last executing test programs:

2m39.890531744s ago: executing program 1 (id=479):
syz_mount_image$jfs(&(0x7f0000000400), &(0x7f00000000c0)='./file2\x00', 0x1c802, &(0x7f0000000100)=ANY=[], 0x1, 0x5ea7, &(0x7f00000085c0)="$eJzs3U9vHGcdB/Df/vH6T2kaVagKEYc0hdJSmv8JlH9NOXCAA0goZxK5bhVIASUB0SoirnJAXICXAJdeOPSN9DUgXgCRbE49UAaN/TzJeLzOOk28s+vn85Gcmd88O95n8vV4dj0z+wQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/64c/O9iLi6u/SgqMRX4hBRD9iua5PRD1zOT9+GBHHYqs5XoiIwWJEvf7WP89FXIiIT45EbGzeWa0Xn9tnPy6euX3zsx//4J9//Mu9Y794++cftdt/+sXzH//pbsTRn7zx8Wd3n862AwAAQCmqqqp66W3+8fT+vt91pwCAqcjH/yrJy9VqtVr9VOs/92erP+pC66ZqvLvNIiLWm+vUrxmcjgeAObMen3bdBTok/6INI+KZrjsBzLRe1x3gQGxs3lntpXx7zePBie32/HfKHfmv9x7c37HXdJL2NSbT+vm6F4N4fo/+LE+pD7Mk599v5391u32UHnfQ+U/LXvn3tm99Kk7Of9DOv2VH/n+NiLnNvz82/1Ll/IePk//6YI73f/kDAAAAAHD45b//H+34/O/ik2/Kvjzq/O+JKfUBAAAAAAAAAJ62Jx3/7wHj/wEAAMDMqt+r1/525OGyvT6LrV5+pRfxbOvxQGHSzTIrXfcDAAAAAAAAAAAAAEoy3L6G90ovYiEinl1Zqaqq/mpq14/rSdefd6VvP5Ss61/yAACw7ZMjrXv5exFLEXElfdbfwsrKSlUtLa9UK9XyYn49O1pcqpYb72vztF62ONrHC+LhqKq/2VJjvaZJ75cntbe/X/1co2qwj45NR4eBA0BEbB+NNhyRDpmqei66fpXDfLD/Hz72f/aj659TAAAA4OBVVVX10sd5H0/n/PtddwoAmIalfPxvnxdQq9VqtVp9+Oqmary7zSIi1pvr1K8ZDMcPAHNmPT7tugt0SP5FG0bEsa47Acy0Xtcd4EBsbN5Z7aV8e83jQRrfPV8LsiP/9d7Wenn9cdNJ2teYTOvn614M4vk9+vPClPowS3L+/Xb+V7fbR+lxB53/tOyVf72dRzvoT9dy/oN2/i2HJ//+2PxLlfMfPlb+A/kDAAAAAMAMy3//P+r8b95kAAAAAAAAAJg7G5t3VvN9r/n8/5fHPK7XnHP/56GR8+/tO3/3/x4mOf9+O//WBTmDxvz9tx7m/5/NO6sf3f73l/J05vNfGIzq517o9QfDdM1PtfBOXI8bsRZndj1+uKP97K72hR3t5ya0n9/VPqrbl3P7qViNX8eNePtB++KEC6OWJrRXE9pz/gP7f5Fy/sPGV53/Smrvtaa1+x/2d+33zem457n8j/++vHvvmr57MXiwbU319p3soD9b/yfPjOK3t9Zunvr9tdu3b56NNNmx9FykyVOW819IXzn/V17abs+/95v76/0PR4+d/6y4F8M983+pMV9v76tT7lsXcv6j9JXzz0eg8fv/POe/9/7/Wgf9AQAAAAAAAAAAAAAAgEepqmrrFtHLEXEp3f/T1b2ZAMB05eN/leTlarVarVarD1/dVI33ZrOIpZ3r1K8Z/jDumwEAs+x/EfGvrjtBZ+RfsPx5f/X0K113BpiqW+9/8MtrN26s3bzVdU8AAAAAAAAAgM8rj/95ojH+89Z1QK1xo3eM//pWnJjb8T/7o8HWWOdpg16MR4//fTIePf73cMLzLUxoH01oX5zQvjShfeyNHg05/xdTxjn/42nDShr/9ZUO+tO1nP/JNNZzzv9rrcc186/+Ps/593fkf/r2e785fev9D16//t61d9feXfvV2TOXLpy/eOH8xYun37l+Y+3M9r8d9vhg5fzz2NeuAy1Lzj9nLv+y5Py/mmr5lyXn/3Kq5V+WnH9+vSf/suT883sf+Zcl5/9qquVflpz/11Mt/7Lk/F9LtfzLkvP/RqrlX5ac/+upln9Zcv6nUi3/suT8T6da/mXJ+eczXPIvS84/X9kg/7Lk/M+lWv5lyfmfT7X8y5Lzv5Bq+Zcl538x1fIvS87/UqrlX5ac/zdTLf+y5Py/lWr5lyXn/0aq5V+WnP+3Uy3/suT8v5Nq+Zcl5//dVMu/LDn/76Va/mXJ+X8/1fIvS87/zVTLvywPP//fjBkzZvJM17+ZAAAAAAAAAAAAAIC2aVxO3PU2AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwf3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhb27i5GrvM8AfvbLXhsS3EAIIU6wjSEGFnbXX+AQg0lCSkmbUhLSpiU1jr02TvxV75oAQmUptCUKUpHaC3rRNInSKFJbgaJITSUaITVSe1euEnETtRIXlgqVg5JKqQJbnTnv+3pmdnbO+mPsmXN+P4T/3pkzM++cOTO7z1rPDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANBs/cdn/nwoy7L8/8Yfa7Ls0vzvq7Jd+Zfz2y/2CgEAAIBz9Xbjz3+4LJ2waxkXatrm3z70H99fWFhYyL741sl3/nJhIZ2xLstGVmZZ47zo33/5i4XmbYKns/Gh4aavh0tufqTk/NGS88dKzl9Rcv7KkvPHS85ftAMWWVX8PqZxZRsbf11T7NLsimyscd7GDpd6emjl8HD8XU7DUOMyC2P7s4PZoWwmm1p0maHGf1n28vr8tu7J4m0NN93W2izLTv3sib1xDUNhH2/MWm6sofmxe/OubN1bP3ti73fm3nh/p1m6GxatNMs2bcjX+UyWnf51VTaUrUz7JK5zuGmdazusc6RlnUONy+V/b1/nqWWuM97v8bDOV7usc2047dFrsyybz5bcpt3T2XC2uu1W0/4eL46I/Dryh/I92egZHSfrl3Gc5Jd5/drW46T9mIz7f33YJ6NLrKH54XjzqRWL9vvZHif5ve6HYzW/7vvyGx0fb/7Vasuxmm/zxHVLHwMdH7sOx0A6lpuOgQ1lx8DwipHGMTB8es0bWo6B6UWXGc6GGrd18rrux8Dk3OFjk7OPPX7zwcN7DswcmDkyPbV965ZtW7ds2za5/+ChmanizzPbpQNkdTacjsEN4bUmHoMfbtu2+ZBc+Ob5ex6M98nzIL/vn70+X9Clw9kSx3i+zTObzv15kL7vNz0PRpueBx1fUzs8D0aX8TzItzm1aXnfM0eb/u+0hl69Fq5pOgYu5vfD/DYfvGHp18K1YV3P3nim3w9HFh0D8W4Nhedefkr6eW/8trBfFh8XV+dnXLIiOzE7c/yWR/fMzR2fzsK4IC5veqzaj5fVTfcpW3S8DJ/x8bLr7391/dUdTl8T9tX4Td0fq3ybrRPdH6vGq3vr/lyRFfuz5dTNWRjn2YXen52+m+X7M2WJLvsz3+aZm8/9Z8GUS5pe/8bKXv9GxkaL17+RtDfGWl7/Fj80I42VZdmpm5f3+jcW/r/Qr39X9MnrX76vHryl+zGQb/Ps5JkeA6NdX/+uDXMorOeGkBjGm3L/O43z54vDtOmxLD1uRkfHwnEzGm+x9bjZsugy+bXlt71p6uyOm03Xtj5WLT+3VPC4yffVX011P27ybV6ZPvfXjlXxr02vHSvKjoGxkRX5esfSQVC83i2sisfALdne7Gh2KNuXLpM/yvltTWxe3jGwIvx/oV87ruqTYyDfVy9s7n4M5Nv8aMv5/dlpUzglbdP0s1P77xeWyvxXj56+vvbddr4zf77OT/z40+m0Thki3+aNrWeaM7rvp5vCKZd02E/tz5+ljul92YXZT1eFdR7a1v13U/k2V2xf5vG0K8uy16Zfa/y+K/x+93snfvz9lt/7dvqd8mvTr907ef9PzmT9AACcvXcaf86vKH7WbPoX6+X8+z8AAAAwEGLuHw4zkf8BAACgMmLuHwkzkf8BAACgMmLuHw0zqUn+f/i2HS++/WSW3g1wIYjnx91w3x3FdrHjPR++XrdwWn76x7499uJXn1zebQ9nWfarez/QcfuH74jrKhyL6/xI6+mLXHXNsm7/oQdOb9f8/gmndhTXH+/Pcg+D2FV+eXJz43rXPTbdmK/cmzXm/fPPPl1cf/F13P7klmL7vwlvWrJr/1DL5TeF9WwMc114T5n7dp3eD/mMl3tx7Yf+9fLPnb69eLmhDe9u3M0X/ri43vgeUc9fXmwf7/dS6/+Xr333xXz7R6/rvP4nhzuv/2S43tfD/OXOYvvmff7VpvX/aVh/vL14uVu+9cOO63/pfcX2L4Xj4hthtq//rr/44NudHq94O7tuLy4Xb3/qf7c2LhevL15/+/rHn5xu2R/t1//KW8X17Hzk5yPN28fT4+1ED93eenwPhce3pUeeZdl3/yxr2c/ZR4vL/XPb+uP1Hbu98/pvalvnsaFrGpc/fX/WtNyvr//d5o73N65n1z+uabk/z98d9t9bkz/Kr/fk/eF4DOf/36vF9bW/l+lLd7e+3sTtv7GmeN7G65tsW//zbeufvybfd+Xrv+etYv0v3bmyZf27PhmOp3uKWbb+A397Wcvlv/md4vE4/pWJI0dnTxzc17RXm5/HK8dXrb7k0ne9+7LwWtr+9e6jcw/PHF83tW4qy9YN4FsG9nr93wrzf4oxf/5vofCTnxfH3XOfKr5vffgXxdfPh9MfCo9n/P749b8eazle2x/3+TuLea7rvzGsY7ne97X/umZZG578wssn/ulP3mj/uSDen2PvHW/cvxfWX9k4b+iV4vz216sy//ne1uf1T0enGvMHYb8uhHdm3nBlcXvt1x/fm+S5zxTP3/iTXLx81vZ+ImtGWu/Hua7/p+HnmB9e1fr6F4+PHzzZ9m7Oa7KhfAnz4fUhmy/Oj1vF/f3cqSs73l58H55s/v1nsswlzT42O3no4JETj07OzczOTc4+9vjuw0dPHJnb3Xjv0t1fKrv86ef36sbze9/M9q1Z49l+tBg9drHXf+yBvftunbp+38z+PSf2zz1wbOb4gb2zs3tn9s1ev2f//pmvlF3+4L6d05t3bLl188SBg/t23rZjx5YdEwePHM2XUSyqxPapL08cOb67cZHZnVt3TG/btnVq4vDRfTM7b52amjhRdvnG96aJ/NKPTByfObRn7uDhmYnZg4/P7JzesX375tJ3fzx8bP/susnjJ45MnpidOT5Z3Jd1c42T8+99ZZenHmaPhte7NkPhp/PP37Q9vT9u7ttPLXlVxSatP55mb4b3gorf38q+jrl/LMykJvkfAAAA6iDm/vDG/6fPkP8BAACgMmLuXxlmIv8DAABAZcTcXyT/8fTx73XJ/+er//+U/n+D/r/+f6b/n+j/6/9n+v/6/yX0//X/B3n9+v/6/5Trt/5/yP3Zqizz7/8AAABQUTH3rw4zkf8BAACgMmLuvyTMRP4HAACAyoi5/9Iwk5rkf5//r/+v/9+t/x+31f/P9P/7of+/8b/1/xfR/9f/z/T/z9rF7s8P+vr7sP+/Sv+fftNv/f+Y+98VZlKT/A8AAAB1EHP/u8NM5H8AAACojJj7Lwszkf8BAACgMmLuXxNmUpP8r/+v/6//7/P/9f8Hpv/v8/870P/X/8/0/8/axe7PD/r6+7D/7/P/6Tv91v+Puf/Xwkxqkv8BAACgDmLuf0+YifwPAAAAlRFz/+VhJvI/AAAAVEbM/VeEmdQk/9ez//96lmX6/5n+v/5/2zr1//X/e0H/X/+/G/1//f9BXr/+v/4/5fqt/x9z/3vDTGqS/wEAAKAOYu6/MsxE/gcAAIDKiLn/fWEm8j8AAABURsz9V4WZ1CT/17P/7/P/9f8L+v+t69T/1//vBf1//f9u9P/1/wd5/fr/+v+U67f+f8z97w8zqUn+BwAAgDqIuf/qMBP5HwAAACoj5v4PhJnI/wAAAFAZMfevDTOpSf7X/9f/1//X/9f/1//vpcHq/w8veY7+f0H/v9X56//Pn16A/v/ArF//X/+fcv3W/4+5/4NhJjXJ/wAAAFAHMfd/KMxE/gcAAIDKiLn/mjAT+R8AAAAqI+b+dWEmNcn/+v/6//r/+v/6//r/vTRY/f+l6f8X9P9b+fx//X/9f/1/uuu3/n/M/evDTGqS/wEAAKAOYu7fEGYi/wMAAEBlxNx/bZiJ/A8AAACVEXP/xjCTmuR//X/9f/1//X/9f/3/XtL/1//vRv9f/3+Q16//r/9PuX7r/8fcf12YSU3yPwAAANRBzP3Xh5nI/wAAAFAZMfd/OMxE/gcAAIDKiLl/U5hJTfK//r/+v/7/APf/R/T/M/3/vqf/r//fjf6//v8gr1//X/+fcv3W/4+5/4Ywk5rkfwAAAKiDmPtvDDOR/wEAAKAyYu6/KcxE/gcAAIDKiLl/IsykJvlf/1//X/9/gPv/Pv+/Zf36//1J/1//vxv9f/3/QV6//r/+P+X6rf8fc//NYSY1yf8AAABQBzH33xJmIv8DAABAZcTcPxlmIv8DAABAZcTcPxVmUpP8r/+v/6//r/+v/6//30v6//r/3ej/6/8P8vr1//X/Kddv/f+Y+6fDTGqS/wEAAKAOYu7fHGYi/wMAAEBlxNy/JcxE/gcAAIDKiLl/a5hJTfK//r/+v/6//r/+v/5/L+n/6/93o/+v/z/I69f/1/+n1XCH0/qt/x9z/7Ywk5rkfwAAAKiDmPu3h5nI/wAAAFAZMfffGmYi/wMAAEBlxNx/W5hJTfK//r/+v/6//r/+v/5/L+n/6/93o/+v/z/I69f/1/+nXL/1/2Pu3xFmUpP8DwAAAHUQc/9HwkzkfwAAAKiMmPtvDzOR/wEAAGCgdPocwijm/o+GmdQk/+v/V73/v7BS/1//X/+/+/r1/3tL/1//vxv9f/3/QV6//r/+P+X6rf8fc//OMJOa5H8AAACog5j77wgzkf8BAACgMmLuvzPMRP4HAACAyoi5f1eYSU3yv/5/1fv/Pv9f/1//v2z9+v+9pf+v/9+N/v9g9v/Djy36/33U/8+PIf1/+lG/9f9j7r8rzKQm+R8AAADqIOb+j4WZyP8AAABQGTH3fzzMRP4HAACAyoi5/xNhJjXJ//r/+v/6//r/+v/6/72k/9+z/n/jpVD/v6D/f3Yudn9+0NffT/1/n/9Pv+q3/n/M/XeHmdQk/wMAAEAdxNz/yTAT+R8AAAAqI+b+Xw8zkf8BAACgMmLuvyfMpCb5X/9f/1//X/9f/1//v5f0/33+fzf6//r/g7x+/X/9f8r1W/8/5v7fCDOpSf4HAACAOoi5/94wE/kfAAAAKiPm/k+Fmcj/AAAAMGBWLHlOzP2/GWZSk/yv/39h+v/D6fr1//X/9f/1//X/zyf9f/3/TP//rF3s/vygr1//X/+fcv3W/4+5/7fCTGqS/wEAAKAOYu7/dJiJ/A8AAACVEXP/b4eZyP8AAABQGTH33xdmUpP8f777/+2X76ZO/X+f/6//n+n/6/837VX9//NH/1//P9P/P2sXuz8/6OvX/9f/p1y/9f9j7v+dMJOa5H8AAACog5j77w8zkf8BAACgMmLu/0yYifwPAAAAlRFz/2fDTGqS/33+v/6//r/+v/6//n8v6f/r/3ej/6//P8jr1//X/6dcv/X/Y+5/IMykJvkfAAAA6iDm/s+Fmcj/AAAAUBkx9/9umIn8DwAAAJURc//vhZnUJP/r/+v/6//r/+v/6//3kv7/4v5//hqm/1/Q/9f/H+T16//r/1Ou3/r/Mfd/PsykJvkfAAAA6iDm/t8PM5H/AQAAoDJi7v+DMBP5HwAAACoj5v4Hw0xqkv/1//X/9f/1//X/9f97Sf/f5/93o/+v/z/I69f/1/+nXL/1/2Pu/0KYSU3yPwAAANRBzP1/GGYi/wMAAEBlxNy/O8xE/gcAAIDKiLn/oTCTmuR//X/9f/1//X/9f/3/XtL/1//vRv9f/3+Q16//r/9PuX7r/8fcvyfMZFfrzQAAAACDK+b+L4aZ1OTf/wEAAKAOYu7fG2Yi/wMAAEBlxNy/L8ykJvlf/1//X/9f/1//X/+/l/T/9f+70f/X/x/k9ev/6/9Trt/6/zH3z4SZ1CT/AwAAQB3E3L8/zET+BwAAgMqIuf9AmIn8DwAAAJURc//DYSY1yf/6//r/+v+17f+/+r22der/6//3gv6//n83+v/6/4O8fv1//X/K9Vv/P+b+g2EmNcn/AAAAUAcx938pzET+BwAAgMqIuf/LYSbyPwAAAFRGzP2Hwkxqkv/1//X/9f9r2//3+f+B/n9v6f/r/3ej/6//P8jr1//X/6dcv/X/Y+4/HGZSk/wPAAAAdRBz/5EwE/kfAAAAKiPm/qNhJvI/AAAAVEbM/cfCTGqS//X/z6z/P7REN1D/v/P69f/1//X/9f/1//X/u9H/1/8f5PXr/+v/U67f+v8x9/9RmElN8j8AAADUQcz9x8NM5H8AAACojJj7Z8NM5H8AAACojJj758JMapL/9f99/r/+v/6//r/+fy/p/+v/d6P/r/8/yOvX/9f/p1y/9f9j7j8RZlKT/A8AAAB1EHP/I2Em8j8AAAD8P3v3lSvIWfRx+Hy2Rh8SYg9sgRWwBNaAxB7IYJNNBpNzMjmZDCbnnHPO2WBylEAwVWVhzeme1D7dVc9zU/IZS35H45u/Rj91G7n77xu32P8AAADQRu7++8UtQ/a//l//r//X/+v/9f9b0v/r/5fo//X/R36//l//z7q99f+5++8ftwzZ/wAAADBB7v4HxC32PwAAALSRu/+BcYv9DwAAAG3k7n9Q3DJk/+v/9f/6f/2//l//vyX9v/5/if5f/3/k9+v/9f+s21v/n7v/wXHLkP0PAAAAE+Tuf0jcYv8DAABAG7n7Hxq32P8AAADQRu7+6+KWIftf/6//1//r//X/+v8t6f/1/0v0//r/I79f/6//Z93e+v/c/dfHLUP2PwAAAEyQu/9hcYv9DwAAAG3k7n943GL/AwAAQBu5+x8RtwzZ//p//b/+X/+v/9f/b0n/r/9fov/X/x/5/fp//T/r9tb/5+5/ZNwyZP8DAADABLn7HxW32P8AAADQRu7+R8ct9j8AAAC0kbv/MXHLkP2v/9f/6//1//p//f+W9P/6/yX6f/3/kd+v/9f/s27z/v9eN/z3Xmz/n7v/hrhlyP4HAACACXL3PzZusf8BAACgjdz9j4tb7H8AAABoI3f/4+OWIftf/6//v73//9f/6f/1//r/23+u/7869P/6/yX6f/3/kd+v/9f/s27z/n+l97/jP+fuf0LcMmT/AwAAwAS5+58Yt9j/AAAA0Ebu/ifFLfY/AAAAtJG7/8lxy5D9r//X//v+v/5f/6//35L+X/+/RP+v/z/y+5f6/3texPv1/0ywt/4/d/9T4pYh+x8AAAAmyN3/1LjF/gcAAIA2cvffGLfY/wAAANBG7v6nxS1D9r/+X/+v/9f//2//f83I/v8/P9P/b0P/r/9fov/X/x/5/b7/r/9n3d76/9z9T49bhux/AAAAmCB3/zPiFvsfAAAA2sjd/8y4xf4HAACANnL3PytuGbL/9f/6f/2//v+Kvv9/bY/+3/f/t6P/1/8v0f/r/4/8fv2//p91e+v/c/c/O24Zsv8BAABggtz9z4lb7H8AAABoI3f/c+MW+x8AAADayN3/vLhlyP7X/+v/9f/6/yvq/5t8/1//vx39v/5/ycX2/yf6//q96P/38379v/6fdXvr/3P3Pz9uGbL/AQAAYILc/S+IW+x/AAAAaCN3/wvjFvsfAAAA2sjd/6K4Zcj+1//r//X/+n/9v/5/S/p//f8S3//X/x/5/fp//T/r9tb/5+5/cdwyZP8DAADABLn7XxK32P8AAADQRu7+l8Yt9j8AAAC0kbv/ZXHLkP2v/9f/6//1//p//f+W9P/6/yX6/wv3/3c55b+n/9/X+/X/+n/W7a3/z91/U9wyZP8DAADABLn7Xx632P8AAADQRu7+V8Qt9j8AAAC0kbv/lXHLkP1/Wv9/213P/7r+/+Lo/y/8fv2//l//r//X/+v/l+j/ff//yO/X/+v/Wbe3/j93/6viliH7HwAAACbI3f/quMX+BwAAgDZy978mbrH/AQAAoI3c/a+NW4bs/6v//f+76//1//r/uPp//b/+X/+v/1+m/9f/H/n9+n/9P+v21v/n7n9d3DJk/wMAAMAEuftfH7fY/wAAANBG7v43xC32PwAAALSRu/+NccuQ/X/1+3/f/9f/X2L/f43+P+n/489V/6//vwT6f/3/if7/sp11P3/09+v/9f+s21v/n7v/5rhlyP4HAACACXL3vylusf8BAACgjdz9b45b7H8AAABoI3f/W+KWIftf/6//P/P+3/f/i/4//lz1//r/S6D/1/+f6P8v21n380d/v/5f/8+6vfX/ufvfGrcM2f8AAAAwQe7+t8Ut9j8AAAC0kbv/7XGL/Q8AAABt5O5/R9wyZP/r//X/+v/d9/833/H/N/2//v9I9P/6/yX6f/3/kd+/n/4/fnCd/p/92Vv/n7v/nXHLkP0PAAAAE+Tuf1fcYv8DAABAG7n7b4lb7H8AAABoI3f/u+OWIftf/3/0/v/et8YL9P99+3/f/4+r/9f/X4j+X/9/ov+/bGfdzx/9/fvp/33/n/3aW/+fu/89ccuQ/Q8AAAAT5O5/b9xi/wMAAEAbufvfF7fY/wAAANBG7v73xy1D9r/+/+j9v+//6//1//r/fdP/6/+X6P/1/0d+v/5f/8+6vfX/ufs/ELcM2f8AAAAwQe7+D8Yt9j8AAAC0kbv/Q3GL/Q8AAABt5O7/cNwyZP/r//X/+n/9/xX3/9fr/0/0/6fS/+v/l+j/9f9Hfr/+X//Pur31/7n7PxK3DNn/AAAAMEHu/o/GLfY/AAAAtJG7/2Nxi/0PAAAAbeTu/3jccI+7nd2Trq5zp/w8enP9v/5f/6//9/1//f+W9P/6/yX6f/3/kd+v/9f/s25v/X/u/k/ELf7+HwAAANrI3f/JuMX+BwAAgDZy938qbrH/AQAAoI3c/Z+OW4bsf/2//l//r//X/+v/t6T/1/8v0f/r/4/8fv2//p91e+v/c/d/Jm4Zsv8BAABggtz9n41b7H8AAABoI3f/5+IW+x8AAADayN3/+bhlyP7X/+v/9f/6f/2//n9L+n/9/xL9v/7/yO/X/+v/Wbe3/j93/xfiliH7HwAAACbI3f/FuMX+BwAAgDZy938pbrH/AQAAoI3c/V+OW4bsf/2//l//r//X/+v/t6T/1/8v0f/r/4/8fv2//p91e+v/c/d/JW4Zsv8BAABggtz9X41b7H8AAABoI3f/1+IW+x8AAADayN3/9bhlyP7v3P8v/Wv6//P0//r/E/2//n9j+n/9/xL9v/7/yO/X/+v/Wbe3/j93/zfiliH7HwAAACbI3f/NuMX+BwAAgDZy938rbrH/AQAAoI3c/d+OW4bs/879/xL9/3n6f/3/if5f/78x/b/+f4n+X/9/5Pfr//X/rDuj/v/cySn9f+7+78QtQ/Y/AAAATJC7/7txi/0PAAAAbeTu/17cYv8DAABAG7n7vx+39Nn/97ll4Rf1//p//b/+X/+v/9+S/l//v0T/r/8/8vv1//p/1u3t+/+5+38Qt/TZ/wAAADBe7v4fxi32PwAAALSRu/9HcYv9DwAAAG3k7v9x3DJk/+v/9f/6/1H9/7Un+n/9/51M/6//X6L/1/8f+f36f/0/6/bW/+fu/0ncMmT/AwAAwAS5+38at9j/AAAA0Ebu/p/FLfY/AAAAtJG7/+dxy5D9r//X/+v/R/X/vv+v/7/T6f/1/0v0//r/I79f/6//Z93e+v/c/b+IW4bsfwAAAJggd/8v4xb7HwAAANrI3f+ruMX+BwAAgDZy9/86bhmy//X/+n/9v/5f/6//35L+X/+/RP+v/z/y+/X/+n/W7a3/z91/a9wyZP8DAADABLn7fxO32P8AAADQRu7+38Yt9j8AAAC0kbv/trhlyP7X/+v/W/b//6//1//r//dC/6//X6L/1/8f+f36f/0/6/bW/+fu/13cMmT/AwAAwAS5+38ft9j/AAAA0Ebu/j/ELfY/AAAAtJG7/49xy5D9r//X/196/3+uft+77f99/1//r//fDf2//n/J9P7/xpvO/1j/f8z36//1/6zbW/+fu/9PccuQ/Q8AAAAT5O7/c9xi/wMAAEAbufv/ErfY/wAAANBG7v6/xi1D9r/+X//f8vv/+n/9v/5/N/T/+v8l0/t/3/8/9vv1//p/1u2t/8/d/7e4Zcj+BwAAgAly9/89brH/AQAAoI3c/f+IW+x/AAAAaCN3/z/jliH7X/+v/9f/6//1//r/Len/9f9L9P/6/yO/X/+v/2fd3vr/3P3/DgAA//+70zwU")
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x80)

