last executing test programs:

1m53.498751149s ago: executing program 2 (id=235):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="50000000100003052bbd7000000000", @ANYRES32=0x0, @ANYBLOB="4142000000000000300012800c0001006d6163766c616e00200002801c0005800a000400aaaaaaaaaaaa00000a"], 0x50}}, 0x0)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x749})
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000200)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xf8, 0x19, 0x1, 0x0, 0x4, {{@in=@multicast2, @in6=@loopback, 0x4e24, 0x8, 0x0, 0x0, 0xa, 0x0, 0x20}, {0x0, 0xa9, 0x6, 0x0, 0x2, 0xfffffffffffffffe}, {0x0, 0xa00, 0x40800000000000, 0x800000000000002}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in=@local, 0x400, 0xff}, 0x0, @in=@broadcast, 0x2, 0x4, 0x3}]}]}, 0xf8}, 0x1, 0x0, 0x0, 0x800}, 0x0)
readv(r0, &(0x7f00000003c0)=[{&(0x7f0000000000)=""/178, 0xb2}], 0x1)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r4, 0xaf01, 0x0)
r5 = eventfd2(0x1, 0x1)
r6 = eventfd2(0x4, 0x1)
ioctl$VHOST_SET_VRING_ERR(r4, 0x4008af22, &(0x7f00000001c0)={0x0, r6})
ioctl$VHOST_SET_VRING_KICK(r4, 0x4008af20, &(0x7f0000000000)={0x0, r5})
write$FUSE_INIT(0xffffffffffffffff, &(0x7f0000000500)={0x50, 0x0, 0x0, {0x7, 0x1f, 0x0, 0xfc1b2d1c5df07dbb, 0x0, 0x441, 0x100, 0x400008, 0x0, 0x0, 0x2}}, 0x50)
close_range(r3, 0xffffffffffffffff, 0x0)

1m53.112073483s ago: executing program 2 (id=239):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000002740)={0x38, r1, 0x1, 0x0, 0x25dfdbff, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TX_RATES={0x1c, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0x18, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HE_LTF={0x5, 0x7, 0x2}, @NL80211_TXRATE_HE_GI={0x5}, @NL80211_TXRATE_LEGACY={0x4}]}]}]}, 0x38}}, 0x0)

1m53.028096599s ago: executing program 2 (id=241):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/pm_trace', 0x2, 0x0)
write$FUSE_NOTIFY_STORE(r0, &(0x7f0000000040)=ANY=[@ANYBLOB='-'], 0x28)

1m52.956023932s ago: executing program 2 (id=243):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x104000, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x1805406, 0x0)
mount$fuse(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000280)='./file0/file0\x00', 0x0, 0x2a05004, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount_setattr(r0, &(0x7f0000000200)='.\x00', 0x8000, &(0x7f0000001dc0)={0x81, 0x0, 0x80000}, 0x20)

1m52.92570813s ago: executing program 2 (id=245):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
syz_open_dev$dri(0x0, 0xd21, 0x4000)
syz_fuse_handle_req(0xffffffffffffffff, 0x0, 0x0, 0x0)
syz_open_dev$usbmon(0x0, 0x0, 0x0)
ioctl$BLKTRACESTART(0xffffffffffffffff, 0x1274, 0x0)
gettid()
socket$nl_generic(0x10, 0x3, 0x10)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
timer_create(0x2, &(0x7f0000000080)={0x0, 0x3c, 0x0, @thr={0x0, &(0x7f0000000100)="8700ce0bc89e8283082ccc47363814fc9bcc0e7522b190110bc257698a1f9d0981016b437d04d98d5c0f4b5dcf4c3565673606dc2d1f6e1382cddb7d0c788767f677caeaa1f8a7a37bdb7f7dc7ef27350a1f4a3a2e9e0db56a16da4a05f80fbc4678648b84f8a1e33de36bfe1c3e68f0426d10a1f863ced625e85d7f9f4af20682"}}, 0x0)
sendfile(r3, r2, &(0x7f0000002080)=0x64, 0x21c)

1m52.573768191s ago: executing program 2 (id=255):
set_mempolicy(0x3, &(0x7f0000000100)=0x3, 0x9)
syz_clone(0x0, 0x0, 0x24, 0x0, 0x0, 0x0)

1m52.352211221s ago: executing program 32 (id=255):
set_mempolicy(0x3, &(0x7f0000000100)=0x3, 0x9)
syz_clone(0x0, 0x0, 0x24, 0x0, 0x0, 0x0)

1m30.314197088s ago: executing program 1 (id=418):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
r1 = socket(0x11, 0x3, 0x1000)
ioctl$sock_inet_SIOCADDRT(r1, 0x890b, &(0x7f0000000100)={0x0, {0x2, 0x1, @dev}, {0x2, 0x0, @local}, {0x2, 0x4e20, @broadcast}, 0x8, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x3})
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000000)={'lo\x00', {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0xa}}})
bpf$MAP_CREATE(0x0, 0x0, 0x48)
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000001040)={'lo\x00', {0x2, 0x4e1e, @dev={0xac, 0x14, 0x14, 0x30}}})

1m30.247316498s ago: executing program 1 (id=419):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x1c, 0x2, 0x3, 0x5, 0x0, 0x0, {}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x1c, 0x2, 0x3, 0x401, 0x0, 0x0, {0x0, 0x0, 0x10}, [@NFQA_CFG_CMD={0x8, 0x1, {0x1}}]}, 0x1c}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_VERDICT(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000840)=ANY=[@ANYBLOB="14000000010301"], 0x14}, 0x1, 0x0, 0x0, 0x81}, 0x4080)

1m30.176834416s ago: executing program 1 (id=420):
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r0 = socket$inet6(0xa, 0x5, 0x0)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)

1m30.125389657s ago: executing program 1 (id=421):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000240)='./file0\x00', 0x8c0, &(0x7f0000000280)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c696e74722c6e6f61636c2c001967b9b8a6cdd636d75428f2c5e8054d01858eef552755576e749526b36860cf2511040d1ce5a743ffd83d29d1ba3a54a59d8c7aa249f08d3c8c6d04ac105d67934db6190d59f2323b55a5a4", @ANYRESOCT], 0x1, 0x4441, &(0x7f0000010200)="$eJzs3c9vFNcdAPA3Y1NsiqmhHKhUqSsVqVVbWTantkaqMQZjg0tFC4delrW9gJO1F9nrKAcOzg0pp0g5RDmgRMrNJ2QpZ/In5JIjOSMlh1wiRUJxtLOzxjO7GxbLawf0+Rx2PO+3/Z15++YwfnGqdm9prbC0ViitFKoLd9bOFd6pVtaXyyE+IG37P3Jw/dOdXlwnP9fm5/s2ctq5fvHyf2+dC+GLxa+ebW9vb4e6/tDW2K6fv//uwcLuY1Ocq1Nvt31r++X/IYTTLeOq6wshDIQQohDChTRtMj0OhhCG0rxbD96/Xdin0Tx+Wj5ffD73cGv87Ozmo63Ov3sUwseV3/3t7vI3f+wb//ov+9Q9AAAAAAAAAAAAAAAAAACvuekb12/+Z3QsPIlC/2bU+r7udHrs9H7s9j4YSlr5Q+9/WQAAAAAAAAAAAAAAAAAAAPiFevH+fyE61eb9/6n0ONGh/va/ej9Gemfm39enLo2Opfu/Ry35f0+Tvr3QF0622fc9v//7hVz99vu/t/azV83xNfsdDlE8kjmP45GRED5NN34/Ex2LK9W12l/vVNdXFvdtGK+tbPwbu/dnopNu6N9l/OPJXPu93///ty1XU/389v5dYm+0bPz7Opb77L2oq/v/Yq7eQcSfvcvGvz9JG9xdYKIxAdTj/0F/Pu59LfGfyrXfq/ifCAOhENXHWsjMAPU1TD2903qFrGz8jyRpmakz/UN2uv9/yMX/Uq79w5r/N/JfRLSVjf+vkrSBTImjyWcS//jl8//lXPuHEf/6+Dd8/3clG/9GrEN/pkjyl2w//7fGfzrXfsf4H21N2n6Fcd+M03GeiDJXwGbUSO/0/+rIysZ/oCX/xfNf3NX670qu/kE9/zX7bT7/Naf/P0eN5z/ay8Z/sGO5bu//mVy9Xs//E8n6j73Kxv9YkpZdOw8nn93GfzbXfq/inzyVDDTj/2I++fFoI/0T67+uZOP/60ZivLvERvKZrP+il6//r+baP4z1X338G3Fve31TZON/vGO5evy/7OL7/1quXu/jH8Kotf6eZeM/1LFccv8PvDz+c7l6vY7/n3rZOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBrYDI9DocoHsmcx/HISAgX0/Mz4Vg0X1oszleqC2+vhTCVphfCqehupTpfqhSXVqqL5WKpUqkuhHApzT8dBqK1SrVWXC7dv7zT1mB0r1xarc2XS7UQwnSa/vsw1Gxrfqm2XLofQriyk/ebuLp6/15ppbi4tPrP0dHR0TCzM4aTUfndWnml1ui9kRvC7E7d4WjX4JLsqztjOR69VV1fXSlVkvRru+pUqgulyq46c2neh+FkVFtdX1ko1crFSvVus7/DNJEep2Zu/O/GtbGW/NtR4zh5sMMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4BU9Gf/HRyGE/sZZHEKYaP4QtSv/+Gn5fPH53MOt8bOzm4+2nnUqBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzEDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbpHzWBIIoD8JsJ5E+XY6Raki7thkBIimwIeAI9hofRo3gJ72BhYWshguyirruwIHbf1zyYHzPvwTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAY5uu/Gv29vkWkeNw9RCwmy9Vp/lPX2Uf3/buhje6vm5Pb+P6tPo9/mC7y9/poXeZDut1Mx9FRG/PWnrT36bzPU+9cffvWN1/T9zlSLiKirPOXlHNRDHsLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANizAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04FgAAAAAQ5m8dRd8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvwIAAP//gmMaYw==")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x2, 0x8005, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1000000000000000edf1139c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a00400", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)

1m29.147556663s ago: executing program 1 (id=429):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r0, 0x7, &(0x7f00000006c0)={0x0, 0x0, 0xac1d})
r1 = fcntl$dupfd(r0, 0x0, r0)
write$binfmt_script(r1, &(0x7f0000000700)={'#! ', './file0', [], 0xa, "dce7949b6dd8f4cf21976c17114cd13542d28b1312a15e3025bca8f06694040cf507bdc1459012cb1e13e49f714c09ff242e05bf9da6fa8c4332ee17906d13c3353a930db52a1d0d13a4483223b104a7883e98dddc2954f111cce254a7636b82902095d06128ef8352fd0d"}, 0x76)
fcntl$lock(r0, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x80, 0x7})
fcntl$lock(r0, 0x24, &(0x7f00000000c0)={0x2, 0x2, 0x9, 0x2})

1m28.616985651s ago: executing program 1 (id=432):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', <r1=>0x0})
sendmsg(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0), 0x0, 0x0, 0x0, 0x11000000}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newqdisc={0x24, 0x28, 0x4ee4e6a52ff56561, 0x70bd27, 0xfffffdfc, {0x0, 0x0, 0x0, r1, {0x3}, {0xffff, 0xffff}, {0x0, 0x6}}}, 0x24}, 0x1, 0x0, 0x0, 0x400dc}, 0x4000810)

1m28.396775206s ago: executing program 33 (id=432):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'lo\x00', <r1=>0x0})
sendmsg(0xffffffffffffffff, &(0x7f0000000640)={0x0, 0x0, &(0x7f00000005c0), 0x0, 0x0, 0x0, 0x11000000}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)=@newqdisc={0x24, 0x28, 0x4ee4e6a52ff56561, 0x70bd27, 0xfffffdfc, {0x0, 0x0, 0x0, r1, {0x3}, {0xffff, 0xffff}, {0x0, 0x6}}}, 0x24}, 0x1, 0x0, 0x0, 0x400dc}, 0x4000810)

11.979133222s ago: executing program 4 (id=1267):
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000cc0)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB='+\x00'/12, @ANYRES32=0x0, @ANYBLOB="d7d9"], 0x20)

