered forwarding state
[  213.781311][  T151] bridge0: port 2(bridge_slave_1) entered blocking state
[  213.783528][  T151] bridge0: port 2(bridge_slave_1) entered forwarding state
[  213.791263][ T9771] batman_adv: batadv0: Interface activated: batadv_slave_0
[  213.810452][ T9771] batman_adv: batadv0: Interface activated: batadv_slave_1
[  213.838010][ T5846] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  213.840685][ T5846] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  213.845980][ T5846] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  213.848785][ T5846] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  213.987431][  T151] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  213.989808][  T151] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  214.048910][   T52] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  214.051257][   T52] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  214.170641][ T9879] 8021q: adding VLAN 0 to HW filter on device batadv0
[  214.182793][T10015] vcan0: tx drop: invalid sa for name 0x0000000000000001
[  214.425112][   T56] Bluetooth: hci3: command tx timeout
[  214.474248][ T9879] veth0_vlan: entered promiscuous mode
[  214.482171][ T9879] veth1_vlan: entered promiscuous mode
[  214.532237][ T9879] veth0_macvtap: entered promiscuous mode
[  214.546056][ T9879] veth1_macvtap: entered promiscuous mode
[  214.587850][ T9879] batman_adv: batadv0: Interface activated: batadv_slave_0
[  214.592621][ T9879] batman_adv: batadv0: Interface activated: batadv_slave_1
[  214.645505][ T5683] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  214.649817][ T5683] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  214.662961][ T5683] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  214.679443][ T5683] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  214.918832][ T1092] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  214.939453][ T1092] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  214.966643][ T3950] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  214.972597][ T3950] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  215.314236][T10058] device ioctl magic numbers don't match! Did you rebuild pvfs2-client-core/libpvfs2? [cmd 5409, magic 54 != 6b]
[  215.369988][T10065] loop4: detected capacity change from 0 to 1024
[  215.396943][T10065] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  215.406908][T10065] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  215.409332][T10065] EXT4-fs (loop4): orphan cleanup on readonly fs
[  215.451539][T10065] EXT4-fs error (device loop4): ext4_free_blocks:6706: comm syz.4.1735: Freeing blocks not in datazone - block = 0, count = 4096
[  215.471984][T10065] EXT4-fs (loop4): 1 orphan inode deleted
[  215.485532][T10065] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  215.520355][ T9771] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.793183][T10082] loop4: detected capacity change from 0 to 2048
[  215.847813][ T5816] Alternate GPT is invalid, using primary GPT.
[  215.849792][ T5816]  loop4: p1 p2 p3
[  215.891880][T10082] Alternate GPT is invalid, using primary GPT.
[  215.894358][T10082]  loop4: p1 p2 p3
[  215.935914][T10073] loop5: detected capacity change from 0 to 32768
[  215.975147][T10073] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1738 (10073)
[  216.008083][T10073] BTRFS info (device loop5): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  216.032846][T10073] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm
[  216.122319][ T6167] udevd[6167]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[  216.126964][ T5816] udevd[5816]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  216.129601][ T5825] udevd[5825]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  216.220304][T10106] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1748'.
[  216.231675][T10106] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1748'.
[  216.232874][T10073] BTRFS info (device loop5): enabling ssd optimizations
[  216.249425][T10073] BTRFS info (device loop5): turning on async discard
[  216.252069][T10106] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1748'.
[  216.253713][T10073] BTRFS info (device loop5): enabling free space tree
[  216.505316][   T56] Bluetooth: hci3: command tx timeout
[  216.838906][ T9879] BTRFS info (device loop5): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  217.704926][ T2212] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  217.733140][T10145] netlink: 'syz.1.1763': attribute type 29 has an invalid length.
[  217.861626][ T2212] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  217.866096][ T2212] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  217.891203][ T2212] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  217.895946][ T2212] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.899035][ T2212] usb 6-1: Product: syz
[  217.900677][ T2212] usb 6-1: Manufacturer: syz
[  217.902452][ T2212] usb 6-1: SerialNumber: syz
[  217.915348][T10141] loop4: detected capacity change from 0 to 32768
[  217.945291][ T2212] cdc_mbim 6-1:1.0: skipping garbage
[  217.951023][ T2212] usb 6-1: selecting invalid altsetting 1
[  217.956973][T10141] XFS (loop4): Mounting V5 filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 in no-recovery mode. Filesystem will be inconsistent.
[  218.047997][ T9771] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  218.123759][ T2212] cdc_mbim 6-1:1.0: bind() failure
[  218.171599][ T2212] usb 6-1: USB disconnect, device number 2
[  218.497737][T10168] loop4: detected capacity change from 0 to 256
[  218.516204][T10168] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  218.520159][T10168] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  218.539443][T10168] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[  218.551001][T10168] exFAT-fs (loop4): failed to load alloc-bitmap
[  218.553464][T10168] exFAT-fs (loop4): failed to recognize exfat type
[  219.842748][T10182] loop5: detected capacity change from 0 to 32768
[  219.870570][T10182] XFS (loop5): sunit and swidth options incompatible with the noalign option
[  220.211653][ T2212] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  220.408716][ T2212] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  220.424804][ T2212] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  220.432944][ T2212] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  220.445416][ T2212] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  220.448525][ T2212] usb 5-1: SerialNumber: syz
[  220.725975][ T2212] usb 5-1: 0:2 : does not exist
[  220.795292][ T2212] usb 5-1: USB disconnect, device number 2
[  220.936785][ T5816] udevd[5816]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  222.485972][  T974] usb 6-1: new full-speed USB device number 3 using dummy_hcd
[  222.614607][T10249] loop4: detected capacity change from 0 to 64
[  222.639484][  T974] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  222.658948][  T974] usb 6-1: config 0 has no interfaces?
[  222.662057][  T974] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  222.667725][  T974] usb 6-1: config 0 has no interfaces?
[  222.670924][  T974] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  222.674532][  T974] usb 6-1: config 0 has no interfaces?
[  222.678856][  T974] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  222.681893][  T974] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  222.686554][  T974] usb 6-1: config 0 descriptor??
[  222.893597][  T974] usb 6-1: USB disconnect, device number 3
[  223.090187][ T2212] IPVS: starting estimator thread 0...
[  223.092490][T10267] IPVS: fo: FWM 3 0x00000003 - no destination available
[  223.104841][    C0] IPVS: fo: FWM 3 0x00000003 - no destination available
[  223.174841][T10268] IPVS: using max 64 ests per chain, 153600 per kthread
[  223.275063][T10278] loop4: detected capacity change from 0 to 1024
[  223.280495][T10278] hfsplus: unable to find HFS+ superblock
[  223.354373][T10282] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1817'.
[  223.614029][T10295] overlayfs: statfs failed on './file0'
[  223.764818][ T5865] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  223.945149][ T5865] usb 6-1: Using ep0 maxpacket: 8
[  223.956731][ T5865] usb 6-1: config 0 has no interfaces?
[  223.961244][ T5865] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  223.964505][ T5865] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  223.969743][ T5865] usb 6-1: Product: syz
[  223.971321][ T5865] usb 6-1: Manufacturer: syz
[  223.972927][ T5865] usb 6-1: SerialNumber: syz
[  223.999295][ T5865] usb 6-1: config 0 descriptor??
[  224.220170][T10310] loop4: detected capacity change from 0 to 32768
[  224.279563][T10310]  loop4: p1 p3 < >
[  224.320131][ T5865] usb 6-1: USB disconnect, device number 4
[  224.329622][ T5262]  loop4: p1 p3 < >
[  224.428411][T10315] netlink: 'syz.1.1830': attribute type 83 has an invalid length.
[  224.478143][T10317] netlink: 'syz.4.1831': attribute type 10 has an invalid length.
[  224.481123][T10317] netlink: 55 bytes leftover after parsing attributes in process `syz.4.1831'.
[  224.593780][ T5819] udevd[5819]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  224.597257][ T5816] udevd[5816]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  224.622528][ T5819] udevd[5819]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  224.626468][ T5816] udevd[5816]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  224.945682][T10328] netlink: 'syz.4.1835': attribute type 9 has an invalid length.
[  224.975280][T10328] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.1835'.
[  225.310643][T10345] netlink: 'syz.1.1842': attribute type 2 has an invalid length.
[  225.380998][T10350] loop5: detected capacity change from 0 to 2048
[  225.409637][T10350] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  225.495127][T10354] syzkaller1: entered promiscuous mode
[  225.510654][T10354] syzkaller1: entered allmulticast mode
[  225.794229][T10380] loop5: detected capacity change from 0 to 256
[  225.923266][T10391] loop5: detected capacity change from 0 to 512
[  225.963229][T10391] EXT4-fs (loop5): Test dummy encryption mode enabled
[  225.990001][T10391] EXT4-fs error (device loop5): __ext4_iget:5443: inode #11: block 1: comm syz.5.1856: invalid block
[  225.998195][T10391] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.1856: couldn't read orphan inode 11 (err -117)
[  226.007225][T10391] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  226.058357][ T9879] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.335910][T10418] loop4: detected capacity change from 0 to 16
[  226.647279][T10438] loop4: detected capacity change from 0 to 8
[  227.043928][T10448] overlayfs: failed to clone upperpath
[  227.487915][T10465] loop5: detected capacity change from 0 to 64
[  228.576355][ T5866] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[  228.739504][ T5866] usb 6-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30
[  228.747173][ T5866] usb 6-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 255
[  228.770907][ T5866] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  228.775120][ T5866] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  228.795615][ T5866] usb 6-1: SerialNumber: syz
[  229.033682][ T5866] cdc_acm 6-1:1.0: ttyACM0: USB ACM device
[  229.038200][T10483] loop4: detected capacity change from 0 to 131072
[  229.048255][T10483] F2FS-fs (loop4): invalid crc value
[  229.068096][ T5866] usb 6-1: USB disconnect, device number 5
[  229.139773][T10483] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  229.147007][T10483] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  229.429559][T10483] F2FS-fs (loop4): project quota file already specified
[  229.700071][T10499] bridge0: port 2(bridge_slave_1) entered disabled state
[  230.141370][T10515] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1890'.
[  230.205099][ T5866] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  230.355050][ T5866] usb 6-1: Using ep0 maxpacket: 32
[  230.363388][ T5866] usb 6-1: unable to get BOS descriptor or descriptor too short
[  230.376937][ T5866] usb 6-1: config 120 has an invalid interface number: 86 but max is 0
[  230.385778][ T5866] usb 6-1: config 120 has an invalid descriptor of length 0, skipping remainder of the config
[  230.389592][ T5866] usb 6-1: config 120 has no interface number 0
[  230.397810][ T5866] usb 6-1: New USB device found, idVendor=12d1, idProduct=9c20, bcdDevice=e5.af
[  230.401172][ T5866] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.414944][ T5866] usb 6-1: Product: syz
[  230.416589][ T5866] usb 6-1: Manufacturer: syz
[  230.418465][ T5866] usb 6-1: SerialNumber: syz
[  230.715866][ T5866] huawei_cdc_ncm 6-1:120.86: CDC Union missing and no IAD found
[  230.723445][ T5866] huawei_cdc_ncm 6-1:120.86: bind() failure
[  230.737043][ T5866] usb 6-1: USB disconnect, device number 6
[  232.046162][T10553] loop5: detected capacity change from 0 to 16
[  232.073674][T10553] erofs (device loop5): mounted with root inode @ nid 36.
[  232.237199][T10554] erofs (device loop5): readahead error at folio 87 @ nid 36
[  232.252828][T10554] erofs (device loop5): readahead error at folio 86 @ nid 36
[  232.295816][T10554] syz.5.1912: attempt to access beyond end of device
[  232.295816][T10554] loop5: rw=524288, sector=8, nr_sectors = 24 limit=16
[  232.332573][T10554] syz.5.1912: attempt to access beyond end of device
[  232.332573][T10554] loop5: rw=524288, sector=14425508768, nr_sectors = 8 limit=16
[  233.337984][T10567] ip6t_srh: unknown srh match flags  4000
[  233.597971][T10583] team_slave_0: entered promiscuous mode
[  233.600821][T10583] team_slave_1: entered promiscuous mode
[  233.604162][T10583] 8021q: adding VLAN 0 to HW filter on device macvlan0
[  233.609104][T10583] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[  233.734162][T10592] kAFS: No cell specified
[  233.752342][T10593] SET target dimension over the limit!
[  233.874109][T10603] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1936'.