2m39.668726215s ago: executing program 1 (id=480):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e22, 0xd, @loopback, 0x6}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000080)=0x40, 0x4)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0x42, &(0x7f0000000100)=0x80000001, 0x4)
sendmmsg$inet(r0, &(0x7f0000004080)=[{{0x0, 0x0, &(0x7f0000000b00)=[{&(0x7f0000000400)="ce70b5441d8f", 0x6}, {&(0x7f0000000740)="14c98bc15bbf25bb6af08bf13bc4473a34d145ef85eaf6495917f9bd56ebe502ae0cb7bc9104160a5667e957b90eba30af99cf2e9095c136e483a96e8eec7a025f08fcc634e2e2d08867dc066dd38dd94c798d50719ccda78ae23aeffb6b955919e68628d86e1935b32892a9d4b9a2741b6fe02a7605cb2ec8ea6df82bbd80079dd3078b1b2b927f6e072e90811f02ac64b2a43a7771eff413fcf8054872e48df54523ecd832824e40f74860164f0a5392f9caf2804209d790f65f", 0xbb}, {&(0x7f00000014c0)="d1c3f47147c528f6612d10dbe6f94cca6ddd864ba751596fee9025b70b1f09d214b733708e90d507cf444c27c0fdb7f4f3d0801f7f8790573feb5ce1e3c4b7eda8cb5e4edcc66ad634ba354e78f748d90682353bf47f071293d4e9201c96a28f5eb3ce575a9e5868d0b25e43ff9c7f9e8a77345e02bbc38d3203709e65f7ba40a318bf7f17b23fd136a4cb705151e973fcfa12ab95134e6272fe4881027d1d2cd91110b1bc0322948e0d011b92d6b62a312ac9ca802e799004d7b5ef88b96302f73b73c1b5d43d91c9420b3f3e65f6e4c24338db6154716e751386f08dc6ba2915763caefb6c79dc2209b22d3d537a26c88d1d17393c1a4a9dbb79de0498ad6eafd21a7c087c9b572155396f6b97ab95c1bb1bae8001f5d88f305ba070a82f304d174b14382154b877ea575a99edef9239f1bda1431b6a22815c95bec38da541d72dbf7c8a15e0a93dc5133450fcf96a163b7533077f3a864614e5ab53432611c4737a61f87586a4e59a5f044cae1510968c4450775d4abc1b75edd5b5ef9193", 0x180}], 0x3}}], 0x1, 0x8000)

2m39.589039354s ago: executing program 1 (id=481):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x50)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x300000d, 0x6052, r1, 0x1000)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x10, &(0x7f0000000600)=@framed={{}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r0}}]}, &(0x7f0000000300)='GPL\x00', 0x8, 0xff8, &(0x7f0000001e00)=""/4088}, 0x94)

2m39.588695986s ago: executing program 1 (id=483):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f00000004c0), 0x1, 0x553, &(0x7f0000000800)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x200]})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000740)='./file1\x00', 0x183042, 0x15)
pwrite64(r1, &(0x7f0000000140)='2', 0xfdef, 0xe7c)

2m39.349182647s ago: executing program 1 (id=486):
syz_emit_vhci(&(0x7f0000001400)=ANY=[@ANYBLOB="042ff904aaaaaaaaaa10010ac484250600c842"], 0x3fc)

2m38.810733788s ago: executing program 1 (id=495):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f0000000180)={{@my=0x0}, 0x0, 0x1})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f00000000c0)={{@my=0x0}, 0x1})
unshare(0x480)
pselect6(0x40, &(0x7f0000001380)={0x6, 0xfffffffffffffffa, 0x9, 0x5d7, 0x6, 0x8, 0xc444}, &(0x7f00000013c0)={0xf, 0x9, 0x400, 0x6, 0x8000, 0xb, 0x4ea2, 0x400}, 0x0, 0x0, 0x0)

2m38.587082445s ago: executing program 32 (id=495):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f0000000180)={{@my=0x0}, 0x0, 0x1})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f00000000c0)={{@my=0x0}, 0x1})
unshare(0x480)
pselect6(0x40, &(0x7f0000001380)={0x6, 0xfffffffffffffffa, 0x9, 0x5d7, 0x6, 0x8, 0xc444}, &(0x7f00000013c0)={0xf, 0x9, 0x400, 0x6, 0x8000, 0xb, 0x4ea2, 0x400}, 0x0, 0x0, 0x0)

2m25.458969474s ago: executing program 2 (id=603):
r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0x40000000004000, 0x2)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000080)={0x0, 0x8, 0x3, {0x3, @win={{0x0, 0x0, 0x20000, 0x5}, 0x0, 0x5, 0x0, 0x8, 0x0, 0xff}}})

2m25.390065959s ago: executing program 2 (id=604):
r0 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x66, &(0x7f0000000340)=0xc6, 0x4)

2m25.389872369s ago: executing program 2 (id=605):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000340)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1, 0x0, 0x8000}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x68, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0xc}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x22}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x7}, @NFTA_EXTHDR_OP={0x8, 0x6, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0xdc}, 0x1, 0x0, 0x0, 0x80}, 0x800)

2m25.278486175s ago: executing program 2 (id=606):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r0, &(0x7f0000000140), &(0x7f0000000000)=""/6, 0x2}, 0x20)

2m25.278159563s ago: executing program 2 (id=607):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1000, 0x10008)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_GETXATTR(r2, &(0x7f00000004c0)={0x18}, 0x18)
write$FUSE_INIT(r2, &(0x7f00000000c0)={0x50, 0x0, 0x0, {0x7, 0x29, 0x20200}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x4014, &(0x7f0000000580)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})
r3 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
read$FUSE(r3, 0x0, 0x500)

2m25.198434051s ago: executing program 2 (id=608):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000340)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}, @NFT_MSG_NEWSETELEM={0x4c, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x20, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "2af3"}]}]}, {0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xb0}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

2m10.14482281s ago: executing program 33 (id=608):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2000}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000340)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}, @NFT_MSG_NEWSETELEM={0x4c, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x20, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "2af3"}]}]}, {0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0xb0}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

1m38.640384869s ago: executing program 0 (id=950):
syz_mount_image$iso9660(&(0x7f0000000a80), &(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000b00)=ANY=[@ANYRES8=0x0, @ANYRES16, @ANYBLOB="0c9a99a31522f509df8947553737480dfacb31640a68f6654dd749314a63329879b5989b491d79215c2fa063601f05d0e892a3033109b8abad463695501e1058b6d089dd423e734f5208781a59ad32bd8f19ca9f9fcea5e5886cc434d12fe40f2d0e4481650498c129a97fcdfed3c240411acb468d9a39dc30dfb4eb160d200ce7eb828454a45452c34d7a60a83705494cc4cd05541a95e585131e0d5b4b9ad667b03218fbe4162b2bc1fff68ccdae6255e78e9fd7fd08d64fa5f6958f422d371b29d38eb7d3492aea369144c78f8495786d78ecdc3230a568"], 0xfe, 0x5db, &(0x7f0000000380)="$eJzs3F1v29YZAODDxK4FF8sGFGvSNEDZtBfZRVxJXh0Y3UU0mrbZSqJA0oVzNRSL0xmzu2HZgDU3Q266Fduwq91u6O1+wf5Uf4MG6sPxV618OPE2PA+QnEPxJc97aIIvRIgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECIkrVmsxWFbtbf2o6/W7JW5L0z1k/39+8jzRHzIYS5g3FDiOp/odEI18YfXXvjSewP6/9uhqvjpauhUTeN8Oj1N3/w0Rtzl+oN56MonJHQK/Hwy0e//Gxvb+c3F53IORhGz77NRtrPyjzrdTbSOCvzeHVlpfnB5noZr2fdtLxXVmkvToq0U+VFfCu5G0JYXY7TpXv5Vn9jrdNN41vJj+LW6uqd2+1mcyX+eGmQdooy73/w8VKZbGbdbtbfGMXUq2+33wl36hPxk6yKq7TTi+MHu3s7y7OSrINaTxPUnhXUbrbbrVa73Vr5cPXDO81mY3K2Hnww1zwmHN9k7uJPWl6510Ljz/WJMlqYXuNeO9cLOTyHYfK359tw7rwzAQAAAF6WaHSPPRrdnb826q1n3bR5JGYYXVh6AAAAwDkYfbW/OrkBEMK1EJ38/g8AAAD8b/vTmc/YhSgK5WAhmj6qMth+P9rv1L3O/uXxR5eP77Favx5dmexk1KzMTZaS9Eb01jjorWn0t5Pmwaw8oqKYjx6/WALhL+H6OOb6/XF7f7pmPMrietZNl5K8+1ErdDpXLlXpdvW7L3Z/H0JRDC9/3e9dicKD3b2dpZ//au/+KJfH9V4e709+IXHihxJHc1kIh3L57cFzj5MZ3z064/nRjZh61l/3e4vjcZuD7tzB/C+Nth6e+JOeMf+vwtvjmLcXx+3i0fk36jFbS6fM/nAWrcH2+wuTwSYzn3+2LG6MY27ceq9u3rs1WTN/KIv2rCzah4//+FiES+eRxeFjsXxGFsOwu7ez/IJZAFyUB8er0Ljuhif1/0TdnVze4uO7OuMqd2p1XxhfKqNxCZ9Z3X8xc5SvwrvjmHevzz2pxceu6M1ZdaX5lHU9hNOz+Fe4+c+/h7AVbk6Dv6vG1uP+9UhVjfa/qTf4ZjruP4ZjYfqkedltR/XC5YX9X4c3H3756Pbu/mef73y+80W7vbzS/HFz+P0Q5kfTmDRqDwCnSItvo8Xqj1FRZIOftVZXW51qM42LPPkkLrK1jTTO+lVaJJud/kYaD4q8ypO8W3c+zdbSMi63BoO8qOL1vIgHeZltj978Ek9e/VKmvU6/ypJy0E07ZRoneb/qJFW8lpVJPNh6UoGKuBykSbaeJZ0qy/txmW8VSboUx2WaxoOtn3azcjMt4mwt7VfZelZ3+/GgyHqd4l78ad7d6qXxWlomRTao8mKUzXSsrL+eF73Rbpcu9EgDwH+Ph2HyBruDV9k9cyc0ZsScNu6Je6QAwCtzvEovnB3eeCVJAQAAAAAAAAAAAAAARxx+XO8nk4fyXviJwDM7jXDQCeFg1XA4/MPxfJ6zc/f101a985Km8xSdRji5KoQw91IHnb446WKm/H/XadSdS+Gi05i+Z/F59xOFEGYHf6+OuaALEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACc4T8BAAD//2tektI=")
creat(&(0x7f0000000080)='./file0/file1\x00', 0x90)

1m38.099711108s ago: executing program 0 (id=953):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x9, 0x15031, 0xffffffffffffffff, 0x0)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000100))
unshare(0x2c020400)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f00000001c0)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r0, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1})

1m37.9668172s ago: executing program 0 (id=954):
syz_usb_connect(0x5, 0x24, &(0x7f0000000480)=ANY=[@ANYBLOB="1201000092ddee10030410600200000003010902120001000000000904"], 0x0)

1m36.686254174s ago: executing program 0 (id=958):
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file0\x00', 0x400a8, 0x0, 0x1, 0x0, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000002100), 0x280449c, &(0x7f00000004c0)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}})
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x800)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', 0x0, 0x20000, 0x0)
open_tree(r1, &(0x7f0000000640)='\x00', 0x89901)

1m36.686098711s ago: executing program 0 (id=959):
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x7ffe, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x3}, 0x0)
ioprio_set$pid(0x1, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x141042, 0x83)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x205)

1m36.382023388s ago: executing program 0 (id=963):
syz_mount_image$btrfs(&(0x7f0000000200), &(0x7f0000005600)='./file0\x00', 0x800, &(0x7f0000000040), 0x0, 0x559e, &(0x7f0000005680)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x101080, 0x88)
ioctl$BTRFS_IOC_SNAP_CREATE(r0, 0x40809440, &(0x7f0000001b00)={{}, "fc4e8f3765a63da8d8d50f4777e078b7fc5ba5f64646dc5329de16a49265ba1d17d9241c913e2ec20da7349708f8f159bf98d0bfe4dc1f7df9bfb0a781275f65825b51f45cc1b87dd32bcc180fffc32cf2223b4a545a91aca2c34e1253f95bb0861b61eb05081d589bc080d5adf854136e3e77bb413e315ed329c80a31dc17ea6ad7cf09abf9cad96a05d6a7e19441a3ae06ace94cbdee3a13cf3168649fe7e912a06a9bf31fb8b3df596a06cf50de9c6a3701b34a784ddcaa3fadf62afd2931ecbca974c57c23f10fdfd15bcf52b1867f3cbd1556e297bce8004000b7b33b909b2ab7f9e56a2960260b36f76d4e344545be113453477137ce81cfbdb3995e3789a83f52d4b35b9f10cf0f889eb572d75f885fc7fa55c8368e357efdc0c4ed1e577e96dbeef876e1cfbd1b72b10c2c710b0b9cccff3c10c0f403c6d273d3d77557374dca9d0ebb70dc4189c79455d60763e5e7eef2d8bcc47e8a9e8fbd9d7bc8304e0a78a3e171f561d21725e984c5558d2ec6ad26d8c3ceb5b40716de30687a33bcce2b3ca5fd5edd2479fc4e9ef2c1c1954aa3c6db6e6f03c47bd709a852ccd37a40b6b4671d88d4f52c9bce4250502cac19d7be53764c74a481407270f93c8a631ca1b955785a107d1fab4ee160c024bd0cbb451ae1da4b58208eb126da6bf38e308e173c58da6f3bf7935d3a236c0603e96c8b8fe7a863323657f445b8f55a462e3d624fdb4fffa22a9ae2319775d3bf6a91850d26e26f08f8242a0cc789074bf1877d717a5b88f14acdc6c44f450ac565a62a077ce7e7c9f15388e17735f7631bec489c56a2eaf927a32c1a64bc5b55c001db8107e64d4462276c128dd256f21d4c942f8094998ed2167035547724d54450bf80349ad47777aa8aa4a1dd2fb14b57eb559ad175ea4c100ed08a2713037bb2085b23f61d8ecbfa24ad03741d128aa7647f59419bd0dd8bd6cdd544ee0fc595104514c04c220780952af2d76c8d981edfdbab120df47a2e39c783677a011f5ddfeab34c84d887508865cccb97f4c7b7b510f44bdf22000223f3ca89719f777d4b06776baaa0a35b324524360d709edc8c4442c701cd3805a8d3e2222d5bfa78b6b02c868fac9954970c6383327c332f0da9fe35c14163c777db9247c5c560476a142d635bc9f102810155eb6fc2be4b105368a2f21ec15ea2bc26bcf309976f34b9d42524bab7da3d8a52ee659ba794b5372018b65dcc01dcdfeaed5bb5b917a15d660fca188c92da5d54acf6bbb1324936610458f0e928b6b715ade8cc7d4a94fb168fd53cbcbfe4e646e15f61ce19c1c3ccff38a755604ffab5675904017d7f2043d7cc395f9a2852950592f8886876823b75926447f1045a7f7f05323abef7a3aa61c6150b595ea142b623492d5b03dc489170fdd5d6ef7b268d61e2978e932380f7105bf909aa75bf9d03b2552be4698e4b60d63c729d829651e226475d2f0291b76c830eab76a10f6c864afdb3ce2f0a3d03ae58e836f7cc87413e377949ef834a8de2d015ee514786d5f6537884c3ee9d9e525c4f3da46e5bee592f49daf7fccbd42975b5a45ab281032247f9be0f09d3c74f559a0cd40025adcf2c2da1db1a9020ae81f70da468f1394c3d36881cb8ef0115e552572aa25e715b61dc3ac51d48cd4a43720a2dec0d1004b8c6e7ea9e0088fcdfe8d948a2a2371f62aa9ac8aa19449bcec273ddcd0b59775195ac00b5dd659e4fd0d07dc9badad74947e8aa1c0fed090ed295a537ae31518a26149274204b12251929e8c955ba9ffb35b727d3661f3cf7f984f3ef44a0ec89fc0dec641bc7ede6d0d780b9aeadc8476670f829db6e6856d19c8f5a02df7a452738db149eace6b14772f9098a6ea6a7dc9e817b8f158affe04d02c3647b09f6ed8a3d3a626d8de4f308b8dab9264c739f7efb2e983e42ad8f9561da7bcb8d36bb8e1dbffe990d2e1e88877ce0ddfd9bfda9eb95988061a4eca66f5832a2e1ff3ad6a011dbd28476f9d2a0eb2eb79a94a84ab67f13b8f3176753ac15122030a67230a2670f678ea9e52f31e9e016a873ec7fbc0fc3bb40d61d732b37073ddeb317e2bbe16176119caba15dcb29c1128ef3f3130f7ff5f1302a2d2429c0758b09927d4aae7500d632c489ab53207aaf9c1e222a21495c08d20a006fca28b689b8bdf983270c0e759c47f4395a4948a269091c51c3305527870e236c854ca73531bde8ac6dbc3fb55a5a2c1b0f60351a393ccae33cdbb3b73f10e9b4b02cd39b01abb9e713ec8ceb61ee5c74902447139789100b354abd67978f68c856de6b7b7757080d478f6f7ab44a122bb2bda213ea66bd1fd52b81a7b9a5c098f3032adab0692db4299847d849dae473f69970da5b482959eb9fbda299644a1927c0240a12196b39541e651543540bc107036c507a816a2c6e3c39dc444e3fe2b3ed035ea132fc8990d71210dae3f27451e4d6690c55f3fc4c0110f808aa4f094f0475ff48170fab021194db448854d0839b1bd76744579b927cbf43493df276b9632433758309c02baa463cf1ab53a211014719335285a49d6ba7dd370f25c145b3c19a381609d12e29cea5f7578bed275f23f07c1a6705bc5ac64e88f00064ca41b1bf404dce3f0387eed9d168f9b30a6bccced1b9d28d4d322884e4e5e24cb83110d10fa5767526fc38a3376e0f227703a7b2e2e84f32e8b5f8c64c50da6c2e9237e73a2341d2bd811133ef2c9ec92262a9d2b74feaa8433f2346b997dca7d872a366c7e58664bc582da295a21c25d24d0c98a990159ad2926013a5d8b6e63dd391a20b089f292a074a68fbcdd5bcc290ea9e5b4b1e92221139b7fd81524aa6f3c5d5a4e3f505d81e8686f1db4b3a38069e0aa893cd8fbebb04ab42973469e3a3cbc24997e7beabf90b6929786edc57d00b9720f4401984e7ea1d5964d78aa94ee0fb30150e6706147c4388d86df1eb07c64f8d2b291851241bffcf257cb4ad9deb2d82fa64167bbc31f813129b548445f04dde6278ef895f90c0e3d1d8c3dbc0f4848bcb3df9995ba7c5ccd91e3c9601d379da2cf639a57b24bfb15bdb946f1e38d970cb94bdef276b5221786ceacc63ac712405067ead71385143d8e14ff6f5feab7d7136fd95d02a8435160b6dcb1f853af0d7f0bbaf79bfc531fd6b73043ec983f0b29d5c2a410c145eb70469a3e0e77b09c8277454acaf030dbb65c8bfec6b9b078800472b69e98391e1f449e417cd211ece3ce0a496c01fea3cf572fa5d10b02314cc21ad24d147004e593c6d4ff34544b3c455fbe4d64fb7695a21c95a2eadca1c7ed1f197f8c5004bd9286e80b8ed5024125a69160c85edd8e2bdf560070e669dd62c29e5005f8724f5ff50c9745372da95f7923bff7b35058855b8a97865d1e823a39acf9b816b3673e9c523d928d7116fda654038dfd5f19a64f0579b0b8fe3fd256374211b173d4803f4930eb5f3d8d15018b576f44222dd362c7d23ecbef24409069b4a09ba3c8bebbbc2c4cf644ffe8430be540f691762c49edbf194e0664c17b8e71df7344020e276abf1ac6b40e4851222085965392332fbdbc8219f4b9be5f566df9e2fac84882b69bf23ebf23144864eafa31a6e88ccbb877e9506a532f838d23855c20762c8c007f5ba4039af9fb40d37761fb6359710fef2ff4ee3ddee5d454cd21d8c251db2b4f88af9e8aea0e22a4ef54652967f1c34565dd04629ea78ef9dfe6039131bc3936bafa2342c94e72e9143f7bc8dd9a31b8cbeea599940f19ea429f3a4e1df26c441985a1101a88a84edf5e643c11d38a61f0a3de57975eee184c1b843e3866bb6a62936b8fc4f4a7f74f04093f2f5a0dfc191b058ee4c0c4aae8906de76617c1cca014f37e2ce69965c2edb920067acaf47509aa14997dfd88420e88853f8c57155ccc0d7a0f293dca7cf520fd48f00af856177fffdd3ad7e7429d1d124f096a74cec26a5c948562eb8227710fb7b7d29143c9421efc714b0d3e4b926db53ec41c26f6cf761e172f89769532d7a6606898ae56cdd96d9e1c021952e241fd977f77afbc87557319a0d48598e8355e50a1d50ff13f92fd909ccaedfd63b9b7a97ea56752b0d26ce80380f883a55ab0e78d4448fc36f56d9b8b975919151f9fb289761d071afaf9425c8ee5b924ec5ab3954710bb5d8e3f23f834aed40bf6c309ef0936f2f4f40e28cfb6672999b00d8e672c40dc60ce426344adffc14369242bf1532336b464f81880cc5e48e8e332e0bf5829ce973da7c9e0517c8654f7cc68a86d81e620a7caed818b7591283ec434f617ce4afbefc0466b4f8bf0c9a12c8220e657839485016892372b74bae08506dba940bdf6bafcfe4a038725f02fcb63d42f8798c92a5208568bf3dfc1bea7a2fded6a2d5b90f19c98fefccaa730ff112f735f6255163a8fce91a87ce52571ab440181946635a4d987aab7805130b804fc9413bf1453db628b96fc94e5f085702167f5d1a5e065fa1b98dd1909d1d6b156e8f84c8720e0ae6f02f9547c7e809fa1a96afb34e9d0cd9719a0be7b86b775f32df6bf36478c51d8d789140d73f8965f44d64b6593ab8d229f9c7abacb6c36c52226742f2a1cc54c58dd6b8a20f355e4bd31d8c0487401f2c35b988706e59f24c8ddcadeb1b65018bfafd0b266cb46caa911604db7f6b905cda709df50958f9f68bb39dac0d4783dba53953fe90b3a8e3a015d028955d6037ad7895c110846c38bbe442c23a186640ce13055f6aa8668493931bd52a85f80a89a8c54f14b0eb84aa977976aca3f6715f42db7f0310a19759adf6232510277112eb58f242eec2012c3fbf0facb07b519d2388018e89a96305d55ce10c5267fc9e29ef2ab2f498c485ec547b4078583923e1ff0b0324f59f53fc625e4cefcb08855eb967a05f0075165e250a80381922cb298e3c9d7595af31f265233e8291cb6d4fccdc52d673bb697971dd28baf0e1b2341c56ba2e98b0e1e6d699cc5a85ca571f27b19e38ccbf1b45cc3c98ac090e87c8074e1ca8ae645743b591dd5ae84c793bbd78560ba50019c06545be0b66f7ce740b9dcef0cbbe0451bf82d3429162d7b96fe5414fc8da170b5b20a91d6a261b3c07c9ef1b79efd4a5571d3ed81d7d0934628126f52f3fa3f59d9884029eb0649c2bb293641268695a56767a1257ee306bdcee48261e071092f64639af3499285e9a6042b0a8560c0cab6edf9051b4c3fc2685b8cbcba1dd9168020292bb273a9a45daa4e2d36f675aa6649509084805cd550efc151c2a96794dc50748d8e58f54b01181549f198e5cc17f5719b3c59ad03c9abcec3ed6eb2337a2d9663b0194bbaed43354ecf31884d7773cc9747eb242d13ac2d09c2735aa59e4a4b24ab55f9fe60fbb9853636fce936a48721da4196f8072c67bda8dcf4ba72e56fae861ddb912fc01bbfff364cf19a0fd903560be7920c1613a42ed264744604f28081e388f5c7f1b9f9a9bf8a410e261c94aa0dfa4ac7523e26707cc829073824063187b145acf36939fc055a8d11d03145f78200192340b8d5a9d1c070663bdfdeefc28836a6ca2f009bf1de0ba8ba49ae6e112be1fabe5afe9643a4ecee58745d120c7c95c902d1f505e35f9679287fa9c44cf00ea598a90677d06e1d052078c7a678ae14c591e9ead75d78c9c73d62eb9ebd1e846f2ff4355cc584d6c6d30d36a50e923d2ca23655044ac470544f54163d92b84e561c9cc1972df6dff17ef95039760b14dd55fb770f0239709a5d470bbcf131906866fbb0d69c194d914a36294e9"})