11.920248102s ago: executing program 4 (id=1268):
syz_mount_image$exfat(&(0x7f00000009c0), &(0x7f0000000000)='./file1\x00', 0x1800805, &(0x7f0000000600)=ANY=[@ANYBLOB="666d61736b3d30303030303030303030303030303030303030303030342c696f636861727365743d6d616363656e746575726f2c7379735f747a2c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030322c696f636861727365743d6d6163726f6d616e2c756d61736b3d30303030303030303030303030303030303030303137372c6b6565705f6c6173745f646f74732c7a65726f5f73697a655f6469722c616c6c6f775f7574696d653d30303030303030303030303030303030303030303031312c6b6565705f6c6173745f646f74732c0056338c7da3f354dce83dea7425c2e88ef1147337680f55d7479343210fc866674e4f82847f6aafef03bff03d56724576f2cecd2305ea2d335ef1fef62bcda3c459861833478c0c370904fc31d0b5c3c1aee0186d6219d65575268a142d298056411641882b30919bad04656fc9b4bf65e5676d4e47060e571a2d06f09b7408b938efaf505cfbeda44539fc21edbe5468fa6029e46e5b3560ef2d936de9c41edc9d5c2756765c652da7729bc61c30ecfc7ef2be7c6ada", @ANYRESOCT], 0xfe, 0x1552, &(0x7f00000035c0)="$eJzs3AuYTlXbOPD7XmvtMSQ9TXIY1lr35kkOiyTJIUkOSZIkSU4JSZO8kpAYckoakpAchuQwhOQwMWmcz+dDQpI0SRKSU7L+14RPffW+1ft97+v7v3P/ruu5rPtZe61977n3Y++9HuabzkNqNKpZtQERwR+I+Ye9eOGPRACIBYABAHANAAQAUDaubFxmf3aJiX+0E/bv9FDKlc6AXUlc/6yN65+1cf2zNq5/1sb1z9q4/lkb1z9r4/ozlpVtmpb/Wn5l3ddfWP//x3j9//9DfP3/D5JRcswXa0pe3+WPvqn7Ba5/1sb1/48V/JmNuP5ZG9c/q4q90gmw/wP4858VZPu7PVz/rI3rz1hWdiXXnhP/5HZX/Y/2I/9hP0Sy9ncgV/r8Y4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDGWNZz2lykAuNS+0nkxxhhjjDHGGGPsf4/PdqUzYIwxxhhjjDHG2L8eggAJCgKIgWwQC9khBwgAuBpywTUQgWshDq6D3HA95IG8kA/yQzwUgIKgwYAFghAKQWGIwg1QBG6EolAMikMJcFASSsFNUBpuhjJwC5SFW6Ec3AbloQJUhEpwO1SGO6AK3AlV4S6oBtWhBtSEu6EW3AO14V6oA/dBXbgf6sEDUB8ehAbwEDSEh6ERPAKN4VFoAk2hGTSHFv/U+BegO7wIPaAnJEIv6A0vQR/oC/2gPwyAl2EgvAKD4FVIgsEwBF6DofA6DIM3YDiMgJHwJoyCt2A0jIGxMA6SYTxMgLdhIrwDk2AyTIGpkALTYDq8CzNgJsyC92A2vA9zYC7Mg/mQCh/AAlgIafAhLIKPIB0WwxJYCstgOayAlbAKVsMaWAvrYD1sgI2wCTbDFtgK22A77ICPYSd8ArtgN+z5r/r9lfGnfjH+U9gLXRAQUKBAhQpjMAZjMRZzYA7MiTkxF+bCCEYwDuMwN+bGPJgH82E+jMd4LIgF0aBBQsJCWAijGMUiWASLYlEsjsXRocNSWApL481YBstgWSyL5bAclscKWAErYSWsjJWxClbBqlgVq2E1rIE18G68G3thbayNdbAO1sW6l5ansAE2wIbYEBthI2yMjbEJNsFm2AxbYAtsiS2xFbbCNtgG22JbbIftMAETsD22xw7YATtiR+yEnbAzdsYu2BW7ZryQDfBFfBF7YjXRC3tjb+yDSdn6YX/sjy/jQHwFX8FXMQkH4xB8DV/D13EYnsThOAJH4kisLN7C0TgGSYzDZEzGCTgBJ+JEnISTcTJOxRSchtNxOs7AmTgT38PZ+D6+j3NxLs7HVEzFBbgQ0zANF+EpTMfFuASX4jJcjstwJa7ClbgG1+IaXI/rcSNuxM24GbfiVtyO2/FjVAD4Ce7G3ZiEe3Ev7sN9uB/34wE8gBmYgQfxIB7CQ3gYD+MRPIJH8Rgex2N4Ak/gSTyFp/E0nsWzeA6fi/+q4cfFVieByKSEEjEiRsSKWJFD5BA5RU6RS+QSERERcSJO5Ba5RR6RR+QT+US8iBcFRUFhhBEkwhgAEFERFUVEEVFUFBXFRXHhhBOlRClRWpQWZUQZUVbcKsqJ20R5UUG0dpVEJVFZtHFVxJ2iqqgqqonqooaoKWqKWqKWqC1qizqijqgr6op64gFRX/TCfviQyKxMIzEYG4sh2EQ0FfLiJ6ClGIatRGvRRjwhRuBwbCdaugTxtGgvRmMH8TcxBp8VncQ47CyeF11EV9FNvCC6i1auh+gpJmEv0VtMxT6ir+gn+osZWF28h7Oz1xCviiQxWAwRr4n5+LoYJt4Qw8UIMVK8KUaJt8RoMUaMFeNEshgvJoi3xUTxjpgkJospYqpIEdPEdPGumCFmilniPTFbvC/miLlinpgvUsUHYoFYKNLEh2KR+Eiki8ViiVgqlonlYoVYKVaJ1WKNWCvWifVig9goNonNYovYKraJ7WKH+FjsFJ+IXWK32CM+FXvFZ2Kf+FzsF1+IA+JLkSG+EgfF1+KQ+EYcFt+KI+I7cVQcE8fF9+KE+EGcFKfEaXFGnBU/inPiJ3FeeAESpZBSKhnIGJlNxsrsMoe8SuaUwcWf7rUyTl4nc8vrZR6ZV+aT+WW8LCALSi2NtJJkKAvJwjIqb5BF5I2yqCwmi8sS0smSspS8SZaWN8sy8hZZVt4qy8nbZHlZQVaUleTtsrK8Q0Lkwj6qyeqyhqwp75aJcI+sLe+VdeR9sq68X9aTD8j68kHZQD4kG8qHZSP5iGwsH5VNZFPZTDaXLeRjsqV8XLaSrWUb+YRsK5+U7eRTMkE+LdtLf/EUeVZ2ks/JzvJ52UV2ld3kT/K89LKH7CmhF8je8iXZR/aV/WR/OUC+LAfKV+Qg+apMkoPlEPmaHCpfl8PkG3K4HCFHyjflKPmWHC3HyLFynEyW4+UE+bacKN+Rk+RkOUVOlSlymux3caZZUv7h+Ld/OT7z0iunyUE/732j3CQ3yy1yq9wmt8sd8mO5U+6Uu+QuuUfukXvlXrlP7pP75X55QB6QGTJDHpQH5SF5SB6Wh+UReUQelcfkGfm9PCF/kCflKXlKnpFn5Vl57uLPABQqoaRSKlAxKpuKVdlVDnWVyqmuVrnUNSqirlVx6jqVW12v8qi8Kp/Kr+JVAVVQaWWUVaRCVUgVVlF1A148YVRxVUI5VVKVUjf9lfGqiLpRFVXFfjX+Un6Jfye/FqqFaqlaqlaqlWqj2qi2qq1qp9qpBJWg2qv2qoPqoDqqjqqT6qQ6q86qi+qiuqluqrvqrnqoHipRJare6iXVR/VV/VR/NUC9rAaqgWqQGqSSVJIaooaooWqoGqaGqeFquBqpRqpRapQarUarsWqsSlbJaoKaoCaqiWqSmqSmqCkqRaWo6Wq6mqFmqFlqlpqtZqs5ao6ap+apVJWqFqgFKk2lqUVqkUpXi9VitVQtVcvVcrVSrVSr1Wq1Vq1V69V6la42qU1qi9qitqltaofaoXaqnWqX2qX2qD1qr9qr9ql9ar/arw6oAypDZaiD6qA6pA6pw+qwOqKOqKPqqDqujqsT6oQ6qU6q0+q0OqvOqnPqnDqvzisIBIhABCpQQUwQE8QGsUEuyBHkDHIGuYJcQSSIBHFBXJA7uD7IE+QN8gX5g/igQFAw0IEJbCAuFj0a3BAUCW4MigbFguJBicAFJYNSwU1B6eDmoExwS1A2uDUoF9wWlA8qBBWDSsHtQeXgjqBKcGdQNbgrqBZUD2oENYO7g1rBPUHt4N6gTnBfUDe4P6gXPBDUDx4MGgQPBQ2Dh4NGwSNB4+DRoEnQNGgWNA9a/MX5M+8nfjl/jl/N7/3JvI+7HrqnTtS9dG/9ku6j++p+ur8eoF/WA/UrepB+VSfpwXqIfk0P1a/rYfoNPVyP0CP1m3qUfkuP1mP0WD1OJ+vxeoJ+W0/U7+hJerKeoqfqFD1NT9fv6hl6pp6l39Oz9ft6jp6r5+n5OlV/oBfohTpNf6gX6Y90ul6sl+ileplerlfolXqVXq3X6LV6nV6vN+iNepPerLforXqb3q536I/1Tv2J3qV36z36U71Xf6b36c/1fv2FPqC/1Bn6K31Qf60P6W/0Yf2tPqK/00f1MX1cf69P6B/0SX1Kn9Zn9Fn9oz6nf9Lntc+8uc+8vBtllIkxMSbWxJocJofJaXKaXCaXiZiIiTNxJrfJbfKYPCafyWfiTbwpaAqaTGTIFDKFTNRETRFTxBQ1RU1xU9w440wpU8qUNqVNGVPGlDVlTTlTzpQ35U1FU9Hcbm43d5g7zJ3mTnOXuctUN9VNTVPT1DK1TG1T29QxdUxdU9fUM/VMfVPfNDANTEPT0DQyjUxj09g0MU1MM9PMtDAtTEvT0rQyrUwb08a0NW1NO9POJJgE0960Nx1MB9PRdDSdTCfT2XQ2XUwX0810M91Nd9PD9DCJJtH0Nr1NH9PH9DP9zAAzwAw0A80gM8gkmSQzxAwxQ81QM8wMM8PNCDMy88Qyb5nRZowZa8aZZJNsJpgJZqKZaCaZSWaKmWJSTIqZbqabGWaGmWVmmdlmtplj5ph5Zp5JNalmgVlg0kyaWWQWmXSTbpaYJWaZWWZWmBVmlVll1pg1Zh2sMxvMBrPJbDJbzBazzWwzO8wOs9PsNLvMLrPH7DF7zV6zz+wz+81+c8AcMBkmwxw0B80hc8gcNofNEXPEHDVHzXFz3JwwJ8xJc9KcNqfNWZP34vXSm1ib3eawV9mc9mqby15j/3ucz+a38baALWi1zWPz/io21tqitpgtbktYZ0vaUvam38TlbQVb0Vayt9vK9g5b5TdxLXuPrW3vtXXsfbamvftXcV17v61nH7H1EQFsU9vQNreN7CO2sX3UNrFNbTPb3La1T9p29imbYJ+27e0zv4kX2IV2lV1t19i1dpfdbU/bM/aQ/caetT/aHranHWBftgPtK3aQfdUm2cG/iUfaN+0o+5YdbcfYsXbc5Ti1BoAdZ6fYqTbFTrPT7bt2hp35mzjVfmBn2zQ7x8618+z8n+PMnNLsh3aR/cim2wCW2KV2mV1uV9iVF3PNfFpfbzfYjXan/cRusVvtNrvd7rh0I2x32z32U7vXfmYP2q/tfvuFPWAP2wz71c9x5vEdtt/aI/Y7e9Qes8ft9/aE/UFdGp157N/bn+x56y0QEpAkRQHFUDaKpeyUg66inHQ15aJrKELXUhxdR7npespDeSkf5ad4KkAFSZMhS0QhFaLCFKUb6FJ6xakEOSpJpegmKk03Uxm6hcrSrVSObqPyVIEqUiW6nSrTHVSF7qSqdBdVo+pUg2rS3VSL7qHadC/VofuoLt1P9egBqk8PUgN6iBrSw9SIHqHG9Cg1oabUjJpTC3qMWtLj1IpaUxt6gtrSk9SOnqIEepra0zPUgf5GHelZ6kTPUWd6nrpQV+pGL1B3epF6UE9KpF7Um16iPtSX+lF/GkAv00B6hQbRq5REg2kIvUZD6XUaRm/QcBpBI+lNGkVv0WgaQ2NpHCXTeJpAb9NEeocm0WSaQlMphabRdHqXZtBMmkXv0Wx6n+bQXJpH8ymVPqAFtJDS6ENaRB9ROi2mJbSUltFyWkEraRWtpjW0ltbRetpAG2kTbaYttJW20XbaQR/TTvqEdtFu2kOf0l76jPbR57SfvqAD9CVl0Fd0kL6mQ/QNHaZvfU/6jo7SMTpO39MJ+oFO0ik6TWfoLP1I5+gnOk+eIMRQhDJUYRDGhNnC2DB7mCO8KswZXh3mCq8JI+G1YVx4XZg7vD7ME+YN84X5w/iwQFgw1KEJbUhhGBYKC4fR8IawSHhjWDQsFhYPS4QuLBmWCm8KS4c3h2XCW8Ky4a1hufC2sHxYIXzkvkrh7WHl8I6wSnhnWDW8K6wWVg9rhDXDu8Na4T1h7fDesE54X1gmvD+sFz4Q1g8fDBuED4UNw4fDRuEjYePw0bBJ2DRsFjYPW4SPhS3Dx8NWYeuwTfhE2DZ8MmwXPhUmhE+H7cNnfu6/f+Hf708Me4W9w5fCl0Lv75XzovOjqdEPoguiC6Np0Q+ji6IfRdOji6NLokujy6LLoyuiK6Oroquja6Jro+ui66Mbohuj3tfMBg6dcNIpF7gYl83Fuuwuh7vK5XRXu1zuGhdx17o4d53L7a53eVxel8/ld/GugCvotDPOOnKhK+QKu6i7wRVxN7qirpgr7ko450q6Uq65a+FauJbucdfKtXZt3BPuCfeke9I95Z5yT7v27hnXwf3NdXTPuk7uOfece951cV1dN/eC6+7G57rwmUx0vV1v18f1cf1cPzfADXAD3UA3yA1ySS7JDXFD3FA31A1zw9xwN9yNdCPdKDfKjXaj3Vg31iW7ZDfBTXAT3UQ3yU1yU9wUl+JS3HQ33c1wM1zlmRf2MsfNcfPcPJfqUt0Cl3nPmOYWuUUu3aW7JW6JW+aWuRVuhVvlVrk1bo1b59a5DW6D2+Q2uS1ui9vmtrkdbofb6Xa6Xf6aC5O6vW6f2+f2u/3ugPvSZbiv3EH3tTvkvnGH3bfuiPvOHXXH3HH3vTvhfnAn3Sl32p1xZ92P7pz7yZ133iVHxkcmRN6OTIy8E5kUmRyZEpkaSYlMi0yPvBuZEZkZmRV5LzI78n5kTmRuZF5kfiQ18kFkQWRhJC3yYWRR5KNIemRxZElkaWRZZHnE+wJbQl/IF/ZRf4Mv4m/0RX0xX9yX8M6X9KX8Tb60v9mX8bf4sv5WX87f5sv7Cr6if9Q38U19M9/ct/CP+Zb+cd/Kt/Zt/BO+rX/St/NP+QT/tG/vn/Ed/N98R/+s7+Sf8539876L7+q7+Rd8d/+i7+F7+kTfy/f2L/k+vq/v5/v7Af5lP9C/4gf5V32SH+yH+Nf8UP+6H+bf8MP9CD8y5k0/6tIjMozzyX68n+Df9hP9O36Sn+yn+Kk+xU/z0/27foaf6Wf59/xs/76f4+f6eX6+T/Uf+AV+oU/zH/pF/iOf7hdfWpT0K/xKv8qv9mv8Wr/Or/cb/Ea/yW/2W/xWv81v9zv8x36n/8Tv8rv9Hv+p3+s/8/v8536//8If8F/6DP+VP+i/9of8N/6w/9Yf8d/5o/6YP+6/9yf8D/6kP+VP+zP+rP/Rn/M/+fP8f9YYY4wxxv6U8Zeb4tc9F5bze/3OGPGLjXsDwNVb82f8sj/zjnJdngvtviK+bQQAnu7Z+aFLr2rVEhMTL26bLiEoPBfg0jdBmWLgcrwY2sCTkACtofTv5t9XdD1LfzB/9FaAHL8YEwuX48vzfw6Aib8z/2NPjFxQLjwd9w/mnwtQtPDlMdnhQhxzYf6f11daQ5m/k3/eln+Qf/YvkgFa/WJMTrgcX86/FDwOz0DCr7ZkjDHGGGOMMcYu6Csqdrz0/HnpX3z+3vN5vLo8Jhtcjv/o+ZwxxhhjjDHGGGNX3rNduz31WEJC645/vVHlnxr1pxuN4V81Mzd+t+E9wKV3FAD8DycEyGzIf+dRbP7dNC7439tX0sUZ/3vXsjM+gP8bpfznG2P/650r93cSY4wxxhhj7F/j8t3/r99XVyohxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGMsC/p3/F6xK32MjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG2JX2/wIAAP//XQr26w==")