[  234.061130][T10595] loop4: detected capacity change from 0 to 32768
[  234.084822][ T5865] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  234.090002][T10595] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  234.154496][ T9771] ocfs2: Unmounting device (7,4) on (node local)
[  234.185962][T10611] vlan0: entered promiscuous mode
[  234.237368][ T5865] usb 6-1: config 220 has an invalid interface number: 76 but max is 2
[  234.240080][ T5865] usb 6-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  234.242894][ T5865] usb 6-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  234.264992][ T5865] usb 6-1: config 220 has no interface number 2
[  234.267286][ T5865] usb 6-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  234.271951][ T5865] usb 6-1: config 220 interface 0 has no altsetting 0
[  234.281779][ T5865] usb 6-1: config 220 interface 76 has no altsetting 0
[  234.284486][ T5865] usb 6-1: config 220 interface 1 has no altsetting 0
[  234.297386][ T5865] usb 6-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  234.300221][ T5865] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  234.302633][ T5865] usb 6-1: Product: syz
[  234.303933][ T5865] usb 6-1: Manufacturer: syz
[  234.305922][ T5865] usb 6-1: SerialNumber: syz
[  234.524330][ T5865] uvcvideo 6-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  234.526697][ T5865] uvcvideo 6-1:220.0: No valid video chain found.
[  234.528646][ T5865] usb 6-1: selecting invalid altsetting 0
[  234.551741][ T5865] usb 6-1: selecting invalid altsetting 0
[  234.553814][ T5865] usbtest 6-1:220.1: probe with driver usbtest failed with error -22
[  234.565336][ T5865] usb 6-1: USB disconnect, device number 7
[  234.926018][T10631] trusted_key: syz.1.1949 sent an empty control message without MSG_MORE.
[  235.242387][T10641] loop5: detected capacity change from 0 to 1024
[  235.270572][T10641] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  235.274601][T10641] ext4 filesystem being mounted at /51/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  235.322719][T10641] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.1953: bg 0: block 112: padding at end of block bitmap is not set
[  235.525001][ T9879] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  235.824969][    T9] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  235.984881][    T9] usb 6-1: Using ep0 maxpacket: 16
[  235.997311][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  236.000553][    T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  236.003838][    T9] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  236.021784][    T9] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  236.026412][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  236.046069][    T9] usb 6-1: config 0 descriptor??
[  236.346326][T10617] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  236.385602][T10671] overlayfs: missing 'lowerdir'
[  236.451542][T10673] sctp: [Deprecated]: syz.1.1968 (pid 10673) Use of int in max_burst socket option.
[  236.451542][T10673] Use struct sctp_assoc_value instead
[  236.484315][    T9] input: HID 045e:07da as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:045E:07DA.000C/input/input13
[  236.518349][    T9] microsoft 0003:045E:07DA.000C: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0
[  236.691189][ T5900] usb 6-1: USB disconnect, device number 8
[  237.019973][T10687] Cannot find del_set index 4 as target
[  237.604904][ T2282] usb 5-1: new full-speed USB device number 3 using dummy_hcd
[  237.671578][T10697] loop5: detected capacity change from 0 to 256
[  237.685585][T10697] exfat: Deprecated parameter 'utf8'
[  237.701153][T10697] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011ded, chksum : 0x9858084d, utbl_chksum : 0xe619d30d)
[  237.764207][ T2282] usb 5-1: unable to get BOS descriptor or descriptor too short
[  237.774113][ T2282] usb 5-1: not running at top speed; connect to a high speed hub
[  237.794365][ T2282] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  237.813708][ T2282] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 147, changing to 4
[  237.818924][ T2282] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  237.828676][ T2282] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  237.832001][ T2282] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  237.842433][ T2282] usb 5-1: Product: syz
[  237.843922][ T2282] usb 5-1: Manufacturer: syz
[  237.850677][ T2282] usb 5-1: SerialNumber: syz
[  238.240528][ T2282] usb-storage 5-1:1.2: USB Mass Storage device detected
[  238.394582][T10714] loop5: detected capacity change from 0 to 1024
[  238.444267][T10714] hfsplus: write access to a journaled filesystem is not supported, use the force option at your own risk, mounting read-only.
[  238.645083][ T2282] usb 5-1: USB disconnect, device number 3
[  238.698846][ T5816] udevd[5816]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  238.859056][T10722] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1989'.
[  238.949351][T10725] loop5: detected capacity change from 0 to 8
[  238.968921][T10725] Filesystem uses "unknown" compression. This is not supported
[  239.047034][T10730] evm: overlay not supported
[  239.223120][T10742] loop4: detected capacity change from 0 to 1764
[  239.301968][T10746] loop5: detected capacity change from 0 to 1024
[  239.309738][T10746] EXT4-fs: Ignoring removed oldalloc option
[  239.311521][T10746] EXT4-fs: Ignoring removed orlov option
[  239.332538][T10746] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  239.365200][T10746] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  239.402681][T10746] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4193: comm syz.5.2002: Allocating blocks 449-513 which overlap fs metadata
[  239.406340][   T34] audit: type=1800 audit(1764306158.623:6985): pid=10746 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2002" name="file1" dev="loop5" ino=15 res=0 errno=0
[  239.417140][T10746] EXT4-fs (loop5): pa ffff88816aed19f8: logic 256, phys. 385, len 8
[  239.420398][T10746] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 4
[  239.478671][ T9879] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.693710][T10761] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2007'.
[  239.917922][T10765] loop5: detected capacity change from 0 to 512
[  239.927306][T10765] EXT4-fs: EXT4-fs: inode_readahead_blks must be 0 or a power of 2 smaller than 2^31
[  240.871477][T10779] loop4: detected capacity change from 0 to 2048
[  240.921096][T10779] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  241.031254][ T9771] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  242.469758][T10810] loop4: detected capacity change from 0 to 32768
[  242.475239][T10810] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.2025 (10810)
[  242.480397][T10810] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  242.483372][T10810] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  242.486128][T10810] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  242.575722][T10810] BTRFS info (device loop4): rebuilding free space tree
[  242.596295][T10810] BTRFS info (device loop4): disabling free space tree
[  242.598338][T10810] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  242.601202][T10810] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  242.607267][T10810] BTRFS info (device loop4): enabling ssd optimizations
[  242.609602][T10810] BTRFS info (device loop4): enabling disk space caching
[  242.611687][T10810] BTRFS info (device loop4): force clearing of disk cache
[  242.613721][T10810] BTRFS info (device loop4): enabling auto defrag
[  242.615636][T10810] BTRFS info (device loop4): max_inline set to 0
[  242.650364][T10810] BTRFS info (device loop4): scrub: started on devid 1
[  242.662646][T10810] BTRFS info (device loop4): scrub: finished on devid 1 with status: 0
[  242.766095][ T9771] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  243.915741][   T34] audit: type=1326 audit(1764306163.143:6986): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10864 comm="syz.4.2040" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc7fff8f749 code=0x0
[  244.117295][T10866] loop5: detected capacity change from 0 to 32768
[  244.133529][T10866] ocfs2: Slot 0 on device (7,5) was already allocated to this node!
[  244.140985][T10866] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  244.177528][ T9879] ocfs2: Unmounting device (7,5) on (node local)
[  244.407891][T10878] loop5: detected capacity change from 0 to 512
[  244.419527][T10878] EXT4-fs error (device loop5): ext4_xattr_inode_iget:446: comm syz.5.2046: error while reading EA inode 32 err=-116
[  244.436875][T10878] EXT4-fs (loop5): Remounting filesystem read-only
[  244.445831][T10878] EXT4-fs warning (device loop5): ext4_evict_inode:257: couldn't mark inode dirty (err -30)
[  244.452121][T10878] EXT4-fs (loop5): 1 orphan inode deleted
[  244.455780][T10878] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  244.466356][T10878] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.570699][    C0] IPv4: Oversized IP packet from 172.20.20.24
[  244.630284][T10892] usb usb8: usbfs: process 10892 (syz.5.2052) did not claim interface 0 before use
[  244.731129][T10899] loop5: detected capacity change from 0 to 2048
[  244.756699][T10899] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  244.771282][T10899] ext4 filesystem being mounted at /84/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  244.856261][ T9879] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  245.270962][T10916] loop5: detected capacity change from 0 to 512
[  245.274138][T10916] EXT4-fs: Ignoring removed nomblk_io_submit option
[  245.279586][T10916] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  245.285687][T10916] EXT4-fs (loop5): 1 truncate cleaned up
[  245.291480][T10916] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  245.357907][ T9879] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  245.398766][T10919] loop5: detected capacity change from 0 to 2048
[  245.404083][T10919] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  245.866152][ T5866] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  246.036905][ T5866] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  246.040926][ T5866] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  246.054810][ T5866] usb 6-1: New USB device found, idVendor=18b1, idProduct=0037, bcdDevice= 0.00
[  246.058079][ T5866] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  246.063280][ T5866] usb 6-1: config 0 descriptor??
[  246.471849][T10927] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  246.474936][T10927] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  246.487657][ T5866] petalynx 0003:18B1:0037.000D: item fetching failed at offset 4/5
[  246.493823][ T5866] petalynx 0003:18B1:0037.000D: parse failed
[  246.497637][ T5866] petalynx 0003:18B1:0037.000D: probe with driver petalynx failed with error -22
[  246.681287][ T5866] usb 6-1: USB disconnect, device number 9
[  247.229558][   T34] audit: type=1326 audit(1764306166.453:6987): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10940 comm="syz.5.2074" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f0e6398f749 code=0x0
[  247.586630][T10952] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2078'.
[  247.796296][T10964] x_tables: ip_tables: icmp match: only valid for protocol 1
[  248.384881][ T2282] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  248.418735][T10996] comedi comedi3: 8255: I/O port conflict (0x7,4)
[  248.435018][T10996] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffc,4)
[  248.437947][T10996] comedi comedi3: 8255: I/O port conflict (0xfffffffffffffffe,4)
[  248.440761][T10996] comedi comedi3: 8255: I/O port conflict (0xffff,4)
[  248.443052][T10996] comedi comedi3: 8255: I/O port conflict (0x40cc7,4)
[  248.464903][T10996] comedi comedi3: 8255: I/O port conflict (0x8,4)
[  248.467422][T10996] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  248.470118][T10996] comedi comedi3: 8255: I/O port conflict (0xa,4)
[  248.472341][T10996] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  248.474609][T10996] comedi comedi3: 8255: I/O port conflict (0x2,4)
[  248.495602][T10996] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  248.498088][T10996] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  248.500586][T10996] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  248.503089][T10996] comedi comedi3: 8255: I/O port conflict (0x9,4)
[  248.524782][T10996] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  248.526668][T10996] comedi comedi3: 8255: I/O port conflict (0x1a449,4)
[  248.528640][T10996] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  248.530609][T10996] comedi comedi3: 8255: I/O port conflict (0x40000003,4)
[  248.533068][T10996] comedi comedi3: 8255: I/O port conflict (0x89,4)
[  248.539944][ T2282] usb 6-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.17
[  248.546940][ T2282] usb 6-1: New USB device strings: Mfr=129, Product=2, SerialNumber=3
[  248.553530][ T2282] usb 6-1: Product: syz
[  248.554817][T10996] comedi comedi3: 8255: I/O port conflict (0xffffffffffffffff,4)
[  248.558061][T10996] comedi comedi3: 8255: I/O port conflict (0xb,4)
[  248.559279][ T2282] usb 6-1: Manufacturer: syz
[  248.560355][T10996] comedi comedi3: 8255: I/O port conflict (0x8,4)
[  248.563951][T10996] comedi comedi3: 8255: I/O port conflict (0x10003,4)
[  248.564293][ T2282] usb 6-1: SerialNumber: syz
[  248.581090][ T2282] usb 6-1: config 0 descriptor??
[  248.592577][ T2282] ch341 6-1:0.0: ch341-uart converter detected
[  248.962279][T11004] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2103'.
[  248.984455][T11004] netlink: 'syz.1.2103': attribute type 30 has an invalid length.
[  249.032290][ T8937] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  249.036821][ T8937] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  249.039431][ T8937] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  249.042056][ T8937] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  249.050364][T11000] loop4: detected capacity change from 0 to 40427
[  249.073967][T11000] F2FS-fs (loop4): invalid crc value
[  249.126648][T11000] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  249.130759][T11000] F2FS-fs (loop4): Start checkpoint disabled!