1m36.213858158s ago: executing program 34 (id=963):
syz_mount_image$btrfs(&(0x7f0000000200), &(0x7f0000005600)='./file0\x00', 0x800, &(0x7f0000000040), 0x0, 0x559e, &(0x7f0000005680)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x101080, 0x88)
ioctl$BTRFS_IOC_SNAP_CREATE(r0, 0x40809440, &(0x7f0000001b00)={{}, "fc4e8f3765a63da8d8d50f4777e078b7fc5ba5f64646dc5329de16a49265ba1d17d9241c913e2ec20da7349708f8f159bf98d0bfe4dc1f7df9bfb0a781275f65825b51f45cc1b87dd32bcc180fffc32cf2223b4a545a91aca2c34e1253f95bb0861b61eb05081d589bc080d5adf854136e3e77bb413e315ed329c80a31dc17ea6ad7cf09abf9cad96a05d6a7e19441a3ae06ace94cbdee3a13cf3168649fe7e912a06a9bf31fb8b3df596a06cf50de9c6a3701b34a784ddcaa3fadf62afd2931ecbca974c57c23f10fdfd15bcf52b1867f3cbd1556e297bce8004000b7b33b909b2ab7f9e56a2960260b36f76d4e344545be113453477137ce81cfbdb3995e3789a83f52d4b35b9f10cf0f889eb572d75f885fc7fa55c8368e357efdc0c4ed1e577e96dbeef876e1cfbd1b72b10c2c710b0b9cccff3c10c0f403c6d273d3d77557374dca9d0ebb70dc4189c79455d60763e5e7eef2d8bcc47e8a9e8fbd9d7bc8304e0a78a3e171f561d21725e984c5558d2ec6ad26d8c3ceb5b40716de30687a33bcce2b3ca5fd5edd2479fc4e9ef2c1c1954aa3c6db6e6f03c47bd709a852ccd37a40b6b4671d88d4f52c9bce4250502cac19d7be53764c74a481407270f93c8a631ca1b955785a107d1fab4ee160c024bd0cbb451ae1da4b58208eb126da6bf38e308e173c58da6f3bf7935d3a236c0603e96c8b8fe7a863323657f445b8f55a462e3d624fdb4fffa22a9ae2319775d3bf6a91850d26e26f08f8242a0cc789074bf1877d717a5b88f14acdc6c44f450ac565a62a077ce7e7c9f15388e17735f7631bec489c56a2eaf927a32c1a64bc5b55c001db8107e64d4462276c128dd256f21d4c942f8094998ed2167035547724d54450bf80349ad47777aa8aa4a1dd2fb14b57eb559ad175ea4c100ed08a2713037bb2085b23f61d8ecbfa24ad03741d128aa7647f59419bd0dd8bd6cdd544ee0fc595104514c04c220780952af2d76c8d981edfdbab120df47a2e39c783677a011f5ddfeab34c84d887508865cccb97f4c7b7b510f44bdf22000223f3ca89719f777d4b06776baaa0a35b324524360d709edc8c4442c701cd3805a8d3e2222d5bfa78b6b02c868fac9954970c6383327c332f0da9fe35c14163c777db9247c5c560476a142d635bc9f102810155eb6fc2be4b105368a2f21ec15ea2bc26bcf309976f34b9d42524bab7da3d8a52ee659ba794b5372018b65dcc01dcdfeaed5bb5b917a15d660fca188c92da5d54acf6bbb1324936610458f0e928b6b715ade8cc7d4a94fb168fd53cbcbfe4e646e15f61ce19c1c3ccff38a755604ffab5675904017d7f2043d7cc395f9a2852950592f8886876823b75926447f1045a7f7f05323abef7a3aa61c6150b595ea142b623492d5b03dc489170fdd5d6ef7b268d61e2978e932380f7105bf909aa75bf9d03b2552be4698e4b60d63c729d829651e226475d2f0291b76c830eab76a10f6c864afdb3ce2f0a3d03ae58e836f7cc87413e377949ef834a8de2d015ee514786d5f6537884c3ee9d9e525c4f3da46e5bee592f49daf7fccbd42975b5a45ab281032247f9be0f09d3c74f559a0cd40025adcf2c2da1db1a9020ae81f70da468f1394c3d36881cb8ef0115e552572aa25e715b61dc3ac51d48cd4a43720a2dec0d1004b8c6e7ea9e0088fcdfe8d948a2a2371f62aa9ac8aa19449bcec273ddcd0b59775195ac00b5dd659e4fd0d07dc9badad74947e8aa1c0fed090ed295a537ae31518a26149274204b12251929e8c955ba9ffb35b727d3661f3cf7f984f3ef44a0ec89fc0dec641bc7ede6d0d780b9aeadc8476670f829db6e6856d19c8f5a02df7a452738db149eace6b14772f9098a6ea6a7dc9e817b8f158affe04d02c3647b09f6ed8a3d3a626d8de4f308b8dab9264c739f7efb2e983e42ad8f9561da7bcb8d36bb8e1dbffe990d2e1e88877ce0ddfd9bfda9eb95988061a4eca66f5832a2e1ff3ad6a011dbd28476f9d2a0eb2eb79a94a84ab67f13b8f3176753ac15122030a67230a2670f678ea9e52f31e9e016a873ec7fbc0fc3bb40d61d732b37073ddeb317e2bbe16176119caba15dcb29c1128ef3f3130f7ff5f1302a2d2429c0758b09927d4aae7500d632c489ab53207aaf9c1e222a21495c08d20a006fca28b689b8bdf983270c0e759c47f4395a4948a269091c51c3305527870e236c854ca73531bde8ac6dbc3fb55a5a2c1b0f60351a393ccae33cdbb3b73f10e9b4b02cd39b01abb9e713ec8ceb61ee5c74902447139789100b354abd67978f68c856de6b7b7757080d478f6f7ab44a122bb2bda213ea66bd1fd52b81a7b9a5c098f3032adab0692db4299847d849dae473f69970da5b482959eb9fbda299644a1927c0240a12196b39541e651543540bc107036c507a816a2c6e3c39dc444e3fe2b3ed035ea132fc8990d71210dae3f27451e4d6690c55f3fc4c0110f808aa4f094f0475ff48170fab021194db448854d0839b1bd76744579b927cbf43493df276b9632433758309c02baa463cf1ab53a211014719335285a49d6ba7dd370f25c145b3c19a381609d12e29cea5f7578bed275f23f07c1a6705bc5ac64e88f00064ca41b1bf404dce3f0387eed9d168f9b30a6bccced1b9d28d4d322884e4e5e24cb83110d10fa5767526fc38a3376e0f227703a7b2e2e84f32e8b5f8c64c50da6c2e9237e73a2341d2bd811133ef2c9ec92262a9d2b74feaa8433f2346b997dca7d872a366c7e58664bc582da295a21c25d24d0c98a990159ad2926013a5d8b6e63dd391a20b089f292a074a68fbcdd5bcc290ea9e5b4b1e92221139b7fd81524aa6f3c5d5a4e3f505d81e8686f1db4b3a38069e0aa893cd8fbebb04ab42973469e3a3cbc24997e7beabf90b6929786edc57d00b9720f4401984e7ea1d5964d78aa94ee0fb30150e6706147c4388d86df1eb07c64f8d2b291851241bffcf257cb4ad9deb2d82fa64167bbc31f813129b548445f04dde6278ef895f90c0e3d1d8c3dbc0f4848bcb3df9995ba7c5ccd91e3c9601d379da2cf639a57b24bfb15bdb946f1e38d970cb94bdef276b5221786ceacc63ac712405067ead71385143d8e14ff6f5feab7d7136fd95d02a8435160b6dcb1f853af0d7f0bbaf79bfc531fd6b73043ec983f0b29d5c2a410c145eb70469a3e0e77b09c8277454acaf030dbb65c8bfec6b9b078800472b69e98391e1f449e417cd211ece3ce0a496c01fea3cf572fa5d10b02314cc21ad24d147004e593c6d4ff34544b3c455fbe4d64fb7695a21c95a2eadca1c7ed1f197f8c5004bd9286e80b8ed5024125a69160c85edd8e2bdf560070e669dd62c29e5005f8724f5ff50c9745372da95f7923bff7b35058855b8a97865d1e823a39acf9b816b3673e9c523d928d7116fda654038dfd5f19a64f0579b0b8fe3fd256374211b173d4803f4930eb5f3d8d15018b576f44222dd362c7d23ecbef24409069b4a09ba3c8bebbbc2c4cf644ffe8430be540f691762c49edbf194e0664c17b8e71df7344020e276abf1ac6b40e4851222085965392332fbdbc8219f4b9be5f566df9e2fac84882b69bf23ebf23144864eafa31a6e88ccbb877e9506a532f838d23855c20762c8c007f5ba4039af9fb40d37761fb6359710fef2ff4ee3ddee5d454cd21d8c251db2b4f88af9e8aea0e22a4ef54652967f1c34565dd04629ea78ef9dfe6039131bc3936bafa2342c94e72e9143f7bc8dd9a31b8cbeea599940f19ea429f3a4e1df26c441985a1101a88a84edf5e643c11d38a61f0a3de57975eee184c1b843e3866bb6a62936b8fc4f4a7f74f04093f2f5a0dfc191b058ee4c0c4aae8906de76617c1cca014f37e2ce69965c2edb920067acaf47509aa14997dfd88420e88853f8c57155ccc0d7a0f293dca7cf520fd48f00af856177fffdd3ad7e7429d1d124f096a74cec26a5c948562eb8227710fb7b7d29143c9421efc714b0d3e4b926db53ec41c26f6cf761e172f89769532d7a6606898ae56cdd96d9e1c021952e241fd977f77afbc87557319a0d48598e8355e50a1d50ff13f92fd909ccaedfd63b9b7a97ea56752b0d26ce80380f883a55ab0e78d4448fc36f56d9b8b975919151f9fb289761d071afaf9425c8ee5b924ec5ab3954710bb5d8e3f23f834aed40bf6c309ef0936f2f4f40e28cfb6672999b00d8e672c40dc60ce426344adffc14369242bf1532336b464f81880cc5e48e8e332e0bf5829ce973da7c9e0517c8654f7cc68a86d81e620a7caed818b7591283ec434f617ce4afbefc0466b4f8bf0c9a12c8220e657839485016892372b74bae08506dba940bdf6bafcfe4a038725f02fcb63d42f8798c92a5208568bf3dfc1bea7a2fded6a2d5b90f19c98fefccaa730ff112f735f6255163a8fce91a87ce52571ab440181946635a4d987aab7805130b804fc9413bf1453db628b96fc94e5f085702167f5d1a5e065fa1b98dd1909d1d6b156e8f84c8720e0ae6f02f9547c7e809fa1a96afb34e9d0cd9719a0be7b86b775f32df6bf36478c51d8d789140d73f8965f44d64b6593ab8d229f9c7abacb6c36c52226742f2a1cc54c58dd6b8a20f355e4bd31d8c0487401f2c35b988706e59f24c8ddcadeb1b65018bfafd0b266cb46caa911604db7f6b905cda709df50958f9f68bb39dac0d4783dba53953fe90b3a8e3a015d028955d6037ad7895c110846c38bbe442c23a186640ce13055f6aa8668493931bd52a85f80a89a8c54f14b0eb84aa977976aca3f6715f42db7f0310a19759adf6232510277112eb58f242eec2012c3fbf0facb07b519d2388018e89a96305d55ce10c5267fc9e29ef2ab2f498c485ec547b4078583923e1ff0b0324f59f53fc625e4cefcb08855eb967a05f0075165e250a80381922cb298e3c9d7595af31f265233e8291cb6d4fccdc52d673bb697971dd28baf0e1b2341c56ba2e98b0e1e6d699cc5a85ca571f27b19e38ccbf1b45cc3c98ac090e87c8074e1ca8ae645743b591dd5ae84c793bbd78560ba50019c06545be0b66f7ce740b9dcef0cbbe0451bf82d3429162d7b96fe5414fc8da170b5b20a91d6a261b3c07c9ef1b79efd4a5571d3ed81d7d0934628126f52f3fa3f59d9884029eb0649c2bb293641268695a56767a1257ee306bdcee48261e071092f64639af3499285e9a6042b0a8560c0cab6edf9051b4c3fc2685b8cbcba1dd9168020292bb273a9a45daa4e2d36f675aa6649509084805cd550efc151c2a96794dc50748d8e58f54b01181549f198e5cc17f5719b3c59ad03c9abcec3ed6eb2337a2d9663b0194bbaed43354ecf31884d7773cc9747eb242d13ac2d09c2735aa59e4a4b24ab55f9fe60fbb9853636fce936a48721da4196f8072c67bda8dcf4ba72e56fae861ddb912fc01bbfff364cf19a0fd903560be7920c1613a42ed264744604f28081e388f5c7f1b9f9a9bf8a410e261c94aa0dfa4ac7523e26707cc829073824063187b145acf36939fc055a8d11d03145f78200192340b8d5a9d1c070663bdfdeefc28836a6ca2f009bf1de0ba8ba49ae6e112be1fabe5afe9643a4ecee58745d120c7c95c902d1f505e35f9679287fa9c44cf00ea598a90677d06e1d052078c7a678ae14c591e9ead75d78c9c73d62eb9ebd1e846f2ff4355cc584d6c6d30d36a50e923d2ca23655044ac470544f54163d92b84e561c9cc1972df6dff17ef95039760b14dd55fb770f0239709a5d470bbcf131906866fbb0d69c194d914a36294e9"})

790.180943ms ago: executing program 5 (id=2000):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="700100003e000701feffffff00000000017c0000040042800c00018006000600800a00004c01028045011480040019803d0102"], 0x170}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)

729.954528ms ago: executing program 5 (id=2001):
r0 = syz_open_dev$swradio(&(0x7f00000046c0), 0x1, 0x2)
ioctl$VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f00000000c0)=@multiplanar_fd={0x0, 0x1, 0x4, 0x40, 0x5, {}, {0x1, 0xc, 0x0, 0x0, 0x8, 0x5, "cd49e3f5"}, 0x1, 0x4, {0x0}, 0x4})

727.152229ms ago: executing program 5 (id=2003):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x11, &(0x7f0000000240)={[{@nombcache}, {@debug}, {@norecovery}, {@grpid}, {@nodelalloc}]}, 0x9, 0x61b, &(0x7f0000000800)="$eJzs3c9rHGUfAPDvTDY/mrzvm7S8vK+92IBIC9qkSVspItjitZT64+YpNmmpTZvSRDS1YAr1oogXD4InD9b/QgtePXj14MWDSCGI9GCl2pXZzKa72Wyy+bG7SfbzgUmemcnO852Eb55nn31mJoCONZx9SSMORsT1JGKwYl8h8p3DSz/34PdbF7IliWLx9d+SuPVBslB5rCT/PpC/+O/BSH5IIw501dY7O3/zysT09NSNfH107ur10dn5m0cvX524NHVp6tr4C+OnTp44eWrs2JbOr1BRPnvn7XcHPzr35ldfPErGvv7pXBKn43EeW3ZeK1/bu6Was9/ZcBSXPHyyNS19PbXFY+8UfwxW/44zycoN7FgX8xzpjoj/x2B0Vfw1B+PDV9saHNBUxSTKbRTQcZL187+7dlNfc4IBWqjcDyi/t1/tfXCttMm9EqAVFs8sDQAs5X53RJTzv7A0Nhh9pbGB/gdJ1ThPEhFbG5lbktXx/Xfn7mRL1BmHA5pj4XZ5lHtl+5+UcnMo+kpr/Q/SqvxPK5Zs+2ubrH94xbr8h9ZZuB0RT+Xtf09sOv/f2mT98h8AAAAAAAC2z70zEfH8avP/0uX5Pz2rzP8ZiIjT21D/+p//pffzQrIN1QEVFs9EvFQz//evytnBQ1355/z/Ls0H6E4vXp6eOhYR/4mII9Hdm62PVR+2aoLw0U8OfF6v/sr5f9mS1V+eC5gf6n5hxYW4kxNzE9tz9tDZFm9HPCzN/z2Ub6me/5O1/0lN+//xK1mCX2+wjgPP3j1fteGXJ/8e1s9/oFmKX0YcXvX6nyfd7WTt+3OMlvoDo+VeQa2n3//0m3r1y39on6z97187/3uTyvv1zG7s+D0RcXy+UKy3f7P9/57kja7y8TPvTczN3RiL6EnO1m4f31jMsFeV86GcL1n+H3lm7fG/5f5/RR7ui4iFBuv83+OBn+vt0/5D+2T5P7l2+z9U3f5vtNAX43eHvs1vMVbjfEPt/4lSm34k32L8DyrV3o+j0QRtS7gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsMulEfGvSNKR5XKajoxEDETEf6M/nZ6ZnXvu4sw71yazfdXP/x9cWk/Kz/8fqlgfX7F+PCL2R8RnXftK6yMXZqYn233yAAAAAAAAAAAAAAAAAAAAsEMMlK75L/auvP4/82tXu6MDmq6Qf5fv0HkKm35lsXdbAwFabvP5D+x2jed/d1PjAFqvfv4/fFQsaWk4QAvp/0Pn2mT++7gA9gDtP3SqBsf0+podB9AODbf/i82NAwAAAAAA2Bb7D937MYmIhRf3lZZMT77PZH/Y29J2BwC0jTm80LkKM+2OAGgX7/GBZLn056oX+9ef/Z80JyAAAAAAAAAAAAAAoMbhg67/h06VRqzxCG9z+2EvW+P6/9WS3+0CYA+p/+iPRtr+RA8BdjHv8YH12nHX/wMAAAAAAAAAAADADtB388rE9PTUjdn53Vd4eWeEsbHCwsSOCGNbC4/X+5nyY+Y3duTuiNgZJ9jqQvkWHG0Mo43/kwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgCr/BAAA///kPC2+")
quotactl$Q_QUOTAOFF(0xffffffff80000302, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)

612.287218ms ago: executing program 5 (id=2005):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chroot(&(0x7f0000000a40)='./file0\x00')
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
pivot_root(&(0x7f0000000000)='./file0\x00', &(0x7f0000000100)='./file0\x00')
syz_open_dev$ptys(0xc, 0x3, 0x0)

520.585645ms ago: executing program 5 (id=2007):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000008c0)='./file0\x00', 0x1008490, &(0x7f0000000000), 0x4, 0x4eb, &(0x7f0000000a80)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

406.45281ms ago: executing program 3 (id=2010):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000000c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-aes-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r1 = accept$alg(r0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f00000002c0)={0x0, 0x0, 0x0}, 0x20000000)
recvmmsg(r1, &(0x7f00000008c0)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f0000000a80)=""/218, 0xfeb8}], 0x1, 0x0, 0x0, 0x2000000}}], 0x1, 0xcb, 0x0)

340.717955ms ago: executing program 4 (id=2011):
unshare(0x24020400)
r0 = openat$vcsu(0xffffffffffffff9c, &(0x7f0000000000), 0x8840, 0x0)
fcntl$lock(r0, 0x11, &(0x7f0000003c80)={0x0, 0x0, 0x380000000000, 0x8})

340.556368ms ago: executing program 5 (id=2012):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000280)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESDEC], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_disconnect(r0)
preadv(r1, &(0x7f0000000200)=[{&(0x7f00000012c0)=""/166, 0xb3}], 0x1, 0x7fb, 0x233)

246.58077ms ago: executing program 4 (id=2013):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0xb}, 0x5, 0x3, 'sh\x00', 0x1, 0x4, 0x72}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000000)={{0x84, @rand_addr=0x64010102, 0x4e1f, 0x3, 'lc\x00', 0x34, 0x83, 0x5}, {@rand_addr=0x64010102, 0x4e23, 0x2, 0xcf, 0x12d5c, 0x12d5c}}, 0x44)
setsockopt$IP_VS_SO_SET_EDITDEST(r0, 0x0, 0x489, &(0x7f0000000380)={{0x84, @multicast1, 0x4e20, 0x3, 'ovf\x00', 0x0, 0x60000000, 0xc}, {@rand_addr=0x64010102, 0x4e23, 0x2000, 0x8, 0x48001}}, 0x44)

177.961473ms ago: executing program 3 (id=2014):
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3d0, &(0x7f00000004c0)="$eJzs3M1uG0UcAPD/br5I+mEjcUCFgyUQBAFxHQhQhEThyscFeAArSUuF21SNkWjJoSBOnDggbhz6Ahx4gKpCSEi8Ai+AKlUozQFuQWvvOm4cp7Fix2r6+0mjndkdZ/bv3axm1rsTwGOrEhHnI2IiIhYjopSvT/MUN9spq3d/c2N5a3NjOYnt7U/+SSLJ1xV/K8mXJ/LCfBqRfhfxzM3edtev3/ii3misXsvL1eblq9X16zdevXS5fnH14uqV2pvnarWlxbdqrw8t1p+ef+ncxPvnz/z8V+nO0vT0bLa/J/Nt3XEMSyUqne9kt6VhNzZm0+PeAQAADiTN+/6Trf5/KSZaubZSVDfGunMAAADAUGy/my8BAACAYywx9gcAAIBjrngO4P7mxnKRxvg4wpG7915ElHfebd7qxD8ZT+R1pkb4fmslIq6+kJSyFCN6DxkAoNudrP9zdq/+XxpPd9WbiWj1h2aH3H5lV7m3/5PeHXKTD8j6f+9ExFZP/y8tqpQn8tKpVldxKrlwqbF6NiJOR8R8TM1k5do+bXzw7y8f99uWxf97cup0kbL2s+VOjfTu5MyDn1mpN+uHibnbvW8izkzuFX/S6f8mETF3iDYmvr71dr9tD49/tLZvRby45/Hfmbkn2X9+omrrfKgWZ0Wv/7799aN+7Y87/uz4z+0ffznpnq9pffA2bn/+57P9tnWPfwY5/6eTT1v5Ylz2Vb3ZvFaLmE4+7F2/uPPZolzUz+Kff27v///i+pfkc1qdzK8Bg/r+h99eOUj8WcraL8aCRyGLf2Wg4z945o3bf3zWr/2Hx58d//YcYPP5moNc/w66g4f57gAAAOBRkbbuayTpQiefpgsL7fsdT8Vc2lhbb758Ye3LKyvt+x/lmEqLO12lrvuhtfbP6J3y4q7yaxHxZET8WJptlReW1xor4w4eAAAAHhMn+oz/M38f2VMIAAAAwMiVx70DAAAAwMgZ/wMAAMCxdph5/WRkZI5rZtxXJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEfb/wEAAP//Wt22ag==")
chdir(&(0x7f0000000080)='./file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r0 = open(&(0x7f00000000c0)='.\x00', 0x10000, 0x0)
getdents(r0, &(0x7f0000001fc0)=""/184, 0xb8)

177.728673ms ago: executing program 4 (id=2015):
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYRES32, @ANYBLOB="1a00"/12, @ANYRES32=0x0, @ANYBLOB="10"], 0x20)

123.987391ms ago: executing program 4 (id=2016):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000300), 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r0, 0xc0145401, &(0x7f0000000000)={0x2, 0x0, 0x0, 0x2, 0x7fffffff})

123.818019ms ago: executing program 3 (id=2017):
r0 = syz_open_dev$vim2m(&(0x7f0000000580), 0x0, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000600)={0x2, @pix={0x80000000, 0xbb46, 0x33424752, 0x0, 0x0, 0x0, 0x5, 0xfeedcafe, 0x0, 0x0, 0x0, 0x4}})

58.567191ms ago: executing program 3 (id=2018):
pipe2(&(0x7f0000000200)={<r0=>0xffffffffffffffff}, 0x0)
fcntl$setpipe(r0, 0x407, 0xc000)

58.349312ms ago: executing program 4 (id=2019):
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000080)='notify_on_release\x00', 0x2, 0x0)
unshare(0x24060400)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0xdffffffd, r2, 0x4}, 0x38)
write$cgroup_int(r1, &(0x7f0000000040)=0x3ff, 0x12)
r3 = openat$sndtimer(0xffffffffffffff9c, &(0x7f00000001c0), 0x0)
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(r3, 0xc0145401, &(0x7f0000000200)={0x2, 0x0, 0x8, 0x2, 0x80000001})
mkdirat$cgroup(r0, &(0x7f0000000740)='syz1\x00', 0x1ff)

58.222496ms ago: executing program 3 (id=2020):
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="f4", 0x1}], 0x1}, 0x0)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x5}, 0x0)
r0 = add_key$user(&(0x7f0000000200), &(0x7f0000000440), &(0x7f00000000c0), 0x14b, 0xfffffffffffffffd)
r1 = add_key(&(0x7f0000000200)='user\x00', &(0x7f0000000240)={'syz', 0x0}, &(0x7f00000002c0)='4', 0xba, 0xfffffffffffffffe)
r2 = add_key$user(&(0x7f0000000540), &(0x7f0000000380)={'syz', 0x2}, &(0x7f0000000580)="ed", 0x1, 0xffffffffffffffff)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r2, r0, r1}, 0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)={'blake2b-256\x00'}})

296.772µs ago: executing program 4 (id=2021):
syz_clone3(&(0x7f0000000740)={0x8180080, 0x0, 0x0, 0x0, {0x39}, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[0xffffffffffffffff], 0x1}, 0x58)