11.920073797s ago: executing program 4 (id=1269):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xcf, 0x8b, 0xed, 0x20, 0xfd9, 0x25, 0x2940, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xca, 0xfb, 0x1a}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000580)={0x44, &(0x7f0000000700)={0x20, 0x11, 0x1, "ce"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x402)
ioctl$I2C_SMBUS(r1, 0x720, &(0x7f0000000200)={0x1, 0x6a, 0x4, &(0x7f00000001c0)={0xf, "9a61b351e27afb11832ed8ee6d9fef2a4547a9d128b6a13e66feed0d9016c722b8"}})

10.516338437s ago: executing program 4 (id=1273):
syz_mount_image$jfs(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0x101c002, &(0x7f0000000a00)=ANY=[@ANYBLOB='discard,discard=0x0000000000020001,discard,iocharset=cp857,errors=remount-ro,iocharset=iso8859-2,uid=', @ANYRESHEX=0xee00, @ANYBLOB="2c6572726f72733d72656d6f756e742d726f2c696f636861727365743d69736f383835392d342c00fb8602bc827d678ff4d12dba8652b9d39b4b4ff5657dd6ec1c923fb62ce2b91d41de0069a0e4d9cc00c46db0687686104197b53eeedda4d051ba690ba658ce6beb"], 0x23, 0x61c3, &(0x7f000000c9c0)="$eJzs3c1vHGcdB/Df7JtfQtOoh6pECLlteCmleS0hUKDtAQ5cOKBcUSLXrSJSQElAaRURV75w4I8AIXFEiCMn/oAeuHLjDyBSggTqAXXQ2M/jjKe7XjuJd3Yzn4/kzPz2mfE+k+/uzq5nZp8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOKHP/jxuSIirvwq3XAi4nPRj+hFrFT1WkSsrJ2or/NCbDfH8xExXIqo1t/+59mI1yPi4+MR9x/cWa9uPn/Afnz/z//4w0+O/ejvfxqe+e9fbvXfmLTc7du//c9f7z769gIAAEAXlWVZFulj/smIGKTP9gDA0y/v/8sk366eu3pzzvqjVqvV6gWs68rx7taLiNisr1O9Z3A4HgAWzGZ80nYXaJH8O20QEcfa7gQw14q2O8CRuP/gznqR8i3q+4O1nfZ8Lsie/DeL3es7Jk2naZ5jMqvH11b047kJ/VmZUR/mSc6/18z/yk77KC131PnPyqT8RzuXPnVOzr/fzL/h6cm/Nzb/rsr5Dw6Vf1/+AAAAAAAwx/Lf/0+0fPx36fE35UD2O/67NqM+AAAAAAAAAMCTdtjx/waN8f92Gf8PAAAA5lb1Wb3yu+MPb5v0XWzV7ZeLiGcaywMdky6WWW27HwAAAAAAAAAAAADQJYOdc3gvFxHDiHhmdbUsy+qnrlkf1uOuv+i6vv3QZW2/yAMAwI6Pjzeu5S8iliPicvquv+Hq6mpZLq+slqvlylJ+PztaWi5Xap9r87S6bWl0gDfEg1FZ/bLl2np10z4vT2tv/r7qvkZl/wAdm40WAweAiNjZG92ftEf6n/3VYirLZ6PlNzksiH2e/ywoz38Oou3HKQAAAHD0yrIsi/R13ifTMf9e250CAGYi7/+bxwXUarVarVY/fXVdOd7dehERm/V1qvcMhuMHgAWzGZ+03QVaJP9OG0TEC213AphrRdsd4Ejcf3BnvUj5FvX9QRrfPZ8Lsif/zWJ7vbz+uOk0zXNMZvX42op+PDehP8/PqA/zJOffa+Z/Zad9lJY76vxnZVL+1XaeaKE/bcv595v5Nzw9+ffG5t9VOf/BofLvyx8AAAAAAOZY/vv/ibk6/jt61M2Zar/jv2tj1zi6vgAAAAAAAADAk3L/wZ31fN1rPv7/hTHLuf7z6ZTzL+TfSTn/XiP/rzaW69fm7739MP9/P7iz/sdb//p8nh40/6U8U6RHVpEeEUW6p2KQpo+zdZ+1NeyPqnsaFr3+IJ3zUw7fjWtxPTbi7J5le+n/42H7uT3tVU+H2+1lf6f9/J72wW57Xv/CnvZhOruoXMntp2M9fh7X453t9qptacr2L09pL6e05/z7nv+dlPMf1H6q/FdTe9GYVu591PvM874+HXc/b1374m/OHv3mTLUV/d1tq6u276UW+rP9f3JsFL+8uXHj9O2rt27dOBdpsufW85EmT1jOf5h+dl//X95pz6/79efrvY9Gh86/Nf295VYMJub/cm2+2t5XZtG/luX8R+kn5/9Oah///F+g/Bv2e/6/2kJ/AAAAAAAAAAAAAAAAYD9lWW5fIvpWRFxM1/+0dW0mADBbef9fJvn2WdX9Gd+fWr3gdTFn/Zlp/Wk5X/1RqxexrivHe7NeRMTf6utU7xl+Pe6XAQDz7NOI+GfbnaA18u+w/H1/1fRU250BZurmBx/+9Or16xs3brbdEwAAAAAAAADgUeXxP9dq4z+fKsvybmO5PeO/vh1rjzv+5yDP7A4wOmGg6v7ht2k/W71Rv1cbbvzFmDT+93B3br/xvwdT7m84pX00pX1pSvvylPaxF3rU5PxfrI13fioiTjaGX+/C+K/NMe+7IOf/Uu3xXOX/lcZy9fzL3y9y/r09+Z+59f4vztz84MPXrr1/9b2N9zZ+duHcubMXLl68dOnSmXevXd84u/Nviz0+Wjn/PPa180C7JeefM5d/t+T8v5Rq+XdLzv/LqZZ/t+T88/s9+XdLzj9/9pF/t+T8X0m1/Lsl5/+1VMu/W3L+r6Za/t2S8/96quXfLTn/11It/27J+Z9Otfy7Jed/JtUHzH/lqPvFbOT88xEuz/9uyfnnMxvk3y05//Opln+35PwvpFr+3ZLzfz3V8u+WnP83Ui3/bsn5X0y1/Lsl5//NVMu/W3L+l1It/27J+X8r1fLvlpz/t1Mt/27J+b+Ravl3S87/O6mWf7fk/L+bavl3S87/e6mWf7fk/N9Mtfy75eH3/5sxY8ZMnmn7lQkAAAAAAAAAAAAAaJrF6cRtbyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP9nBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYu7cYue76DuBnr147kBgIqZMaWDvGGGeTXV/iC62LCdeGWwmEQi/YrndtFnyL1y5JGsmOAiUSRkUVbcNDW0BRm5cKP+SBVgHlAbVCqkTaB/qCqFB5iCqDEqRKaQXZas75//87Mzs7s2tP1jPnfD5S/PPOnJlz5syZs/td5zsDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1Nv0zpkvDmRZVvsv/2N9lr2q9ve14+vzy952vbcQAAAAuFa/yv984aZ0wcFl3KhumX954w+enp+fn88+MfQXI1+dn09XjGfZyJosy6+LLv/kkwP1ywSPZWMDg3VfD3ZY/VCH64c7XD/S4frRDtev6XD9WIfrF+2ARdYWv4/J72xL/tf1xS7Nbs5G8uu2tLjVYwNrBgfj73JyA/lt5keOZbPZiWwmm2pYvlh2IF/+mU21db0vi+sarFvXxtoR8uIjR+M2DIR9vKVhXQv3Gf3sHdn4L1585Ojfnbtya6vZcTc03F+xnds217bz8+GSYlsHsjVpn8TtHKzbzo0tnpOhhu0cyG9X+3vzdr6wzO0cWtjMVdX8nI9lg/nfn8v303D9r/XSftoYLnvp9izLLi5sdvMyi9aVDWbrGi4ZXHh+xoojsnYftUPptdnwio7TTcs4Tmtzekvjcdr8mojP/6Zwu+EltqH+afrZo6N1z/sv56/mOI1qj3qp10rzMdjt10qvHIPxuHguf9CPtzwGt4TH/8jWpY/BlsdOi2MwPe66Y3Bzp2NwcHQo3+b0JAzkt1k4Bnc0LD+Ur2kgn89vbX8MTp47eWZy7qGH75w9eeT4zPGZU7t27JjatWfPvn37Jo/NnpiZKv68yr3d+9Zlg+k1sDnsu/gaeEvTsvWH6vw3Rhedf6/2dTjW5nW4vmnZbr8Oh5sf3MDqvCAXH9PFa+NjtZ0+dmkwW+I1lj8/26/9dZged93rcLjuddjye0qL1+HwMl6HtWXObF/ezyzDdf+12oalvxdc2zG4vu4YbP55pPkY7PbPI71yDI6F4+JH25f+XrAxbO/jEyv9eWRo0TGYHm4499QuST/vj+3LR6vj8rbaFTeMZufnZs7e9eCRc+fO7sjCWBWvqztWmo/XdXWPKVt0vA6u+Hg9OPvGx29rcfn6sK/G7qz9Mbbkc1VbZvdd7Z+r/Ltb6/3ZcOnOLIwuW+392eq7eW1/jmbZ17736H3feeRr71xyf9by5ucnr/1n8ZRL686/I0ucf2Puf7lYX7qrx4ZGhovX71DaOyMN5+PGp2o4P3cN5Ot+YXJ55+OR8N9qn49vbnM+3tC0bLfPxyPNDy6ejwc6/bbj2jQ/n2PhODkx1f58XFtmw86VHpPDbc/Ht4c5EPb/W0NSSLmo7thZ6rhN6xoeHgmPaziuofE43dWw/EjIZrV1PbXzKo7TF7Ns2+3FfQ2lR7dgtY7T8aZlu32cpt99LXWcDnT67dvVaX4+x8JxcfOu9sdpbZlnd1/7uXNt/GvduXO00zE4MjRa2+aRdBDm5/tsfm08Bu/KjmansxPZdH7taH48DeTrmrh7ecfgaPhvtc+VG9ocg9ualu32MZi+jy117A0ML37wXdD8fI6F4+KJu9sfg7Vl3rW3uz+7bguXpGXqfnZt/v3aUr/zuq1pN71Sx8pw2M7v7W3/u9naMif2rTRntt9Pd4RLbmixn5pfv0u9pqaz1dlPG8J2Xtm39H6qbU9tma/uX+bxdDDLsgsP3JP/vjf8+8qF8z98uuHfXVr9m86FB+75+auP/fNKth+A/vdyMdYV3+vq/mVqOf/+DwAAAPSFmPsHw0zkfwAAACiNmPvj/xWeyP8AAABQGjH3D4eZVCT/b3jXldmXL2SpmT8fxOvTbri3WC52XKfC1+PzC2qX3/PkzP/804XlrXswy7Jf3vsnLZffcG/crsJ42M7L7268fJGn71zWug/ffyGtt76//vVw//HxLPcwaFXBncqy7JmbvpyvZ/yTl/L57L2H83nfxccfqy3zwv7i63j7519XLP/Xofx78NiRhts/H/bDT8Ocen/r/RFv961Lb9249+ML64u3G9h8Y/6wn/hUcb/xfXK+8lixfNzPS23/d7701Ldqyz/45tbbf2Gw9fY/Fe73yTD/9w3F8vXPQe3reLsvhO2P64u3u+ub3225/Ze/WCx/5j3FcofDjOvfFr7e8p4rs/X768GBIw2PK3tvsVxc/9QP/yy/Pt5fvP/m7R87dKlhfzQfH8/+e3E/k03Lx8vjeqJ/bFp/7X7qj8+4/qf+9HDDfu60/sv3Pf+G2v02r/+OpuXOPLA9X//C/TW+Y9PffOHLLdcXt+fgP5xpeDwHPxJex2H9T3wqHI/h+v+7XNxf87srHP5I4/knLv/19RcaHk/0vl8U67/89uP5XDO2dt0Nr3r1jRffVNt3WfbcmuL+Oq3/+N+ebtj+b9xS7I94fezoN69/KXH9Zz83cer03PnZ6bRXH7kpf++cDxTbE7f3pnBubf760Olzn545Oz41PpVl4+V9C72r9s0wf16Mi+2Xnl90Bt1+f3g+b/urZ9Zt/bcvxcv/42PF5ZfeX3zfektY7ivh8vXh+VvZ+hd7YtMt+et74NmwhfOL3y/4Wmzc8t/7lrVgePzNPxfE4/3M6z+d74fadfn3jfi6vsbt//F0cT/fDvt1Prwz8+ZbFtZXv3x8b4RLHy1e79e8/8JpLj6vfx+e7w/+tLj/uF3x8f44/Bzz3Q2N57t4fHz7wmDz/efv4nExnE+yi8X1cam4vy+9cEvLzYvvQ5JdvDX/+s/T/dy6ooe5lLmH5iZPzJ46/+DkuZm5c5NzDz186OTp86fOHcrfy/PQZzrdfuH8tC4/P03P7Nmd5Wer08V4hV3v7T9z/9HpvVNbp2eOHTl/7Nz9Z2bOHj86N3d0Znpu65Fjx2Y+1+n2s9MHduzcv2vvzonjs9MH9u3fv2v/xOyp07XNKDaqgz1Tn504dfZQfpO5A7v377j77t1TEydPT88c2Ds1NXG+0+3z700TtVv/8cTZmRNHzs2enJmYm3145sCO/Xv27Oz4boAnzxybG588e/7U5Pm5mbOTxWMZP5dfXPve1+n2lNPcfxY/zzYbKN6IL/vwHXvS+7PWPPnokndVLNL0BqJXwnvRfP81Z/Yt5+uY+0fCTCqS/wEAAKAKYu4fDTOR/wEAAKA0Yu5fE2Yi/wMAAEBpxNw/Fmb6XwIqkv9L1//fcGFZ69f/1/+v31/6/xXr/3+01/r/xflC/787rrV/r/8f6P/r/+v/6//r/9MFvdb/j7l/bZb5938AAAAoqZj714WZyP8AAABQGjH33xBmIv8DAABAacTc/6owk4rkf/1//X/9/1L2/8farV//X/+/zPT/29P/70D/fzKrVv//Yje3X/9f/5/Feq3/H3P/q8NMKpL/AQAAoApi7r8xzET+BwAAgNKIuf+mMBP5HwAAAEoj5v71YSYVyf/6//r/+v+l7P+3Xb/+v/5/men/t6f/34H+v8//1//X/6ereq3/H3P/a8JMKpL/AQAAoApi7n9tmIn8DwAAAL1n+OpuFnP/68JMFuX/q1wBAAAAcN3F3H9z1lQEr8i//+v/6//r/+v/6/+3Xv/y+/9Dmf5/79D/b0//vwP9/xX150eavtb/1//X/6dZr/X/89yfjWWvDzOpSP4HAACAKoi5/5YwE/kfAAAASiPm/l8LM5H/AQAAoDRi7t8QZlKR/K//X5r+/0v1T53+/5XZl19a6OsP6f83rF//3+f/l5n+f3v6/x3o//v8f/1//X+6qtf6/zH33xpmUpH8DwAAAFUQc/9tYSbyPwAAAPSJwY5LxNz/62Em8j8AAACURsz9G8NMKpL/9f97vP8fm6M+/9/n/+v/92T/f0z/v+fo/7en/9+B/r/+v/6//j9d1Wv9/5j73xBmUpH8DwAAAFUQc/8bw0zkfwAAACiNmPvfFGYi/wMAAEBpxNw/HmZSkfyv/9/j/f+iBz+6jM//b6D/r//fbv36/z7/v8z0/9vT/+9A/1//X/9f/5+u6rX+f8z9m8JMKpL/AQAAoApi7t8cZiL/AwAAQGnE3H97mIn8DwAAAKURc/+WMJOK5H/9/77o/2f6//r/+v/6//r/y6P/357+fwf6//r/+v/6/3RVr/X/Y+5/c5hJRfI/AAAAVEHM/VvDTOR/AAAAKI2Y+98SZiL/AwAAQGnE3L8tzKQi+V//X/9f/1//X/+/9fr1//uT/n97+v8d6P/r/+v/6//TVb3W/4+5/61hJhXJ/wAAAFAFMfdvDzOR/wEAAKA0Yu6/I8xE/gcAAIDSiLl/IsykIvlf/1//X/9f/1//v/X69f/7k/5/e/r/Hej/6//r/+v/01W91v+Puf/OMJOK5H8AAACogpj77wozkf8BAACgNGLunwwzkf8BAACgNGLunwozqUj+1//X/9f/1/9fUf//TQv3q/9f0P/vLfr/7en/d6D/r/9/3fv/I/r/lEqv9f9j7t8RZlKR/A8AAABVEHP/zjAT+R8AAABKI+b+XWEm8j8AAACURsz9u8NMKpL/9f/1//X/9f99/n/r9ev/9yf9//a63/+PD1H/X/9f/9/n/+v/s1iv9f9j7r87zKQi+R8AAACqIOb+PWEm8j8AAACURsz9e8NM5H8AAAAojZj794WZVCT/6//r/+v/6//r/7dev/5/f9L/b8/n/3eg/6//38f9/9qxpf9Pr+m1/n/M/fvDTCqS/wEAAKAKYu5/W5iJ/A8AAAClEXP/b4SZyP8AAABQGjH3/2aYSUXyv/6//n+v9/+LS0fzP/X/q9n/H9X/1/9fAf3/9vT/O9D/1//v4/6/z/+nF/Va/z/m/gNhJhXJ/wAAAFAFMff/VpiJ/A8AAAClEXP/28NM5H8AAAAojZj7D4aZVCT/6/+vUv8/Xqj/7/P/K9X/X9Nwuc//1/9fDfr/7en/d6D/r/+v/6//T1f1Wv8/5v53hJlUJP8DAABAFcTcf0+YifwPAAAApRFz/zvDTOR/AAAAKI2Y+98VZlKR/K//7/P/r3//f6Rh2/X/F27X//3/7nz+v/6//v9K6P+3p//fgf6//r/+v/4/XdVr/f+Y+98dZlKR/A8AAABVEHP/e8JM5H8AAAAojZj73xtmIv8DAABAacTc/74wk4rkf/1//f/r3//3+f/6/wX9f/3/btD/b0//vwP9f/1//X/9f7pqFfv/a7Nl9P9j7v/tMJOK5H8AAACogpj77w0zkf8BAACgNGLuf3+YifwPAAAApRFz/wfCTCqS//X/9f/1//X/9f9br1//vz/p/7fXZ/3/X90YLtf/L+j/9/b2r7T/P9z09SvS///JUv3/+TXNt9f/55Wwiv3/ln3/5q9j7v9gmElF8j8AAABUQcz9Hwozkf8BAACgNGLu/3CYifwPAAAApRFz/++EmVQk/+v/17Zjob2s/6//n1+g/6//r//ft/T/2+uz/r/P/2+i/9/b2+/z//X/WazX+v8x938kzKQi+R8AAACqIOb++8JM5H8AAAAojZj7PxpmIv8DAABAacTc/7Ewk4rkf/1/n/+v/6//r//fev36//1J/789/f8O9P/1/3ut//9f+v/0t17r/8fcf3+YSUXyPwAAAFRBzP0fDzOR/wEAAKA0Yu7/3TAT+R8AAABKI+b+T4SZVCT/6//3S/9/XP9f/1//v+nx6P/r/7ei/9+e/n8H+v/6/73W//f5//S5Xuv/x9z/yTCT5ef/sWUvCQAAAFwXMff/XphJRf79HwAAAKog5v7fDzOR/wEAAKA0Yu7/gzCTiuR//f9+6f/7/P9M/1//v+nx6P/r/7eyev3/eObR/9f/1/+P9P/1//X/adZr/f+Y+/8wzKQi+R8AAACqIOb+T4WZyP8AAADQF1r9P9nNYu4/FGYi/wMAAEBpxNx/OMykIvlf/1//X/+/R/v/f7n5X3/0gw8d3qH/r/+v/78iq/r5/7UXv8//1//X/0/0/1fe/6//Hqr/Txn1Wv8/5v4jYSYLwe8DPuAfAAAA+lvM/X8UZlKRf/8HAACAKoi5/2iYifwPAAAApRFz/3SYSUXyv/6//r/+f4/2//v48//j/uin/v/Emj7q/8eTrv5/S6va///4Qk9c/3+l/f/RlpdWqP8/kOn/d12L7f9+lmU93f+vp/9PGfVa/z/m/pkwk4rkfwAAAKiCkPsHjxVz4Qr5HwAAAEoj5v7jYSbyPwAAAJRGzP2fDjOpSP7X/9f/1//X//f5/63X37P9f5//35b+f3u90/9vrUL9f5///wq43tuv/6//z2K91v+PuX82zKQi+R8AAACqIOb+z4SZyP8AAABQGjH3fzbMRP4HAACA0oi5/0SYSUXyv/6//r/+v/6//n/r9ev/9yf9//b0/zvQ/9f/1//X/6ereq3/H3P/yTCTiuR/AAD+n737aLKsPu84fgcPxUyx8c4LL+y9XwILe22/AC+88cZVLi9wwDkxOEecowLKQgEFkBBKKAdACQllIQnlHFBGUo1K9PM80z19+tzumdvd5/6fz2ehBzWMzpVqCvjR89UBoIPc/TfGLfY/AAAADCN3/2/GLfY/AAAADCN3/2/FLU32v/5f/z9s///z+v+Dnq//1/+PTP8/T/+/hv5f/6//1/+zUUvr/3P3/3bc0mT/AwAAQAe5+38nbrH/AQAAYBi5+2+KW+x/AAAAGEbu/t+NW5rs/8v6/zOrnv1/Zrz6/5H6f+//P/D5+n/9/8hOtv+/5cd/5tP/6//1/0H/r//X/3O5pfX/uft/L25psv8BAACgg9z9vx+32P8AAAAwjNz9fxC32P8AAAAwjNz9fxi3NNn/3v/v/f/6f/2//n/6+fr/7eT9//M69f83PXT9jY/e/dP3HOX5+n/9v/5f/89mLa3/z93/R3FLk/0PAAAAHeTu/+O4xf4HAACAYeTu/5O4xf4HAACALXR+8qu5+/80bmmy//X/+n/9v/5f/z/9fP3/dtL/z+vU/1/J8/X/+n/9v/6fzVpa/5+7/8/ilib7HwAAADrI3f/ncYv9DwAAAMPI3X9z3GL/AwAAwDBy91+IW5rsf/3/8ff/P9T/6//j6v/1//r/46f/n6f/X0P/r//X/+v/2ail9f+5+2+JW5rsfwAAAOggd/9fxC32PwAAAAwjd/9fxi32PwAAAAwjd/9fxS1N9r/+3/v/9f/6f/3/9PP1/9tJ/z9P/7+G/v9q+/lr9f/6f/0/ux2x/39s5k/bG+n/c/f/ddzSZP8DAABAB7n7/yZusf8BAABgGLn7/zZusf8BAABgGLn7/y5uabL/9f/6f/2//v+K+//9P/Uep/+fpv8/GZvs/3f/uUn/v2Nj/f+Zs5Nf1v9vff/v/f/6f/0/eyzt/f+5+/8+bmmy/wEAAKCD3P3/ELfM7P8j/8N8AAAA4FTl7v/HuMX3/wEAAGDrZXWWu/+f4pYm+1//r//X/+v/vf9/+vlz/f89uz6f/n9ZvP9/3rH0/+dXq5X3/+v/9f/6f/0/E5bW/+fu/+e4pcn+BwAAgA5y998at9j/AAAAMIzc/f8St9j/AAAAMIzc/f8atzTZ/9P9/6Xfr/8/HP3/3s+v/5/++bGp/j//E6+2/19d9vXB+v9f8P7/nvT/8xbz/v8D6P/1/9v8+Qfv/8+v+/H6f6Ysrf/P3f9vcUuT/Q8AAAAd5O7/97jF/gcAAIBh5O7/j7jF/gcAAIBh5O7/z7ilyf73/n/9v/5/+/p/7//fcZrv/1+deP9/Vv9/SPr/efr/NfT/+n/9//z7/2f+XwD0/0xZWv+fu/+/4pYm+x8AAAA6yN3/33GL/Q8AAADbYfevHbj8F5SG3P3/E7fY/wAAADCM3P3/G7c02f/6f/2//l//r/+ffv6y+n/v/z8s/f88/f8a+v/j6OfPDtb/33bQj19C/3/zcff/M/T/TNnT/9976eun1f/n7v+/uKXJ/gcAAIAOcvf/f9xi/wMAAMAwcvc/IW6x/wEAAGAYufufGLc02f/H3v/PvCNU/6//1//r//X/+v9N0//P0/+vof/3/n/v/9f/s1F7+v9dTqv/z93/pLilyf4HAACADnL3Pzlusf8BAABgGLn7b4ubrjm1TwQAAABsWu7+p8QtTb7/7/3/+n/9v/5f/z/9fP3/dtL/z9P/r6H/1//r//X/bNTS+v/c/U+NW5rsfwAAAOggd//T4hb7HwAAAIaRu//pcYv9DwAAAMPI3f+MuKXJ/tf/H2//n1/X/+v/V/p//b/+/0S07f/PTP2VaL8D+v8Hfv3CL+39iv5f/6//1//r/zmkn5z5fYvo/y9e+rvL3P3PjFua7H8AAADoIHf/s+IW+x8AAACGkbv/2XGL/Q8AAADDyN1/e9xyxP0/1zwsmf7f+//1//p//f/08/X/26lt/39I3v+/hv5f/6//1/+zUYvo/3f9+9z9z4lbfP8fAAAAhpG7/7lxi/0PAAAAw8jd/7y4xf4HAACAYeTuf37c0mT/6//1//p//b/+f/r5+v/tpP+fp/9fY5v6/9v1/1f4+e87rs+v/9f/s9/S+v/c/XfELU32PwAAAHSQu/8FcYv9DwAAAMPI3f/CuMX+BwAAgGHk7n9R3NJk/+v/9f/6f/2//n/6+fr/7aT/nzdA/39u9x9/Rf3/nTMfYKr/v3jdMvt/7/9f3OfX/+v/2W9p/X/u/hfHLU32PwAAAHSQu//OuMX+BwAAgGHk7r8rbrH/AQAAYBi5+18StzTZ//p//b/+X/+v/59+vv5/O+n/5w3Q/3v//0r/v9TPr//X/7Pf0vr/3P0vjVua7H8AAADoIHf/3XGL/Q8AAADDyN3/srjF/gcAAIBh5O6/J25psv/1//p//b/+X/8//Xz9/3Y6vv5/pf/X/+v/19D/6//1/1xuaf1/7v6Xxy1N9j8AAAB0kLv/FXGL/Q8AAADDyN3/yrjF/gcAAIBh5O5/VdzSZP/r//X/+n/9v/5/+vn6/+3k/f/z9P9r6P/1//p//T8bNd3/33xq/X/u/lfHLU32PwAAAHSQu//euMX+BwAAgGHk7n9N3GL/AwAAwDBy9782bmmy//X/+v+9/f9qpf/X/+v/d5xA/39upf/fOP3/PP3/Gvr/Mfv/a1YD9f/nD/zx+n+WaGnv/8/d/7q4pcn+BwAAgA5y978+brH/AQAAYBi5+98Qt9j/AAAAMIzc/W+MW5rsf/2//t/7//X/+v/p53v//3bS/8/T/6+h/x+z//f+f/0/p2Zp/X/u/jfFLU32PwAAAHSQu//NcYv9DwAAAMPI3f+WuMX+BwAAgGHk7n9r3NJk/+v/9f/6f/2//n/6+fr/7aT/n6f/X0P/r//X/+v/2ail9f+5+++LW5rsfwAAAOggd//9cYv9DwAAAMPI3f9A3GL/AwAAwDBy978tbmmy//X/+n/9/3b2/+f0//p//f+kpfT/N9zwiw/q//X/+n/9v/5f/9/d0vr/3P1vj1ua7H8AAADoIHf/O+IW+x8AAACGkbv/nXGL/Q8AAADDyN3/rrilyf7f3/9fu9opVHdM9f/RqOn/d9H/7/38+v/pnx/e/6//1/8fv6X0/97/f2WfX/+v/9/mz3+k/v9n9/94/T8jWlr/n7v/wbilyf4HAACADnL3vztusf8BAABgGLn73xO32P8AAAAwjNz9D8UtTfa/9//r//X/+n/9//Tz9f/b6fj6/52/R9D/6//1/wfT/w/y/v+f0P+zOUvr/3P3vzduabL/AQAAoIPc/e+LW+x/AAAAGEbu/vfHLfY/AAAADCN3/wfilib7X/+v/9f/6//1/9PP1/9vJ+//n6f/X6NP/39u6oun3c9frdP+/MP0/97/zwYtrf/P3f/BuKXJ/gcAAIAOcvd/KG6x/wEAAGAYufs/HLfY/wAAADCM3P0fiVua7H/9v/5//P7/V/X/lz1f/6//H5n+P/+KPk3/v0af/n/Saffz2/759f/6f/ZbWv+fu//huKXJ/gcAAIAOcvd/NG6x/wEAAGAYufs/FrfY/wAAADCM3P0fj1ua7H/9f6/+/8yqY//v/f/6f/1/J/r/efr/NfT/+n/9v/6fjVpa/5+7/5EzZ1vufwAAANhWv/xzv/HwYf/YRx7/13OrT8Qt9j8AAAAMI3f/J+MW+x8AAACGkbv/U3FLk/2v/+/V//d8/7/+X/+v/+9E/z9P/7+G/l//r//X/7NRS+v/c/d/Om7ZNfzOHvm/JQAAALAkufs/E7c0+f4/AAAAdJC7/7Nxy779f/GQv6odAAAAWJrc/Z+LW5p8/1//v/D+f3VM/X/8cfr/Hfp//f/U8/X/20n/P+8q+/+LZ/T/+v8Z+n/9v/6fyy2t/8/d//m4pcn+BwAAgEHt+ScKufu/ELfY/wAAADCM3P1fjFvsfwAAABhG7v4vxS1N9r/+/8T7/0zVj/H9/+frt7z/v3n/f+u5yefr//X/I9P/z/P+/zX0/6P0/9fp//X/LMPS+v/c/V+OW5rsfwAAAOggd/9X4hb7HwAAAIaRu/+rcYv9DwAAAMPI3f+1uKXJ/tf/L/z9/1fU/x/i/f/6/x79/wHPH6f//6nrL9z/K7921x36fy45yf4/fy7o//X/+v8dC+r/vf9f/89CbL7/P7vni0ft/3P3fz1uabL/AQAAoIPc/Y/GLfY/AAAADCN3/zfiFvsfAAAAhpG7/5txS5P9r//X/y+l/8//rU+h/7+wff1/NsXd+3/v/9f/7+f9//P0/2vo//X/+n/9Pxu1+f5/7xeP2v/n7v9W3NJk/wMAAEAHufu/Hbfk/j9z5H90DwAAACxM7v7vxC2+/w8AAADDyN3/3bilyf7X/+v/l9L/J+//v/TjvP9/xxj9/8/Ub+n/j9eV9Pe7fw7r/4P+X/+v/9f/6//ZgKX1/7n7vxe3NNn/AAAA0EHu/sfiFvsfAAAAhpG7//txi/0PAAAAw8jd/4O4pcn+1/+P2v9nEa//1//r/5fR/3v//0nx/v95+v819P/6f/2//p+NWlr/n7v/RwEAAP//auBn+g==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f00000001c0)='./file0\x00')
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x187842, 0x0)