[  249.134216][T11000] F2FS-fs (loop4): f2fs_disable_checkpoint() finish, err:0
[  249.140397][T11000] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  249.203833][  T151] kworker/u9:4: attempt to access beyond end of device
[  249.203833][  T151] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  249.208389][  T151] CPU: 0 UID: 0 PID: 151 Comm: kworker/u9:4 Not tainted syzkaller #0 PREEMPT(full) 
[  249.208400][  T151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  249.208405][  T151] Workqueue: writeback wb_workfn (flush-7:4)
[  249.208438][  T151] Call Trace:
[  249.208442][  T151]  <TASK>
[  249.208446][  T151]  dump_stack_lvl+0x189/0x250
[  249.208462][  T151]  ? __pfx_dump_stack_lvl+0x10/0x10
[  249.208473][  T151]  ? __pfx_queue_work_on+0x10/0x10
[  249.208483][  T151]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  249.208495][  T151]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  249.208512][  T151]  f2fs_handle_critical_error+0x37c/0x540
[  249.208529][  T151]  f2fs_write_end_io+0x886/0xb60
[  249.208547][  T151]  __submit_merged_bio+0x27a/0x6a0
[  249.208563][  T151]  __submit_merged_write_cond+0x255/0x530
[  249.208578][  T151]  f2fs_write_data_pages+0x261d/0x3000
[  249.208603][  T151]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  249.208618][  T151]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  249.208645][  T151]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  249.208664][  T151]  ? trace_f2fs_writepages+0x7f/0x200
[  249.208677][  T151]  ? f2fs_write_node_pages+0x478/0x6e0
[  249.208691][  T151]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  249.208705][  T151]  ? __lock_acquire+0xab9/0xd20
[  249.208716][  T151]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  249.208724][  T151]  do_writepages+0x32e/0x550
[  249.208737][  T151]  ? reacquire_held_locks+0x127/0x1d0
[  249.208745][  T151]  ? writeback_sb_inodes+0x384/0x1010
[  249.208761][  T151]  __writeback_single_inode+0x145/0xff0
[  249.208772][  T151]  ? do_raw_spin_unlock+0x4d/0x240
[  249.208785][  T151]  writeback_sb_inodes+0x6c7/0x1010
[  249.208809][  T151]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  249.208842][  T151]  ? rcu_is_watching+0x15/0xb0
[  249.208855][  T151]  wb_writeback+0x43b/0xaf0
[  249.208870][  T151]  ? queue_io+0x3b1/0x590
[  249.208883][  T151]  ? __pfx_wb_writeback+0x10/0x10
[  249.208898][  T151]  ? _raw_spin_unlock_irq+0x23/0x50
[  249.208911][  T151]  wb_workfn+0x409/0xef0
[  249.208928][  T151]  ? __pfx_wb_workfn+0x10/0x10
[  249.208940][  T151]  ? __lock_acquire+0xab9/0xd20
[  249.208953][  T151]  ? process_scheduled_works+0x9ef/0x17b0
[  249.208965][  T151]  ? _raw_spin_unlock_irq+0x23/0x50
[  249.208974][  T151]  ? process_scheduled_works+0x9ef/0x17b0
[  249.208981][  T151]  ? process_scheduled_works+0x9ef/0x17b0
[  249.208990][  T151]  process_scheduled_works+0xae1/0x17b0
[  249.209013][  T151]  ? __pfx_process_scheduled_works+0x10/0x10
[  249.209030][  T151]  worker_thread+0x8a0/0xda0
[  249.209052][  T151]  kthread+0x711/0x8a0
[  249.209065][  T151]  ? __pfx_worker_thread+0x10/0x10
[  249.209073][  T151]  ? __pfx_kthread+0x10/0x10
[  249.209084][  T151]  ? _raw_spin_unlock_irq+0x23/0x50
[  249.209094][  T151]  ? lockdep_hardirqs_on+0x9c/0x150
[  249.209129][  T151]  ? __pfx_kthread+0x10/0x10
[  249.209140][  T151]  ret_from_fork+0x4bc/0x870
[  249.209152][  T151]  ? __pfx_ret_from_fork+0x10/0x10
[  249.209163][  T151]  ? __switch_to_asm+0x39/0x70
[  249.209169][  T151]  ? __switch_to_asm+0x33/0x70
[  249.209174][  T151]  ? __pfx_kthread+0x10/0x10
[  249.209185][  T151]  ret_from_fork_asm+0x1a/0x30
[  249.209201][  T151]  </TASK>
[  249.210723][  T151] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  249.603793][ T2282] usb 6-1: failed to send control message: -71
[  249.606926][ T2282] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[  249.610908][ T2282] usb 6-1: USB disconnect, device number 10
[  249.613618][ T2282] ch341 6-1:0.0: device disconnected
[  249.823122][T11022] trusted_key: encrypted_key: hex blob is missing
[  250.801221][T11034] loop4: detected capacity change from 0 to 40427
[  250.818177][T11034] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  250.827302][T11034] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  250.849819][T11034] F2FS-fs (loop4): invalid crc value
[  250.904448][T11034] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  250.908768][T11034] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  250.911254][T11034] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  251.253803][T11067] loop5: detected capacity change from 0 to 512
[  251.270663][T11067] EXT4-fs (loop5): orphan cleanup on readonly fs
[  251.272854][T11067] Quota error (device loop5): v2_read_file_info: Block with free entry 2 out of range (1, 0).
[  251.279074][T11067] EXT4-fs warning (device loop5): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  251.283509][T11067] EXT4-fs (loop5): Cannot turn on quotas: error -117
[  251.286740][T11067] EXT4-fs error (device loop5): ext4_ext_check_inode:523: inode #13: comm syz.5.2127: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  251.292910][T11067] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.2127: couldn't read orphan inode 13 (err -117)
[  251.298451][T11067] EXT4-fs (loop5): mounted filesystem 00000000-0000-0b00-0000-000000000000 ro without journal. Quota mode: writeback.
[  251.315797][ T9879] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0b00-0000-000000000000.
[  251.368737][T11072] loop4: detected capacity change from 0 to 128
[  252.044254][T11089] loop4: detected capacity change from 0 to 4096
[  252.056571][T11089] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  252.131251][T11089] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  252.136294][T11089] ntfs3(loop4): Failed to load $Extend (-22).
[  252.138380][T11089] ntfs3(loop4): Failed to initialize $Extend.
[  253.414878][ T5865] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  253.487845][T11101] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2140'.
[  253.500902][T11101] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2140'.
[  253.574816][ T5865] usb 6-1: Using ep0 maxpacket: 16
[  253.587585][ T5865] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  253.591567][ T5865] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  253.613132][ T5865] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  253.616756][ T5865] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  253.619632][ T5865] usb 6-1: Product: syz
[  253.621208][ T5865] usb 6-1: Manufacturer: syz
[  253.622943][ T5865] usb 6-1: SerialNumber: syz
[  253.630994][T11105] loop4: detected capacity change from 0 to 256
[  253.634299][T11105] exfat: Deprecated parameter 'utf8'
[  253.674510][T11105] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d)
[  253.877639][ T5865] usb 6-1: 0:2 : does not exist
[  253.884109][ T5865] usb 6-1: 5:0: failed to get current value for ch 0 (-22)
[  253.920632][ T5865] usb 6-1: USB disconnect, device number 11
[  253.928321][T11109] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  253.984400][ T5816] udevd[5816]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  254.761810][T11133] loop5: detected capacity change from 0 to 256
[  254.766511][T11133] exfat: Deprecated parameter 'namecase'
[  254.785126][T11133] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  254.922607][T11138] netlink: 24 bytes leftover after parsing attributes in process `syz.4.2157'.
[  254.930183][T11135] bond1 (unregistering): Released all slaves
[  255.106879][T11142] loop4: detected capacity change from 0 to 1024
[  255.216456][T11147] hfsplus: inconsistency in B*Tree (9,1,255,1,0)
[  255.248497][T11147] hfsplus: xattr searching failed
[  255.272761][T11147] overlay: filesystem on ./bus not supported
[  255.475197][T11161] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2165'.
[  255.514248][T11142] overlay: filesystem on ./bus not supported
[  255.753329][T11164] batman_adv: batadv0: adding TT local entry 06:e1:05:00:07:00 to non-existent VLAN 1280
[  255.993616][T11142] hfsplus: inconsistency in B*Tree (9,1,255,1,0)
[  255.999508][T11142] hfsplus: xattr searching failed
[  256.107925][ T1362] ieee802154 phy0 wpan0: encryption failed: -22
[  256.109916][ T1362] ieee802154 phy1 wpan1: encryption failed: -22
[  256.561911][   T52] hfsplus: b-tree write err: -5, ino 4
[  256.678818][T11200] loop4: detected capacity change from 0 to 128
[  256.699564][T11200] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  256.708192][T11200] ext4 filesystem being mounted at /141/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  256.744028][ T9771] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  257.044543][T11205] loop4: detected capacity change from 0 to 32768
[  257.077656][T11205] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  257.089309][T11205] XFS (loop4): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  257.098133][T11205] XFS (loop4): Starting recovery (logdev: internal)
[  257.110411][T11205] XFS (loop4): Ending recovery (logdev: internal)
[  257.163824][ T9771] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  257.646310][T11222] loop4: detected capacity change from 0 to 32768
[  257.668743][T11222] (syz.4.2189,11222,0):ocfs2_find_slot:468 ERROR: no free slots available!
[  257.671250][T11222] (syz.4.2189,11222,0):ocfs2_mount_volume:1751 ERROR: status = -22
[  257.679289][T11222] (syz.4.2189,11222,0):ocfs2_fill_super:1177 ERROR: status = -22
[  257.778384][T11233] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  257.816156][T11222] NILFS (loop4): device size too small
[  257.893849][T11239] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.907438][T11237] loop4: detected capacity change from 0 to 2048
[  257.976918][T11243] overlayfs: failed to clone upperpath
[  258.104915][ T5202] Bluetooth: hci4: command 0x1003 tx timeout
[  258.107474][   T56] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  258.334986][ T5865] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[  258.661096][T11267] IPv6: Can't replace route, no match found
[  258.716243][ T5865] usb 5-1: config 0 has an invalid interface number: 49 but max is 0
[  258.718920][ T5865] usb 5-1: config 0 has no interface number 0
[  258.720991][ T5865] usb 5-1: config 0 interface 49 has no altsetting 0
[  258.723279][ T5865] usb 5-1: New USB device found, idVendor=0ccd, idProduct=10b2, bcdDevice=c7.1b
[  258.727105][ T5865] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  258.735593][ T5865] usb 5-1: config 0 descriptor??
[  259.188747][ T5865] usb 5-1: string descriptor 0 read error: -71
[  259.196872][T11272] netlink: 204 bytes leftover after parsing attributes in process `syz.5.2210'.
[  259.222304][T11274] loop5: detected capacity change from 0 to 64
[  259.225935][ T5865] usb 5-1: USB disconnect, device number 4
[  261.131139][T11313] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2229'.
[  261.133955][T11313] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2229'.
[  261.413490][T11312] loop4: detected capacity change from 0 to 32768
[  261.488050][ T5280] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  261.655456][ T5280] usb 6-1: Using ep0 maxpacket: 32
[  261.659538][ T5280] usb 6-1: config 0 has an invalid interface number: 196 but max is 0
[  261.662552][ T5280] usb 6-1: config 0 has no interface number 0
[  261.668395][ T5280] usb 6-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 528
[  261.672244][ T5280] usb 6-1: config 0 interface 196 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  261.676756][ T5280] usb 6-1: config 0 interface 196 has no altsetting 0
[  261.683556][ T5280] usb 6-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  261.688914][ T5280] usb 6-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  261.693562][ T5280] usb 6-1: Product: syz
[  261.695847][ T5280] usb 6-1: Manufacturer: syz
[  261.705001][ T5280] usb 6-1: SerialNumber: syz
[  261.710214][ T5280] usb 6-1: config 0 descriptor??
[  261.713081][T11317] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  261.897314][T11340] netlink: 40 bytes leftover after parsing attributes in process `syz.1.2241'.
[  261.936946][ T5280] ipheth 6-1:0.196: Unable to find endpoints
[  261.948721][ T5280] usb 6-1: USB disconnect, device number 12
[  261.983307][T11344] netlink: 44 bytes leftover after parsing attributes in process `syz.1.2243'.