0s ago: executing program 3 (id=2022):
syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f00000001c0)='./file1\x00', 0x4040, &(0x7f0000000580)=ANY=[], 0x4, 0xfc0, &(0x7f0000002240)="$eJzs3UFsHNUZAOA3613bwSZeA4UAJaTQikDBDglS01sQqJdKiEvvoJDQCENRQysRAXF6QFRCFAn1VHEAcaFUSpGKRFWpQj21PbVqT+0F9UKlKpWCemiR4q1iv7F3n3ey6/Hu7Nr+Punf5zdvdv5/djfOzOz6bQD2rNrq7UOTsfvoy09lH11dduf6GodWb7PYa4YQGm39LNnep3HBlcsvnezWZuHo6m3eD49dWr/vTAhhORwKn4Rm+GBx6fP3337k8IevTt/8xrlnXhnCrndI9wMAAHaji39c+tu9//zD/fNfXDx4IkytL8+Pz5uxPxOP+4/EA+X8eLkWOvtZW7SbTNabiFFL1ptI1qsneeoF+RrJdhoF6032yDfRtqzbfgIAAMBOlJ/XNkNWW+jo12oLC2vn/Vd9OjeZLTx3Zun02REVCgAAAJT2n/OrH7rdwTE9BjWINPblL7Ct3e+Db2/9PtuKWsX56lXky6/ijcHroLIo93oTQgghhBhcOB4ROyBacxVdaAAAAACI0vnCNlke7Exd61tr9pf/0sO17veHAUhef5unnRjw6//a+ac3r1Bp/i6Gn78x4vzX3P/3LviNAwBAebv1aDLfr/w4Op/HIJ1HcKLjXjMTWz3/qCXbqW+xzqJ5BXfKfINFdU5UXEdZRfVv9XkclaL60/kwx1VR/ek8neOqqP6piusoq6j+Lld+wjj+sy6qf1/FdZRVVP91FddRVlH9MxXXUVZR/bMV11FWUf3XV1xHWUX176+4jrKK6t8pH6stqr9ZcR1lFdU/v9aM/WFEUf03VFxHWUX131hxHWUV1X9TxXWMyh2xzR+HgwXrzXQ5+Bu7g0EAAACgq//t+Pn/dmVkPdepj7zGPR+r77GPMP/EGDwGw46ZwW/z6dkx2C8xTnFh7T/DzuXTXZaJbUVtDGoYVuzr9hoSQgghxjLOj+7SAwAAADAm8r8LyP/qvRXl4xObxv/+7tXbfLzePj69sYF8vNFj+5M9xqd6jAMAAAAh/Oa107e+mW3Md5f+Tf9W58PL543aFz5aCSXmMUrnI9xq/u3Oe7bd/N0nHNkps7EBAACwW2Xf+mTlvkffeWH+i4sHT7Sd/a7E8918HtB6vDbwceznnwuYTfpZfg59ojNPrWC99PrA9UXbe3ybOwoAAAB7WH7+3gxZbaHtvLsZarWFhY3z8QOhkZ0+s3TqSOzn38/y+7nG1NXlD1ZcNwAAANC/jfP97uf/+ff4HgiT2cJzZ5ZOn13rz64vb9TarwvMbSzP2q8LNJPlRwuWH4v9+P2d4btz+1aXL5z83tJTg955AAAA2CPOvnjumSeXlk59f+/8UA8hbGs7YRz2wg9+GOoPo/7NBAAADNpnn73V+MGx2d/Or7QOnmib/24l/nAo9ptxbr8/xeX55wTyvwPY9Pf6T3TmmSta7/nO9ZrJehMxppK6p9u2E1bnG+y833xRvmbndiYL8s0k+WaTfOk8BfVk/azLXIKhy0yA+XpzyfJ0HsZ6kiNL8t/VJRcAAADkFl949vnFsy+ee+DMs08+ferpU88dO3r8m8ePH3nwGw8urn6uf7H90/0AAADATrTxod9RVwIAAAAAAAAAAAAAAAAAAAB7VxVfJzbqfQQAAIC97t/nQwjLQhRE/gWDo65jp0c2BjUML1pTo69hd0fw7zCNCY+HECH89Y3R1zAGUfP7QIj+YrTnfdPVHsu0Wq3WGDzmYxitVvpN8wAAAADDdeXySyfb202Ws4HmW99ac61ZiXnzdvaBv8xfjXy1Sw93Xi+5bqDVsNdV/fqXf1zzT3Udf+/CYPOvXohvbvR7//6rdW7gxOptPfb29Zv3nsWfH1jPH0K4rd5n/o79vxDC4/1m7HQ4yX9P6C9/653k8X+io1frN/+9Sf7QZ/5L6fP/fFGGdMud7ov5D8T+4bv7zd+5i1NJtn5fAF9P9v+p0G/+ZP+bfSZM3B/zA8BetP6/eev8aAsZsPwoIT+enon9fH/zA9b00w9bPf6vJdupb7vyzu3mx0G3xP76Ud1yZ97cVuvPH5fZ2F5fss7UTvlUSVH9g3oeh62o/kbFdZRVVP9kxXWUVVR/97P3MisNV1H91z57HB9F9fd9IWLEiurfKdeVi+qfqbiOsorqn624jrKK6t/q/+OjUlT//orrKKuo/rmK6yirqP6Sl9UqV1T/fMV1lFVU/w0V11FWUf03VlxHWUX131RxHaNye2yLzofz88+5OJb3m0l/qstj2febIQAAAMBQ/Wss5/9ru3Iw8lqEEEJUHQ2//0WJmBiDGoTYyfHf1ppR1yEGEK250dcgxjJW50Vkz8p20GfFARic4c5mwbjz/O9tnv+9zfPPteTvxGdJPzfRY7zeY7zRY3wyGc+SO04VjUc3Jttt5dc1o5t6jH8p7kHR+P7k/j9Mxm/psf0DPcZv7TF+W4/x23uMAwAAsDfcHFvnhwAAALB7vfyLj1//1T1PXJ7/4uLBE2Fy07zzR2J/Kr63/lrsp/Pe5xrxPf8fxf67sf1dbP+RrO/zJwAAADB8+ffEeP8fAAAAdq/8e0qd/wMAAMDuNR9b5/8AAACwe90QW+f/AAAAsItl090Xxza/LnBXbPud1w8AGH9fju0dsT0Y2ztj+5XY5scBd8f2qxXVBwAMzs++8+Pjb2Yb8/0fS8avxOV5u8ny2pWCrNY5k/++2F4X26/1WU/6fQD95s/t7zPPsPLPbTM/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB71FZvH3roQBbCT3/91qM/mXz9z1eX3bm+xqHV2yz2miGExvr98tGN/i/jilcuv3SyvV2JbRaOhixk68vDY5fWM82EEJbDofBJaIYPFpc+f//tRw5/+Or0zW+ce+aVIT4EHfsHAAAAu9H/AwAA///f+hdH")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x42002, 0x113)
pwritev2(r1, &(0x7f0000000100)=[{&(0x7f0000000240)="12", 0x1}], 0x1, 0xcfbc, 0x3, 0x0)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x37ffff7, 0x4012011, r0, 0x0)

kernel console output (not intermixed with test programs):