10.151264601s ago: executing program 4 (id=1278):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000000)={0x6, @local, 0x0, 0x0, 'sh\x00', 0x3050ce16fe626417}, 0x2c)
syz_emit_ethernet(0x36, &(0x7f0000000140)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x14, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0)

9.375135819s ago: executing program 4 (id=1285):
r0 = io_uring_setup(0x653, &(0x7f00000000c0))
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0xf, &(0x7f0000000540)={0x1002, 0x0, 0x0, 0x0, 0x28}, 0x20)

9.170126721s ago: executing program 34 (id=1285):
r0 = io_uring_setup(0x653, &(0x7f00000000c0))
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0xf, &(0x7f0000000540)={0x1002, 0x0, 0x0, 0x0, 0x28}, 0x20)

1.107712595s ago: executing program 0 (id=1348):
r0 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_STAT_GET(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000440)=ANY=[@ANYBLOB="100000000000eb"], 0x10}, 0x1, 0x0, 0x0, 0x40}, 0x0)

1.027439172s ago: executing program 0 (id=1350):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000002080)='./file0\x00', 0x208000, &(0x7f0000000640)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x3c, 0x0, 0x0)
write$FUSE_NOTIFY_STORE(r0, &(0x7f0000000540)={0x2a, 0x4, 0x0, {0x1, 0xffffffffffefffff, 0x2, 0x0, [0x0, 0x0]}}, 0x2a)

1.02723164s ago: executing program 3 (id=1351):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="6800000013000100"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140003006772653000000000000000000000000034001a80100002800c000180080021000000000020"], 0x68}}, 0x0)

949.217855ms ago: executing program 3 (id=1352):
r0 = fsopen(&(0x7f00000009c0)='9p\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r0, 0x5, &(0x7f00000005c0)='\x00H\xeb', 0x0, r0)

899.792543ms ago: executing program 3 (id=1354):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x44, r0, 0x1, 0x70bd2d, 0x25dfdbfd, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_TX_RATES={0x1c, 0x5a, 0x0, 0x1, [@NL80211_BAND_6GHZ={0x18, 0x3, 0x0, 0x1, [@NL80211_TXRATE_HE={0x14, 0x5, {[0x3ff, 0x1, 0x4, 0x0, 0x7, 0x1, 0x1, 0x9]}}]}]}]}, 0x44}, 0x1, 0x0, 0x0, 0x840}, 0x4)

834.209237ms ago: executing program 3 (id=1355):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0xfffff000)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$sock_int(r0, 0x1, 0xc, &(0x7f0000000100)=0xe85, 0x4)

757.053426ms ago: executing program 3 (id=1356):
syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./file0\x00', 0x100000a, &(0x7f00000001c0)=ANY=[@ANYBLOB="6a6f75726e616c5f6173796e635f636f6d6d69742c6865617274626561743d6e6f6e652c6c6f63616c666c6f636b732c696e6f646536342c6a6f75726e616c5f6173796e635f636f6d6d69742c6e6f61636c2c6e6f61636c2c6572726f72733d636f6e74696e75652c00edc97523793b5022d016bb24c65ba594abbd38fd9c301bfa101e61d574eb5cc84215aa20846b6f33df6281eaedb4b4afaaacd321e4df0d16b4f5a8a992efe2554b52ec9c980e5544cd4b8df3e1ba594d07e0bfe3471c164430a36b7ebddc35caf2959224d8330f1807117fc520d8ff5660c5691afd66a8e397bb802ed69df198008fb799cc37"], 0x1, 0x470e, &(0x7f0000008f40)="$eJzs222IHGcBB/BnNqe5pMn1XtImafqySQQPLceln6r1QzyrNpo2L9pWU+Xcu1wvp3u7592uFgxSgyAKghIEFV+oCqVfakEM9EstQsEXpFUoFUXrF5FCFfxg0AZ6srszuZ3Zvc7mNmlp+/tBOzfPzPPMs/e/eebl2RRitVMLK8WFlWKpUqzO3r9yS/Fz1XJ9cS4UXiWv9fHpzZXISfavnSPv+8BH7rklhD8c+9qHVldXV0PDcOjqQNvP5/99erZ9mShk6jTa7d5ayx/rj7z087e80h55ToQQdnT0q2FTCOFjvwhhcwhhJC4bjZdbQgjbQghRCOHR3/zrx4P9dKHN2XtfeO7YmcP7zkw9/tgzF+aPrrtjFMJ3y7tvnl98cf+m255/x2U6PAAAvKIPHj9y99HJA+HJKAydG+i8X98ZL5P74zvf9qm7Hh5Y275Kbza9iqECAABAxtrz/3D0cpf5umRmLZkSfOKBE3c/Fa1t92D7+nboriO3v3/yQDz/G3VsvzUu+ud7NzXnULPzvtn535FM/e7zv2vHefirz/6y8taN9z/pX3Lc4RAVJlLrhcLERAjHplrru6KthXJ1pfbO+6v1ysmNH/eNIp1/dvZ+bUK/1/xHM9Xz5v93f+LzP9sy0M8nGAvZv9rGerHzT5ku0vmvP5b/5EtRT/mPZerl5X/H09vP/2pzP58ge0QuRTr/1om4r32HYmsAaOT/zYH8/Hdk2s/L//tT5x49sYHv/zTGmeGo0dfB1Ajwcly+zleYyEjn3woiNXTGv8j1zv//ZfK/JtN+Xv53Vv/xu7/1cf1fb/wfn+qnzTePdP6tIIqpPdbO/5FC/vl/bab9vPx/e+rPz36yr2t1Z/6N/o+7/vcknX98IU4Pns3fZK/j/85M+3n57xq776GFDfT7w1vifg5FYaztW6fnGpewobX56uYjTWPz0gYO8iaQzr/1W0udOkOtRfP8H84f/3dl2s/L/6E9X3/P6b6+/9t9/J80/vcknf+WZtml5P9SJv/dmfbz8v/h6b//5b7LPP431g/Kvyfp/Ld2bF97/1Po6fnvukz9vPc/+0afeuSvfTz/J/1Ljpu8/0neQ4xHrfc/dJfO/6p19+v1+r8nUy/v/P/Wf55/en8/43802PEGwK1f79L5b2sVdnkA7DX/6zPt5+X/hXu+/PE/beD5r3nHN5jk3/b8v7lVftT435N0/ttbhal/DPVg8//N63/Umft/M/nfkGk/L/8LhyYGvnKZr/+N/o93eZVNp3T+Q+vu18j/9z1c/2/M1MvL/4t7f/rizX3d/4cwacDfsHT+V6+7X/P8H8zP/6ZMvbz8v/ONXz/xYB/9f3sfdcnm37rWp06n+N681+f/Yqb9vPx/NH7+7P4r8Px3q+t/T9L5t2bNLyX/7PP/3kz7efl/78gPlgeuwPufO+QPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwIaPxcjhEhYnUeqEwMRHCWLy+K2yNZkonp2fK1dnPrISwIy4vhtFovlydKZWnFyrVk3PTpXK5OhvCNfH2HWEwWilXa9OLpaVrL7a1JTo1V1quzcyVaiGEnXH59WF70tbMQm2xtNTcN6lzVVT6bL1aK03UV+aWw+6L5duS8vnlan3puottXV2oLi+dKlWmTy4sv3tycnIy7LnY55Fo7oHaXKXW6m1ra6NOUnc4avswzc03tB3v09X6cqVUbpbf2FanXJ0tldvq3NR2vNpyvTJbqs1Nl6vzyfGKbXXbPltz895423gYSX2+pG7WwXh5+6HjHz1++EDH9mKUzrtSX5yb3N79bwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAN64nb3vXt0MIA621QgjhYPJDFP+XcvbeF547dubwvjNTjz/2zIX5o932AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPg/O3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdi5n5cowjgOwO+MbRZIKV2EPAaGiOhNwoJ+EUnlGtmxS+egTgkZFAWGER0LgiCoW1QQdAoq/4Kog8dO1aUOHQwiqBidSdld2HKh13aeB4Z3htF3vjCwO/N+3n0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABYP87uWOzK2ku7Ni9t3f0hdObnNoYQRpPl/c97O0JPCOHrl5nToUFb6Knp/83k3Hj9VZPfe/vHH14fTdZef/G/xXW7Q5IOrTremaTp0NDa+29XdwafTQ8mIaSxCyGKhbEnZyohhI7YhRDFz4/zF7PP9w2xCyGK/g93u7L7X4ldCFFs3f2pr5I/49EOOv/qr89XLwyu/u5v9gjewiM669Dbk1fepW5q6b3M3/+TfPM+WA6zJ468fx67CKKZnZs6GrsGAADg3zrXJP8PW5b3719OQk93fe7/rSb/763pv3H+v+Le9htjMy2FENvqxiaz4+F9rfTZ/k4NXL39umK8p6zk/+Um/y83+X+5yf/LTf5fbvJ/Mq/k/6X0+OaexRexiyAa+T8AAJTPoeMTU9Xhkezlf9OPzvq8vi9vq3me/uDW9MCjVeNG8sP/2+FjEwcODo/k971+QHBl/Yd06ez3fL5HbVuYrJl30Wz9h96nC/PXGvx0rfqH8zeK+orrWv8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF/szrEJg2AQgNH/kioTZI1kikCaRME9nMHSARzF2hmcw8oFtBDRxtJG3mvu4IPjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALi+T/4r/q936iLdpojUZ/V335/rUi5jaKp2vG89Du4+TvoXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABmduBABgAAAECYv3Ue7QcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgpwAAAP//6bfLTA==")
symlinkat(&(0x7f0000001040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
mknod$loop(&(0x7f00000010c0)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x6000, 0x1)