[  262.166967][T11348] loop4: detected capacity change from 0 to 512
[  262.186362][T11348] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  262.198599][T11348] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  262.208025][T11348] EXT4-fs (loop4): 1 truncate cleaned up
[  262.210588][T11348] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  262.217538][T11348] EXT4-fs error (device loop4): ext4_inlinedir_to_tree:1314: inode #12: block 7: comm syz.4.2235: path /155/bus/file0: bad entry in directory: rec_len is smaller than minimal - offset=20, inode=2147483648, rec_len=0, size=60 fake=0
[  262.238934][ T9771] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.337628][T11353] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.2246'.
[  262.417584][   T34] audit: type=1804 audit(1764306181.633:6988): pid=11355 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.2247" name="bus" dev="ramfs" ino=24200 res=1 errno=0
[  262.444889][   T34] audit: type=1804 audit(1764306181.633:6989): pid=11355 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.2247" name="bus" dev="ramfs" ino=24200 res=1 errno=0
[  262.564159][T11355] IPVS: set_ctl: invalid protocol: 41 0.0.0.0:20002
[  262.854920][ T5865] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  263.027842][ T5865] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  263.031084][ T5865] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  263.033865][ T5865] usb 6-1: New USB device found, idVendor=1e7d, idProduct=2dbe, bcdDevice= 0.00
[  263.038889][ T5865] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  263.054296][ T5865] usb 6-1: config 0 descriptor??
[  263.312302][T11367] loop4: detected capacity change from 0 to 65
[  263.338596][T11367] BFS-fs: bfs_fill_super(): NOTE: filesystem loop4 was created with 512 inodes, the real maximum is 511, mounting anyway
[  263.480342][ T5865] konepure 0003:1E7D:2DBE.000E: unknown main item tag 0x2
[  263.492620][ T5865] konepure 0003:1E7D:2DBE.000E: hidraw0: USB HID v0.00 Device [HID 1e7d:2dbe] on usb-dummy_hcd.5-1/input0
[  263.689547][ T5865] usb 6-1: USB disconnect, device number 13
[  263.721489][T11371] loop4: detected capacity change from 0 to 65536
[  263.724382][T11371] XFS (loop4): invalid logbufsize: 69 [not 16k,32k,64k,128k or 256k]
[  263.957740][T11379] loop4: detected capacity change from 0 to 2048
[  263.988076][T11379] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  264.296372][T11383] overlayfs: failed to clone upperpath
[  264.409291][T11402] openvswitch: netlink: Message has 4 unknown bytes.
[  264.519688][T11408] netlink: 1 bytes leftover after parsing attributes in process `syz.4.2272'.
[  264.763649][T11420] : entered promiscuous mode
[  264.922333][T11433] netlink: 44 bytes leftover after parsing attributes in process `syz.5.2284'.
[  265.214787][ T5865] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  265.376871][ T5865] usb 6-1: New USB device found, idVendor=090a, idProduct=1200, bcdDevice=24.87
[  265.380570][ T5865] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  265.386559][ T5865] usb 6-1: config 0 descriptor??
[  265.393554][ T5865] usb-storage 6-1:0.0: USB Mass Storage device detected
[  265.426268][ T5865] usb-storage 6-1:0.0: This device (090a,1200,2487 S 01 P 00) has an unneeded SubClass entry in unusual_devs.h (kernel syzkaller)
[  265.426268][ T5865]    Please send a copy of this message to <linux-usb@vger.kernel.org> and <usb-storage@lists.one-eyed-alien.net>
[  265.598125][ T5280] usb 6-1: USB disconnect, device number 14
[  266.103964][T11469] netlink: 964 bytes leftover after parsing attributes in process `syz.1.2300'.
[  266.441907][T11480] IPv4: Oversized IP packet from 127.202.26.0
[  266.525996][T11482] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2306'.
[  268.832242][T11511] loop4: detected capacity change from 0 to 256
[  268.838136][T11511] exfat: Deprecated parameter 'utf8'
[  268.986775][T11518] loop4: detected capacity change from 0 to 1024
[  268.994958][ T5865] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  268.996246][T11518] EXT4-fs: Ignoring removed nomblk_io_submit option
[  269.008095][T11518] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  269.164860][ T5865] usb 6-1: Using ep0 maxpacket: 8
[  269.171793][ T5865] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  269.175055][ T5865] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  269.187217][ T5865] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  269.190148][ T5865] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  269.202247][ T9771] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.205904][ T5865] usb 6-1: Product: syz
[  269.207477][ T5865] usb 6-1: Manufacturer: syz
[  269.209206][ T5865] usb 6-1: SerialNumber: syz
[  269.215619][ T5865] cdc_ether 6-1:1.0: invalid descriptor buffer length
[  269.218157][ T5865] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -22
[  269.424551][ T5865] usb 6-1: USB disconnect, device number 15
[  270.299731][T11534] loop5: detected capacity change from 0 to 64
[  270.554911][ T5900] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  270.596815][T11544] netlink: 20 bytes leftover after parsing attributes in process `syz.1.2334'.
[  270.704930][ T5900] usb 5-1: Using ep0 maxpacket: 8
[  270.708309][ T5900] usb 5-1: config 0 has an invalid interface number: 130 but max is 0
[  270.711159][ T5900] usb 5-1: config 0 has no interface number 0
[  270.719232][ T5900] usb 5-1: New USB device found, idVendor=2013, idProduct=0246, bcdDevice=e6.56
[  270.722126][ T5900] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  270.735014][ T5900] usb 5-1: Product: syz
[  270.736652][ T5900] usb 5-1: Manufacturer: syz
[  270.738200][ T5900] usb 5-1: SerialNumber: syz
[  270.742865][ T5900] usb 5-1: config 0 descriptor??
[  270.766502][ T5900] as10x_usb: device has been detected
[  270.768582][ T5900] dvbdev: DVB: registering new adapter (PCTV Systems picoStick (74e))
[  270.801965][ T5900] usb 5-1: DVB: registering adapter 1 frontend 0 (PCTV Systems picoStick (74e))...
[  270.837590][ T5900] as10x_usb: error during firmware upload part1
[  270.839879][ T5900] Registered device PCTV Systems picoStick (74e)
[  270.982475][ T5900] usb 5-1: USB disconnect, device number 5
[  271.021072][ T5900] Unregistered device PCTV Systems picoStick (74e)
[  271.035487][ T5900] as10x_usb: device has been disconnected
[  271.036224][T11555] netlink: 'syz.1.2338': attribute type 25 has an invalid length.
[  271.043403][T11555] netlink: 'syz.1.2338': attribute type 7 has an invalid length.
[  271.394404][T11570] tmpfs: Bad value for 'mpol'
[  271.480485][T11575] loop5: detected capacity change from 0 to 1024
[  271.557270][T11575] EXT4-fs: Ignoring removed oldalloc option
[  271.559433][T11575] EXT4-fs: Ignoring removed bh option
[  271.600874][T11575] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  271.680300][ T9879] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  271.917846][T11600] loop4: detected capacity change from 0 to 64
[  271.951446][   T34] audit: type=1800 audit(1764306191.173:6990): pid=11600 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2359" name="file2" dev="loop4" ino=6 res=0 errno=0
[  272.058038][T11594] loop5: detected capacity change from 0 to 32768
[  272.067328][T11594] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2357 (11594)
[  272.083946][T11594] BTRFS info (device loop5): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  272.089284][T11594] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  272.249332][T11594] BTRFS info (device loop5): enabling ssd optimizations
[  272.252148][T11594] BTRFS info (device loop5): turning on async discard
[  272.254639][T11594] BTRFS info (device loop5): enabling free space tree
[  272.522857][T11628] nfs: Unknown parameter 'ntext'
[  272.599474][ T9879] BTRFS info (device loop5): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  273.132913][T11648] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2374'.
[  273.138191][T11648] veth0_virt_wifi: entered promiscuous mode
[  273.198425][T11650] loop5: detected capacity change from 0 to 2048
[  273.216528][T11650] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  274.096134][T11646] loop4: detected capacity change from 0 to 32768
[  274.180194][T11646] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  274.241456][T11646] XFS (loop4): Ending clean mount
[  274.256686][T11646] XFS (loop4): Quotacheck needed: Please wait.
[  274.389328][T11646] XFS (loop4): Quotacheck: Done.
[  274.482574][T11646] XFS (loop4): User initiated shutdown received.
[  274.485505][T11646] XFS (loop4): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:476).  Shutting down filesystem.
[  274.490892][T11646] XFS (loop4): Please unmount the filesystem and rectify the problem(s)
[  274.573254][ T9771] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  275.023735][T11679] veth2: entered allmulticast mode
[  275.175597][ T5865] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  275.326391][ T5865] usb 6-1: config 0 has an invalid interface number: 117 but max is 0
[  275.329717][ T5865] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  275.333481][ T5865] usb 6-1: config 0 has no interface number 0
[  275.336009][ T5865] usb 6-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  275.339439][ T5865] usb 6-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  275.474564][T11687] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  275.556061][ T5865] usb 6-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[  275.559508][ T5865] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  275.562145][ T5865] usb 6-1: Product: syz
[  275.563692][ T5865] usb 6-1: Manufacturer: syz
[  275.565422][ T5865] usb 6-1: SerialNumber: syz
[  275.569001][ T5865] usb 6-1: config 0 descriptor??
[  276.188536][ T5865] usbtouchscreen 6-1:0.117: probe with driver usbtouchscreen failed with error -71
[  276.202405][ T5865] usb 6-1: USB disconnect, device number 16
[  276.518299][T11705] loop4: detected capacity change from 0 to 32768
[  276.571720][T11705] JBD2: Ignoring recovery information on journal
[  276.646165][T11705] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  276.720636][ T9771] ocfs2: Unmounting device (7,4) on (node local)
[  276.956747][T11722] xt_hashlimit: max too large, truncated to 1048576
[  276.959949][T11722] xt_limit: Overflow, try lower: 0/0
[  277.267882][T11721] loop5: detected capacity change from 0 to 32768
[  277.273721][T11721] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2404 (11721)
[  277.309660][   T56] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  277.312952][   T56] Bluetooth: hci3: Injecting HCI hardware error event
[  277.318707][   T56] Bluetooth: hci3: hardware error 0x00
[  277.364918][T11721] BTRFS info (device loop5 state S): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  277.369327][T11721] BTRFS info (device loop5 state S): using crc32c (crc32c-lib) checksum algorithm
[  277.468812][   T32] BTRFS warning (device loop5 state S): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0xbeadaddc level 0, ignored
[  277.496223][   T26] BTRFS warning (device loop5 state S): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0x32c165c1 level 0, ignored
[  277.506779][   T32] BTRFS warning (device loop5 state S): checksum verify failed on logical 5328896 mirror 1 wanted 0x51ec978b found 0x73153135 level 0, ignored
[  277.617868][T11721] BTRFS warning (device loop5 state S): devid 1 physical 4096 len 4194304 inside the reserved space
[  277.642930][T11721] BTRFS error (device loop5 state S): dev extent physical offset 4096 devid 1 has no corresponding chunk
[  277.673322][T11721] BTRFS error (device loop5 state S): failed to verify dev extents against chunks: -117
[  277.896694][T11721] BTRFS error (device loop5 state S): open_ctree failed: -117
[  278.163530][T11756] sp0: Synchronizing with TNC
[  278.579394][T11775] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2420'.