FS info (device loop0): global_block_rsv: size 1441792 reserved 1441792
[  165.591688][ T8096] BTRFS info (device loop0): trans_block_rsv: size 0 reserved 0
[  165.594705][ T8096] BTRFS info (device loop0): chunk_block_rsv: size 0 reserved 0
[  165.597855][ T8096] BTRFS info (device loop0): delayed_block_rsv: size 0 reserved 0
[  165.601214][ T8096] BTRFS info (device loop0): delayed_refs_rsv: size 0 reserved 0
[  165.670791][ T8096] BTRFS info (device loop0): relocating block group 1048576 flags system
[  165.783964][ T8096] BTRFS info (device loop0): balance: ended with status: 0
[  165.857669][ T7539] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  167.163109][    T9] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  167.329839][    T9] usb 5-1: Using ep0 maxpacket: 32
[  167.360052][    T9] usb 5-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  167.363976][    T9] usb 5-1: config 0 interface 0 altsetting 16 endpoint 0x2 has an invalid bInterval 129, changing to 11
[  167.381252][    T9] usb 5-1: config 0 interface 0 altsetting 16 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[  167.386470][    T9] usb 5-1: config 0 interface 0 has no altsetting 0
[  167.392000][    T9] usb 5-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[  167.399581][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.420616][    T9] usb 5-1: config 0 descriptor??
[  167.644485][ T8162] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  167.657799][ T8162] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  167.720037][    T9] usbhid 5-1:0.0: can't add hid device: -71
[  167.730428][    T9] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  167.737433][    T9] usb 5-1: USB disconnect, device number 3
[  168.017750][ T8171] loop3: detected capacity change from 0 to 40427
[  168.027267][ T8171] F2FS-fs (loop3): build fault injection rate: 771
[  168.049586][ T8171] F2FS-fs (loop3): invalid crc value
[  168.097860][ T8171] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  168.102642][ T8171] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  168.148233][ T7244] syz-executor: attempt to access beyond end of device
[  168.148233][ T7244] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  168.158263][ T7244] CPU: 1 UID: 0 PID: 7244 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  168.158289][ T7244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  168.158298][ T7244] Call Trace:
[  168.158306][ T7244]  <TASK>
[  168.158313][ T7244]  dump_stack_lvl+0x189/0x250
[  168.158341][ T7244]  ? __pfx_dump_stack_lvl+0x10/0x10
[  168.158357][ T7244]  ? __pfx_queue_work_on+0x10/0x10
[  168.158373][ T7244]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  168.158396][ T7244]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  168.158425][ T7244]  f2fs_handle_critical_error+0x37c/0x540
[  168.158453][ T7244]  f2fs_write_end_io+0x886/0xb60
[  168.158481][ T7244]  __submit_merged_bio+0x27a/0x6a0
[  168.158507][ T7244]  __submit_merged_write_cond+0x255/0x530
[  168.158532][ T7244]  f2fs_write_data_pages+0x261d/0x3000
[  168.158572][ T7244]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  168.158628][ T7244]  ? folios_put_refs+0x559/0x640
[  168.158654][ T7244]  ? __lock_acquire+0xab9/0xd20
[  168.158681][ T7244]  ? do_raw_spin_lock+0x121/0x290
[  168.158728][ T7244]  ? do_raw_spin_unlock+0x4d/0x240
[  168.158745][ T7244]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  168.158759][ T7244]  do_writepages+0x32e/0x550
[  168.158786][ T7244]  ? do_raw_spin_unlock+0x4d/0x240
[  168.158806][ T7244]  filemap_fdatawrite+0x199/0x240
[  168.158826][ T7244]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  168.158879][ T7244]  ? do_raw_spin_unlock+0x4d/0x240
[  168.158931][ T7244]  f2fs_sync_dirty_inodes+0x31f/0x830
[  168.158959][ T7244]  f2fs_write_checkpoint+0x95a/0x1df0
[  168.158992][ T7244]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  168.159038][ T7244]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  168.159054][ T7244]  ? kfree+0x18e/0x440
[  168.159071][ T7244]  ? kill_f2fs_super+0x298/0x6c0
[  168.159091][ T7244]  kill_f2fs_super+0x2c3/0x6c0
[  168.159125][ T7244]  ? __pfx_kill_f2fs_super+0x10/0x10
[  168.159138][ T7244]  ? radix_tree_delete_item+0x2b6/0x400
[  168.159158][ T7244]  ? shrinker_free+0x2ce/0x3e0
[  168.159176][ T7244]  deactivate_locked_super+0xbc/0x130
[  168.159195][ T7244]  cleanup_mnt+0x425/0x4c0
[  168.159211][ T7244]  ? lockdep_hardirqs_on+0x9c/0x150
[  168.159231][ T7244]  task_work_run+0x1d4/0x260
[  168.159252][ T7244]  ? __pfx_task_work_run+0x10/0x10
[  168.159267][ T7244]  ? __x64_sys_umount+0x122/0x160
[  168.159292][ T7244]  ? exit_to_user_mode_loop+0x40/0x110
[  168.159316][ T7244]  exit_to_user_mode_loop+0xec/0x110
[  168.159334][ T7244]  do_syscall_64+0x2bd/0x3b0
[  168.159349][ T7244]  ? lockdep_hardirqs_on+0x9c/0x150
[  168.159362][ T7244]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.159376][ T7244]  ? exc_page_fault+0x9f/0xf0
[  168.159391][ T7244]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  168.159404][ T7244] RIP: 0033:0x7f24d8b8ff57
[  168.159419][ T7244] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  168.159431][ T7244] RSP: 002b:00007ffe08c66b38 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  168.159447][ T7244] RAX: 0000000000000000 RBX: 00007f24d8c11c2d RCX: 00007f24d8b8ff57
[  168.159457][ T7244] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe08c66bf0
[  168.159464][ T7244] RBP: 00007ffe08c66bf0 R08: 0000000000000000 R09: 0000000000000000
[  168.159472][ T7244] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe08c67c80
[  168.159481][ T7244] R13: 00007f24d8c11c2d R14: 0000000000029050 R15: 00007ffe08c67cc0
[  168.159503][ T7244]  </TASK>
[  168.297492][    C1] vkms_vblank_simulate: vblank timer overrun
[  168.311331][ T7244] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  168.398814][ T8179] loop4: detected capacity change from 0 to 256
[  168.415190][ T8179] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  168.420773][ T8179] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  168.475930][ T8179] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  168.629070][ T8181] netlink: 4 bytes leftover after parsing attributes in process `syz.3.775'.
[  168.774313][ T8189] loop4: detected capacity change from 0 to 1024
[  168.816836][ T8189] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  168.825530][ T8189] ext4 filesystem being mounted at /26/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  168.837111][ T8189] netlink: 8 bytes leftover after parsing attributes in process `syz.4.780'.
[  168.881366][ T7877] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.087642][ T8187] loop0: detected capacity change from 0 to 32768
[  169.101088][ T8187] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.778 (8187)
[  169.124685][ T8187] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  169.131976][ T8187] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  169.201503][ T8187] BTRFS info (device loop0): enabling ssd optimizations
[  169.210442][ T8187] BTRFS info (device loop0): enabling free space tree
[  169.289931][ T8187] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_LZO (0x8)
[  169.376204][ T8198] loop4: detected capacity change from 0 to 32768
[  169.437500][ T7539] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  169.448858][ T8198] find_entry called with index >= next_index
[  169.452462][ T8198] find_entry called with index >= next_index
[  169.454895][ T8198] find_entry called with index >= next_index
[  169.472161][ T8194] loop3: detected capacity change from 0 to 32768
[  169.494794][ T8194] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.781 (8194)
[  169.560207][ T8194] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  169.563503][ T8194] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  169.720861][ T8194] BTRFS info (device loop3): enabling ssd optimizations
[  169.723207][ T8194] BTRFS info (device loop3): enabling free space tree
[  169.809175][ T8236] loop0: detected capacity change from 0 to 512
[  169.848582][ T8236] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.860029][ T8236] ext4 filesystem being mounted at /70/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  169.934268][ T7539] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.024909][ T7244] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  170.283243][ T8253] loop0: detected capacity change from 0 to 4096
[  170.353242][ T8256] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  170.620132][ T8263] loop0: detected capacity change from 0 to 4096
[  171.013382][ T8265] netlink: 6 bytes leftover after parsing attributes in process `syz.0.795'.
[  171.068306][ T8261] loop3: detected capacity change from 0 to 32768
[  171.142545][ T8267] loop4: detected capacity change from 0 to 512
[  171.145841][ T8267] EXT4-fs: Ignoring removed mblk_io_submit option
[  171.149111][ T8267] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  171.171234][ T8267] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002]
[  171.174863][ T8267] System zones: 1-12
[  171.187367][ T8267] EXT4-fs error (device loop4): ext4_iget_extra_inode:5104: inode #15: comm syz.4.797: corrupted in-inode xattr: e_value size too large
[  171.204459][ T8267] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.797: couldn't read orphan inode 15 (err -117)
[  171.212213][ T8267] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  171.544225][ T8286] loop0: detected capacity change from 0 to 16
[  171.557179][ T8286] erofs (device loop0): mounted with root inode @ nid 36.
[  171.575894][ T8286] syz.0.805: attempt to access beyond end of device
[  171.575894][ T8286] loop0: rw=0, sector=48, nr_sectors = 16 limit=16
[  171.586388][ T8286] erofs (device loop0): read error -5 @ 43 of nid 36
[  171.594298][ T8286] syz.0.805: attempt to access beyond end of device
[  171.594298][ T8286] loop0: rw=0, sector=48, nr_sectors = 16 limit=16
[  171.602482][ T8286] erofs (device loop0): read error -5 @ 43 of nid 36
[  171.648184][ T8283] loop3: detected capacity change from 0 to 32768
[  171.680864][ T8283] (syz.3.803,8283,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #66: directory entry too close to end - offset=220, inode=74, rec_len=284, name_len=16
[  171.690053][ T8283] (syz.3.803,8283,0):ocfs2_init_local_system_inodes:496 ERROR: status=-22, sysfile=9, slot=0
[  171.693617][ T8283] (syz.3.803,8283,0):ocfs2_init_local_system_inodes:505 ERROR: status = -22
[  171.696690][ T8283] (syz.3.803,8283,0):ocfs2_mount_volume:1758 ERROR: status = -22
[  171.705211][ T8283] (syz.3.803,8283,0):ocfs2_fill_super:1177 ERROR: status = -22
[  172.146787][ T8296] loop3: detected capacity change from 0 to 256
[  172.207300][ T8296] FAT-fs (loop3): Directory bread(block 64) failed
[  172.210156][ T8296] FAT-fs (loop3): Directory bread(block 65) failed
[  172.212709][ T8296] FAT-fs (loop3): Directory bread(block 66) failed
[  172.215227][ T8296] FAT-fs (loop3): Directory bread(block 67) failed
[  172.217819][ T8296] FAT-fs (loop3): Directory bread(block 68) failed
[  172.231496][ T8296] FAT-fs (loop3): Directory bread(block 69) failed
[  172.241264][ T8296] FAT-fs (loop3): Directory bread(block 70) failed
[  172.247508][ T8296] FAT-fs (loop3): Directory bread(block 71) failed
[  172.253678][ T8296] FAT-fs (loop3): Directory bread(block 72) failed
[  172.255702][ T8296] FAT-fs (loop3): Directory bread(block 73) failed
[  173.874694][ T8322] overlayfs: failed to create directory ./bus/work (errno: 13); mounting read-only
[  173.878988][ T8322] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  173.905400][ T8322] overlayfs: failed to get uuid (112/file1, err=-13); falling back to uuid=null.
[  173.906476][ T8325] loop0: detected capacity change from 0 to 8
[  173.939759][ T8325] unable to read id index table
[  174.528247][ T8270] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  174.581055][ T8327] loop0: detected capacity change from 0 to 40427
[  174.604884][ T8327] F2FS-fs: quotafile must be on filesystem root
[  175.328321][ T8338] loop3: detected capacity change from 0 to 131072
[  175.386027][ T8338] F2FS-fs (loop3): Allow to mount readonly mode only
[  176.133098][ T8353] loop0: detected capacity change from 0 to 164
[  176.255616][ T8361] netlink: 60 bytes leftover after parsing attributes in process `syz.3.833'.
[  176.259096][ T8360] netlink: 8 bytes leftover after parsing attributes in process `syz.0.835'.
[  176.265292][ T8355] netlink: 60 bytes leftover after parsing attributes in process `syz.3.833'.
[  176.613272][ T8388] loop3: detected capacity change from 0 to 128
[  176.623232][ T8388] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  176.633122][ T8388] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  176.658816][  T188] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  176.689710][ T5904] usb 1-1: new full-speed USB device number 22 using dummy_hcd
[  176.873490][ T5904] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  176.877226][ T5904] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  176.906245][ T5904] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  176.917793][ T5904] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.025266][ T8390] loop3: detected capacity change from 0 to 40427
[  177.043093][ T8390] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  177.049002][ T8390] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  177.054813][ T8390] F2FS-fs (loop3): invalid crc value
[  177.139844][ T5904] usb 1-1: usb_control_msg returned -32
[  177.141746][ T5904] usbtmc 1-1:16.0: can't read capabilities
[  177.169241][ T8390] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  177.177545][ T8390] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  177.181628][ T8390] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  177.229866][   T33] audit: type=1800 audit(1758776471.166:18): pid=8390 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.850" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop3" ino=11 res=0 errno=0
[  178.593948][ T8444] loop3: detected capacity change from 0 to 256
[  178.597115][ T8444] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  178.601111][ T8444] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  178.607000][ T8444] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  178.617346][   T33] audit: type=1800 audit(1758776472.546:19): pid=8444 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.872" name="file1" dev="loop3" ino=1048658 res=0 errno=0
[  178.798073][ T8459] netlink: 36 bytes leftover after parsing attributes in process `syz.4.878'.
[  178.803004][ T8459] netlink: 24 bytes leftover after parsing attributes in process `syz.4.878'.
[  179.433860][    T9] usb 1-1: USB disconnect, device number 22
[  179.625215][ T8469] loop3: detected capacity change from 0 to 1024
[  179.665857][ T8469] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  179.670698][ T8469] ext4 filesystem being mounted at /133/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  179.732652][ T8465] loop0: detected capacity change from 0 to 32768
[  179.739462][ T8465] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.881 (8465)
[  179.772703][ T8465] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  179.781266][ T8465] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  179.824348][ T8465] BTRFS info (device loop0): enabling ssd optimizations
[  179.826558][ T8465] BTRFS info (device loop0): enabling free space tree
[  179.834234][ T7244] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.854452][   T33] audit: type=1800 audit(1758776473.786:20): pid=8465 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.881" name="file1" dev="loop0" ino=260 res=0 errno=0
[  179.932602][ T7539] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  180.181513][ T8504] netlink: 180 bytes leftover after parsing attributes in process `syz.3.888'.
[  180.186809][ T8500] netlink: 180 bytes leftover after parsing attributes in process `syz.3.888'.
[  180.190535][ T8500] netlink: 180 bytes leftover after parsing attributes in process `syz.3.888'.
[  180.286263][ T8506] delete_channel: no stack
[  181.079705][    T9] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  181.229561][    T9] usb 4-1: Using ep0 maxpacket: 32
[  181.243630][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  181.248073][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  181.255404][    T9] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d51, bcdDevice= 0.00
[  181.259166][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  181.270519][    T9] usb 4-1: config 0 descriptor??
[  181.773333][    T9] koneplus 0003:1E7D:2D51.000D: unknown main item tag 0x0
[  181.775737][    T9] koneplus 0003:1E7D:2D51.000D: unknown main item tag 0x0
[  181.777876][    T9] koneplus 0003:1E7D:2D51.000D: unknown main item tag 0x0
[  181.783280][    T9] koneplus 0003:1E7D:2D51.000D: unknown main item tag 0x0
[  181.786500][    T9] koneplus 0003:1E7D:2D51.000D: unknown main item tag 0x0
[  181.792927][    T9] koneplus 0003:1E7D:2D51.000D: hidraw0: USB HID v0.00 Device [HID 1e7d:2d51] on usb-dummy_hcd.3-1/input0
[  182.058743][    T9] koneplus 0003:1E7D:2D51.000D: couldn't init struct koneplus_device
[  182.061497][    T9] koneplus 0003:1E7D:2D51.000D: couldn't install mouse
[  182.086341][    T9] koneplus 0003:1E7D:2D51.000D: probe with driver koneplus failed with error -71
[  182.093713][    T9] usb 4-1: USB disconnect, device number 5
[  182.142328][ T8538] netlink: 8 bytes leftover after parsing attributes in process `syz.4.903'.
[  182.146683][ T8538] netlink: 8 bytes leftover after parsing attributes in process `syz.4.903'.
[  182.151613][ T8538] netlink: 8 bytes leftover after parsing attributes in process `syz.4.903'.
[  182.479604][ T8555] netlink: 40 bytes leftover after parsing attributes in process `syz.4.911'.
[  182.583536][ T8561] comedi comedi4: bad chanlist[0]=0x00001fe6 chan=8166 range length=2
[  182.590197][   T55] Bluetooth: hci3: unexpected Set CIG Parameters response data
[  183.131803][    C1] vcan0: j1939_tp_rxtimer: 0xffff888119658800: rx timeout, send abort
[  183.138336][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888119658800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  183.146467][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888108443800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  183.916438][ T8593] loop3: detected capacity change from 0 to 32768
[  183.919648][ T8593] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.930 (8593)
[  183.931889][ T8593] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  183.935077][ T8593] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  184.100521][ T8593] BTRFS info (device loop3): enabling ssd optimizations
[  184.103326][ T8593] BTRFS info (device loop3): enabling free space tree
[  184.416331][    C1] vcan0: j1939_tp_rxtimer: 0xffff88810f8eb400: rx timeout, send abort
[  184.419081][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88810f8eb400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  184.423540][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff88810fea8000: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  184.643965][   T55] Bluetooth: hci3: command tx timeout
[  184.681193][ T7244] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  184.691508][ T8635] loop0: detected capacity change from 0 to 4096
[  184.897402][ T8644] loop3: detected capacity change from 0 to 1024
[  184.900087][ T8645] netlink: 40 bytes leftover after parsing attributes in process `syz.4.946'.
[  184.906541][ T8645] netlink: 'syz.4.946': attribute type 1 has an invalid length.
[  184.920341][ T8645] netlink: 20 bytes leftover after parsing attributes in process `syz.4.946'.
[  185.028872][ T8644] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  185.035312][ T8644] ext4 filesystem being mounted at /145/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  185.083169][ T8647] loop0: detected capacity change from 0 to 40427
[  185.092993][ T8647] F2FS-fs (loop0): invalid crc value
[  185.163205][ T8647] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  185.169525][ T8647] F2FS-fs (loop0): Start checkpoint disabled!
[  185.178995][ T8647] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  185.185927][   T33] audit: type=1800 audit(1758776479.116:21): pid=8647 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.945" name="file1" dev="loop0" ino=10 res=0 errno=0
[  185.497920][   T33] audit: type=1800 audit(1758776479.426:22): pid=8647 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.945" name="file1" dev="loop0" ino=10 res=0 errno=0
[  185.505142][ T7244] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  185.534857][ T8647] syz.0.945: attempt to access beyond end of device
[  185.534857][ T8647] loop0: rw=2049, sector=77824, nr_sectors = 2568 limit=40427
[  185.610299][  T572] kworker/u10:3: attempt to access beyond end of device
[  185.610299][  T572] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  185.616666][  T572] CPU: 1 UID: 0 PID: 572 Comm: kworker/u10:3 Not tainted syzkaller #0 PREEMPT(full) 
[  185.616684][  T572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  185.616691][  T572] Workqueue: writeback wb_workfn (flush-7:0)
[  185.616714][  T572] Call Trace:
[  185.616721][  T572]  <TASK>
[  185.616728][  T572]  dump_stack_lvl+0x189/0x250
[  185.616779][  T572]  ? __pfx_dump_stack_lvl+0x10/0x10
[  185.616796][  T572]  ? __pfx_queue_work_on+0x10/0x10
[  185.616810][  T572]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  185.616830][  T572]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  185.616848][  T572]  f2fs_handle_critical_error+0x37c/0x540
[  185.616866][  T572]  f2fs_write_end_io+0x886/0xb60
[  185.616884][  T572]  __submit_merged_bio+0x27a/0x6a0
[  185.616900][  T572]  __submit_merged_write_cond+0x255/0x530
[  185.616914][  T572]  f2fs_write_data_pages+0x261d/0x3000
[  185.616939][  T572]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  185.616954][  T572]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  185.616980][  T572]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  185.616999][  T572]  ? trace_f2fs_writepages+0x7f/0x200
[  185.617011][  T572]  ? f2fs_write_node_pages+0x478/0x6e0
[  185.617031][  T572]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  185.617049][  T572]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  185.617073][  T572]  do_writepages+0x32e/0x550
[  185.617088][  T572]  ? reacquire_held_locks+0x127/0x1d0
[  185.617098][  T572]  ? writeback_sb_inodes+0x384/0x1010
[  185.617112][  T572]  __writeback_single_inode+0x145/0xff0
[  185.617122][  T572]  ? do_raw_spin_unlock+0x4d/0x240
[  185.617135][  T572]  writeback_sb_inodes+0x6c7/0x1010
[  185.617159][  T572]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  185.617191][  T572]  ? rcu_is_watching+0x15/0xb0
[  185.617205][  T572]  wb_writeback+0x43b/0xaf0
[  185.617219][  T572]  ? queue_io+0x361/0x590
[  185.617230][  T572]  ? __pfx_wb_writeback+0x10/0x10
[  185.617245][  T572]  ? _raw_spin_unlock_irq+0x23/0x50
[  185.617259][  T572]  wb_workfn+0x409/0xef0
[  185.617277][  T572]  ? __pfx_wb_workfn+0x10/0x10
[  185.617288][  T572]  ? __lock_acquire+0xab9/0xd20
[  185.617306][  T572]  ? process_scheduled_works+0x9ef/0x17b0
[  185.617317][  T572]  ? _raw_spin_unlock_irq+0x23/0x50
[  185.617328][  T572]  ? process_scheduled_works+0x9ef/0x17b0
[  185.617335][  T572]  ? process_scheduled_works+0x9ef/0x17b0
[  185.617343][  T572]  process_scheduled_works+0xae1/0x17b0
[  185.617366][  T572]  ? __pfx_process_scheduled_works+0x10/0x10
[  185.617383][  T572]  worker_thread+0x8a0/0xda0
[  185.617393][  T572]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  185.617409][  T572]  ? __kthread_parkme+0x7b/0x200
[  185.617423][  T572]  kthread+0x711/0x8a0
[  185.617435][  T572]  ? __pfx_worker_thread+0x10/0x10
[  185.617442][  T572]  ? __pfx_kthread+0x10/0x10
[  185.617453][  T572]  ? _raw_spin_unlock_irq+0x23/0x50
[  185.617464][  T572]  ? lockdep_hardirqs_on+0x9c/0x150
[  185.617472][  T572]  ? __pfx_kthread+0x10/0x10
[  185.617482][  T572]  ret_from_fork+0x439/0x7d0
[  185.617492][  T572]  ? __pfx_ret_from_fork+0x10/0x10
[  185.617504][  T572]  ? __switch_to_asm+0x39/0x70
[  185.617514][  T572]  ? __switch_to_asm+0x33/0x70
[  185.617523][  T572]  ? __pfx_kthread+0x10/0x10
[  185.617533][  T572]  ret_from_fork_asm+0x1a/0x30
[  185.617552][  T572]  </TASK>
[  185.619333][  T572] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  185.759038][ T8661] loop3: detected capacity change from 0 to 32768
[  185.764484][ T8661] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.949 (8661)
[  185.785895][ T8661] BTRFS info (device loop3): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  185.789333][ T8661] BTRFS info (device loop3): using crc32c (crc32c-lib) checksum algorithm
[  185.825199][ T8661] BTRFS info (device loop3): enabling ssd optimizations
[  185.827498][ T8661] BTRFS info (device loop3): enabling free space tree
[  186.059123][ T8682] loop0: detected capacity change from 0 to 736
[  186.158365][ T7244] BTRFS info (device loop3): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  186.549623][  T972] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  186.650896][   T55] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  186.657040][   T55] Bluetooth: hci3: Injecting HCI hardware error event
[  186.663305][   T55] Bluetooth: hci3: hardware error 0x00
[  186.709616][  T972] usb 1-1: Using ep0 maxpacket: 16
[  186.715883][  T972] usb 1-1: New USB device found, idVendor=0403, idProduct=6010, bcdDevice= 0.02
[  186.719252][  T972] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  186.721958][  T972] usb 1-1: SerialNumber: syz
[  186.725899][  T972] usb 1-1: config 0 descriptor??
[  186.731051][  T972] ftdi_sio 1-1:0.0: FTDI USB Serial Device converter detected
[  186.734701][  T972] usb 1-1: Detected SIO
[  186.746107][  T972] usb 1-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  186.938382][ T5922] usb 1-1: USB disconnect, device number 23
[  186.976086][ T5922] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  186.984088][ T5922] ftdi_sio 1-1:0.0: device disconnected
[  187.589975][  T972] usb 4-1: new full-speed USB device number 6 using dummy_hcd
[  187.773995][  T972] usb 4-1: config 0 has an invalid interface number: 176 but max is 2
[  187.777257][  T972] usb 4-1: config 0 has an invalid interface number: 3 but max is 2
[  187.787250][  T972] usb 4-1: config 0 has no interface number 0
[  187.790087][  T972] usb 4-1: config 0 has no interface number 1
[  187.793842][  T972] usb 4-1: too many endpoints for config 0 interface 3 altsetting 255: 255, using maximum allowed: 30
[  187.812819][  T972] usb 4-1: config 0 interface 3 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  187.821945][  T972] usb 4-1: config 0 interface 3 has no altsetting 0
[  187.824547][  T972] usb 4-1: New USB device found, idVendor=05c6, idProduct=9205, bcdDevice=29.ac
[  187.827356][  T972] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.841987][  T972] usb 4-1: config 0 descriptor??
[  187.874089][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  187.948390][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.026920][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.055333][  T972] usb 4-1: Could not set interface, error -71
[  188.073950][  T972] usb 4-1: selecting invalid altsetting 0
[  188.076306][  T972] usb 4-1: Could not set interface, error -22
[  188.092420][  T972] usb 4-1: USB disconnect, device number 6
[  188.177626][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  188.357546][ T5861] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  188.363998][ T5861] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  188.368425][   T12] bridge_slave_1: left allmulticast mode
[  188.375453][ T5861] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  188.376665][   T12] bridge_slave_1: left promiscuous mode
[  188.385422][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  188.388322][ T5861] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  188.393364][   T12] bridge_slave_0: left allmulticast mode
[  188.395590][   T12] bridge_slave_0: left promiscuous mode
[  188.397457][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  188.398751][ T5861] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  188.722574][   T55] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  188.775583][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  188.781594][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  188.785425][   T12] bond0 (unregistering): Released all slaves
[  188.870219][ T5921] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  188.917187][   T12] IPVS: stopping backup sync thread 7860 ...
[  189.033180][ T5921] usb 4-1: Using ep0 maxpacket: 8
[  189.055370][ T5921] usb 4-1: config 0 has an invalid interface number: 74 but max is 0
[  189.058625][ T5921] usb 4-1: config 0 has no interface number 0
[  189.078850][ T5921] usb 4-1: New USB device found, idVendor=0403, idProduct=da72, bcdDevice=e2.e8
[  189.099676][ T5921] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  189.102874][ T5921] usb 4-1: Product: syz
[  189.104545][ T5921] usb 4-1: Manufacturer: syz
[  189.106389][ T5921] usb 4-1: SerialNumber: syz
[  189.124495][ T5921] usb 4-1: config 0 descriptor??
[  189.330039][ T8744] overlayfs: failed to clone upperpath
[  189.374595][ T8714] chnl_net:caif_netlink_parms(): no params data found
[  189.390110][ T5921] usb 4-1: NDI device with a latency value of 1
[  189.393479][ T5921] ftdi_sio 4-1:0.74: FTDI USB Serial Device converter detected
[  189.407039][ T5921] ftdi_sio ttyUSB0: unknown device type: 0xe2e8
[  189.429216][ T5921] usb 4-1: USB disconnect, device number 7
[  189.442560][ T5921] ftdi_sio 4-1:0.74: device disconnected
[  189.555330][   T12] hsr_slave_0: left promiscuous mode
[  189.558966][   T12] hsr_slave_1: left promiscuous mode
[  189.562299][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  189.565297][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  189.572929][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  189.575889][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  189.607561][   T12] veth1_macvtap: left promiscuous mode
[  189.610793][   T12] veth0_macvtap: left promiscuous mode
[  189.613337][   T12] veth1_vlan: left promiscuous mode
[  189.615614][   T12] veth0_vlan: left promiscuous mode
[  190.128421][   T12] team0 (unregistering): Port device team_slave_1 removed
[  190.167235][   T12] team0 (unregistering): Port device team_slave_0 removed
[  190.229726][ T5921] usb 4-1: new full-speed USB device number 8 using dummy_hcd
[  190.382410][ T5921] usb 4-1: config 0 has an invalid interface number: 248 but max is 0
[  190.385799][ T5921] usb 4-1: config 0 has no interface number 0
[  190.388318][ T5921] usb 4-1: config 0 interface 248 altsetting 0 endpoint 0x5 has invalid maxpacket 48120, setting to 64
[  190.396914][ T5921] usb 4-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  190.405022][ T5921] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  190.408376][ T5921] usb 4-1: Product: syz
[  190.412993][ T5921] usb 4-1: Manufacturer: syz
[  190.417226][ T5921] usb 4-1: SerialNumber: syz
[  190.427873][ T5921] usb 4-1: config 0 descriptor??
[  190.444737][ T5921] snd-usb-audio 4-1:0.248: probe with driver snd-usb-audio failed with error -22
[  190.484896][ T5237] Bluetooth: hci2: command tx timeout
[  190.638725][   T52] usb 4-1: USB disconnect, device number 8
[  190.675047][ T8714] bridge0: port 1(bridge_slave_0) entered blocking state
[  190.678732][ T8714] bridge0: port 1(bridge_slave_0) entered disabled state
[  190.685638][ T8714] bridge_slave_0: entered allmulticast mode
[  190.692084][ T8714] bridge_slave_0: entered promiscuous mode
[  190.700102][ T8714] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.703204][ T8714] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.706598][ T8714] bridge_slave_1: entered allmulticast mode
[  190.715029][ T8714] bridge_slave_1: entered promiscuous mode
[  190.789961][ T8714] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  190.797150][ T8714] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  190.871077][ T8714] team0: Port device team_slave_0 added
[  190.875696][ T8714] team0: Port device team_slave_1 added
[  190.916149][ T8714] batman_adv: batadv0: Adding interface: batadv_slave_0
[  190.921004][ T8714] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  190.933893][ T8714] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  190.943521][ T8714] batman_adv: batadv0: Adding interface: batadv_slave_1
[  190.946236][ T8714] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  190.958035][ T8714] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  190.961723][ T5237] Bluetooth: hci0: command 0x0406 tx timeout
[  190.996459][ T8714] hsr_slave_0: entered promiscuous mode
[  191.000144][ T8714] hsr_slave_1: entered promiscuous mode
[  191.002739][ T8714] debugfs: 'hsr0' already exists in 'hsr'
[  191.004823][ T8714] Cannot create hsr debugfs directory
[  191.257267][ T8775] random: crng reseeded on system resumption
[  191.265924][ T8714] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  191.283015][ T8714] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  191.302442][ T8714] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  191.320794][ T8714] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  191.391017][ T8714] bridge0: port 2(bridge_slave_1) entered blocking state
[  191.394181][ T8714] bridge0: port 2(bridge_slave_1) entered forwarding state
[  191.507104][ T8714] 8021q: adding VLAN 0 to HW filter on device bond0
[  191.538648][  T188] bridge0: port 2(bridge_slave_1) entered disabled state
[  191.587717][ T8714] 8021q: adding VLAN 0 to HW filter on device team0
[  191.605530][  T188] bridge0: port 1(bridge_slave_0) entered blocking state
[  191.608370][  T188] bridge0: port 1(bridge_slave_0) entered forwarding state
[  191.624666][  T188] bridge0: port 2(bridge_slave_1) entered blocking state
[  191.627429][  T188] bridge0: port 2(bridge_slave_1) entered forwarding state
[  191.820629][ T5921] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  191.838933][ T8714] 8021q: adding VLAN 0 to HW filter on device batadv0
[  191.981047][ T5921] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  191.985343][ T5921] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  191.988836][ T5921] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.006367][ T5921] usb 4-1: config 0 descriptor??
[  192.096236][ T8714] veth0_vlan: entered promiscuous mode
[  192.107652][ T8714] veth1_vlan: entered promiscuous mode
[  192.134866][ T8714] veth0_macvtap: entered promiscuous mode
[  192.142198][ T8714] veth1_macvtap: entered promiscuous mode
[  192.161686][ T8714] batman_adv: batadv0: Interface activated: batadv_slave_0
[  192.173623][ T8714] batman_adv: batadv0: Interface activated: batadv_slave_1
[  192.194818][   T12] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  192.197925][   T12] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  192.206410][   T12] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  192.210764][   T12] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  192.342029][   T32] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  192.345236][   T32] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  192.401238][  T188] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  192.404516][  T188] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  192.433943][ T5921] plantronics 0003:047F:FFFF.000E: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  192.502963][ T8827] loop5: detected capacity change from 0 to 512
[  192.515233][ T8827] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  192.532973][ T8827] EXT4-fs (loop5): 1 truncate cleaned up
[  192.535799][ T8827] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  192.559741][   T55] Bluetooth: hci2: command tx timeout
[  192.581652][ T8714] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.707203][ T5922] usb 4-1: USB disconnect, device number 9
[  192.862162][ T8831] loop5: detected capacity change from 0 to 32768
[  192.865593][ T8831] XFS: noikeep mount option is deprecated.
[  192.884786][ T8831] XFS (loop5): DAX unsupported by block device. Turning off DAX.
[  192.894033][ T8831] XFS (loop5): cannot change alignment: superblock does not support data alignment
[  193.276637][ T8849] netlink: 'syz.3.1002': attribute type 29 has an invalid length.
[  193.286041][ T8849] netlink: 'syz.3.1002': attribute type 29 has an invalid length.
[  193.291285][ T8849] netlink: 508 bytes leftover after parsing attributes in process `syz.3.1002'.
[  193.985318][ T5315] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  194.050170][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  194.053094][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  194.170247][ T5315] usb 6-1: Using ep0 maxpacket: 16
[  194.176106][ T5315] usb 6-1: config 0 has an invalid interface number: 102 but max is 0
[  194.184534][ T5315] usb 6-1: config 0 has no interface number 0
[  194.195863][ T5315] usb 6-1: New USB device found, idVendor=17cc, idProduct=1010, bcdDevice=53.54
[  194.220047][ T5315] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  194.232518][ T5315] usb 6-1: Product: syz
[  194.234285][ T5315] usb 6-1: Manufacturer: syz
[  194.246486][ T5315] usb 6-1: SerialNumber: syz
[  194.301095][ T5315] usb 6-1: config 0 descriptor??
[  194.524880][ T5315] snd-usb-audio 6-1:0.102: probe with driver snd-usb-audio failed with error -71
[  194.546200][ T5315] usb 6-1: USB disconnect, device number 2
[  194.585250][   T52] hid-generic 0005:0005:0008.000F: unknown main item tag 0x0
[  194.588785][   T52] hid-generic 0005:0005:0008.000F: item fetching failed at offset 1/2
[  194.627937][   T52] hid-generic 0005:0005:0008.000F: probe with driver hid-generic failed with error -22
[  194.645206][   T55] Bluetooth: hci2: command tx timeout
[  195.479775][  T972] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  195.655207][  T972] usb 6-1: config 36 has an invalid descriptor of length 0, skipping remainder of the config
[  195.663809][  T972] usb 6-1: config 36 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  195.674753][  T972] usb 6-1: New USB device found, idVendor=6993, idProduct=b001, bcdDevice=3d.29
[  195.677801][  T972] usb 6-1: New USB device strings: Mfr=244, Product=0, SerialNumber=16
[  195.682275][  T972] usb 6-1: Manufacturer: syz
[  195.684107][  T972] usb 6-1: SerialNumber: syz
[  195.975216][  T972] usbhid 6-1:36.0: couldn't find an input interrupt endpoint
[  195.988612][  T972] usb 6-1: USB disconnect, device number 3
[  196.649238][ T8930] tmpfs: Bad value for 'mpol'
[  196.730665][   T55] Bluetooth: hci2: command tx timeout
[  197.274158][ T8938] 9pnet_fd: Insufficient options for proto=fd
[  197.329581][ T5904] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  197.499682][ T5904] usb 6-1: Using ep0 maxpacket: 32
[  197.503594][ T5904] usb 6-1: config 0 has an invalid interface number: 67 but max is 0
[  197.506783][ T5904] usb 6-1: config 0 has no interface number 0
[  197.511572][ T5904] usb 6-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  197.516441][ T5904] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  197.519864][ T5904] usb 6-1: Product: syz
[  197.521631][ T5904] usb 6-1: Manufacturer: syz
[  197.523456][ T5904] usb 6-1: SerialNumber: syz
[  197.527778][ T5904] usb 6-1: config 0 descriptor??
[  197.539048][ T5904] smsc95xx v2.0.0
[  197.580257][ T5922] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  197.869567][ T5922] usb 4-1: Using ep0 maxpacket: 32
[  197.873595][ T5922] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 512, setting to 64
[  197.877736][ T5922] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 1024, setting to 64
[  197.885017][ T5922] usb 4-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16
[  197.890149][ T5922] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  197.893501][ T5922] usb 4-1: Product: syz
[  197.895261][ T5922] usb 4-1: Manufacturer: syz
[  197.897175][ T5922] usb 4-1: SerialNumber: syz
[  197.902283][ T5922] usb 4-1: config 0 descriptor??
[  197.946227][ T5922] usb 4-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  198.190639][ T5922] usb 4-1: USB disconnect, device number 10
[  198.344300][ T5884] usb 4-1: Failed to submit usb control message: -19
[  198.349354][ T5884] usb 4-1: unable to send the bmi data to the device: -19
[  198.352800][ T5884] usb 4-1: unable to get target info from device
[  198.355377][ T5884] usb 4-1: could not get target info (-19)
[  198.357598][ T5884] usb 4-1: could not probe fw (-19)
[  198.954984][ T5904] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000030: -71
[  198.968825][ T5904] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Error writing E2P_CMD
[  198.990645][ T5904] smsc95xx 6-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  199.002946][ T5904] smsc95xx 6-1:0.67: probe with driver smsc95xx failed with error -71
[  199.064533][ T5904] usb 6-1: USB disconnect, device number 4
[  199.674465][ T8990] loop5: detected capacity change from 0 to 1024
[  199.715099][ T8990] EXT4-fs (loop5): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  199.727328][ T8990] ext4 filesystem being mounted at /10/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  199.792723][ T8714] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  199.863900][   T33] audit: type=1326 audit(1758776493.796:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.4.1067" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850818ec29 code=0x7ffc0000
[  199.888885][   T33] audit: type=1326 audit(1758776493.796:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.4.1067" exe="/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7f850818ec29 code=0x7ffc0000
[  199.910232][   T33] audit: type=1326 audit(1758776493.796:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.4.1067" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850818ec29 code=0x7ffc0000
[  199.920589][   T33] audit: type=1326 audit(1758776493.796:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.4.1067" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850818ec29 code=0x7ffc0000
[  199.930497][   T33] audit: type=1326 audit(1758776493.796:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.4.1067" exe="/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f850818ec29 code=0x7ffc0000
[  199.951211][   T33] audit: type=1326 audit(1758776493.796:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.4.1067" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850818ec29 code=0x7ffc0000
[  199.970166][   T33] audit: type=1326 audit(1758776493.796:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.4.1067" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850818ec29 code=0x7ffc0000
[  199.989266][   T33] audit: type=1326 audit(1758776493.796:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.4.1067" exe="/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f850818ec29 code=0x7ffc0000
[  199.998483][   T33] audit: type=1326 audit(1758776493.796:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.4.1067" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850818ec29 code=0x7ffc0000
[  200.008264][   T33] audit: type=1326 audit(1758776493.796:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.4.1067" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850818ec29 code=0x7ffc0000
[  200.069347][ T9013] loop5: detected capacity change from 0 to 1024
[  200.158472][ T9013] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  200.200213][ T9013] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4183: comm syz.5.1071: Allocating blocks 385-513 which overlap fs metadata
[  200.517611][ T9013] EXT4-fs (loop5): pa ffff88811a17c828: logic 16, phys. 129, len 24
[  200.520838][ T9013] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 8
[  200.553853][ T9013] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 28 with max blocks 4 with error 28
[  200.564274][ T9013] EXT4-fs (loop5): This should not happen!! Data will be lost
[  200.564274][ T9013] 
[  200.567941][ T9013] EXT4-fs (loop5): Total free blocks count 0
[  200.573796][ T9013] EXT4-fs (loop5): Free/Dirty block details
[  200.576337][ T9013] EXT4-fs (loop5): free_blocks=128
[  200.578459][ T9013] EXT4-fs (loop5): dirty_blocks=0
[  200.580815][ T9013] EXT4-fs (loop5): Block reservation details
[  200.583333][ T9013] EXT4-fs (loop5): i_reserved_data_blocks=0
[  200.988037][ T9040] loop3: detected capacity change from 0 to 512
[  201.002056][ T9040] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  201.027588][ T9040] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  201.046947][ T9040] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1083: bg 0: block 248: padding at end of block bitmap is not set
[  201.054851][ T9040] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.1083: Failed to acquire dquot type 1
[  201.065451][ T9040] EXT4-fs (loop3): 1 truncate cleaned up