381.218441ms ago: executing program 3 (id=1363):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file3\x00', 0xcc0, &(0x7f00000001c0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6865617274626561743d6e6f6e652c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c636f686572656e63793d62756666657265642c6572726f72733d636f6e74696e75652c757365725f78617474722c626172726965723d30303030303030303030303030303032363131352c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030362c696e74722c6a6f75726e616c5f6173796e635f636f6d6d69742c00535d4e036013ec9e6e7ecdee3849b40884b95e94f35cec9600cd19beb0"], 0x1, 0x442a, &(0x7f0000008940)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZM3cRObaNQQ6EmliZTSUmixptrGeNkusG3RhW1gMR56wFsTTyYejIdGE2+cGg5e65/gxWM9N9GDFxOTRszuzgIz7IaVsGDr53NgmOc3+5159pnD8MSJyp25pdzcUq6wkCvP3Fo6k/u4XFqeL4Z4nzTt/9D+9U97OnGdHPS190929fzFd2+cCeH72R+frK+vr4eq7tDU0Jbff/v13szWY0OcqVNtt3lre+WDEMLJbeOq6gohvP9dCFEI4VySNpoce0MIx0I978a9z27m9mg0Dx8Xz+afTt1fGz49ufpgrfXfHoXwVel/r92e//nFruGfXtmj7gEAAAAAAAAAAAAAAAAAeMaNX7t6/Z3BofAoCt2r0fb3dceTY6v3Y9f3zAud/2MBAAAAAAAAAAAAAAAAAADgb2rz/f9cdKLJ+/9jyXGkRf31tzo/Rjpn4u2rYxcGh5L936Nt+a8nSb+c6wr9TfZ9z+7/fi5Tv/n+79v72a3G+Br99oUoHkidx/HAQAjfJBu/n4qOxKXyUuXVW+Xlhdk9G8YzKx3/+u79qegkG/q3G//RTPud3///v9uupur5zb27xJ5r6fh3tSz37adRW/E/n6m3H/Fn99Lx766l9W4tMFKfAKrx/7x75/iPZdrvVPyPhxByUXWsudQMUF3DVNNbrVdIS8f/UC0tNXUmH2Sr+//3TPwvZNo/qPl/JftFRFPp+P+rltaTKrF5//fHO9//FzPtH0T8q+Nf8f3flnT8D9cTu1NFap9ku/P/eKb9TsX/epyM83iUugJWo3p6q/9XR1o6/j3b8jef/+K21n+XMvX36/mv0W/j+a8x/b8c1Z//aC4d/96W5dq9/ycy9To9/4/U1n/sVjr+R2pp6bVzX+1nu/GfzLTfqfjXViU9jfhvzid/HK6nf23915Z0/P9dT4y3llip/ayt/6Kd1/+XM+0fxPqvOv6VuLO9Pi/S8T/aslw1/j+08f1/JVOv8/EPYdBaf9fS8T/Wslzt/u/ZOf5TmXqdjv9LnWwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Bkwmhz7QhQPpM7jeGAghPPJ+alwJJouzOanS+WZj5ZCGEvSc+FEdLtUni6U8nML5dlivlAqlWdCuJDknww90VKpXMnPF+5e3GirN7pTLCxWpouFSghhPEn/fzjWaGt6rjJfuBtCuLSR95+4vHj3TmEhPzu3+Obg4OBgmNgYQ39U/KRSXKjUe6/nhjC5Ubcv2jK4WvbljbEcjT4sLy8uFEq19Ctb6pTKM4XSljpTSd4XoT+qLC4vzBQqxXypfLvR30EaSY5jE9feu3ZlaFv+zah+HN3fYQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFz0afuPLEEJ3/SwOIYw0fomalX/4uHg2/3Tq/trw6cnVB2tPWpUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+JMdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7NIxSgNBFAbgN2Ohdh7DatntbFcU0cIVwRPoMTyMHsVLeIcUKdKmCIFkFsJmF7ZJqu9rHszPzHswDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHme3ruPt7qJSHG1uYz4+/pfHOYvpf7cj9+/OMOMnM7za/fwWDfl39NRfleOlm3epevV92eM1N7vYE+G+7TX97menGtq36bm6/veRMpVRLQlv005V9W8twAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgyw4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRR9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD///4CHxA=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x14a)
write$FUSE_INIT(r0, &(0x7f0000000100)={0x50, 0x0, 0x0, {0x7, 0x29, 0xe03, 0x400, 0x2, 0x4, 0xb, 0xffff75d2, 0x0, 0x0, 0x8, 0x9}}, 0x50)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x28042, 0x102)
ioctl$FICLONERANGE(r1, 0x4020940d, &(0x7f00000000c0)={{r1}, 0x0, 0x0, 0x100000})
pwritev(r0, &(0x7f0000000340)=[{&(0x7f00000002c0)='2', 0x1}], 0x1, 0x5, 0x6)

377.104384ms ago: executing program 5 (id=1364):
r0 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x802, 0x0)
write$UHID_CREATE(r0, &(0x7f0000000080)={0x0, {'syz1\x00', 'syz0\x00', 'syz0\x00', &(0x7f0000000040)=""/15, 0xf, 0xa0, 0x6, 0x3, 0x5, 0x1635}}, 0x120)
write$UHID_INPUT(r0, &(0x7f0000002080)={0xc, {"a2e3ad21ed0d52f91b5d390887f70e06d038e7ff7fc6e5539b3272298b089b07081b4d090890e0878f0e1ac6e7049b3366959bfc9a240d2567f3988f7ef319520100ffe8d178708c523c921b1b9b39070d075d0936cd3b78130d9b61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c9000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c198045651cf4778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdc80c47ee4f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78ff95b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af0000807e0000000002d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b4051db55e0510a6e4114a53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a6d8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251a4523a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)

206.21054ms ago: executing program 5 (id=1365):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000800)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x18, 0x18, 0x5, [@type_tag={0x3, 0x0, 0x0, 0x12, 0x802}, @enum]}, {0x0, [0x2e, 0x2e, 0x5f]}}, &(0x7f0000000f40)=""/4089, 0x35, 0xff9, 0x1}, 0x28)

206.050232ms ago: executing program 5 (id=1366):
r0 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000040)={0x0, 0xfff, 0x4, {0x3, @pix_mp={0x5, 0x5be7, 0xb5315258, 0x6, 0xb, [{0x82000004, 0x3}, {0x0, 0x5}, {0x0, 0x10}, {0x6bd, 0x7fd}, {0x1, 0xb}, {0x7, 0x489aa92e}, {0x5, 0x1000005}, {0xff, 0x7}], 0x2, 0x20, 0x2, 0x0, 0x3}}, 0xfffffffd})

135.915536ms ago: executing program 0 (id=1367):
r0 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="380000000314010000000000000008000900020073797a310000000008"], 0x38}}, 0x0)

135.642631ms ago: executing program 5 (id=1368):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}})
writev(r0, &(0x7f00000006c0)=[{&(0x7f0000000300)="2e9b3d0007e03dd65193dfb6c575963f86ddf06712e900272f8db0049d90491ceaebfd26d4eef23248000000f858dbb8a19052343f", 0x35}, {&(0x7f0000000100)="051a00000e", 0x5}], 0x2)

132.638493ms ago: executing program 0 (id=1369):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x700, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000200)='mounts\x00')
read$FUSE(r0, &(0x7f0000003900)={0x2020}, 0x2020)

46.853991ms ago: executing program 0 (id=1370):
socket$igmp(0x2, 0x3, 0x2)
r0 = socket$kcm(0x10, 0x2, 0x4)
capset(&(0x7f0000000040)={0x20080522}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x2})
sendmsg$kcm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000100)="4c000000140097f87059ae08060c040002ff0f0200000000000001870182fa73a69d35a2cca84708f7abca1b4e7d06a6bd7c493872f750375ed08a560400000003c48f93b82a03000000461e", 0x4c}], 0x1}, 0x0)

45.404796ms ago: executing program 5 (id=1371):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f00000000c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x34, 0x34, 0x5, [@var={0x3, 0x0, 0x0, 0x11, 0x3}, @typedef={0x0, 0x0, 0x0, 0x4}, @struct={0x0, 0x1, 0x0, 0x4, 0x1, 0x0, [{0x0, 0x2}]}]}, {0x0, [0x0, 0x0, 0x2e]}}, 0x0, 0x51}, 0x20)

313.646µs ago: executing program 0 (id=1372):
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000180)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x20bc, 0x5500, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x7, 0xa, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x800, 0x0, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x7}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000040)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0x7, {[@global=@item_012={0x0, 0x1, 0x7}, @main=@item_4={0x3, 0x0, 0xb, "80c5310c"}, @main=@item_012={0x0, 0x0, 0xb}]}}, 0x0}, 0x0)

0s ago: executing program 5 (id=1373):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=ANY=[@ANYBLOB="c40000001900674c0000000004000000fc000000000000000000000000000002e000000200000000000000000000000000000000000000000200200000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0100000000000000000000000000000000000000000000000000000000000000000000400000000000008000000000000000000000000000fcffffffffffffff0000000000000000020000000002000000000000000000000000000000000000000400000000000000000000000000000a00100001"], 0xc4}}, 0x4c050)
r1 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020e0000150000000000000000000000030005000000000002004e24ac1e00010000000000000000030006003c000000020000fc34000000000000000000000001001800000000000800120000000200fcffffff0000000006003300000000000000000000000000fe8000000000000000000000000000aa00000000000000000000000000000000040003"], 0xa8}}, 0x0)
r2 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f00000006c0)=ANY=[@ANYBLOB="0212090902"], 0x10}}, 0x40010)

kernel console output (not intermixed with test programs):