[  278.583511][T11768] loop5: detected capacity change from 0 to 40427
[  278.600525][T11768] F2FS-fs (loop5): invalid crc value
[  278.658455][T11768] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  278.662523][T11768] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  278.662805][T11773] loop4: detected capacity change from 0 to 4096
[  278.676790][T11768] syz.5.2417: attempt to access beyond end of device
[  278.676790][T11768] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  278.683375][T11768] CPU: 0 UID: 0 PID: 11768 Comm: syz.5.2417 Not tainted syzkaller #0 PREEMPT(full) 
[  278.683392][T11768] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  278.683399][T11768] Call Trace:
[  278.683403][T11768]  <TASK>
[  278.683409][T11768]  dump_stack_lvl+0x189/0x250
[  278.683430][T11768]  ? __pfx_dump_stack_lvl+0x10/0x10
[  278.683442][T11768]  ? __pfx_queue_work_on+0x10/0x10
[  278.683453][T11768]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  278.683467][T11768]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  278.683484][T11768]  f2fs_handle_critical_error+0x37c/0x540
[  278.683503][T11768]  f2fs_write_end_io+0x886/0xb60
[  278.683521][T11768]  __submit_merged_bio+0x27a/0x6a0
[  278.683537][T11768]  __submit_merged_write_cond+0x255/0x530
[  278.683554][T11768]  f2fs_write_data_pages+0x261d/0x3000
[  278.683580][T11768]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  278.683610][T11768]  ? check_path+0x21/0x40
[  278.683619][T11768]  ? check_noncircular+0xe0/0x160
[  278.683651][T11768]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  278.683659][T11768]  do_writepages+0x32e/0x550
[  278.683675][T11768]  ? do_raw_spin_unlock+0x4d/0x240
[  278.683688][T11768]  filemap_fdatawrite+0x199/0x240
[  278.683699][T11768]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  278.683733][T11768]  ? do_raw_spin_unlock+0x4d/0x240
[  278.683747][T11768]  f2fs_sync_dirty_inodes+0x31f/0x830
[  278.683763][T11768]  f2fs_write_checkpoint+0x93e/0x2440
[  278.683780][T11768]  ? check_noncircular+0xe0/0x160
[  278.683805][T11768]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  278.683834][T11768]  ? down_write+0x162/0x1f0
[  278.683844][T11768]  ? __pfx_down_write+0x10/0x10
[  278.683859][T11768]  f2fs_issue_checkpoint+0x3b8/0x610
[  278.683899][T11768]  ? __pfx_f2fs_issue_checkpoint+0x10/0x10
[  278.683917][T11768]  ? __lock_acquire+0xab9/0xd20
[  278.683944][T11768]  ? f2fs_sync_fs+0x200/0x3d0
[  278.683959][T11768]  f2fs_do_sync_file+0x869/0x1860
[  278.683974][T11768]  ? __pfx_f2fs_do_sync_file+0x10/0x10
[  278.684002][T11768]  ? __mark_inode_dirty+0x3d2/0xe10
[  278.684015][T11768]  ? vfs_fsync_range+0x149/0x1c0
[  278.684023][T11768]  ? f2fs_sync_file+0xe9/0x160
[  278.684033][T11768]  f2fs_file_write_iter+0x753/0x24a0
[  278.684054][T11768]  ? __pfx_f2fs_file_write_iter+0x10/0x10
[  278.684067][T11768]  ? __asan_memset+0x22/0x50
[  278.684081][T11768]  iter_file_splice_write+0x975/0x10e0
[  278.684102][T11768]  ? __pfx_iter_file_splice_write+0x10/0x10
[  278.684111][T11768]  ? rcu_read_lock_any_held+0xb3/0x120
[  278.684128][T11768]  ? __pfx_iter_file_splice_write+0x10/0x10
[  278.684136][T11768]  direct_splice_actor+0x101/0x160
[  278.684145][T11768]  splice_direct_to_actor+0x5a8/0xcc0
[  278.684162][T11768]  ? __pfx_direct_splice_actor+0x10/0x10
[  278.684170][T11768]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  278.684183][T11768]  do_splice_direct+0x181/0x270
[  278.684192][T11768]  ? __pfx_do_splice_direct+0x10/0x10
[  278.684200][T11768]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  278.684211][T11768]  ? rw_verify_area+0x255/0x4d0
[  278.684224][T11768]  do_sendfile+0x4da/0x7e0
[  278.684237][T11768]  ? __pfx_do_sendfile+0x10/0x10
[  278.684249][T11768]  ? __se_sys_futex+0x36f/0x400
[  278.684262][T11768]  __se_sys_sendfile64+0x13e/0x190
[  278.684270][T11768]  ? __pfx___se_sys_futex+0x10/0x10
[  278.684281][T11768]  ? __pfx___se_sys_sendfile64+0x10/0x10
[  278.684291][T11768]  ? do_syscall_64+0xbe/0xfa0
[  278.684306][T11768]  do_syscall_64+0xfa/0xfa0
[  278.684316][T11768]  ? lockdep_hardirqs_on+0x9c/0x150
[  278.684326][T11768]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  278.684334][T11768]  ? exc_page_fault+0xab/0x100
[  278.684346][T11768]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  278.684354][T11768] RIP: 0033:0x7f0e6398f749
[  278.684364][T11768] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  278.684373][T11768] RSP: 002b:00007f0e648cd038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  278.684383][T11768] RAX: ffffffffffffffda RBX: 00007f0e63be5fa0 RCX: 00007f0e6398f749
[  278.684390][T11768] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000005
[  278.684395][T11768] RBP: 00007f0e63a13f91 R08: 0000000000000000 R09: 0000000000000000
[  278.684402][T11768] R10: 00000000ffffffff R11: 0000000000000246 R12: 0000000000000000
[  278.684408][T11768] R13: 00007f0e63be6038 R14: 00007f0e63be5fa0 R15: 00007ffe08b9e838
[  278.684424][T11768]  </TASK>
[  278.684429][T11768] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  278.685504][T11773] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512).
[  278.831135][T11773] ntfs3(loop4): try to read out of volume at offset 0xffffffff0000
[  278.834026][T11773] ntfs3(loop4): Failed to initialize $Bitmap (-5).
[  278.914460][T11785] pim6reg: entered allmulticast mode
[  278.920439][T11785] pim6reg: left allmulticast mode
[  279.286987][T11796] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2427'.
[  279.384944][   T56] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  280.960215][T11819] netlink: 'syz.1.2438': attribute type 1 has an invalid length.
[  280.975031][ T2282] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  281.146074][ T2282] usb 6-1: Using ep0 maxpacket: 8
[  281.150537][ T2282] usb 6-1: config 9 has an invalid interface number: 159 but max is 0
[  281.153316][ T2282] usb 6-1: config 9 has no interface number 0
[  281.161106][ T2282] usb 6-1: New USB device found, idVendor=1fb9, idProduct=0100, bcdDevice=2c.b7
[  281.163804][ T2282] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.170459][ T2282] usb 6-1: Product: syz
[  281.172177][ T2282] usb 6-1: Manufacturer: syz
[  281.175760][ T2282] usb 6-1: SerialNumber: syz
[  281.375343][T11838] netlink: 'syz.1.2446': attribute type 1 has an invalid length.
[  281.380624][T11838] netlink: 'syz.1.2446': attribute type 2 has an invalid length.
[  281.399541][ T2282] cp210x 6-1:9.159: cp210x converter detected
[  281.402651][ T2282] cp210x 6-1:9.159: failed to get vendor val 0x370b size 1: -71
[  281.415574][ T2282] cp210x 6-1:9.159: querying part number failed
[  281.426336][ T2282] usb 6-1: cp210x converter now attached to ttyUSB0
[  281.444639][ T2282] usb 6-1: USB disconnect, device number 17
[  281.472711][ T2282] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  281.485364][ T2282] cp210x 6-1:9.159: device disconnected
[  281.803290][T11844] loop4: detected capacity change from 0 to 32768
[  281.884049][T11844] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  281.924296][T11844] XFS (loop4): Ending clean mount
[  281.948557][T11844] XFS (loop4): Quotacheck needed: Please wait.
[  282.063366][T11844] XFS (loop4): Quotacheck: Done.
[  282.340308][ T9771] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  283.145029][ T5900] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  283.296502][ T5900] usb 5-1: config 255 has an invalid interface number: 91 but max is 0
[  283.299050][ T5900] usb 5-1: config 255 has no interface number 0
[  283.301087][ T5900] usb 5-1: config 255 interface 91 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  283.316646][ T5900] usb 5-1: New USB device found, idVendor=3823, idProduct=0001, bcdDevice=a8.6a
[  283.319335][ T5900] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  283.321650][ T5900] usb 5-1: Product: syz
[  283.322815][ T5900] usb 5-1: Manufacturer: syz
[  283.324277][ T5900] usb 5-1: SerialNumber: syz
[  283.347040][ T5900] usbtouchscreen 5-1:255.91: probe with driver usbtouchscreen failed with error -12
[  283.358257][T11880] netlink: 48 bytes leftover after parsing attributes in process `syz.1.2461'.
[  283.513380][T11886] netlink: 64 bytes leftover after parsing attributes in process `syz.1.2464'.
[  283.561389][ T2282] usb 5-1: USB disconnect, device number 6
[  284.326550][T11903] netlink: 'syz.4.2471': attribute type 29 has an invalid length.
[  284.339636][T11903] netlink: 'syz.4.2471': attribute type 29 has an invalid length.
[  285.340275][T11928] loop4: detected capacity change from 0 to 1024
[  285.393177][T11928] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  285.465554][T11936] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:0)
[  285.470465][T11936] bridge0: received packet on bridge_slave_0 with own address as source address (addr:aa:aa:aa:aa:aa:0c, vlan:1)
[  285.474014][T11936] bridge_slave_0: default FDB implementation only supports local addresses
[  285.538627][ T9771] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  285.973512][T11957] loop4: detected capacity change from 0 to 1024
[  286.005425][T11957] EXT4-fs: inline encryption not supported
[  286.025982][T11957] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  286.036029][T11957] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 2: comm syz.4.2494: lblock 2 mapped to illegal pblock 2 (length 1)
[  286.041300][T11957] EXT4-fs (loop4): Remounting filesystem read-only
[  286.043681][T11957] Quota error (device loop4): qtree_write_dquot: dquota write failed
[  286.047047][T11957] Quota error (device loop4): v2_write_file_info: Can't write info structure
[  286.051032][T11957] EXT4-fs (loop4): 1 orphan inode deleted
[  286.054026][T11957] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  286.063201][T11957] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.097931][ T2282] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  286.170790][T11960] loop4: detected capacity change from 0 to 16
[  286.178776][T11960] erofs (device loop4): mounted with root inode @ nid 36.
[  286.189479][T11960] erofs (device loop4): read error -95 @ 8200 of nid 36
[  286.197605][T11960] erofs (device loop4): read error -95 @ 8200 of nid 36
[  286.266659][ T2282] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 12408, setting to 64
[  286.270887][ T2282] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  286.274237][ T2282] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  286.296851][ T2282] usb 6-1: config 0 descriptor??