[  201.069003][ T9040] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  201.099841][ T5922] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  201.104240][ T7244] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  201.110298][ T1088] EXT4-fs error (device loop3): ext4_release_dquot:6973: comm kworker/u10:4: Failed to release dquot type 1
[  201.249868][ T5922] usb 6-1: Using ep0 maxpacket: 32
[  201.253597][ T5922] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  201.257334][ T5922] usb 6-1: too many endpoints for config 0 interface 0 altsetting 0: 128, using maximum allowed: 30
[  201.262368][ T5922] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 128
[  201.271208][ T5922] usb 6-1: New USB device found, idVendor=06cd, idProduct=0114, bcdDevice=33.c7
[  201.277912][ T5922] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  201.280693][ T5922] usb 6-1: Product: syz
[  201.282275][ T5922] usb 6-1: Manufacturer: syz
[  201.284415][ T5922] usb 6-1: SerialNumber: syz
[  201.290688][ T5922] usb 6-1: config 0 descriptor??
[  201.294477][ T5922] hub 6-1:0.0: bad descriptor, ignoring hub
[  201.296764][ T5922] hub 6-1:0.0: probe with driver hub failed with error -5
[  201.300634][ T5922] keyspan 6-1:0.0: Keyspan - (without firmware) converter detected
[  201.335982][ T9050] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  201.343243][ T9050] Error validating options; rc = [-22]
[  201.379761][ T9052] netlink: 'syz.4.1088': attribute type 1 has an invalid length.
[  201.599847][ T5921] usb 6-1: USB disconnect, device number 5
[  201.602755][ T5921] keyspan 6-1:0.0: device disconnected
[  202.197742][ T9093] loop3: detected capacity change from 0 to 1024
[  202.328745][ T9097] loop5: detected capacity change from 0 to 1024
[  202.453590][ T9093] hfsplus: inconsistency in B*Tree (1,0,1,0,1)
[  202.474890][ T9093] hfsplus: inconsistency in B*Tree (1,0,1,0,1)
[  202.517733][ T9101] hfsplus: inconsistency in B*Tree (1,0,1,0,1)
[  202.529668][ T9101] hfsplus: inconsistency in B*Tree (1,0,1,0,1)
[  202.548149][ T9093] hfsplus: inconsistency in B*Tree (1,0,1,0,1)
[  202.637589][ T1088] hfsplus: b-tree write err: -5, ino 4
[  202.660222][ T1088] hfsplus: inconsistency in B*Tree (1,0,1,0,1)
[  202.947966][ T9117] random: crng reseeded on system resumption
[  203.043022][  T572] hfsplus: b-tree write err: -5, ino 4
[  203.298891][ T9136] RDS: rds_bind could not find a transport for fec0:ffff::1, load rds_tcp or rds_rdma?
[  203.566074][ T9145] trusted_key: syz.5.1115 sent an empty control message without MSG_MORE.
[  204.263554][ T9170] loop3: detected capacity change from 0 to 4096
[  204.278378][ T9170] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[  204.330365][ T9170] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  204.364827][ T9170] ntfs3(loop3): ino=1f, "file2" failed to open parent directory r=5 to update
[  204.647308][ T9146] ntfs3(loop3): ino=1f, failed to open parent directory r=5 to update
[  204.867047][ T5884] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  204.870387][ T5884] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  204.873208][ T5884] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  204.876162][ T5884] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  206.745578][ T9198] loop5: detected capacity change from 0 to 262144
[  206.749874][ T9198] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1141 (9198)
[  206.758373][ T9198] BTRFS info (device loop5): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  206.762383][ T9198] BTRFS info (device loop5): using xxhash64 (xxhash64-generic) checksum algorithm
[  206.890653][ T9198] BTRFS info (device loop5): enabling ssd optimizations
[  206.893361][ T9198] BTRFS info (device loop5): enabling free space tree
[  206.949032][ T9198] BTRFS info (device loop5): balance: start -d -m -susage=0,drange=0..576743331086729252,vrange=0..9223935055661891594,limit=0
[  206.961215][ T9198] BTRFS info (device loop5): relocating block group 30408704 flags metadata|dup
[  206.997097][ T9198] BTRFS info (device loop5): found 3 extents, stage: move data extents
[  207.027934][ T9198] BTRFS info (device loop5): relocating block group 13631488 flags data
[  207.097287][ T9198] BTRFS info (device loop5): found 1 extents, stage: move data extents
[  207.120276][ T9198] BTRFS info (device loop5): balance: canceled
[  207.158543][ T8714] BTRFS info (device loop5): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  208.457093][ T9283] gfs2: path_lookup on tmpfs returned error -2
[  208.507889][ T9275] loop5: detected capacity change from 0 to 32768
[  208.557108][ T9275] JBD2: Ignoring recovery information on journal
[  208.559911][ T9286] loop3: detected capacity change from 0 to 256
[  208.588299][ T9286] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  208.606861][ T9286] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  208.633372][ T9286] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  208.652664][ T9275] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  208.827150][ T8714] ocfs2: Unmounting device (7,5) on (node local)
[  209.098910][ T9294] loop3: detected capacity change from 0 to 1024
[  209.112644][ T9294] EXT4-fs: Ignoring removed bh option
[  209.114818][ T9294] EXT4-fs: inline encryption not supported
[  209.132809][ T9296] netlink: 666 bytes leftover after parsing attributes in process `syz.5.1173'.
[  209.137362][ T9294] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  209.165629][ T9294] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  209.186430][ T9294] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 2: comm syz.3.1175: lblock 2 mapped to illegal pblock 2 (length 1)
[  209.202097][ T9294] __quota_error: 23 callbacks suppressed
[  209.202113][ T9294] Quota error (device loop3): qtree_write_dquot: dquota write failed
[  209.211879][ T9294] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm syz.3.1175: lblock 0 mapped to illegal pblock 48 (length 1)
[  209.219162][ T9294] Quota error (device loop3): v2_write_file_info: Can't write info structure
[  209.225525][ T9294] EXT4-fs error (device loop3): ext4_acquire_dquot:6937: comm syz.3.1175: Failed to acquire dquot type 0
[  209.231273][ T9294] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  209.240039][ T9294] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.1175: mark_inode_dirty error
[  209.245722][ T9294] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  209.251769][ T9294] EXT4-fs (loop3): 1 orphan inode deleted
[  209.260023][ T9294] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  209.269888][   T53] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 1: comm kworker/u9:2: lblock 1 mapped to illegal pblock 1 (length 1)
[  209.283804][   T53] Quota error (device loop3): remove_tree: Can't read quota data block 1
[  209.286400][   T53] EXT4-fs error (device loop3): ext4_release_dquot:6973: comm kworker/u9:2: Failed to release dquot type 0
[  209.339952][ T7244] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.346155][ T7244] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0
[  209.381078][ T7244] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  209.389527][ T7244] EXT4-fs error (device loop3): ext4_quota_off:7221: inode #3: comm syz-executor: mark_inode_dirty error
[  209.658553][ T9306] loop5: detected capacity change from 0 to 32768
[  209.675369][ T9306] XFS: ikeep mount option is deprecated.
[  209.677241][ T9306] XFS (loop5): invalid logbufs value: 1 [not 2-8]
[  209.877660][ T9308] loop3: detected capacity change from 0 to 32768
[  209.921512][ T9308] XFS (loop3): logbuf size must be greater than or equal to log stripe size
[  210.606615][ T9340] loop5: detected capacity change from 0 to 32768
[  210.614121][ T9340] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1194 (9340)
[  210.633564][ T9340] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  210.645649][ T9355] loop3: detected capacity change from 0 to 32768
[  210.657995][ T9355] bcachefs (/dev/loop3): error validating superblock: Invalid superblock layout: no superblocks
[  210.669044][ T9340] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  210.669235][ T9355] bcachefs: bch2_fs_get_tree() error: invalid_sb_layout_nr_superblocks
[  210.765933][ T9340] BTRFS info (device loop5): enabling ssd optimizations
[  210.768810][ T9340] BTRFS info (device loop5): enabling free space tree
[  210.805129][ T9379] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1203'.
[  210.873377][ T8714] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  212.134529][ T9388] loop5: detected capacity change from 0 to 32768
[  212.151607][ T9388] 
[  212.151607][ T9388]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  212.151607][ T9388] 
[  212.204226][ T9388] 
[  212.204226][ T9388]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  212.204226][ T9388] 
[  212.208614][ T9388] 
[  212.208614][ T9388]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  212.208614][ T9388] 
[  212.218263][ T9394] loop3: detected capacity change from 0 to 256
[  212.219837][ T9388] 
[  212.219837][ T9388]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  212.219837][ T9388] 
[  212.226861][ T9394] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x44396dfa, utbl_chksum : 0xe619d30d)
[  212.235837][ T9388] 
[  212.235837][ T9388]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  212.235837][ T9388] 
[  212.253774][ T9388] 
[  212.253774][ T9388]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  212.253774][ T9388] 
[  212.268643][  T115] 
[  212.268643][  T115]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  212.268643][  T115] 
[  212.320701][ T9399] tipc: Started in network mode
[  212.327085][ T9399] tipc: Node identity f2d33893ec51, cluster identity 4711
[  212.329762][ T9399] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  212.347608][  T572] 
[  212.347608][  T572]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  212.347608][  T572] 
[  212.355145][  T572] 
[  212.355145][  T572]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  212.355145][  T572] 
[  212.360198][  T114] 
[  212.360198][  T114]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  212.360198][  T114] 
[  212.370366][ T8714] 
[  212.370366][ T8714]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  212.370366][ T8714] 
[  212.375103][ T8714] 
[  212.375103][ T8714]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  212.375103][ T8714] 
[  212.403078][ T9399] syzkaller0: entered promiscuous mode
[  212.404857][ T9399] syzkaller0: entered allmulticast mode
[  212.407050][ T9399] tipc: Resetting bearer <eth:syzkaller0>
[  212.409292][ T9401] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  212.449892][ T9398] tipc: Resetting bearer <eth:syzkaller0>
[  213.478925][ T5922] tipc: Node number set to 511850643
[  216.274923][ T9398] tipc: Disabling bearer <eth:syzkaller0>
[  216.639678][  T972] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  216.735208][ T9453] loop3: detected capacity change from 0 to 512
[  216.750576][ T9453] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.1233: casefold flag without casefold feature
[  216.765742][ T9453] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1233: couldn't read orphan inode 15 (err -117)
[  216.772024][ T9453] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  216.803584][  T972] usb 6-1: config 0 has an invalid interface number: 71 but max is 0
[  216.806396][  T972] usb 6-1: config 0 has no interface number 0
[  216.809499][  T972] usb 6-1: config 0 interface 71 altsetting 0 has an endpoint descriptor with address 0xFC, changing to 0x8C
[  216.813757][  T972] usb 6-1: config 0 interface 71 altsetting 0 bulk endpoint 0x8C has invalid maxpacket 1024
[  216.814146][ T7244] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.817095][  T972] usb 6-1: config 0 interface 71 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  216.824079][  T972] usb 6-1: config 0 interface 71 altsetting 0 bulk endpoint 0x9 has invalid maxpacket 0
[  216.834003][  T972] usb 6-1: New USB device found, idVendor=0bfd, idProduct=0012, bcdDevice=cc.c0
[  216.837222][  T972] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  216.840902][  T972] usb 6-1: Product: syz
[  216.842248][  T972] usb 6-1: Manufacturer: syz
[  216.848498][  T972] usb 6-1: SerialNumber: syz
[  216.853327][  T972] usb 6-1: config 0 descriptor??
[  216.859608][ T9442] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  216.865103][  T972] kvaser_usb 6-1:0.71: error -EMSGSIZE: Cannot get software info
[  216.867930][  T972] kvaser_usb 6-1:0.71: probe with driver kvaser_usb failed with error -90
[  217.073687][ T5921] usb 6-1: USB disconnect, device number 6
[  217.157998][ T9469] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1240'.
[  217.182601][ T9471] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  217.763164][ T9483] loop3: detected capacity change from 0 to 128
[  217.824834][ T9487] loop5: detected capacity change from 0 to 8
[  217.838925][ T9487] SQUASHFS error: Unable to read inode 0x127
[  218.149795][ T5921] usb 4-1: new full-speed USB device number 11 using dummy_hcd
[  218.751362][ T5921] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  218.757574][ T5921] usb 4-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[  218.763899][ T5921] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.766963][ T5921] usb 4-1: Product: syz
[  218.768569][ T5921] usb 4-1: Manufacturer: syz
[  218.770931][ T5921] usb 4-1: SerialNumber: syz
[  218.775033][ T5921] usb 4-1: config 0 descriptor??
[  218.791407][ T5921] pn533_usb 4-1:0.0: NFC: Could not find bulk-in or bulk-out endpoint
[  219.004403][ T5315] usb 4-1: USB disconnect, device number 11
[  219.643377][   T33] audit: type=1326 audit(1758776513.576:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9513 comm="syz.3.1260" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f24d8b8ec29 code=0x0
[  219.775942][ T9517] IPv6: addrconf: prefix option has invalid lifetime
[  219.841152][ T9519] loop5: detected capacity change from 0 to 2048
[  219.855212][ T9519] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  219.863578][ T9519] ext4 filesystem being mounted at /65/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  219.876876][   T33] audit: type=1800 audit(1758776513.806:54): pid=9519 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1262" name="file1" dev="loop5" ino=15 res=0 errno=0
[  219.950314][ T9523] netlink: 'syz.4.1263': attribute type 1 has an invalid length.
[  219.951608][ T8714] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  219.954383][ T9523] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  220.228617][ T9539] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1271'.
[  220.372424][ T9545] pim6reg: entered allmulticast mode
[  220.377975][ T9545] pim6reg: left allmulticast mode
[  220.409585][ T5922] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  220.569661][ T5922] usb 6-1: Using ep0 maxpacket: 32
[  220.575862][ T5922] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  220.583045][ T5922] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  220.586917][ T5922] usb 6-1: New USB device found, idVendor=05ac, idProduct=0265, bcdDevice= 0.00
[  220.591886][ T5922] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.599538][ T5922] usb 6-1: config 0 descriptor??
[  221.033732][ T5922] magicmouse 0003:05AC:0265.0010: unknown main item tag 0x0
[  221.036599][ T5922] magicmouse 0003:05AC:0265.0010: unknown main item tag 0x0
[  221.060576][ T5922] magicmouse 0003:05AC:0265.0010: unknown main item tag 0x0
[  221.063499][ T5922] magicmouse 0003:05AC:0265.0010: unknown main item tag 0x0
[  221.066414][ T5922] magicmouse 0003:05AC:0265.0010: unknown main item tag 0x0
[  221.082215][ T5922] magicmouse 0003:05AC:0265.0010: unknown main item tag 0x0
[  221.085153][ T5922] magicmouse 0003:05AC:0265.0010: unknown main item tag 0x0
[  221.097313][ T5922] magicmouse 0003:05AC:0265.0010: hidraw0: USB HID v0.00 Device [HID 05ac:0265] on usb-dummy_hcd.5-1/input0
[  221.103348][ T5922] magicmouse 0003:05AC:0265.0010: magicmouse input not registered
[  221.109163][ T5922] magicmouse 0003:05AC:0265.0010: probe with driver magicmouse failed with error -12
[  221.238884][  T972] usb 6-1: USB disconnect, device number 7
[  222.177312][ T9584] loop3: detected capacity change from 0 to 128
[  222.225702][ T9584] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF
[  222.230375][ T9584] FAT-fs (loop3): Filesystem has been set read-only
[  222.275703][   T33] audit: type=1326 audit(1758776516.206:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9589 comm="syz.3.1295" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d8b8ec29 code=0x7ffc0000
[  222.290722][ T5922] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  222.296436][   T33] audit: type=1326 audit(1758776516.206:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9589 comm="syz.3.1295" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d8b8ec29 code=0x7ffc0000
[  222.310865][   T33] audit: type=1326 audit(1758776516.216:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9589 comm="syz.3.1295" exe="/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7f24d8b8ec29 code=0x7ffc0000
[  222.331344][   T33] audit: type=1326 audit(1758776516.216:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9589 comm="syz.3.1295" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d8b8ec29 code=0x7ffc0000
[  222.350183][   T33] audit: type=1326 audit(1758776516.216:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9589 comm="syz.3.1295" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d8b8ec29 code=0x7ffc0000
[  222.401019][ T9595] netlink: 147608 bytes leftover after parsing attributes in process `syz.3.1297'.
[  222.404603][ T9595] netlink: 61831 bytes leftover after parsing attributes in process `syz.3.1297'.
[  222.451849][ T5922] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  222.454845][ T5922] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  222.458362][ T5922] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  222.468119][ T5922] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  222.474720][ T5922] usb 6-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  222.479031][ T5922] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  222.491528][ T5922] usb 6-1: config 0 descriptor??
[  222.617603][ T9610] loop3: detected capacity change from 0 to 8
[  222.707728][ T5922] hdpvr 6-1:0.0: firmware version 0x0 dated 
[  222.719610][ T5922] hdpvr 6-1:0.0: untested firmware, the driver might not work.
[  222.752323][ T9615] hub 1-0:1.0: USB hub found
[  222.761672][ T9615] hub 1-0:1.0: 1 port detected
[  222.901762][ T9625] loop3: detected capacity change from 0 to 512
[  222.935117][ T9625] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[  222.942343][ T9625] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.1312: invalid indirect mapped block 8 (level 2)
[  222.951667][ T9625] EXT4-fs (loop3): Remounting filesystem read-only
[  222.954658][ T9625] EXT4-fs (loop3): 1 truncate cleaned up
[  222.957909][ T9625] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  222.984297][ T7244] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.148967][ T5922] hdpvr 6-1:0.0: Could not setup controls
[  223.152112][ T5922] hdpvr 6-1:0.0: registering videodev failed
[  223.172289][ T5922] hdpvr 6-1:0.0: probe with driver hdpvr failed with error -71
[  223.177626][ T5922] usb 6-1: USB disconnect, device number 8
[  223.326971][ T9647] loop3: detected capacity change from 0 to 512
[  223.331990][ T9647] EXT4-fs: Ignoring removed nobh option
[  223.351284][ T9647] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -117
[  223.486680][ T9647] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.1321: invalid indirect mapped block 256 (level 1)
[  223.537313][ T9647] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.1321: invalid indirect mapped block 2683928664 (level 1)
[  223.659859][ T9647] EXT4-fs (loop3): 1 truncate cleaned up
[  223.670200][ T9647] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  223.710362][ T9647] EXT4-fs error (device loop3): ext4_lookup:1787: inode #14: comm syz.3.1321: invalid fast symlink length 39
[  223.749779][ T7244] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.725757][ T9675] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  225.030443][ T9691] tipc: Started in network mode
[  225.032400][ T9691] tipc: Node identity 7edd573b55e1, cluster identity 4711
[  225.036737][ T9691] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  225.057232][ T9691] syzkaller0: entered promiscuous mode
[  225.066185][ T9691] syzkaller0: entered allmulticast mode
[  225.112814][ T9697] netlink: 'syz.4.1342': attribute type 39 has an invalid length.
[  225.137501][ T9699] loop3: detected capacity change from 0 to 16
[  225.154458][ T9699] erofs (device loop3): mounted with root inode @ nid 36.
[  225.172098][ T9699] erofs (device loop3): bogus lookback distance 1388 @ lcn 42 of nid 36
[  225.182836][ T9699] erofs (device loop3): failed to decompress -23 in[64, 4032] out[1851]
[  225.192006][ T9700] tipc: Resetting bearer <eth:syzkaller0>
[  225.194846][ T9699] erofs (device loop3): read error -117 @ 43 of nid 36
[  225.203938][ T9690] tipc: Resetting bearer <eth:syzkaller0>
[  225.226360][ T9690] tipc: Disabling bearer <eth:syzkaller0>
[  226.860343][ T9745] loop3: detected capacity change from 0 to 4096
[  226.879128][ T9745] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  226.944179][ T9745] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  226.949079][ T9745] ntfs3(loop3): Failed to load $Extend (-22).
[  226.956489][ T9745] ntfs3(loop3): Failed to initialize $Extend.
[  227.543861][ T9758] loop3: detected capacity change from 0 to 512
[  227.582898][ T9758] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  227.587298][ T9758] ext4 filesystem being mounted at /276/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  227.656585][ T7244] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.271009][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880278e6400: rx timeout, send abort
[  228.771471][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880278e4400: rx timeout, send abort
[  228.775008][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880278e6400: abort rx timeout. Force session deactivation
[  229.044677][ T9820] loop5: detected capacity change from 0 to 64
[  229.095186][ T9820] BFS-fs: bfs_fill_super(): loop5 is unclean, continuing
[  229.274914][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880278e4400: abort rx timeout. Force session deactivation
[  229.604905][ T9822] loop3: detected capacity change from 0 to 32768
[  229.653875][ T9822] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  229.763125][ T9822] XFS (loop3): Ending clean mount
[  229.775480][ T9822] XFS (loop3): Quotacheck needed: Please wait.
[  229.847614][ T9822] XFS (loop3): Quotacheck: Done.
[  229.897461][ T9822] XFS (loop3): User initiated shutdown received.
[  229.901787][ T9822] XFS (loop3): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:476).  Shutting down filesystem.
[  229.907217][ T9822] XFS (loop3): Please unmount the filesystem and rectify the problem(s)
[  229.973437][ T7244] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  230.445406][ T9841] loop3: detected capacity change from 0 to 8
[  230.465530][ T9841] SQUASHFS error: xz decompression failed, data probably corrupt
[  230.468655][ T9841] SQUASHFS error: Failed to read block 0x108: -5
[  230.471607][ T9841] SQUASHFS error: Unable to read metadata cache entry [106]
[  230.475312][ T9841] SQUASHFS error: Unable to read inode 0x11f
[  231.247987][ T9861] loop3: detected capacity change from 0 to 1024
[  231.266841][ T9861] hfsplus: invalid extent max_key_len 0
[  231.281290][ T9861] hfsplus: failed to load extents file
[  231.499956][   T24] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  231.533419][   T33] audit: type=1326 audit(1758776525.466:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9867 comm="syz.3.1414" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d8b8ec29 code=0x7ffc0000
[  231.546048][   T33] audit: type=1326 audit(1758776525.466:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9867 comm="syz.3.1414" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d8b8ec29 code=0x7ffc0000
[  231.556209][   T33] audit: type=1326 audit(1758776525.476:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9867 comm="syz.3.1414" exe="/syz-executor" sig=0 arch=c000003e syscall=88 compat=0 ip=0x7f24d8b8ec29 code=0x7ffc0000
[  231.565224][   T33] audit: type=1326 audit(1758776525.476:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9867 comm="syz.3.1414" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d8b8ec29 code=0x7ffc0000
[  231.574467][   T33] audit: type=1326 audit(1758776525.476:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9867 comm="syz.3.1414" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d8b8ec29 code=0x7ffc0000
[  231.654811][   T24] usb 6-1: Using ep0 maxpacket: 16
[  231.664485][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  231.678108][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  231.682320][   T24] usb 6-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.00
[  231.685228][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  231.690560][   T24] usb 6-1: config 0 descriptor??
[  232.104637][ T9863] loop5: detected capacity change from 0 to 512
[  232.111983][ T9863] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846e02c, mo2=0002]
[  232.115467][ T9863] System zones: 1-12
[  232.118062][ T9863] EXT4-fs error (device loop5): dx_probe:791: inode #2: comm syz.5.1412: Directory hole found for htree index block 0
[  232.128898][ T9863] EXT4-fs (loop5): Remounting filesystem read-only
[  232.131843][ T9863] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -117
[  232.135365][ T9863] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117
[  232.150493][ T9863] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  232.167856][   T24] apple 0003:05AC:024B.0011: unknown main item tag 0x6
[  232.171244][   T24] apple 0003:05AC:024B.0011: unknown main item tag 0x6
[  232.173594][   T24] apple 0003:05AC:024B.0011: unknown main item tag 0x7
[  232.175756][   T24] apple 0003:05AC:024B.0011: item fetching failed at offset 67/69
[  232.178990][   T24] apple 0003:05AC:024B.0011: parse failed
[  232.181991][   T24] apple 0003:05AC:024B.0011: probe with driver apple failed with error -22
[  232.366924][ T5921] usb 6-1: USB disconnect, device number 9
[  232.787580][ T9903] overlayfs: failed to clone upperpath
[  233.138145][ T8714] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.554192][ T9931] loop5: detected capacity change from 0 to 512
[  233.559914][ T9931] EXT4-fs: Ignoring removed mblk_io_submit option
[  233.614371][ T9931] EXT4-fs error (device loop5): ext4_read_inode_bitmap:139: comm syz.5.1439: Invalid inode bitmap blk 4 in block_group 0
[  233.642834][ T9931] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  233.722339][ T8714] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.765399][ T9945] loop5: detected capacity change from 0 to 512
[  233.772283][ T9945] EXT4-fs error (device loop5): ext4_xattr_inode_iget:433: comm syz.5.1445: Parent and EA inode have the same ino 15
[  233.776918][ T9945] EXT4-fs (loop5): Remounting filesystem read-only
[  233.782349][ T9945] EXT4-fs (loop5): 1 orphan inode deleted
[  233.787233][ T9945] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  233.810928][ T8714] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  233.909623][  T972] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  233.915620][ T9950] 
[  233.996477][ T9961] loop5: detected capacity change from 0 to 128
[  234.003495][ T9961] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  234.013637][ T9961] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  234.082246][  T972] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  234.095606][  T972] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  234.104697][  T972] usb 4-1: New USB device found, idVendor=258a, idProduct=6a88, bcdDevice= 0.00
[  234.109195][  T972] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  234.121220][  T972] usb 4-1: config 0 descriptor??
[  234.385219][ T9985] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1462'.
[  234.422590][ T9985] team1: entered promiscuous mode
[  234.424789][ T9985] team1: entered allmulticast mode
[  234.549929][  T972] itetech 0003:258A:6A88.0012: hidraw0: USB HID v0.00 Device [HID 258a:6a88] on usb-dummy_hcd.3-1/input0
[  234.756743][   T52] usb 4-1: USB disconnect, device number 12
[  234.886534][T10002] netlink: zone id is out of range
[  234.912828][T10002] netlink: zone id is out of range
[  234.918336][T10002] netlink: zone id is out of range
[  234.933450][T10002] netlink: zone id is out of range
[  234.938773][T10002] netlink: zone id is out of range
[  234.950727][T10002] netlink: zone id is out of range
[  234.970859][T10002] netlink: zone id is out of range
[  234.972980][T10002] netlink: zone id is out of range
[  235.011043][T10002] netlink: zone id is out of range
[  235.026546][T10002] netlink: zone id is out of range
[  235.552888][T10033] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1479'.
[  235.565729][T10033] bond0: entered promiscuous mode
[  235.571880][T10033] bond_slave_0: entered promiscuous mode
[  235.574256][T10033] bond_slave_1: entered promiscuous mode
[  235.582066][T10033] bond0: left promiscuous mode
[  235.583699][T10033] bond_slave_0: left promiscuous mode
[  235.585596][T10033] bond_slave_1: left promiscuous mode
[  235.879907][T10049] netlink: 35 bytes leftover after parsing attributes in process `syz.5.1484'.
[  235.890952][T10049] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1484'.
[  236.607077][T10091] netlink: 'syz.5.1504': attribute type 10 has an invalid length.
[  236.630622][T10091] 8021q: adding VLAN 0 to HW filter on device batadv0
[  236.641274][T10091] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  236.896372][   T52] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  237.053610][T10110] loop5: detected capacity change from 0 to 1024
[  237.073284][   T52] usb 4-1: Using ep0 maxpacket: 16
[  237.228131][   T52] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  237.233286][   T52] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  237.237019][   T52] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  237.243765][   T52] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  237.247774][   T52] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  237.259240][   T52] usb 4-1: config 0 descriptor??
[  237.853468][   T52] microsoft 0003:045E:07DA.0013: ignoring exceeding usage max
[  237.858140][   T52] microsoft 0003:045E:07DA.0013: unsupported Resolution Multiplier 0
[  237.865655][   T52] microsoft 0003:045E:07DA.0013: implement() called with n (152) > 32! (kworker/1:1)
[  238.074741][   T52] microsoft 0003:045E:07DA.0013: unsupported Resolution Multiplier 0
[  238.090379][   T52] microsoft 0003:045E:07DA.0013: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[  238.095174][   T52] microsoft 0003:045E:07DA.0013: no inputs found
[  238.097754][   T52] microsoft 0003:045E:07DA.0013: could not initialize ff, continuing anyway
[  238.305987][ T5922] usb 4-1: USB disconnect, device number 13
[  238.684185][T10144] loop5: detected capacity change from 0 to 128
[  238.707824][T10144] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  238.713196][T10144] ext4 filesystem being mounted at /141/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  239.256476][T10159] fuse: Bad value for 'fd'
[  239.270383][T10159] overlayfs: overlapping lowerdir path
[  240.287566][ T8714] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  240.436355][T10168] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1534'.
[  240.697200][T10187] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1545'.
[  240.701610][T10187] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1545'.
[  240.765774][T10192] netlink: 20 bytes leftover after parsing attributes in process `syz.3.1547'.
[  241.049618][ T5922] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  241.474372][ T5922] usb 4-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.17
[  241.477950][ T5922] usb 4-1: New USB device strings: Mfr=129, Product=2, SerialNumber=3
[  241.481533][ T5922] usb 4-1: Product: syz
[  241.483355][ T5922] usb 4-1: Manufacturer: syz
[  241.485203][ T5922] usb 4-1: SerialNumber: syz
[  241.489834][ T5922] usb 4-1: config 0 descriptor??
[  241.495650][ T5922] ch341 4-1:0.0: ch341-uart converter detected
[  241.526153][T10204] netlink: 'syz.4.1552': attribute type 11 has an invalid length.
[  242.353233][ T5922] usb 4-1: failed to send control message: -71
[  242.355597][ T5922] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[  242.367530][ T5922] usb 4-1: USB disconnect, device number 14
[  242.372625][ T5922] ch341 4-1:0.0: device disconnected
[  242.799049][T10225] Scaler: =================  START STATUS  =================
[  242.809090][T10225] Scaler: ==================  END STATUS  ==================
[  242.909306][T10237] loop3: detected capacity change from 0 to 128
[  242.927566][T10237] hpfs: hpfs_map_sector(): read error
[  242.932171][T10237] hpfs: filesystem error: can't load hotfix map; going on - but anything won't be destroyed because it's read-only
[  242.967080][T10237] hpfs: hpfs_map_sector(): read error
[  244.557737][   T52] usb 4-1: new full-speed USB device number 15 using dummy_hcd
[  244.717517][   T52] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  244.735369][   T52] usb 4-1: config 0 interface 0 altsetting 251 endpoint 0x81 has invalid wMaxPacketSize 0
[  244.739210][   T52] usb 4-1: config 0 interface 0 has no altsetting 0
[  244.768015][   T52] usb 4-1: New USB device found, idVendor=046d, idProduct=c283, bcdDevice= 0.00
[  244.786395][   T52] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  244.814369][   T52] usb 4-1: config 0 descriptor??
[  245.038519][T10283] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1587'.
[  245.126137][T10290] dlm: no locking on control device
[  245.127730][T10287] 8021q: adding VLAN 0 to HW filter on device bond1
[  245.143324][T10287] bond_slave_0: entered promiscuous mode
[  245.145607][T10287] bond_slave_1: entered promiscuous mode
[  245.148203][T10287] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  245.154910][T10287] bond1: (slave macvlan2): Enslaving as a backup interface with an up link
[  245.202659][T10292] netlink: 'syz.5.1591': attribute type 1 has an invalid length.
[  245.257734][   T52] logitech 0003:046D:C283.0014: unknown main item tag 0x0
[  245.261154][   T52] logitech 0003:046D:C283.0014: unknown main item tag 0x0
[  245.275894][   T52] logitech 0003:046D:C283.0014: hidraw0: USB HID v0.00 Device [HID 046d:c283] on usb-dummy_hcd.3-1/input0
[  245.281133][   T52] logitech 0003:046D:C283.0014: no inputs found
[  245.301019][T10300] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  245.322644][T10292] 8021q: adding VLAN 0 to HW filter on device bond1
[  245.323330][ T5678] net_ratelimit: 5 callbacks suppressed
[  245.323344][ T5678] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  245.372431][   T33] audit: type=1326 audit(1758776539.306:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10303 comm="syz.4.1596" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850818ec29 code=0x7ffc0000
[  245.395178][   T33] audit: type=1326 audit(1758776539.306:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10303 comm="syz.4.1596" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850818ec29 code=0x7ffc0000
[  245.404446][   T33] audit: type=1326 audit(1758776539.316:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10303 comm="syz.4.1596" exe="/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7f850818ec29 code=0x7ffc0000
[  245.419941][   T33] audit: type=1326 audit(1758776539.326:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10303 comm="syz.4.1596" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850818ec29 code=0x7ffc0000
[  245.432722][   T33] audit: type=1326 audit(1758776539.326:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10303 comm="syz.4.1596" exe="/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7f850818ec29 code=0x7ffc0000
[  245.449562][   T33] audit: type=1326 audit(1758776539.326:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10303 comm="syz.4.1596" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850818ec29 code=0x7ffc0000
[  245.470115][   T52] usb 4-1: USB disconnect, device number 15
[  245.628892][T10292] bond1 (unregistering): (slave ip6gretap1): Removing an active aggregator
[  245.633969][T10292] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface
[  245.640469][T10292] bond1 (unregistering): Released all slaves
[  245.656359][T10308] netlink: 48 bytes leftover after parsing attributes in process `syz.4.1598'.
[  246.189825][T10328] loop3: detected capacity change from 0 to 32768
[  246.212448][T10328] bcachefs (/dev/loop3): error validating superblock: Invalid superblock section clean: entry type (unknown jset_entry_type 255) overruns end of section
[  246.212448][T10328] clean (size 2912):
[  246.212448][T10328] flags:          0
[  246.212448][T10328] journal_seq:    8
[  246.212448][T10328] usage: type=inodes v=8
[  246.212448][T10328] usage: type=key_version v=0
[  246.212448][T10328] usage: type=reserved v=0
[  246.212448][T10328] usage: type=reserved v=0
[  246.212448][T10328] usage: type=reserved v=0
[  246.212448][T10328] usage: type=reserved v=0
[  246.212448][T10328] data_usage: free: 0/0 []=9895604652800
[  246.212448][T10328] data_usage: journal: 1/1 [0]=0
[  246.212448][T10328] data_usage: user: 1/1 [0]=32
[  246.212448][T10328] dev_usage: dev=0  
[  246.212448][T10328]   free: buckets=83 sectors=0 fragmented=0
[  246.212448][T10328]   sb: buckets=25 sectors=6152 fragmented=248
[  246.212448][T10328]   journal: buckets=8 sectors=2048 fragmented=0
[  246.212448][T10328]   btree: buckets=11 sectors=2816 fragmented=0
[  246.212448][T10328]   user: buckets=1 sectors=32 fragmented=224
[  246.212448][T10328]   cached: buckets=0 sectors=0 fragmented=0
[  246.212448][T10328]   parity: buckets=0 sectors=0 fragmented=0
[  246.212448][T10328]   stripe: buckets=0 sectors=0 fragmented=0
[  246.212448][T10328]   need_gc_gens: buckets=0 sectors=0 fragmented=0
[  246.212448][T10328]   need_discard: buckets=0 sectors=0 fragmented=0
[  246.212448][T10328] clock: read=0
[  246.212448][T10328] clock: write=1288
[  246.212448][T10328] btree_root: btree=extents level=0 u64s 11 type btree_ptr_v2 SPO
[  246.212591][T10328] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean
[  246.582154][T10341] loop3: detected capacity change from 0 to 1024
[  247.836477][T10357] loop3: detected capacity change from 0 to 128
[  247.856351][T10357] omfs: Bad value for 'fmask'
[  248.359253][T10374] netlink: 'syz.4.1623': attribute type 3 has an invalid length.
[  248.427744][T10379] tipc: Started in network mode
[  248.431073][T10379] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  248.434015][T10379] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  249.006037][T10390] loop5: detected capacity change from 0 to 2048
[  249.015735][T10390] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  249.028475][   T33] audit: type=1800 audit(1758776542.956:71): pid=10390 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1629" name="file1" dev="loop5" ino=1335 res=0 errno=0
[  249.098424][   T33] audit: type=1800 audit(1758776543.026:72): pid=10390 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.1629" name="file1" dev="loop5" ino=1335 res=0 errno=0
[  249.259108][T10395] loop5: detected capacity change from 0 to 256
[  249.367941][T10399] loop3: detected capacity change from 0 to 2048
[  249.378164][T10399] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  249.832663][T10413] IPVS: sync thread started: state = BACKUP, mcast_ifn = batadv0, syncid = 4, id = 0
[  250.307351][T10415] input: syz1 as /devices/virtual/input/input10
[  250.451042][T10419] loop5: detected capacity change from 0 to 128
[  250.463313][T10419] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  250.485889][T10419] ext4 filesystem being mounted at /173/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  250.530741][ T8714] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  251.068964][T10438] loop3: detected capacity change from 0 to 1764
[  251.078189][T10438] iso9660: Unexpected value for 'overriderockperm'
[  251.611616][T10468] kernel profiling enabled (shift: 63)
[  251.613682][T10468] profiling shift: 63 too large
[  252.187325][T10508] overlayfs: failed to clone upperpath
[  252.402058][ T5237] Bluetooth: hci1: command 0x0406 tx timeout
[  252.414780][T10517] netlink: 'syz.3.1685': attribute type 30 has an invalid length.
[  254.095901][T10577] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1713'.
[  254.377568][T10587] loop3: detected capacity change from 0 to 4096
[  254.405916][T10587] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[  254.503328][T10601] Device name not specified.
[  254.503328][T10601] 
[  254.629230][T10605] geneve2: entered promiscuous mode
[  254.635133][T10605] geneve2: entered allmulticast mode
[  254.685910][T10600] loop5: detected capacity change from 0 to 40427
[  254.695268][T10600] F2FS-fs (loop5): invalid crc value
[  254.734557][T10600] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  254.737736][T10600] F2FS-fs (loop5): Start checkpoint disabled!
[  254.742476][T10600] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  254.752552][   T33] audit: type=1800 audit(1758776548.676:73): pid=10600 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1725" name="file1" dev="loop5" ino=10 res=0 errno=0
[  254.898509][T10616] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1732'.
[  254.972946][T10618] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1725'.
[  254.976133][T10618] netlink: 348 bytes leftover after parsing attributes in process `syz.5.1725'.
[  254.979804][T10618] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1725'.
[  254.983302][T10618] netlink: 348 bytes leftover after parsing attributes in process `syz.5.1725'.
[  254.986819][T10618] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1725'.
[  255.099518][T10619] syz.5.1725: attempt to access beyond end of device
[  255.099518][T10619] loop5: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  255.108788][T10619] syz.5.1725: attempt to access beyond end of device
[  255.108788][T10619] loop5: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  255.117117][T10619] syz.5.1725: attempt to access beyond end of device
[  255.117117][T10619] loop5: rw=2049, sector=45112, nr_sectors = 8 limit=40427
[  255.122955][T10619] syz.5.1725: attempt to access beyond end of device
[  255.122955][T10619] loop5: rw=2049, sector=45120, nr_sectors = 8 limit=40427
[  255.129077][T10619] syz.5.1725: attempt to access beyond end of device
[  255.129077][T10619] loop5: rw=2049, sector=45128, nr_sectors = 8 limit=40427
[  255.136450][T10619] syz.5.1725: attempt to access beyond end of device
[  255.136450][T10619] loop5: rw=2049, sector=45136, nr_sectors = 16 limit=40427
[  255.142000][T10619] syz.5.1725: attempt to access beyond end of device
[  255.142000][T10619] loop5: rw=2049, sector=45152, nr_sectors = 8 limit=40427
[  255.146600][T10619] syz.5.1725: attempt to access beyond end of device
[  255.146600][T10619] loop5: rw=2049, sector=45160, nr_sectors = 8 limit=40427
[  255.153504][T10619] syz.5.1725: attempt to access beyond end of device
[  255.153504][T10619] loop5: rw=2049, sector=45168, nr_sectors = 8 limit=40427
[  255.158053][T10619] syz.5.1725: attempt to access beyond end of device
[  255.158053][T10619] loop5: rw=2049, sector=45176, nr_sectors = 8 limit=40427
[  255.194380][T10620] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  255.386839][ T1100] CPU: 1 UID: 0 PID: 1100 Comm: kworker/u10:9 Not tainted syzkaller #0 PREEMPT(full) 
[  255.386862][ T1100] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  255.386870][ T1100] Workqueue: writeback wb_workfn (flush-7:5)
[  255.386895][ T1100] Call Trace:
[  255.386900][ T1100]  <TASK>
[  255.386907][ T1100]  dump_stack_lvl+0x189/0x250
[  255.386927][ T1100]  ? __pfx_dump_stack_lvl+0x10/0x10
[  255.386943][ T1100]  ? __pfx_queue_work_on+0x10/0x10
[  255.386955][ T1100]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  255.386974][ T1100]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  255.386998][ T1100]  f2fs_handle_critical_error+0x37c/0x540
[  255.387020][ T1100]  f2fs_write_end_io+0x886/0xb60
[  255.387046][ T1100]  __submit_merged_bio+0x27a/0x6a0
[  255.387072][ T1100]  __submit_merged_write_cond+0x255/0x530
[  255.387098][ T1100]  f2fs_write_data_pages+0x261d/0x3000
[  255.387168][ T1100]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  255.387197][ T1100]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  255.387262][ T1100]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  255.387294][ T1100]  ? trace_f2fs_writepages+0x7f/0x200