7
[  131.173539][ T7598] F2FS-fs (loop4): build fault injection rate: 690
[  131.184808][ T7598] F2FS-fs (loop4): invalid crc value
[  131.257268][ T7598] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  131.262986][ T7598] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  131.312100][ T7351] syz-executor: attempt to access beyond end of device
[  131.312100][ T7351] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  131.316748][ T7351] CPU: 0 UID: 0 PID: 7351 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  131.316762][ T7351] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  131.316767][ T7351] Call Trace:
[  131.316771][ T7351]  <TASK>
[  131.316775][ T7351]  dump_stack_lvl+0x189/0x250
[  131.316791][ T7351]  ? __pfx_dump_stack_lvl+0x10/0x10
[  131.316801][ T7351]  ? __pfx_queue_work_on+0x10/0x10
[  131.316808][ T7351]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  131.316819][ T7351]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  131.316834][ T7351]  f2fs_handle_critical_error+0x37c/0x540
[  131.316849][ T7351]  f2fs_write_end_io+0x886/0xb60
[  131.316866][ T7351]  __submit_merged_bio+0x27a/0x6a0
[  131.316880][ T7351]  __submit_merged_write_cond+0x255/0x530
[  131.316894][ T7351]  f2fs_write_data_pages+0x261d/0x3000
[  131.316925][ T7351]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  131.316964][ T7351]  ? unwind_next_frame+0xa5/0x2390
[  131.316973][ T7351]  ? rcu_is_watching+0x15/0xb0
[  131.316980][ T7351]  ? __kasan_check_byte+0x12/0x40
[  131.316997][ T7351]  ? is_bpf_text_address+0x26/0x2b0
[  131.317007][ T7351]  ? rcu_is_watching+0x15/0xb0
[  131.317016][ T7351]  ? rcu_is_watching+0x15/0xb0
[  131.317024][ T7351]  ? lock_release+0x4b/0x3e0
[  131.317033][ T7351]  ? lock_release+0x4b/0x3e0
[  131.317052][ T7351]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  131.317063][ T7351]  do_writepages+0x32e/0x550
[  131.317080][ T7351]  ? do_raw_spin_unlock+0x4d/0x240
[  131.317097][ T7351]  filemap_fdatawrite+0x199/0x240
[  131.317113][ T7351]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  131.317125][ T7351]  ? __pfx_SOFTIRQ_verbose+0x10/0x10
[  131.317169][ T7351]  ? do_raw_spin_unlock+0x4d/0x240
[  131.317182][ T7351]  f2fs_sync_dirty_inodes+0x31f/0x830
[  131.317204][ T7351]  f2fs_write_checkpoint+0x95a/0x1df0
[  131.317237][ T7351]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  131.317270][ T7351]  ? kill_f2fs_super+0x298/0x6c0
[  131.317281][ T7351]  kill_f2fs_super+0x2c3/0x6c0
[  131.317292][ T7351]  ? __pfx_kill_f2fs_super+0x10/0x10
[  131.317298][ T7351]  ? radix_tree_delete_item+0x2b6/0x400
[  131.317312][ T7351]  ? shrinker_free+0x2ce/0x3e0
[  131.317323][ T7351]  deactivate_locked_super+0xbc/0x130
[  131.317334][ T7351]  cleanup_mnt+0x425/0x4c0
[  131.317343][ T7351]  ? lockdep_hardirqs_on+0x9c/0x150
[  131.317354][ T7351]  task_work_run+0x1d4/0x260
[  131.317367][ T7351]  ? __pfx_task_work_run+0x10/0x10
[  131.317376][ T7351]  ? __x64_sys_umount+0x122/0x160
[  131.317388][ T7351]  ? exit_to_user_mode_loop+0x40/0x110
[  131.317401][ T7351]  exit_to_user_mode_loop+0xec/0x110
[  131.317411][ T7351]  do_syscall_64+0x2bd/0x3b0
[  131.317421][ T7351]  ? lockdep_hardirqs_on+0x9c/0x150
[  131.317430][ T7351]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.317438][ T7351]  ? exc_page_fault+0x9f/0xf0
[  131.317448][ T7351]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  131.317455][ T7351] RIP: 0033:0x7f7748d8ff17
[  131.317464][ T7351] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  131.317470][ T7351] RSP: 002b:00007ffcb44c4088 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  131.317479][ T7351] RAX: 0000000000000000 RBX: 00007f7748e11c05 RCX: 00007f7748d8ff17
[  131.317485][ T7351] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcb44c4140
[  131.317489][ T7351] RBP: 00007ffcb44c4140 R08: 0000000000000000 R09: 0000000000000000
[  131.317494][ T7351] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcb44c51d0
[  131.317498][ T7351] R13: 00007f7748e11c05 R14: 000000000001feb0 R15: 00007ffcb44c5210
[  131.317530][ T7351]  </TASK>
[  131.318154][ T7351] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  131.976868][ T7620] loop4: detected capacity change from 0 to 32768
[  131.982284][ T7620] 
[  131.982284][ T7620]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  131.982284][ T7620] 
[  132.061062][ T7620] 
[  132.061062][ T7620]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  132.061062][ T7620] 
[  132.062287][ T5852] syz-executor: attempt to access beyond end of device
[  132.062287][ T5852] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  132.066189][ T7620] 
[  132.066189][ T7620]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  132.066189][ T7620] 
[  132.074159][ T7620] 
[  132.074159][ T7620]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  132.074159][ T7620] 
[  132.077661][ T7620] 
[  132.077661][ T7620]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  132.077661][ T7620] 
[  132.077733][ T5852] CPU: 1 UID: 0 PID: 5852 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  132.077747][ T5852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  132.077752][ T5852] Call Trace:
[  132.077756][ T5852]  <TASK>
[  132.077761][ T5852]  dump_stack_lvl+0x189/0x250
[  132.077776][ T5852]  ? __pfx_dump_stack_lvl+0x10/0x10
[  132.077786][ T5852]  ? __pfx_queue_work_on+0x10/0x10
[  132.077799][ T5852]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  132.077810][ T5852]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  132.077824][ T5852]  f2fs_handle_critical_error+0x37c/0x540
[  132.077839][ T5852]  f2fs_write_end_io+0x886/0xb60
[  132.077855][ T5852]  __submit_merged_bio+0x27a/0x6a0
[  132.077865][ T5852]  ? up_write+0x1c4/0x420
[  132.077876][ T5852]  __submit_merged_write_cond+0x44c/0x530
[  132.077890][ T5852]  f2fs_sync_node_pages+0x1479/0x15e0
[  132.077909][ T5852]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  132.077932][ T5852]  ? f2fs_write_checkpoint+0xe43/0x1df0
[  132.077942][ T5852]  ? up_write+0x1c4/0x420
[  132.077949][ T5852]  ? do_raw_spin_unlock+0x4d/0x240
[  132.077960][ T5852]  f2fs_write_checkpoint+0xe6f/0x1df0
[  132.077980][ T5852]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  132.078010][ T5852]  ? kill_f2fs_super+0x298/0x6c0
[  132.078020][ T5852]  kill_f2fs_super+0x2c3/0x6c0
[  132.078031][ T5852]  ? __pfx_kill_f2fs_super+0x10/0x10
[  132.078037][ T5852]  ? radix_tree_delete_item+0x2b6/0x400
[  132.078051][ T5852]  ? shrinker_free+0x2ce/0x3e0
[  132.078061][ T5852]  deactivate_locked_super+0xbc/0x130
[  132.078072][ T5852]  cleanup_mnt+0x425/0x4c0
[  132.078082][ T5852]  ? lockdep_hardirqs_on+0x9c/0x150
[  132.078093][ T5852]  task_work_run+0x1d4/0x260
[  132.078105][ T5852]  ? __pfx_task_work_run+0x10/0x10
[  132.078113][ T5852]  ? __x64_sys_umount+0x122/0x160
[  132.078125][ T5852]  ? exit_to_user_mode_loop+0x40/0x110
[  132.078138][ T5852]  exit_to_user_mode_loop+0xec/0x110
[  132.078149][ T5852]  do_syscall_64+0x2bd/0x3b0
[  132.078159][ T5852]  ? lockdep_hardirqs_on+0x9c/0x150
[  132.078168][ T5852]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.078176][ T5852]  ? exc_page_fault+0x9f/0xf0
[  132.078187][ T5852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  132.078194][ T5852] RIP: 0033:0x7f596f58ff17
[  132.078203][ T5852] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  132.078209][ T5852] RSP: 002b:00007ffc099ef6a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  132.078218][ T5852] RAX: 0000000000000000 RBX: 00007f596f611c05 RCX: 00007f596f58ff17
[  132.078223][ T5852] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc099ef760
[  132.078228][ T5852] RBP: 00007ffc099ef760 R08: 0000000000000000 R09: 0000000000000000
[  132.078232][ T5852] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc099f07f0
[  132.078237][ T5852] R13: 00007f596f611c05 R14: 000000000001fd21 R15: 00007ffc099f0830
[  132.078250][ T5852]  </TASK>
[  132.078254][ T5852] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  132.093374][ T7620] 
[  132.093374][ T7620]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  132.093374][ T7620] 
[  132.195198][ T7620] 
[  132.195198][ T7620]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  132.195198][ T7620] 
[  132.199369][ T7620] 
[  132.199369][ T7620]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  132.199369][ T7620] 
[  132.202728][ T7620] 
[  132.202728][ T7620]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  132.202728][ T7620] 
[  132.271426][ T7620] 
[  132.271426][ T7620]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  132.271426][ T7620] 
[  132.508593][ T7351] 
[  132.508593][ T7351]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  132.508593][ T7351] 
[  132.521245][ T7351] 
[  132.521245][ T7351]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  132.521245][ T7351] 
[  132.624345][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  132.627050][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  132.886359][ T7631] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
[  132.890081][ T7631] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  133.312733][ T7639] loop4: detected capacity change from 0 to 128
[  133.317454][ T7639] EXT4-fs: Ignoring removed nobh option
[  133.343512][ T7639] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  133.361990][ T7639] ext4 filesystem being mounted at /15/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  133.417000][ T7351] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  133.555720][ T7642] loop4: detected capacity change from 0 to 128
[  133.565110][ T7642] adfs: Bad value for 'ftsuffix'
[  133.629735][ T7644] loop3: detected capacity change from 0 to 512
[  133.643011][ T7644] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  133.674832][ T7644] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  133.678955][ T7644] System zones: 0-2, 18-18, 34-34
[  133.709513][ T7644] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  133.720968][ T7644] ext4 filesystem being mounted at /91/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  133.774428][ T7652] netlink: 8 bytes leftover after parsing attributes in process `syz.0.519'.
[  133.782880][ T7652] netlink: 'syz.0.519': attribute type 20 has an invalid length.
[  133.792466][ T7652] netlink: 'syz.0.519': attribute type 21 has an invalid length.
[  133.839455][ T6681] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.161919][ T7671] loop3: detected capacity change from 0 to 512
[  134.168411][ T7671] EXT4-fs: Ignoring removed bh option
[  134.182955][ T7671] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2848: Unable to expand inode 17. Delete some EAs or run e2fsck.
[  134.202394][ T7671] EXT4-fs (loop3): 1 truncate cleaned up
[  134.217051][ T7671] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.283784][ T6681] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.098549][ T7696] loop3: detected capacity change from 0 to 32768
[  136.113889][ T7696] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  136.132180][ T7696] (syz.3.537,7696,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len % 4 != 0 - offset=312, inode=13845347915746889, rec_len=25793, name_len=214
[  136.154588][ T6681] (syz-executor,6681,1):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 76
[  136.160458][ T6681] ocfs2: Unmounting device (7,3) on (node local)
[  136.406417][ T7713] loop3: detected capacity change from 0 to 4096
[  136.449860][ T7716] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  136.461176][ T7713] NILFS error (device loop3): nilfs_bmap_lookup_contig: broken bmap (inode number=12)
[  136.469374][ T7713] Remounting filesystem read-only
[  136.649940][ T7724] netlink: 4 bytes leftover after parsing attributes in process `syz.3.544'.
[  136.691923][ T7726] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  136.861420][   T33] audit: type=1326 audit(1755548788.600:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7727 comm="syz.0.547" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f596f58ebe9 code=0x7ffc0000
[  136.894224][   T33] audit: type=1326 audit(1755548788.610:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7727 comm="syz.0.547" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f596f58ebe9 code=0x7ffc0000
[  136.902234][   T33] audit: type=1326 audit(1755548788.630:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7727 comm="syz.0.547" exe="/syz-executor" sig=0 arch=c000003e syscall=61 compat=0 ip=0x7f596f58ebe9 code=0x7ffc0000
[  136.910340][   T33] audit: type=1326 audit(1755548788.630:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7727 comm="syz.0.547" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f596f58ebe9 code=0x7ffc0000
[  136.918494][   T33] audit: type=1326 audit(1755548788.630:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7727 comm="syz.0.547" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f596f58ebe9 code=0x7ffc0000
[  137.453621][ T7735] loop4: detected capacity change from 0 to 4096
[  137.464509][ T7735] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512).
[  137.727287][ T7735] ntfs3(loop4): ino=1e, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ni_find_attr
[  138.034782][ T7747] loop3: detected capacity change from 0 to 512
[  138.069477][ T7747] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e842c11c, mo2=0002]
[  138.072636][ T7747] System zones: 0-2, 18-18, 34-34
[  138.107399][ T7747] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.556: bg 0: block 248: padding at end of block bitmap is not set
[  138.169847][ T7747] Quota error (device loop3): write_blk: dquota write failed
[  138.172133][ T7747] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  138.176998][ T7747] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.556: Failed to acquire dquot type 1
[  138.184714][ T7747] EXT4-fs (loop3): 1 truncate cleaned up
[  138.191033][ T7747] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  138.216276][ T7747] ext4 filesystem being mounted at /105/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.254154][ T6681] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.308324][ T7743] loop0: detected capacity change from 0 to 32768
[  138.311710][ T7743] bcachefs (/dev/loop0): error validating superblock: Invalid superblock section disk_groups: label 0 empty
[  138.311710][ T7743] disk_groups (size 640):
[  138.311710][ T7743] [parent 0 name ] [deleted] [parent 0 name /] [parent 0 name ] [deleted] [parent 0 name ] [parent 0 name ] [parent 0 name ] [parent 0 name ] [parent 0 name ] [parent 0 name ] [parent 0 name ] [parent 0 name ]
[  138.323476][ T7743] bcachefs: bch2_fs_get_tree() error: invalid_sb_disk_groups
[  138.530702][ T7769] loop0: detected capacity change from 0 to 1024
[  138.534365][ T7769] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  138.546760][ T7761] loop3: detected capacity change from 0 to 32768
[  138.546905][ T7769] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.550549][ T7761] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.561 (7761)
[  138.569129][ T7761] BTRFS info (device loop3): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  138.573595][ T7761] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  138.577393][ T7761] BTRFS info (device loop3): using free-space-tree
[  138.759278][ T6681] BTRFS info (device loop3): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  139.402564][ T5852] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.427851][    T9] IPVS: starting estimator thread 0...
[  139.445087][ T7806] IPVS: ip_vs_add_dest(): server weight less than zero
[  139.485218][ T7811] netlink: 'syz.0.575': attribute type 10 has an invalid length.
[  139.519293][ T7811] 8021q: adding VLAN 0 to HW filter on device team0
[  139.544503][ T7807] IPVS: using max 39 ests per chain, 93600 per kthread
[  139.547457][ T7811] bond0: (slave team0): Enslaving as an active interface with an up link
[  140.323277][    T9] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  140.483999][    T9] usb 1-1: Using ep0 maxpacket: 32
[  140.522741][    T9] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  140.539805][    T9] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  140.558995][    T9] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  140.570377][    T9] usb 1-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  140.577606][    T9] usb 1-1: Product: syz
[  140.583235][    T9] usb 1-1: Manufacturer: syz
[  140.605138][    T9] hub 1-1:4.0: USB hub found
[  140.807616][    T9] hub 1-1:4.0: 2 ports detected
[  140.863268][ T7865] Illegal XDP return value 3307296228 on prog  (id 43) dev syz_tun, expect packet loss!
[  142.022296][    T9] hub 1-1:4.0: activate --> -90
[  142.054531][ T5916] kernel read not supported for file /dsp (pid: 5916 comm: kworker/1:4)
[  142.428756][    T9] usb 1-1-port2: config error
[  142.434028][  T124] usb 1-1: USB disconnect, device number 8
[  142.444436][ T7931] nbd: socks must be embedded in a SOCK_ITEM attr
[  142.451005][ T7931] block nbd0: shutting down sockets
[  142.501470][ T7934] loop4: detected capacity change from 0 to 256
[  142.833299][ T5916] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  143.001228][ T5916] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  143.006080][ T5916] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  143.010095][ T5916] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  143.013920][