[  286.653063][T11965] loop4: detected capacity change from 0 to 40427
[  286.657665][ T2282] ath6kl: Failed to submit usb control message: -71
[  286.661497][T11965] F2FS-fs (loop4): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  286.665176][T11965] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  286.671499][T11965] F2FS-fs (loop4): invalid crc value
[  286.674508][ T2282] ath6kl: unable to send the bmi data to the device: -71
[  286.677880][ T2282] ath6kl: Unable to send get target info: -71
[  286.691500][ T2282] ath6kl: Failed to init ath6kl core: -71
[  286.695324][ T2282] ath6kl_usb 6-1:0.0: probe with driver ath6kl_usb failed with error -71
[  286.702131][ T2282] usb 6-1: USB disconnect, device number 18
[  286.818722][T11965] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  286.827686][T11965] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  286.830280][T11965] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  286.867919][T11978] bridge0: port 2(bridge_slave_1) entered disabled state
[  287.635101][T11972] f2fs_ckpt-7:4: attempt to access beyond end of device
[  287.635101][T11972] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  287.727879][T11972] CPU: 1 UID: 0 PID: 11972 Comm: f2fs_ckpt-7:4 Not tainted syzkaller #0 PREEMPT(full) 
[  287.727894][T11972] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  287.727901][T11972] Call Trace:
[  287.727905][T11972]  <TASK>
[  287.727910][T11972]  dump_stack_lvl+0x189/0x250
[  287.727929][T11972]  ? __pfx_dump_stack_lvl+0x10/0x10
[  287.727940][T11972]  ? __pfx_queue_work_on+0x10/0x10
[  287.727950][T11972]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  287.727964][T11972]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  287.727979][T11972]  f2fs_handle_critical_error+0x37c/0x540
[  287.727998][T11972]  f2fs_write_end_io+0x886/0xb60
[  287.728016][T11972]  __submit_merged_bio+0x27a/0x6a0
[  287.728032][T11972]  __submit_merged_write_cond+0x255/0x530
[  287.728046][T11972]  f2fs_write_data_pages+0x261d/0x3000
[  287.728054][T11972]  ? __lock_acquire+0xab9/0xd20
[  287.728077][T11972]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  287.728106][T11972]  ? check_path+0x21/0x40
[  287.728127][T11972]  ? irqentry_exit+0x74/0x90
[  287.728139][T11972]  ? lockdep_hardirqs_on+0x9c/0x150
[  287.728158][T11972]  ? __pfx___sanitizer_cov_trace_pc+0x10/0x10
[  287.728210][T11972]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  287.728221][T11972]  do_writepages+0x32e/0x550
[  287.728238][T11972]  ? do_raw_spin_unlock+0x4d/0x240
[  287.728251][T11972]  filemap_fdatawrite+0x199/0x240
[  287.728263][T11972]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  287.728293][T11972]  ? preempt_schedule_thunk+0x16/0x30
[  287.728306][T11972]  f2fs_sync_dirty_inodes+0x31f/0x830
[  287.728330][T11972]  f2fs_write_checkpoint+0x93e/0x2440
[  287.728354][T11972]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  287.728380][T11972]  ? down_write+0x162/0x1f0
[  287.728388][T11972]  ? __pfx_down_write+0x10/0x10
[  287.728396][T11972]  ? do_raw_spin_lock+0x121/0x290
[  287.728410][T11972]  __checkpoint_and_complete_reqs+0xdf/0x3d0
[  287.728419][T11972]  ? __pfx___schedule+0x10/0x10
[  287.728432][T11972]  ? __pfx___checkpoint_and_complete_reqs+0x10/0x10
[  287.728447][T11972]  ? schedule+0x91/0x360
[  287.728461][T11972]  issue_checkpoint_thread+0xd9/0x260
[  287.728472][T11972]  ? __pfx_issue_checkpoint_thread+0x10/0x10
[  287.728481][T11972]  ? __pfx_autoremove_wake_function+0x10/0x10
[  287.728493][T11972]  ? __kthread_parkme+0x7b/0x200
[  287.728503][T11972]  ? __kthread_parkme+0x1a1/0x200
[  287.728514][T11972]  kthread+0x711/0x8a0
[  287.728526][T11972]  ? __pfx_issue_checkpoint_thread+0x10/0x10
[  287.728534][T11972]  ? __pfx_kthread+0x10/0x10
[  287.728545][T11972]  ? _raw_spin_unlock_irq+0x23/0x50
[  287.728555][T11972]  ? lockdep_hardirqs_on+0x9c/0x150
[  287.728565][T11972]  ? __pfx_kthread+0x10/0x10
[  287.728576][T11972]  ret_from_fork+0x4bc/0x870
[  287.728585][T11972]  ? __pfx_ret_from_fork+0x10/0x10
[  287.728597][T11972]  ? __switch_to_asm+0x39/0x70
[  287.728602][T11972]  ? __switch_to_asm+0x33/0x70
[  287.728607][T11972]  ? __pfx_kthread+0x10/0x10
[  287.728618][T11972]  ret_from_fork_asm+0x1a/0x30
[  287.728632][T11972]  </TASK>
[  287.728636][T11972] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  287.837675][T11996] netlink: 'syz.1.2509': attribute type 1 has an invalid length.
[  288.100693][T12008] netlink: 'syz.5.2516': attribute type 10 has an invalid length.
[  288.131336][T12008] macvlan0: entered promiscuous mode
[  288.149960][T12008] bond0: (slave macvlan0): Enslaving as an active interface with an up link
[  288.299072][T12014] loop4: detected capacity change from 0 to 128
[  288.310407][T12014] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  288.319832][T12014] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  288.406591][   T56] Bluetooth: hci0: unexpected event for opcode 0x200a
[  288.423836][T12020] [U] 
[  288.425378][T12020] [U] K{
[  288.426677][T12020] [U] t 1Ffˊ`GJgo/mC
[  288.428746][T12020] [U] tؖ/,~Ĝj}8'o1"7-JQKWq5c%"H12YX``+(!(z'tXlnIgjݭp~7!"(5Ob̓J
[  288.434833][T12020] [U] k\&}66XHX.`a$40|϶9ިU4Vbz}wMTQΦr4
[  288.438009][T12020] [U] ".h6"k[J4In[Z(C|T]z{3c=x4w)\TXJSH{q;칢t+gd.˂>ywUhfNhl]S2\g%O&z)'pul_<	ذ`ұT;_"(u{7j2X /'cIHcճV=Ai%wEs RjgrhIa6-DV i"n Asc~48c*OO5/J~wvK+3Y)Mvyq潀DTrOtpem%fejA5T_-X~^aaۂq
[  288.448297][T12020] [U] 	+wG?]'a:	)' B>tf/<'U'hi.+]e.-ɿ%>2`^U8F.63+A«g3p6:^0tv'EtYCnrϩnPj;Z8!\Aʖ2$­wi.#/Bai`4jdy@zgW5˿BٜNy"vI2
[  288.455018][ T5866] usb 6-1: new full-speed USB device number 19 using dummy_hcd
[  288.455231][T12020] [U] T_K5tYJ9c$brLNul9w|G"ʃ%C؝q 3qN^HP*$	.7yӱ2
[  288.461057][T12020] [U] ?h*37鍾^#Q"0~(oXLb,'v=CSGS0ւ`ه=1(p#2DO*Ƀ
[  288.464322][T12020] [U] sgGud-{|&2Lc_!`oz֥B%>rwSsH"yA4O.Y䏄RTԶB[+/<<RB|Фe۠V96#ͤjU%s851ҩsP\?q|LQX0K1orɴ2|dF2ޔ0H}C[/px^o
[  288.472885][T12019] [U] ؛(JЛmxz;؝_*335\xmUAK!aQ`
[  288.607814][ T5866] usb 6-1: config 36 interface 0 altsetting 0 has an endpoint descriptor with address 0xB2, changing to 0x82
[  288.612873][ T5866] usb 6-1: config 36 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  288.617891][ T5866] usb 6-1: config 36 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  288.627330][ T5866] usb 6-1: New USB device found, idVendor=6993, idProduct=b001, bcdDevice= 0.06
[  288.630945][ T5866] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=16
[  288.634014][ T5866] usb 6-1: SerialNumber: syz
[  288.862734][ T5866] yealink 6-1:36.0: invalid payload size 0, expected 16
[  288.876914][ T5866] input: Yealink usb-p1k as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:36.0/input/input16
[  288.893013][    C1] yealink 6-1:36.0: urb_ctl_callback - urb status -71
[  288.895955][    C1] yealink 6-1:36.0: urb_ctl_callback - urb status -71
[  288.899028][    C1] yealink 6-1:36.0: urb_ctl_callback - urb status -71
[  288.901870][    C1] yealink 6-1:36.0: urb_ctl_callback - urb status -71
[  288.904610][    C1] yealink 6-1:36.0: urb_ctl_callback - urb status -71
[  288.908418][    C1] yealink 6-1:36.0: urb_ctl_callback - urb status -71
[  288.913285][    C1] yealink 6-1:36.0: urb_ctl_callback - urb status -71
[  288.920953][    C1] yealink 6-1:36.0: urb_ctl_callback - urb status -71
[  288.923578][    C1] yealink 6-1:36.0: urb_ctl_callback - usb_submit_urb failed -90
[  288.940306][ T5866] usb 6-1: USB disconnect, device number 19
[  289.882094][T12078] netlink: 'syz.1.2548': attribute type 10 has an invalid length.
[  289.958357][T12078] 8021q: adding VLAN 0 to HW filter on device bond0
[  289.983662][T12078] team0: Port device bond0 added
[  290.245496][ T2282] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  290.408807][ T2282] usb 5-1: config 0 interface 0 altsetting 3 endpoint 0x81 has invalid wMaxPacketSize 0
[  290.412777][ T2282] usb 5-1: config 0 interface 0 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  290.418904][ T2282] usb 5-1: config 0 interface 0 has no altsetting 0
[  290.421682][ T2282] usb 5-1: New USB device found, idVendor=0fc5, idProduct=b080, bcdDevice= 0.00
[  290.447518][ T2282] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  290.462085][ T2282] usb 5-1: config 0 descriptor??
[  290.974967][ T5900] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  291.083201][ T2282] hid-led 0003:0FC5:B080.000F: probe with driver hid-led failed with error -71
[  291.099080][ T2282] usb 5-1: USB disconnect, device number 7
[  291.125081][ T5900] usb 6-1: Using ep0 maxpacket: 16
[  291.128986][ T5900] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  291.133131][ T5900] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  291.141443][ T5900] usb 6-1: config 0 interface 0 has no altsetting 0
[  291.143894][ T5900] usb 6-1: New USB device found, idVendor=060b, idProduct=500a, bcdDevice= 0.00
[  291.155297][ T5900] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  291.166531][ T5900] usb 6-1: config 0 descriptor??
[  291.610498][ T5900] cougar 0003:060B:500A.0010: unexpected long global item
[  291.615445][ T5900] cougar 0003:060B:500A.0010: parse failed
[  291.617716][ T5900] cougar 0003:060B:500A.0010: probe with driver cougar failed with error -22
[  291.712096][T12132] loop4: detected capacity change from 0 to 64
[  291.800260][ T5900] usb 6-1: USB disconnect, device number 20
[  291.913274][T12140] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2579'.
[  292.271321][T12152] loop4: detected capacity change from 0 to 32768
[  292.319629][T12152] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  292.340390][T12152] XFS (loop4): Ending clean mount
[  292.353727][T12152] XFS (loop4): Quotacheck needed: Please wait.
[  292.417160][T12152] XFS (loop4): Quotacheck: Done.
[  292.446532][   T34] audit: type=1800 audit(1764306211.673:6991): pid=12152 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2586" name="file0" dev="loop4" ino=4427 res=0 errno=0
[  292.488445][ T9771] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  292.826963][T12165] loop5: detected capacity change from 0 to 32768
[  292.832143][T12165] xfs: Deprecated parameter 'noikeep'
[  292.842624][T12165] XFS: noikeep mount option is deprecated.
[  292.855045][T12165] xfs: Deprecated parameter 'ikeep'
[  292.860166][T12165] XFS: ikeep mount option is deprecated.
[  292.877778][T12165] XFS (loop5): DAX unsupported by block device. Turning off DAX.
[  292.885701][T12165] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  292.914994][T12183] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2593'.
[  292.921934][T12165] XFS (loop5): Ending clean mount
[  292.931900][T12165] XFS (loop5): Quotacheck needed: Please wait.
[  292.977991][T12165] XFS (loop5): Quotacheck: Done.
[  292.985233][T12183] bond1: option resend_igmp: invalid value (511)
[  292.992866][T12183] bond1: option resend_igmp: allowed values 0 - 255
[  293.001412][T12183] bond1 (unregistering): Released all slaves
[  293.120090][ T9879] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  293.327963][T12188] loop4: detected capacity change from 0 to 40427
[  293.334059][T12188] F2FS-fs (loop4): invalid crc value
[  293.415001][T12188] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  293.424537][T12188] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  294.048095][T12207] autofs: Bad value for 'fd'
[  294.120038][T12210] loop5: detected capacity change from 0 to 512
[  294.184074][T12210] 
[  294.185095][T12210] ======================================================
[  294.187799][T12210] WARNING: possible circular locking dependency detected
[  294.190463][T12210] syzkaller #0 Not tainted
[  294.192358][T12210] ------------------------------------------------------
[  294.195008][T12210] syz.5.2604/12210 is trying to acquire lock:
[  294.197357][T12210] ffff888173f1cb98 (&sbi->s_writepages_rwsem){++++}-{0:0}, at: ext4_writepages+0x1cc/0x350
[  294.201050][T12210] 
[  294.201050][T12210] but task is already holding lock:
[  294.203782][T12210] ffff888119277388 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x3eb/0x700
[  294.207497][T12210] 
[  294.207497][T12210] which lock already depends on the new lock.