[  255.387339][ T1100]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  255.387360][ T1100]  do_writepages+0x32e/0x550
[  255.387384][ T1100]  ? reacquire_held_locks+0x127/0x1d0
[  255.387399][ T1100]  ? writeback_sb_inodes+0x384/0x1010
[  255.387424][ T1100]  __writeback_single_inode+0x145/0xff0
[  255.387441][ T1100]  ? do_raw_spin_unlock+0x4d/0x240
[  255.387462][ T1100]  writeback_sb_inodes+0x6c7/0x1010
[  255.387477][ T1100]  ? lockdep_hardirqs_on+0x9c/0x150
[  255.387514][ T1100]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  255.387572][ T1100]  ? rcu_is_watching+0x15/0xb0
[  255.387596][ T1100]  wb_writeback+0x43b/0xaf0
[  255.387621][ T1100]  ? queue_io+0x361/0x590
[  255.387641][ T1100]  ? __pfx_wb_writeback+0x10/0x10
[  255.387663][ T1100]  ? _raw_spin_unlock_irq+0x23/0x50
[  255.387688][ T1100]  wb_workfn+0x409/0xef0
[  255.387711][ T1100]  ? __pfx_wb_workfn+0x10/0x10
[  255.387729][ T1100]  ? __lock_acquire+0xab9/0xd20
[  255.387760][ T1100]  ? process_scheduled_works+0x9ef/0x17b0
[  255.387780][ T1100]  ? _raw_spin_unlock_irq+0x23/0x50
[  255.387798][ T1100]  ? process_scheduled_works+0x9ef/0x17b0
[  255.387810][ T1100]  ? process_scheduled_works+0x9ef/0x17b0
[  255.387825][ T1100]  process_scheduled_works+0xae1/0x17b0
[  255.387867][ T1100]  ? __pfx_process_scheduled_works+0x10/0x10
[  255.387896][ T1100]  worker_thread+0x8a0/0xda0
[  255.387914][ T1100]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  255.387941][ T1100]  ? __kthread_parkme+0x7b/0x200
[  255.387966][ T1100]  kthread+0x711/0x8a0
[  255.387986][ T1100]  ? __pfx_worker_thread+0x10/0x10
[  255.387999][ T1100]  ? __pfx_kthread+0x10/0x10
[  255.388018][ T1100]  ? _raw_spin_unlock_irq+0x23/0x50
[  255.388038][ T1100]  ? lockdep_hardirqs_on+0x9c/0x150
[  255.388050][ T1100]  ? __pfx_kthread+0x10/0x10
[  255.388068][ T1100]  ret_from_fork+0x439/0x7d0
[  255.388086][ T1100]  ? __pfx_ret_from_fork+0x10/0x10
[  255.388106][ T1100]  ? __switch_to_asm+0x39/0x70
[  255.388153][ T1100]  ? __switch_to_asm+0x33/0x70
[  255.388168][ T1100]  ? __pfx_kthread+0x10/0x10
[  255.388185][ T1100]  ret_from_fork_asm+0x1a/0x30
[  255.388217][ T1100]  </TASK>
[  255.388225][ T1100] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  255.445064][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  255.445155][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  255.500081][T10632] loop3: detected capacity change from 0 to 2048
[  257.113823][ T5922] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  257.291919][ T5922] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  257.295496][ T5922] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  257.298628][ T5922] usb 6-1: New USB device found, idVendor=05ac, idProduct=025b, bcdDevice= 0.00
[  257.319731][ T5922] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  257.329201][ T5922] usb 6-1: config 0 descriptor??
[  257.771894][ T5922] apple 0003:05AC:025B.0015: hidraw0: USB HID v0.00 Device [HID 05ac:025b] on usb-dummy_hcd.5-1/input0
[  257.967285][  T972] usb 6-1: USB disconnect, device number 10
[  258.560603][  T972] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  258.714311][  T972] usb 4-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  258.717690][  T972] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  258.721624][  T972] usb 4-1: Product: syz
[  258.723400][  T972] usb 4-1: Manufacturer: syz
[  258.725048][  T972] usb 4-1: SerialNumber: syz
[  258.741478][  T972] usb 4-1: config 0 descriptor??
[  258.748393][  T972] ch341 4-1:0.0: ch341-uart converter detected
[  258.816315][T10667] loop5: detected capacity change from 0 to 32768
[  259.033527][T10684] netlink: 'syz.4.1763': attribute type 10 has an invalid length.
[  259.041161][T10684] team0: Device hsr_slave_0 failed to register rx_handler
[  259.555399][  T972] usb 4-1: failed to send control message: -71
[  259.557623][  T972] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[  259.562117][  T972] usb 4-1: USB disconnect, device number 16
[  259.564923][  T972] ch341 4-1:0.0: device disconnected
[  259.749547][ T5922] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  259.900206][ T5922] usb 6-1: Using ep0 maxpacket: 16
[  259.904466][ T5922] usb 6-1: unable to get BOS descriptor or descriptor too short
[  259.908652][ T5922] usb 6-1: config 5 has an invalid interface number: 29 but max is 0
[  259.914393][ T5922] usb 6-1: config 5 has no interface number 0
[  259.916782][ T5922] usb 6-1: config 5 interface 29 has no altsetting 0
[  259.922265][ T5922] usb 6-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=90.00
[  259.925669][ T5922] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  259.928721][ T5922] usb 6-1: Product: syz
[  259.933152][ T5922] usb 6-1: Manufacturer: syz
[  259.935117][ T5922] usb 6-1: SerialNumber: syz
[  260.157936][ T5922] usb 6-1: Found UVC 0.00 device syz (05ac:8501)
[  260.163334][ T5922] usb 6-1: No valid video chain found.
[  260.182023][ T5922] usb 6-1: USB disconnect, device number 11
[  260.420947][   T33] audit: type=1326 audit(1758776554.356:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10713 comm="syz.3.1776" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24d8b8ec29 code=0x7ffc0000
[  260.425953][T10714] loop3: detected capacity change from 0 to 512
[  260.433007][T10714] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  260.436729][   T33] audit: type=1326 audit(1758776554.356:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10713 comm="syz.3.1776" exe="/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f24d8b8ec29 code=0x7ffc0000
[  260.454512][   T33] audit: type=1326 audit(1758776554.356:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10713 comm="syz.3.1776" exe="/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f24d8b8ec63 code=0x7ffc0000
[  260.477330][T10714] EXT4-fs (loop3): 1 truncate cleaned up
[  260.482666][T10714] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  260.486996][   T33] audit: type=1326 audit(1758776554.356:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10713 comm="syz.3.1776" exe="/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f24d8b8d6df code=0x7ffc0000
[  260.507108][   T33] audit: type=1326 audit(1758776554.356:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10713 comm="syz.3.1776" exe="/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f24d8b8ecb7 code=0x7ffc0000
[  260.515486][   T33] audit: type=1326 audit(1758776554.356:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10713 comm="syz.3.1776" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f24d8b8d590 code=0x7ffc0000
[  260.524273][   T33] audit: type=1326 audit(1758776554.356:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10713 comm="syz.3.1776" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f24d8b8e82b code=0x7ffc0000
[  260.534181][ T7244] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.537252][   T33] audit: type=1326 audit(1758776554.366:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10713 comm="syz.3.1776" exe="/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f24d8b8d88a code=0x7ffc0000
[  260.545801][   T33] audit: type=1326 audit(1758776554.366:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10713 comm="syz.3.1776" exe="/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f24d8b8d88a code=0x7ffc0000
[  260.583181][   T33] audit: type=1326 audit(1758776554.366:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10713 comm="syz.3.1776" exe="/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f24d8b8d497 code=0x7ffc0000
[  260.793092][T10730] syz.5.1782 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  260.914698][T10738] /dev/nbd4: Can't lookup blockdev
[  260.997103][T10742] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1789'.
[  261.163232][T10759] loop3: detected capacity change from 0 to 256
[  261.343143][T10771] netlink: 'syz.5.1803': attribute type 1 has an invalid length.
[  261.345499][T10771] netlink: 'syz.5.1803': attribute type 1 has an invalid length.
[  261.401619][T10775] netlink: 'syz.5.1805': attribute type 4 has an invalid length.
[  261.422798][T10775] netlink: 'syz.5.1805': attribute type 4 has an invalid length.
[  261.691125][T10792] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1812'.
[  262.111899][T10825] batadv_slave_1: entered promiscuous mode
[  262.858902][T10821] batadv_slave_1: left promiscuous mode
[  263.499610][ T5315] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  263.651210][ T5315] usb 6-1: Using ep0 maxpacket: 16
[  263.702393][ T5315] usb 6-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  263.706102][ T5315] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  263.709246][ T5315] usb 6-1: Product: syz
[  263.711865][ T5315] usb 6-1: Manufacturer: syz
[  263.713713][ T5315] usb 6-1: SerialNumber: syz
[  263.722321][ T5315] usb 6-1: config 0 descriptor??
[  263.733694][ T5315] ftdi_sio 6-1:0.0: FTDI USB Serial Device converter detected
[  263.738094][ T5315] usb 6-1: Detected FT232H
[  263.935104][ T5315] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  263.945164][ T5315] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  263.951582][ T5315] ftdi_sio 6-1:0.0: GPIO initialisation failed: -71
[  263.956387][ T5315] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  263.965472][ T5315] usb 6-1: USB disconnect, device number 12
[  263.973341][ T5315] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  263.978338][ T5315] ftdi_sio 6-1:0.0: device disconnected
[  264.467879][T10859] netlink: 392 bytes leftover after parsing attributes in process `syz.4.1840'.
[  270.774918][ T5315] libceph: connect (1)[c::]:6789 error -101
[  270.818210][ T5315] libceph: mon0 (1)[c::]:6789 connect error
[  271.100104][ T5315] libceph: connect (1)[c::]:6789 error -101
[  271.105906][ T5315] libceph: mon0 (1)[c::]:6789 connect error
[  271.472075][T10959] ceph: No mds server is up or the cluster is laggy
[  271.660795][ T5922] libceph: connect (1)[c::]:6789 error -101
[  271.663957][ T5922] libceph: mon0 (1)[c::]:6789 connect error
[  271.874903][   T33] kauditd_printk_skb: 10 callbacks suppressed
[  271.874917][   T33] audit: type=1326 audit(1758776565.806:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10971 comm="syz.3.1886" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f24d8b8ec29 code=0x0
[  272.147061][T10982] loop3: detected capacity change from 0 to 128
[  272.160324][T10982] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a84ec018, mo2=0002]
[  272.167652][T10982] System zones: 1-3, 19-19, 35-36
[  272.181535][T10982] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  272.201380][T10982] ext4 filesystem being mounted at /420/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  272.220632][T10982] EXT4-fs warning (device loop3): verify_group_input:137: Cannot add at group 1785754215 (only 1 groups)
[  272.241850][T10970] loop5: detected capacity change from 0 to 32768
[  272.248929][T10970] (syz.5.1885,10970,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  272.259150][ T7244] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  272.259780][T10970] (syz.5.1885,10970,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  272.298774][T10970] JBD2: Ignoring recovery information on journal
[  272.344809][T10970] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  272.450113][T10990] netlink: 'syz.3.1893': attribute type 10 has an invalid length.
[  272.457298][T10990] netlink: 40 bytes leftover after parsing attributes in process `syz.3.1893'.
[  272.481626][T10990] batman_adv: batadv0: Adding interface: virt_wifi0
[  272.488370][T10990] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  272.501769][T10990] batman_adv: batadv0: Interface activated: virt_wifi0
[  272.505374][ T8714] ocfs2: Unmounting device (7,5) on (node local)
[  272.695630][T10995] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1896'.
[  272.765084][T10999] loop5: detected capacity change from 0 to 128
[  272.785824][   T33] audit: type=1800 audit(1758776566.716:95): pid=10999 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1897" name="file2" dev="loop5" ino=1048675 res=0 errno=0
[  272.799096][T10999] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  272.808921][T11003] loop3: detected capacity change from 0 to 16
[  272.812954][   T33] audit: type=1326 audit(1758776566.726:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11000 comm="syz.4.1898" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850818ec29 code=0x7ffc0000
[  272.822298][T10999] FAT-fs (loop5): Filesystem has been set read-only
[  272.825102][T10999] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000100)
[  272.829058][T10999] bio_check_eod: 176 callbacks suppressed
[  272.829087][T10999] syz.5.1897: attempt to access beyond end of device
[  272.829087][T10999] loop5: rw=2049, sector=2065, nr_sectors = 8 limit=128
[  272.837874][T11003] erofs (device loop3): mounted with root inode @ nid 36.
[  272.838010][   T33] audit: type=1326 audit(1758776566.726:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11000 comm="syz.4.1898" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850818ec29 code=0x7ffc0000
[  272.875999][   T33] audit: type=1326 audit(1758776566.736:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11000 comm="syz.4.1898" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f850818ec29 code=0x7ffc0000
[  272.896179][   T33] audit: type=1326 audit(1758776566.736:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11000 comm="syz.4.1898" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850818ec29 code=0x7ffc0000
[  272.924435][   T33] audit: type=1326 audit(1758776566.736:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11000 comm="syz.4.1898" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850818ec29 code=0x7ffc0000
[  272.946345][   T33] audit: type=1326 audit(1758776566.766:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11000 comm="syz.4.1898" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f850818ec29 code=0x7ffc0000
[  272.969734][   T33] audit: type=1326 audit(1758776566.766:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11000 comm="syz.4.1898" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850818ec29 code=0x7ffc0000
[  272.978117][   T33] audit: type=1326 audit(1758776566.766:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11000 comm="syz.4.1898" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850818ec29 code=0x7ffc0000
[  273.557357][T11031] loop5: detected capacity change from 0 to 512
[  273.573159][T11031] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  273.585270][T11031] EXT4-fs (loop5): inodes count not valid: 24 vs 32
[  273.914336][T11035] loop3: detected capacity change from 0 to 32768
[  274.007463][T11035] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  274.149115][ T7244] ocfs2: Unmounting device (7,3) on (node local)
[  274.359818][T11050] loop5: detected capacity change from 0 to 40427
[  274.367325][T11050] F2FS-fs (loop5): invalid crc value
[  274.424953][T11050] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  274.428771][T11050] F2FS-fs (loop5): Start checkpoint disabled!
[  274.433764][T11050] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  274.920894][T11059] syz.5.1918: attempt to access beyond end of device
[  274.920894][T11059] loop5: rw=2049, sector=77824, nr_sectors = 2568 limit=40427
[  274.941679][T11060] syz.5.1918: attempt to access beyond end of device
[  274.941679][T11060] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  274.950909][T11060] syz.5.1918: attempt to access beyond end of device
[  274.950909][T11060] loop5: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  274.960609][T11060] syz.5.1918: attempt to access beyond end of device
[  274.960609][T11060] loop5: rw=2049, sector=45112, nr_sectors = 8 limit=40427
[  274.967727][T11060] syz.5.1918: attempt to access beyond end of device
[  274.967727][T11060] loop5: rw=2049, sector=45120, nr_sectors = 8 limit=40427
[  274.979077][T11060] syz.5.1918: attempt to access beyond end of device
[  274.979077][T11060] loop5: rw=2049, sector=45128, nr_sectors = 8 limit=40427
[  274.983619][T11060] syz.5.1918: attempt to access beyond end of device
[  274.983619][T11060] loop5: rw=2049, sector=45136, nr_sectors = 8 limit=40427
[  274.988424][T11060] syz.5.1918: attempt to access beyond end of device
[  274.988424][T11060] loop5: rw=2049, sector=45144, nr_sectors = 8 limit=40427
[  274.992871][T11060] syz.5.1918: attempt to access beyond end of device
[  274.992871][T11060] loop5: rw=2049, sector=45152, nr_sectors = 8 limit=40427
[  275.180002][  T572] CPU: 1 UID: 0 PID: 572 Comm: kworker/u10:3 Not tainted syzkaller #0 PREEMPT(full) 
[  275.180026][  T572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  275.180035][  T572] Workqueue: writeback wb_workfn (flush-7:5)
[  275.180058][  T572] Call Trace:
[  275.180064][  T572]  <TASK>
[  275.180071][  T572]  dump_stack_lvl+0x189/0x250
[  275.180094][  T572]  ? __pfx_dump_stack_lvl+0x10/0x10
[  275.180110][  T572]  ? __pfx_queue_work_on+0x10/0x10
[  275.180125][  T572]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  275.180147][  T572]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  275.180177][  T572]  f2fs_handle_critical_error+0x37c/0x540
[  275.180205][  T572]  f2fs_write_end_io+0x886/0xb60
[  275.180236][  T572]  __submit_merged_bio+0x27a/0x6a0
[  275.180262][  T572]  __submit_merged_write_cond+0x255/0x530
[  275.180287][  T572]  f2fs_write_data_pages+0x261d/0x3000
[  275.180332][  T572]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  275.180358][  T572]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  275.180402][  T572]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  275.180432][  T572]  ? trace_f2fs_writepages+0x7f/0x200
[  275.180452][  T572]  ? f2fs_write_node_pages+0x478/0x6e0
[  275.180474][  T572]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  275.180506][  T572]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  275.180521][  T572]  do_writepages+0x32e/0x550
[  275.180546][  T572]  ? reacquire_held_locks+0x127/0x1d0
[  275.180561][  T572]  ? writeback_sb_inodes+0x384/0x1010
[  275.180585][  T572]  __writeback_single_inode+0x145/0xff0
[  275.180602][  T572]  ? do_raw_spin_unlock+0x4d/0x240
[  275.180624][  T572]  writeback_sb_inodes+0x6c7/0x1010
[  275.180647][  T572]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  275.180683][  T572]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  275.180737][  T572]  ? rcu_is_watching+0x15/0xb0
[  275.180762][  T572]  wb_writeback+0x43b/0xaf0
[  275.180786][  T572]  ? queue_io+0x361/0x590
[  275.180832][  T572]  ? __pfx_wb_writeback+0x10/0x10
[  275.180858][  T572]  ? _raw_spin_unlock_irq+0x23/0x50
[  275.180883][  T572]  wb_workfn+0x409/0xef0
[  275.180912][  T572]  ? __pfx_wb_workfn+0x10/0x10
[  275.180930][  T572]  ? __lock_acquire+0xab9/0xd20
[  275.180961][  T572]  ? process_scheduled_works+0x9ef/0x17b0
[  275.180980][  T572]  ? _raw_spin_unlock_irq+0x23/0x50
[  275.180998][  T572]  ? process_scheduled_works+0x9ef/0x17b0
[  275.181010][  T572]  ? process_scheduled_works+0x9ef/0x17b0
[  275.181026][  T572]  process_scheduled_works+0xae1/0x17b0
[  275.181066][  T572]  ? __pfx_process_scheduled_works+0x10/0x10
[  275.181096][  T572]  worker_thread+0x8a0/0xda0
[  275.181114][  T572]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  275.181142][  T572]  ? __kthread_parkme+0x7b/0x200
[  275.181166][  T572]  kthread+0x711/0x8a0
[  275.181187][  T572]  ? __pfx_worker_thread+0x10/0x10
[  275.181200][  T572]  ? __pfx_kthread+0x10/0x10
[  275.181218][  T572]  ? _raw_spin_unlock_irq+0x23/0x50
[  275.181237][  T572]  ? lockdep_hardirqs_on+0x9c/0x150
[  275.181251][  T572]  ? __pfx_kthread+0x10/0x10
[  275.181267][  T572]  ret_from_fork+0x439/0x7d0
[  275.181286][  T572]  ? __pfx_ret_from_fork+0x10/0x10
[  275.181306][  T572]  ? __switch_to_asm+0x39/0x70
[  275.181327][  T572]  ? __switch_to_asm+0x33/0x70
[  275.181343][  T572]  ? __pfx_kthread+0x10/0x10
[  275.181360][  T572]  ret_from_fork_asm+0x1a/0x30
[  275.181390][  T572]  </TASK>
[  275.181396][  T572] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  275.422509][T11072] loop3: detected capacity change from 0 to 128
[  275.473196][T11072] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  276.177819][T11086] loop5: detected capacity change from 0 to 2048
[  276.183680][T11086] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  276.192379][ T5862] udevd[5862]: incorrect nilfs2 checksum on /dev/loop5
[  276.201674][T11087] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  276.435915][T11092] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1931'.
[  276.450214][T11092] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1931'.
[  276.453999][T11092] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1931'.
[  276.457661][T11092] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1931'.
[  276.779553][   T52] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  276.936025][   T52] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  276.944837][   T52] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  276.948229][   T52] usb 6-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  276.953281][   T52] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  276.961146][   T52] usb 6-1: config 0 descriptor??
[  277.464603][   T52] cp2112 0003:10C4:EA90.0016: unknown main item tag 0x0
[  277.473878][   T52] cp2112 0003:10C4:EA90.0016: unknown main item tag 0x0
[  277.476871][   T52] cp2112 0003:10C4:EA90.0016: unknown main item tag 0x0
[  277.481729][   T52] cp2112 0003:10C4:EA90.0016: unknown main item tag 0x0
[  277.485604][   T52] cp2112 0003:10C4:EA90.0016: unknown main item tag 0x0
[  277.488849][   T52] cp2112 0003:10C4:EA90.0016: unknown main item tag 0x0
[  277.493184][   T52] cp2112 0003:10C4:EA90.0016: unknown main item tag 0x0
[  277.502197][   T52] cp2112 0003:10C4:EA90.0016: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.5-1/input0
[  277.543086][T11110] loop3: detected capacity change from 0 to 1764
[  277.704764][   T52] cp2112 0003:10C4:EA90.0016: Part Number: 0x00 Device Version: 0x00
[  278.446577][   T52] cp2112 0003:10C4:EA90.0016: error reading lock byte: -71
[  278.464555][   T52] usb 6-1: USB disconnect, device number 13
[  280.024245][T11144] loop5: detected capacity change from 0 to 32768
[  280.060391][T11144] o2cb: This node has not been configured.
[  280.065019][T11144] o2cb: Cluster check failed. Fix errors before retrying.
[  280.067612][T11144] (syz.5.1955,11144,0):ocfs2_dlm_init:3354 ERROR: status = -22
[  280.076232][T11144] (syz.5.1955,11144,0):ocfs2_mount_volume:1735 ERROR: status = -22
[  280.085792][T11144] (syz.5.1955,11144,0):ocfs2_fill_super:1177 ERROR: status = -22
[  280.173658][T11153] input: syz1 as /devices/virtual/input/input12
[  280.748924][T11184] netlink: 76 bytes leftover after parsing attributes in process `syz.5.1973'.
[  281.049930][ T5315] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  281.118973][T11202] loop3: detected capacity change from 0 to 8
[  281.127180][T11202] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  281.202619][ T5315] usb 6-1: config 0 has an invalid interface number: 170 but max is 0
[  281.205689][ T5315] usb 6-1: config 0 has no interface number 0
[  281.207665][ T5315] usb 6-1: config 0 interface 170 altsetting 0 endpoint 0x3 has an invalid bInterval 31, changing to 7
[  281.211696][ T5315] usb 6-1: New USB device found, idVendor=07b0, idProduct=0007, bcdDevice=17.c6
[  281.215824][ T5315] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  281.226987][ T5315] usb 6-1: config 0 descriptor??
[  281.243709][ T5315] HFC-S_USB 6-1:0.170: probe with driver HFC-S_USB failed with error -5
[  281.386806][T11206] cramfs: Error -5 while decompressing!
[  281.389336][T11206] cramfs: ffffffff99bf86a8(26)->ffff88804978d000(4096)
[  281.392436][T11206] cramfs: Error -3 while decompressing!
[  281.394686][T11206] cramfs: ffffffff99bf86c2(26)->ffff88804978b000(4096)
[  281.397427][T11206] cramfs: Error -3 while decompressing!
[  281.399876][T11206] cramfs: ffffffff99bf86dc(16)->ffff888048b1b000(4096)
[  281.402901][T11206] cramfs: Error -5 while decompressing!
[  281.405182][T11206] cramfs: ffffffff99bf86a8(26)->ffff88804978d000(4096)
[  281.409075][   T33] kauditd_printk_skb: 5 callbacks suppressed
[  281.409127][   T33] audit: type=1800 audit(1758776575.336:109): pid=11206 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1981" name="file2" dev="loop3" ino=348 res=0 errno=0
[  281.637964][   T52] usb 6-1: USB disconnect, device number 14
[  282.082191][T11213] loop3: detected capacity change from 0 to 128
[  282.090707][T11213] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  282.098683][T11213] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  282.649995][   T33] audit: type=1326 audit(1758776576.566:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11207 comm="syz.4.1983" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f850818ec29 code=0x7fc00000
[  283.446544][T11250] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  283.553626][T11257] loop5: detected capacity change from 0 to 1024
[  283.556943][T11257] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  283.563726][T11257] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040e11d, mo2=0002]
[  283.567473][T11257] System zones: 0-1, 2-3, 4-36, 98-101, 102-102
[  283.572056][T11257] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  283.602273][ T8714] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.642067][T11260] netlink: 'syz.3.2004': attribute type 8 has an invalid length.
[  283.736650][T11266] loop3: detected capacity change from 0 to 1024
[  283.745154][T11268] loop5: detected capacity change from 0 to 512
[  283.784481][T11266] hfsplus: bad catalog entry type
[  283.791203][T11268] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  283.796092][T11268] ext4 filesystem being mounted at /268/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  283.889172][ T8714] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.005738][ T5922] IPVS: starting estimator thread 0...
[  284.033191][T11287] loop3: detected capacity change from 0 to 512
[  284.062548][T11287] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  284.091008][ T7244] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.110975][T11285] IPVS: using max 62 ests per chain, 148800 per kthread
[  284.189674][ T5315] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  284.244886][   T34] INFO: task syz-executor:5854 blocked for more than 143 seconds.
[  284.248037][   T34]       Not tainted syzkaller #0
[  284.255735][T11304] loop3: detected capacity change from 0 to 4096
[  284.257510][   T34] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  284.258746][T11304] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  284.265558][T11304] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 4096)
[  284.272358][   T34] task:syz-executor    state:D stack:17800 pid:5854  tgid:5854  ppid:1      task_flags:0x400140 flags:0x00004004
[  284.284844][T11305] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  284.296625][   T34] Call Trace:
[  284.302283][   T34]  <TASK>
[  284.304309][   T34]  __schedule+0x1798/0x4cc0
[  284.309843][   T34]  ? do_raw_spin_lock+0x121/0x290
[  284.317781][   T34]  ? __lock_acquire+0xab9/0xd20
[  284.325127][   T34]  ? __pfx___schedule+0x10/0x10
[  284.329695][   T34]  ? schedule+0x91/0x360
[  284.333464][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.333916][   T34]  schedule+0x165/0x360
[  284.340944][   T34]  v9fs_evict_inode+0x170/0x320
[  284.343150][   T34]  ? __pfx_v9fs_evict_inode+0x10/0x10
[  284.345536][   T34]  ? __pfx_var_wake_function+0x10/0x10
[  284.347839][T11304] Remounting filesystem read-only
[  284.347878][   T34]  ? do_raw_spin_unlock+0x4d/0x240
[  284.350926][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.354266][   T34]  ? __pfx_v9fs_evict_inode+0x10/0x10
[  284.357558][   T34]  evict+0x504/0x9c0
[  284.359320][   T34]  ? __pfx_evict+0x10/0x10
[  284.361544][   T34]  ? do_raw_spin_unlock+0x4d/0x240
[  284.361846][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.364739][   T34]  ? _raw_spin_unlock+0x28/0x50
[  284.368640][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.372365][ T5315] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  284.373893][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.377373][ T5315] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  284.380445][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.384947][ T5315] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  284.387804][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.393889][   T34]  ? iput+0x6d8/0x9d0
[  284.394756][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.396338][   T34]  __dentry_kill+0x209/0x660
[  284.399788][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.405689][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.409918][ T5315] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  284.412128][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.418314][   T34]  ? dput+0x37/0x2b0
[  284.418346][   T34]  dput+0x19f/0x2b0
[  284.418362][   T34]  shrink_dcache_for_umount+0xa0/0x170
[  284.418383][   T34]  generic_shutdown_super+0x67/0x2c0
[  284.420278][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.424349][   T34]  kill_anon_super+0x3b/0x70
[  284.425626][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.429132][ T5315] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  284.430837][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.435002][   T34]  v9fs_kill_super+0x4c/0x90
[  284.438553][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.445022][   T34]  deactivate_locked_super+0xbc/0x130
[  284.446833][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.449257][   T34]  cleanup_mnt+0x425/0x4c0
[  284.452261][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.454260][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  284.456878][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.459552][ T5315] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  284.463040][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.466370][ T5315] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  284.469351][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.475477][   T34]  task_work_run+0x1d4/0x260
[  284.475513][   T34]  ? __pfx_task_work_run+0x10/0x10
[  284.477285][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.479105][ T5315] usb 6-1: Product: syz
[  284.482370][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.484631][   T34]  ? __x64_sys_umount+0x122/0x160
[  284.487535][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.489329][ T5315] usb 6-1: Manufacturer: syz
[  284.494566][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.495062][   T34]  ? exit_to_user_mode_loop+0x40/0x110
[  284.498535][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.501946][   T34]  exit_to_user_mode_loop+0xec/0x110
[  284.504720][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.511998][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.513708][ T5315] cdc_wdm 6-1:1.0: skipping garbage
[  284.515302][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.522214][   T34]  do_syscall_64+0x2bd/0x3b0
[  284.524322][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  284.525238][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.526538][ T5315] cdc_wdm 6-1:1.0: skipping garbage
[  284.531744][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.536340][   T34]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.536358][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.536452][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.539079][   T34]  ? exc_page_fault+0x9f/0xf0
[  284.544032][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.553789][   T34]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.554067][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.556649][ T5315] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  284.559154][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.561764][   T34] RIP: 0033:0x7f10df78ff57
[  284.561786][   T34] RSP: 002b:00007ffe7c98f148 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  284.561806][   T34] RAX: 0000000000000000 RBX: 00007f10df811c2d RCX: 00007f10df78ff57
[  284.561816][   T34] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe7c98f200
[  284.565944][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.566944][ T5315] cdc_wdm 6-1:1.0: Unknown control protocol
[  284.571837][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.572875][   T34] RBP: 00007ffe7c98f200 R08: 0000000000000000 R09: 0000000000000000
[  284.575974][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.584824][   T34] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe7c990290
[  284.589263][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.593556][   T34] R13: 00007f10df811c2d R14: 0000000000021e84 R15: 00007ffe7c9902d0
[  284.601127][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.604935][   T34]  </TASK>
[  284.608315][   T34] 
[  284.608315][   T34] Showing all locks held in the system:
[  284.608483][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.612899][   T34] 1 lock held by khungtaskd/34:
[  284.617741][   T34]  #0: ffffffff8e13a0e0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[  284.624244][   T34] 5 locks held by kworker/u10:5/1089:
[  284.626586][   T34]  #0: ffff888136639f98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  284.627056][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.632813][   T34]  #1: ffff888136624008 (psi_seq){-.-.}-{0:0}, at: psi_task_switch+0x53/0x880
[  284.638295][   T34]  #2: ffff88810cfa8250 (&devlink->lock_key#7){+.+.}-{4:4}, at: nsim_dev_trap_report_work+0x57/0xb80
[  284.644318][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.645043][   T34]  #3: ffffffff99caf1d0 (&obj_hash[i].lock){-.-.}-{2:2}, at: debug_object_activate+0xbb/0x420
[  284.649999][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.651878][   T34]  #4: ffffffff8e13a0e0 (rcu_read_lock){....}-{1:3}, at: unwind_next_frame+0xa5/0x2390
[  284.654882][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.658751][   T34] 1 lock held by klogd/5286:
[  284.663834][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.667081][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.668548][   T34]  #0: ffff888136639f98 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[  284.671239][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.674526][   T34] 2 locks held by getty/5672:
[  284.677777][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.679915][   T34]  #0: ffff8881067cb0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  284.684932][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.687328][   T34]  #1: ffffc900029062f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x43e/0x1400
[  284.691004][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.694837][   T34] 1 lock held by syz-executor/5854:
[  284.698103][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.700229][   T34]  #0: ffff8880232ee0e0 (&type->s_umount_key#83){+.+.}-{4:4}, at: deactivate_super+0xa9/0xe0
[  284.700322][   T34] 7 locks held by syz.3.2022/11304:
[  284.705614][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.707765][   T34] 
[  284.710355][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.713350][   T34] =============================================
[  284.713350][   T34] 
[  284.714230][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.726073][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.729312][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.730754][   T34] NMI backtrace for cpu 0
[  284.730772][   T34] CPU: 0 UID: 0 PID: 34 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  284.730787][   T34] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  284.730797][   T34] Call Trace:
[  284.730804][   T34]  <TASK>
[  284.730810][   T34]  dump_stack_lvl+0x189/0x250
[  284.730834][   T34]  ? vprintk_emit+0x444/0x7a0
[  284.730852][   T34]  ? __pfx_dump_stack_lvl+0x10/0x10
[  284.730867][   T34]  ? __pfx__printk+0x10/0x10
[  284.730895][   T34]  nmi_cpu_backtrace+0x39e/0x3d0
[  284.730919][   T34]  ? __pfx_nmi_cpu_backtrace+0x10/0x10
[  284.730940][   T34]  ? __pfx__printk+0x10/0x10
[  284.730959][   T34]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[  284.730982][   T34]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[  284.731002][   T34]  watchdog+0xf93/0xfe0
[  284.731026][   T34]  ? watchdog+0x1de/0xfe0
[  284.731047][   T34]  kthread+0x711/0x8a0
[  284.731066][   T34]  ? __pfx_watchdog+0x10/0x10
[  284.731083][   T34]  ? __pfx_kthread+0x10/0x10
[  284.731100][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  284.731122][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  284.731135][   T34]  ? __pfx_kthread+0x10/0x10
[  284.731152][   T34]  ret_from_fork+0x439/0x7d0
[  284.731193][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  284.731211][   T34]  ? __switch_to_asm+0x39/0x70
[  284.731227][   T34]  ? __switch_to_asm+0x33/0x70
[  284.731243][   T34]  ? __pfx_kthread+0x10/0x10
[  284.731257][   T34]  ret_from_fork_asm+0x1a/0x30
[  284.731284][   T34]  </TASK>
[  284.731290][   T34] Sending NMI from CPU 0 to CPUs 1:
[  284.749732][T11304] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=15)
[  284.750991][    C1] NMI backtrace for cpu 1
[  284.751004][    C1] CPU: 1 UID: 0 PID: 11304 Comm: syz.3.2022 Not tainted syzkaller #0 PREEMPT(full) 
[  284.751017][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  284.751023][    C1] RIP: 0010:io_serial_out+0x7c/0xc0
[  284.751044][    C1] Code: ff 6f fc 44 89 f9 d3 e5 49 83 c6 40 4c 89 f0 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 f7 e8 4c 7d d3 fc 41 03 2e 89 d8 89 ea ee <5b> 41 5c 41 5e 41 5f 5d c3 cc cc cc cc cc 44 89 f9 80 e1 07 38 c1
[  284.751054][    C1] RSP: 0018:ffffc90006c16970 EFLAGS: 00000002
[  284.751064][    C1] RAX: 0000000000000030 RBX: 0000000000000030 RCX: 0000000000000000
[  284.751071][    C1] RDX: 00000000000003f8 RSI: 000000000007ffff RDI: 0000000000080000
[  284.751079][    C1] RBP: 00000000000003f8 R08: ffff888021208237 R09: 1ffff11004241046
[  284.751087][    C1] R10: dffffc0000000000 R11: ffffffff854fad60 R12: dffffc0000000000
[  284.751096][    C1] R13: ffffffff99b028ca R14: ffffffff99df7460 R15: 0000000000000000
[  284.751102][    C1] FS:  00007f24d997e6c0(0000) GS:ffff8881a3c13000(0000) knlGS:0000000000000000
[  284.751108][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  284.751113][    C1] CR2: 000000110c28dde6 CR3: 00000001200dc000 CR4: 00000000000006f0
[  284.751138][    C1] Call Trace:
[  284.751145][    C1]  <TASK>
[  284.751152][    C1]  serial8250_console_write+0x1410/0x1ba0
[  284.751211][    C1]  ? __lock_acquire+0xab9/0xd20
[  284.751230][    C1]  ? __pfx_serial8250_console_write+0x10/0x10
[  284.751239][    C1]  ? console_flush_all+0x13a/0xc40
[  284.751248][    C1]  ? console_flush_all+0x13a/0xc40
[  284.751258][    C1]  ? do_raw_spin_unlock+0x4d/0x240
[  284.751266][    C1]  ? console_flush_all+0x13a/0xc40
[  284.751274][    C1]  ? console_flush_all+0x13a/0xc40
[  284.751282][    C1]  console_flush_all+0x728/0xc40
[  284.751291][    C1]  ? console_flush_all+0x13a/0xc40
[  284.751300][    C1]  ? __pfx_console_flush_all+0x10/0x10
[  284.751315][    C1]  ? is_printk_cpu_sync_owner+0x32/0x40
[  284.751330][    C1]  console_unlock+0xc4/0x270
[  284.751344][    C1]  ? __pfx_console_unlock+0x10/0x10
[  284.751359][    C1]  ? vprintk_emit+0x444/0x7a0
[  284.751370][    C1]  ? vprintk_emit+0x444/0x7a0
[  284.751383][    C1]  vprintk_emit+0x5b7/0x7a0
[  284.751391][    C1]  ? vprintk_emit+0x444/0x7a0
[  284.751398][    C1]  ? __pfx_vprintk_emit+0x10/0x10
[  284.751413][    C1]  _printk+0xcf/0x120
[  284.751431][    C1]  ? __pfx__printk+0x10/0x10
[  284.751460][    C1]  ? nilfs_btree_lookup_contig+0xafa/0xc20
[  284.751479][    C1]  __nilfs_error+0x166/0x4b0
[  284.751497][    C1]  ? __pfx___nilfs_error+0x10/0x10
[  284.751506][    C1]  ? __up_read+0x280/0x680
[  284.751517][    C1]  nilfs_bmap_lookup_contig+0x13e/0x160
[  284.751530][    C1]  nilfs_get_block+0x1fb/0x8f0
[  284.751543][    C1]  ? __pfx_nilfs_get_block+0x10/0x10
[  284.751556][    C1]  block_read_full_folio+0x29f/0x830
[  284.751568][    C1]  ? __pfx_nilfs_get_block+0x10/0x10
[  284.751579][    C1]  do_mpage_readpage+0x175d/0x19a0
[  284.751592][    C1]  ? check_path+0x21/0x40
[  284.751600][    C1]  ? __lock_acquire+0xab9/0xd20
[  284.751610][    C1]  ? __pfx_nilfs_get_block+0x10/0x10
[  284.751620][    C1]  mpage_read_folio+0x14a/0x220
[  284.751629][    C1]  ? __pfx_mpage_read_folio+0x10/0x10
[  284.751641][    C1]  ? __pfx_nilfs_get_block+0x10/0x10
[  284.751652][    C1]  ? __up_read+0x280/0x680
[  284.751660][    C1]  filemap_read_folio+0x117/0x380
[  284.751670][    C1]  ? __pfx_nilfs_read_folio+0x10/0x10
[  284.751679][    C1]  ? __pfx_filemap_read_folio+0x10/0x10
[  284.751688][    C1]  ? maybe_unlock_mmap_for_io+0x16a/0x2d0
[  284.751697][    C1]  filemap_fault+0xb16/0x1200
[  284.751707][    C1]  ? __pfx_filemap_fault+0x10/0x10
[  284.751715][    C1]  ? __handle_mm_fault+0x27b7/0x5440
[  284.751727][    C1]  __do_fault+0x138/0x390
[  284.751735][    C1]  __handle_mm_fault+0x3611/0x5440
[  284.751747][    C1]  ? __pfx___handle_mm_fault+0x10/0x10
[  284.751759][    C1]  ? follow_page_pte+0x7ef/0x13e0
[  284.751771][    C1]  handle_mm_fault+0x40a/0x8e0
[  284.751782][    C1]  __get_user_pages+0x1699/0x2ce0
[  284.751798][    C1]  populate_vma_page_range+0x29f/0x3a0
[  284.751807][    C1]  ? __pfx_populate_vma_page_range+0x10/0x10
[  284.751817][    C1]  ? down_read+0x1ad/0x2e0
[  284.751827][    C1]  __mm_populate+0x24c/0x380
[  284.751836][    C1]  ? __pfx___mm_populate+0x10/0x10
[  284.751844][    C1]  ? up_write+0x1c4/0x420
[  284.751852][    C1]  vm_mmap_pgoff+0x387/0x4d0
[  284.751864][    C1]  ? __pfx_vm_mmap_pgoff+0x10/0x10
[  284.751872][    C1]  ? __fget_files+0x2a/0x420
[  284.751880][    C1]  ? __fget_files+0x3a0/0x420
[  284.751886][    C1]  ? __fget_files+0x2a/0x420
[  284.751893][    C1]  ksys_mmap_pgoff+0x51f/0x760
[  284.751904][    C1]  do_syscall_64+0xfa/0x3b0
[  284.751914][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  284.751923][    C1]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.751931][    C1]  ? exc_page_fault+0x9f/0xf0
[  284.751937][    C1]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  284.751944][    C1] RIP: 0033:0x7f24d8b8ec29
[  284.751952][    C1] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  284.751958][    C1] RSP: 002b:00007f24d997e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  284.751966][    C1] RAX: ffffffffffffffda RBX: 00007f24d8dd5fa0 RCX: 00007f24d8b8ec29
[  284.751971][    C1] RDX: 00000000037ffff7 RSI: 0000000000600000 RDI: 0000200000000000
[  284.751976][    C1] RBP: 00007f24d8c11e41 R08: 0000000000000004 R09: 0000000000000000
[  284.751980][    C1] R10: 0000000004012011 R11: 0000000000000246 R12: 0000000000000000
[  284.751985][    C1] R13: 00007f24d8dd6038 R14: 00007f24d8dd5fa0 R15: 00007ffe08c678a8
[  284.751993][    C1]  </TASK>
[  284.760208][   T34] Kernel panic - not syncing: hung_task: blocked tasks
[  285.015276][   T34] CPU: 0 UID: 0 PID: 34 Comm: khungtaskd Not tainted syzkaller #0 PREEMPT(full) 
[  285.018910][   T34] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  285.022980][   T34] Call Trace:
[  285.024317][   T34]  <TASK>
[  285.025513][   T34]  dump_stack_lvl+0x99/0x250
[  285.027371][   T34]  ? __asan_memcpy+0x40/0x70
[  285.029234][   T34]  ? __pfx_dump_stack_lvl+0x10/0x10
[  285.031387][   T34]  ? __pfx__printk+0x10/0x10
[  285.033275][   T34]  vpanic+0x281/0x750
[  285.034862][   T34]  ? __pfx_vpanic+0x10/0x10
[  285.036700][   T34]  ? __x2apic_send_IPI_mask+0x1e4/0x260
[  285.038879][   T34]  ? preempt_schedule+0xae/0xc0
[  285.040812][   T34]  ? preempt_schedule_common+0x83/0xd0
[  285.042973][   T34]  panic+0xb9/0xc0
[  285.044505][   T34]  ? __pfx_panic+0x10/0x10
[  285.046322][   T34]  ? preempt_schedule_thunk+0x16/0x30
[  285.048451][   T34]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[  285.050904][   T34]  watchdog+0xfd2/0xfe0
[  285.052590][   T34]  ? watchdog+0x1de/0xfe0
[  285.054349][   T34]  kthread+0x711/0x8a0
[  285.055992][   T34]  ? __pfx_watchdog+0x10/0x10
[  285.057855][   T34]  ? __pfx_kthread+0x10/0x10
[  285.059595][   T34]  ? _raw_spin_unlock_irq+0x23/0x50
[  285.061611][   T34]  ? lockdep_hardirqs_on+0x9c/0x150
[  285.063681][   T34]  ? __pfx_kthread+0x10/0x10
[  285.065543][   T34]  ret_from_fork+0x439/0x7d0
[  285.067377][   T34]  ? __pfx_ret_from_fork+0x10/0x10
[  285.069443][   T34]  ? __switch_to_asm+0x39/0x70
[  285.071359][   T34]  ? __switch_to_asm+0x33/0x70
[  285.073249][   T34]  ? __pfx_kthread+0x10/0x10
[  285.075043][   T34]  ret_from_fork_asm+0x1a/0x30
[  285.076839][   T34]  </TASK>
[  285.078559][   T34] Kernel Offset: disabled
[  285.080110][   T34] Rebooting in 86400 seconds..