[  294.207497][T12210] 
[  294.211427][T12210] 
[  294.211427][T12210] the existing dependency chain (in reverse order) is:
[  294.214956][T12210] 
[  294.214956][T12210] -> #1 (&ei->xattr_sem){++++}-{4:4}:
[  294.217717][T12210]        lock_acquire+0x120/0x360
[  294.219312][T12210]        down_write+0x96/0x1f0
[  294.220756][T12210]        ext4_destroy_inline_data+0x28/0xe0
[  294.222753][T12210]        ext4_do_writepages+0x526/0x4610
[  294.224629][T12210]        ext4_writepages+0x205/0x350
[  294.226444][T12210]        do_writepages+0x32e/0x550
[  294.227989][T12210]        file_write_and_wait_range+0x23e/0x340
[  294.229828][T12210]        generic_buffers_fsync_noflush+0x6c/0x180
[  294.231701][T12210]        ext4_sync_file+0x332/0xb20
[  294.233371][T12210]        ext4_buffered_write_iter+0x2ca/0x3a0
[  294.236378][T12210]        ext4_file_write_iter+0x298/0x1bc0
[  294.238321][T12210]        vfs_write+0x5c9/0xb30
[  294.239901][T12210]        __x64_sys_pwrite64+0x193/0x220
[  294.241656][T12210]        do_syscall_64+0xfa/0xfa0
[  294.243219][T12210]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.245108][T12210] 
[  294.245108][T12210] -> #0 (&sbi->s_writepages_rwsem){++++}-{0:0}:
[  294.247553][T12210]        validate_chain+0xb9b/0x2140
[  294.249214][T12210]        __lock_acquire+0xab9/0xd20
[  294.250812][T12210]        lock_acquire+0x120/0x360
[  294.252424][T12210]        percpu_down_read_internal+0x48/0x1c0
[  294.254764][T12210]        ext4_writepages+0x1cc/0x350
[  294.256877][T12210]        do_writepages+0x32e/0x550
[  294.258879][T12210]        __writeback_single_inode+0x145/0xff0
[  294.261225][T12210]        writeback_single_inode+0x1f9/0x6a0
[  294.263251][T12210]        write_inode_now+0x160/0x1d0
[  294.265033][T12210]        iput+0x830/0xc50
[  294.266357][T12210]        ext4_xattr_block_set+0x1fce/0x2ac0
[  294.268191][T12210]        ext4_expand_extra_isize_ea+0x12da/0x1ea0
[  294.270162][T12210]        __ext4_expand_extra_isize+0x30d/0x400
[  294.272135][T12210]        __ext4_mark_inode_dirty+0x46c/0x700
[  294.274052][T12210]        ext4_evict_inode+0x80d/0xee0
[  294.275740][T12210]        evict+0x504/0x9c0
[  294.277075][T12210]        ext4_orphan_cleanup+0xc20/0x1460
[  294.279090][T12210]        ext4_fill_super+0x5920/0x61e0
[  294.280963][T12210]        get_tree_bdev_flags+0x40e/0x4d0
[  294.282743][T12210]        vfs_get_tree+0x92/0x2b0
[  294.284267][T12210]        do_new_mount+0x302/0xa10
[  294.286097][T12210]        __se_sys_mount+0x313/0x410
[  294.287602][T12210]        do_syscall_64+0xfa/0xfa0
[  294.289155][T12210]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.291050][T12210] 
[  294.291050][T12210] other info that might help us debug this:
[  294.291050][T12210] 
[  294.294116][T12210]  Possible unsafe locking scenario:
[  294.294116][T12210] 
[  294.296493][T12210]        CPU0                    CPU1
[  294.298150][T12210]        ----                    ----
[  294.299742][T12210]   lock(&ei->xattr_sem);
[  294.300958][T12210]                                lock(&sbi->s_writepages_rwsem);
[  294.303438][T12210]                                lock(&ei->xattr_sem);
[  294.305453][T12210]   rlock(&sbi->s_writepages_rwsem);
[  294.306873][T12210] 
[  294.306873][T12210]  *** DEADLOCK ***
[  294.306873][T12210] 
[  294.309354][T12210] 3 locks held by syz.5.2604/12210:
[  294.310948][T12210]  #0: ffff888173f1a0e0 (&type->s_umount_key#27/1){+.+.}-{4:4}, at: alloc_super+0x1bb/0x930
[  294.314066][T12210]  #1: ffff888173f1a610 (sb_internal){.+.+}-{0:0}, at: ext4_evict_inode+0x2d6/0xee0
[  294.316855][T12210]  #2: ffff888119277388 (&ei->xattr_sem){++++}-{4:4}, at: __ext4_mark_inode_dirty+0x3eb/0x700
[  294.319979][T12210] 
[  294.319979][T12210] stack backtrace:
[  294.321780][T12210] CPU: 1 UID: 0 PID: 12210 Comm: syz.5.2604 Not tainted syzkaller #0 PREEMPT(full) 
[  294.321793][T12210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  294.321801][T12210] Call Trace:
[  294.321808][T12210]  <TASK>
[  294.321814][T12210]  dump_stack_lvl+0x189/0x250
[  294.321832][T12210]  ? __pfx_dump_stack_lvl+0x10/0x10
[  294.321851][T12210]  ? __pfx__printk+0x10/0x10
[  294.321863][T12210]  ? print_lock_name+0xde/0x100
[  294.321872][T12210]  print_circular_bug+0x2ee/0x310
[  294.321885][T12210]  check_noncircular+0x134/0x160
[  294.321896][T12210]  validate_chain+0xb9b/0x2140
[  294.321906][T12210]  ? look_up_lock_class+0x74/0x170
[  294.321919][T12210]  ? register_lock_class+0x51/0x320
[  294.321927][T12210]  __lock_acquire+0xab9/0xd20
[  294.321935][T12210]  ? ext4_writepages+0x1cc/0x350
[  294.321945][T12210]  lock_acquire+0x120/0x360
[  294.321951][T12210]  ? ext4_writepages+0x1cc/0x350
[  294.321962][T12210]  percpu_down_read_internal+0x48/0x1c0
[  294.321972][T12210]  ? ext4_writepages+0x1cc/0x350
[  294.321981][T12210]  ext4_writepages+0x1cc/0x350
[  294.321991][T12210]  ? __pfx_ext4_writepages+0x10/0x10
[  294.322006][T12210]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  294.322017][T12210]  ? __pfx_ext4_writepages+0x10/0x10
[  294.322026][T12210]  do_writepages+0x32e/0x550
[  294.322037][T12210]  ? do_raw_spin_lock+0x121/0x290
[  294.322048][T12210]  __writeback_single_inode+0x145/0xff0
[  294.322061][T12210]  ? do_raw_spin_unlock+0x4d/0x240
[  294.322071][T12210]  writeback_single_inode+0x1f9/0x6a0
[  294.322082][T12210]  write_inode_now+0x160/0x1d0
[  294.322091][T12210]  ? __pfx_write_inode_now+0x10/0x10
[  294.322108][T12210]  ? do_raw_spin_unlock+0x4d/0x240
[  294.322119][T12210]  iput+0x830/0xc50
[  294.322128][T12210]  ext4_xattr_block_set+0x1fce/0x2ac0
[  294.322143][T12210]  ? __pfx_ext4_xattr_block_set+0x10/0x10
[  294.322152][T12210]  ? ext4_xattr_block_find+0x2d4/0x350
[  294.322160][T12210]  ext4_expand_extra_isize_ea+0x12da/0x1ea0
[  294.322176][T12210]  __ext4_expand_extra_isize+0x30d/0x400
[  294.322192][T12210]  __ext4_mark_inode_dirty+0x46c/0x700
[  294.322207][T12210]  ext4_evict_inode+0x80d/0xee0
[  294.322223][T12210]  ? __pfx_ext4_evict_inode+0x10/0x10
[  294.322235][T12210]  ? do_raw_spin_unlock+0x4d/0x240
[  294.322246][T12210]  ? __pfx_ext4_evict_inode+0x10/0x10
[  294.322257][T12210]  evict+0x504/0x9c0
[  294.322269][T12210]  ? __pfx_evict+0x10/0x10
[  294.322277][T12210]  ? do_raw_spin_unlock+0x4d/0x240
[  294.322287][T12210]  ? _raw_spin_unlock+0x28/0x50
[  294.322297][T12210]  ? iput+0x946/0xc50
[  294.322305][T12210]  ext4_orphan_cleanup+0xc20/0x1460
[  294.322318][T12210]  ? __pfx_ext4_orphan_cleanup+0x10/0x10
[  294.322329][T12210]  ? ext4_register_li_request+0x259/0x720
[  294.322339][T12210]  ? errseq_check_and_advance+0x66/0x120
[  294.322351][T12210]  ext4_fill_super+0x5920/0x61e0
[  294.322365][T12210]  ? __pfx_ext4_fill_super+0x10/0x10
[  294.322373][T12210]  ? snprintf+0xda/0x120
[  294.322384][T12210]  ? __pfx_snprintf+0x10/0x10
[  294.322392][T12210]  ? set_blocksize+0x21e/0x500
[  294.322405][T12210]  ? sb_set_blocksize+0x104/0x180
[  294.322416][T12210]  ? setup_bdev_super+0x4c1/0x5b0
[  294.322430][T12210]  get_tree_bdev_flags+0x40e/0x4d0
[  294.322443][T12210]  ? __pfx_ext4_fill_super+0x10/0x10
[  294.322451][T12210]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  294.322464][T12210]  vfs_get_tree+0x92/0x2b0
[  294.322474][T12210]  do_new_mount+0x302/0xa10
[  294.322481][T12210]  ? apparmor_capable+0x137/0x1b0
[  294.322491][T12210]  ? __pfx_do_new_mount+0x10/0x10
[  294.322498][T12210]  ? ns_capable+0x8a/0xf0
[  294.322507][T12210]  ? kmem_cache_free+0x19b/0x690
[  294.322520][T12210]  __se_sys_mount+0x313/0x410
[  294.322529][T12210]  ? __pfx___se_sys_mount+0x10/0x10
[  294.322537][T12210]  ? do_syscall_64+0xbe/0xfa0
[  294.322547][T12210]  ? __x64_sys_mount+0x20/0xc0
[  294.322554][T12210]  do_syscall_64+0xfa/0xfa0
[  294.322565][T12210]  ? lockdep_hardirqs_on+0x9c/0x150
[  294.322575][T12210]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.322583][T12210]  ? exc_page_fault+0xab/0x100
[  294.322595][T12210]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  294.322603][T12210] RIP: 0033:0x7f0e63990eea
[  294.322614][T12210] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  294.322621][T12210] RSP: 002b:00007f0e648cce68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  294.322631][T12210] RAX: ffffffffffffffda RBX: 00007f0e648ccef0 RCX: 00007f0e63990eea
[  294.322638][T12210] RDX: 0000200000000180 RSI: 0000200000000080 RDI: 00007f0e648cceb0
[  294.322644][T12210] RBP: 0000200000000180 R08: 00007f0e648ccef0 R09: 0000000000800700
[  294.322651][T12210] R10: 0000000000800700 R11: 0000000000000246 R12: 0000200000000080
[  294.322657][T12210] R13: 00007f0e648cceb0 R14: 000000000000046f R15: 00002000000000c0
[  294.322666][T12210]  </TASK>
[  294.535327][T12210] EXT4-fs error (device loop5): ext4_xattr_inode_iget:441: inode #11: comm syz.5.2604: iget: bad extra_isize 90 (inode size 256)
[  294.540746][T12210] EXT4-fs error (device loop5): ext4_xattr_inode_iget:446: comm syz.5.2604: error while reading EA inode 11 err=-117
[  294.546074][T12210] EXT4-fs error (device loop5): ext4_xattr_inode_iget:441: inode #11: comm syz.5.2604: iget: bad extra_isize 90 (inode size 256)
[  294.552608][T12210] EXT4-fs error (device loop5): ext4_xattr_inode_iget:446: comm syz.5.2604: error while reading EA inode 11 err=-117
[  294.559541][T12210] EXT4-fs error (device loop5): ext4_xattr_inode_iget:441: inode #18: comm syz.5.2604: iget: bad extra_isize 90 (inode size 256)
[  294.566234][T12210] EXT4-fs error (device loop5): ext4_xattr_inode_iget:446: comm syz.5.2604: error while reading EA inode 18 err=-117
[  294.571628][T12210] EXT4-fs error (device loop5): ext4_xattr_inode_iget:441: inode #18: comm syz.5.2604: iget: bad extra_isize 90 (inode size 256)
[  294.580967][T12210] EXT4-fs error (device loop5): ext4_xattr_inode_iget:446: comm syz.5.2604: error while reading EA inode 18 err=-117
[  294.587144][T12210] EXT4-fs (loop5): 1 orphan inode deleted
[  294.590399][T12210] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  294.615943][ T9879] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  294.804952][ T5900] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  294.954796][ T5900] usb 5-1: Using ep0 maxpacket: 16
[  294.958537][ T5900] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  294.963311][ T5900] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  294.968022][ T5900] usb 5-1: New USB device found, idVendor=0458, idProduct=5016, bcdDevice= 0.00
[  294.971273][ T5900] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  294.976196][ T5900] usb 5-1: config 0 descriptor??