VM DIAGNOSIS:
04:58:42  Registers:
info registers vcpu 0

CPU#0
RAX=1ffff920006d9f01 RBX=ffffffff90421c4c RCX=0000000000000001 RDX=ffffc900036cf9e8
RSI=dffffc0000000000 RDI=ffffc900036cfec0 RBP=1ffff920006d9f35 RSP=ffffc900036cf8b8
R8 =ffffc900036cfec0 R9 =0000000000000000 R10=ffffc900036cf9f8 R11=fffff520006d9f41
R12=ffffc900036cfec0 R13=ffffc900036cf9f8 R14=ffffc900036cff48 R15=dffffc0000000000
RIP=ffffffff8172e8cf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f299baa6c80 ffffffff 00c00000
GS =0000 ffff8880b8613000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000000110c36af8f CR3=0000000118992000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=000055c7f3df9ce0 000055c7f3df6ca0 XMM01=000055c7f3df8c00 000055c7f3df9ce0
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=00ff0000ff000000 00000000ff000000 XMM05=0000333a37622f61 652d6c616632785c
XMM06=0000000000000000 0000000000000000 XMM07=000000000000ff00 0000000000000000
XMM08=ffff000000000000 0000000000000000 XMM09=6632785c6c656261 6c2d79626632785c
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=ffff888136632f98 RBX=ffff888136632f98 RCX=b03f68280093ab00 RDX=0000000000000003
RSI=ffffffff8be33f60 RDI=ffffffff8be33f20 RBP=1ffff1102229abe2 RSP=ffffc90006c177a0
R8 =0000000000000000 R9 =ffffffff822bdf45 R10=dffffc0000000000 R11=fffff94000905d79
R12=ffff8881000ea74c R13=ffffffff822ac718 R14=ffffffff8dbe2d18 R15=dffffc0000000000
RIP=ffffffff81a66041 RFL=00000283 [--S---C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f24d997e6c0 ffffffff 00c00000
GS =0000 ffff8881a3c13000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f24ce9ff000 CR3=00000001200dc000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 00000000000000ff XMM01=0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