[  295.389207][ T5900] kye 0003:0458:5016.0011: control desc unexpectedly large
[  295.400558][ T5900] input: HID 0458:5016 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0458:5016.0011/input/input17
[  295.468937][ T5900] input: HID 0458:5016 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0458:5016.0011/input/input18
[  295.549124][ T5900] kye 0003:0458:5016.0011: input,hiddev0,hidraw0: USB HID v0.09 Device [HID 0458:5016] on usb-dummy_hcd.4-1/input0
[  296.504965][    C0] kye 0003:0458:5016.0011: usb_submit_urb(ctrl) failed: -1
[  297.304972][ T5865] usb 5-1: USB disconnect, device number 8
[  302.825430][   T35] INFO: task syz.0.583:7261 blocked for more than 143 seconds.
[  302.828543][   T35]       Not tainted syzkaller #0
[  302.830430][   T35]       Blocked by coredump.
[  302.832298][   T35] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  302.840931][   T35] task:syz.0.583       state:D stack:25760 pid:7261  tgid:7261  ppid:5815   task_flags:0x40044c flags:0x00080003
[  302.848242][   T35] Call Trace:
[  302.849779][   T35]  <TASK>
[  302.851153][   T35]  __schedule+0x1798/0x4cc0
[  302.853132][   T35]  ? do_raw_spin_lock+0x121/0x290
[  302.855458][   T35]  ? __lock_acquire+0xab9/0xd20
[  302.857556][   T35]  ? __pfx___schedule+0x10/0x10
[  302.859621][   T35]  ? schedule+0x91/0x360
[  302.861423][   T35]  schedule+0x165/0x360
[  302.863126][   T35]  wb_wait_for_completion+0x15f/0x260
[  302.865372][   T35]  ? __pfx_wb_wait_for_completion+0x10/0x10
[  302.867839][   T35]  ? __pfx_autoremove_wake_function+0x10/0x10
[  302.870372][   T35]  sync_inodes_sb+0x1bb/0xa10
[  302.872361][   T35]  ? __pfx_sync_inodes_sb+0x10/0x10
[  302.874461][   T35]  ? __pfx_ext4_sync_fs+0x10/0x10
[  302.876654][   T35]  ? __dentry_kill+0x53d/0x660
[  302.878714][   T35]  ? get_nr_dirty_inodes+0x1c4/0x210
[  302.880830][   T35]  sync_filesystem+0x17a/0x230
[  302.882768][   T35]  generic_shutdown_super+0x6f/0x2c0
[  302.884976][   T35]  kill_block_super+0x44/0x90
[  302.886864][   T35]  ext4_kill_sb+0x68/0xb0
[  302.888758][   T35]  deactivate_locked_super+0xbc/0x130
[  302.891001][   T35]  cleanup_mnt+0x425/0x4c0
[  302.892858][   T35]  ? lockdep_hardirqs_on+0x9c/0x150
[  302.895212][   T35]  task_work_run+0x1d4/0x260
[  302.897148][   T35]  ? __pfx_task_work_run+0x10/0x10
[  302.899238][   T35]  ? do_exit+0x6b0/0x2300
[  302.901104][   T35]  ? kmem_cache_free+0x19b/0x690
[  302.902959][   T35]  do_exit+0x6b5/0x2300
[  302.904892][   T35]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  302.907069][   T35]  ? do_raw_spin_lock+0x121/0x290
[  302.909276][   T35]  ? __pfx_do_exit+0x10/0x10
[  302.911222][   T35]  do_group_exit+0x21c/0x2d0
[  302.913139][   T35]  ? lockdep_hardirqs_on+0x9c/0x150
[  302.915564][   T35]  get_signal+0x1285/0x1340
[  302.917587][   T35]  arch_do_signal_or_restart+0xa0/0x790
[  302.919975][   T35]  ? __pfx_get_timespec64+0x10/0x10
[  302.922249][   T35]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  302.924958][   T35]  ? exit_to_user_mode_loop+0x40/0x130
[  302.927286][   T35]  exit_to_user_mode_loop+0x72/0x130
[  302.929484][   T35]  do_syscall_64+0x2bd/0xfa0
[  302.931425][   T35]  ? lockdep_hardirqs_on+0x9c/0x150
[  302.933518][   T35]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  302.936206][   T35]  ? exc_page_fault+0xab/0x100
[  302.938111][   T35]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  302.940521][   T35] RIP: 0033:0x7f2c315c2005
[  302.942337][   T35] RSP: 002b:00007f2c324f4f80 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[  302.949228][   T35] RAX: fffffffffffffdfc RBX: 00007f2c317e5fa0 RCX: 00007f2c315c2005
[  302.952378][   T35] RDX: 00007f2c324f4fc0 RSI: 0000000000000000 RDI: 0000000000000000
[  302.956934][   T35] RBP: 00007f2c31613f91 R08: 0000000000000000 R09: 0000000000000000
[  302.960084][   T35] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000
[  302.963243][   T35] R13: 00007f2c317e6038 R14: 00007f2c317e5fa0 R15: 00007ffc33a0bb88
[  302.966514][   T35]  </TASK>
[  302.967965][   T35] INFO: lockdep is turned off.
[  302.969949][   T35] NMI backtrace for cpu 0
[  302.969965][   T35] CPU: 0 UID: 0 PID: 35 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  302.969980][   T35] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  302.969989][   T35] Call Trace:
[  302.969996][   T35]  <TASK>
[  302.970003][   T35]  dump_stack_lvl+0x189/0x250
[  302.970055][   T35]  ? __pfx_dump_stack_lvl+0x10/0x10
[  302.970072][   T35]  ? __pfx__printk+0x10/0x10
[  302.970090][   T35]  nmi_cpu_backtrace+0x39e/0x3d0
[  302.970109][   T35]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  302.970124][   T35]  ? __pfx__printk+0x10/0x10
[  302.970138][   T35]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  302.970159][   T35]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  302.970174][   T35]  watchdog+0xf60/0xfa0
[  302.970188][   T35]  ? watchdog+0x1e2/0xfa0
[  302.970201][   T35]  kthread+0x711/0x8a0
[  302.970218][   T35]  ? __pfx_watchdog+0x10/0x10
[  302.970231][   T35]  ? __pfx_kthread+0x10/0x10
[  302.970247][   T35]  ? _raw_spin_unlock_irq+0x23/0x50
[  302.970266][   T35]  ? lockdep_hardirqs_on+0x9c/0x150
[  302.970284][   T35]  ? __pfx_kthread+0x10/0x10
[  302.970300][   T35]  ret_from_fork+0x4bc/0x870
[  302.970314][   T35]  ? __pfx_ret_from_fork+0x10/0x10
[  302.970328][   T35]  ? __switch_to_asm+0x39/0x70
[  302.970338][   T35]  ? __switch_to_asm+0x33/0x70
[  302.970348][   T35]  ? __pfx_kthread+0x10/0x10
[  302.970364][   T35]  ret_from_fork_asm+0x1a/0x30
[  302.970380][   T35]  </TASK>
[  302.970386][   T35] Sending NMI from CPU 0 to CPUs 1:
[  303.027078][    C1] NMI backtrace for cpu 1
[  303.027092][    C1] CPU: 1 UID: 0 PID: 1090 Comm: kworker/u10:3 Not tainted syzkaller #0 PREEMPT(full) 
[  303.027102][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  303.027108][    C1] Workqueue: writeback wb_workfn (flush-7:0)
[  303.027127][    C1] RIP: 0010:mpage_process_page_bufs+0x258/0x8e0
[  303.027139][    C1] Code: 30 84 c0 48 8b 6c 24 20 0f 85 97 02 00 00 48 8b 04 24 8b 18 31 ff 89 de e8 75 f9 46 ff 85 db 0f 85 e0 03 00 00 e8 28 f5 46 ff <49> 83 c5 08 4c 89 e8 48 c1 e8 03 42 80 3c 30 00 74 08 4c 89 ef e8
[  303.027146][    C1] RSP: 0018:ffffc90007dae960 EFLAGS: 00000206
[  303.027152][    C1] RAX: ffffc90007daf15c RBX: 0000000000000012 RCX: ffff88816b340000
[  303.027157][    C1] RDX: 0000000000000000 RSI: 0000000000000800 RDI: 0000000000000800
[  303.027162][    C1] RBP: ffff8881b9641740 R08: ffff8881b964148f R09: 1ffff110372c8291
[  303.027167][    C1] R10: dffffc0000000000 R11: ffffed10372c8292 R12: 0000000000000011
[  303.027172][    C1] R13: ffff8881b9641488 R14: dffffc0000000000 R15: 0000000000000020
[  303.027177][    C1] FS:  0000000000000000(0000) GS:ffff8882a9f36000(0000) knlGS:0000000000000000
[  303.027182][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  303.027187][    C1] CR2: 00007f0eb346a866 CR3: 000000011477e000 CR4: 00000000000006f0
[  303.027215][    C1] Call Trace:
[  303.027220][    C1]  <TASK>
[  303.027228][    C1]  mpage_prepare_extent_to_map+0xe6c/0x16e0
[  303.027242][    C1]  ? __pfx_mpage_prepare_extent_to_map+0x10/0x10
[  303.027255][    C1]  ? ext4_journal_check_start+0x1cf/0x2b0
[  303.027264][    C1]  ? __ext4_journal_start_sb+0x27e/0x5c0
[  303.027273][    C1]  ext4_do_writepages+0x1089/0x4610
[  303.027288][    C1]  ? __pfx_ext4_do_writepages+0x10/0x10
[  303.027297][    C1]  ? preempt_schedule+0xae/0xc0
[  303.027309][    C1]  ? preempt_schedule_common+0x83/0xd0
[  303.027318][    C1]  ? ext4_writepages+0x1cc/0x350
[  303.027326][    C1]  ? rcu_is_watching+0x15/0xb0
[  303.027335][    C1]  ? lock_acquire+0x5f/0x360
[  303.027343][    C1]  ? preempt_count_add+0x91/0x1a0
[  303.027351][    C1]  ext4_writepages+0x205/0x350
[  303.027360][    C1]  ? __pfx_ext4_writepages+0x10/0x10
[  303.027370][    C1]  ? do_writepages+0x36e/0x550
[  303.027380][    C1]  ? __pfx_ext4_writepages+0x10/0x10
[  303.027388][    C1]  do_writepages+0x32e/0x550
[  303.027397][    C1]  ? reacquire_held_locks+0x127/0x1d0
[  303.027405][    C1]  ? writeback_sb_inodes+0x384/0x1010
[  303.027416][    C1]  __writeback_single_inode+0x145/0xff0
[  303.027425][    C1]  ? do_raw_spin_unlock+0x4d/0x240
[  303.027435][    C1]  writeback_sb_inodes+0x6c7/0x1010
[  303.027444][    C1]  ? trace_buffer_unlock_commit_regs+0x14f/0x550
[  303.027458][    C1]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  303.027474][    C1]  ? rcu_is_watching+0x15/0xb0
[  303.027482][    C1]  wb_writeback+0x43b/0xaf0
[  303.027492][    C1]  ? queue_io+0x3b1/0x590
[  303.027501][    C1]  ? __pfx_wb_writeback+0x10/0x10
[  303.027511][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  303.027521][    C1]  wb_workfn+0x409/0xef0
[  303.027531][    C1]  ? __pfx_wb_workfn+0x10/0x10
[  303.027539][    C1]  ? __lock_acquire+0xab9/0xd20
[  303.027547][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[  303.027555][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  303.027563][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[  303.027570][    C1]  ? process_scheduled_works+0x9ef/0x17b0
[  303.027577][    C1]  process_scheduled_works+0xae1/0x17b0
[  303.027588][    C1]  ? __pfx_process_scheduled_works+0x10/0x10
[  303.027598][    C1]  worker_thread+0x8a0/0xda0
[  303.027608][    C1]  kthread+0x711/0x8a0
[  303.027617][    C1]  ? __pfx_worker_thread+0x10/0x10
[  303.027624][    C1]  ? __pfx_kthread+0x10/0x10
[  303.027632][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  303.027641][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  303.027650][    C1]  ? __pfx_kthread+0x10/0x10
[  303.027658][    C1]  ret_from_fork+0x4bc/0x870
[  303.027665][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  303.027673][    C1]  ? __switch_to_asm+0x39/0x70
[  303.027680][    C1]  ? __switch_to_asm+0x33/0x70
[  303.027685][    C1]  ? __pfx_kthread+0x10/0x10
[  303.027693][    C1]  ret_from_fork_asm+0x1a/0x30
[  303.027701][    C1]  </TASK>
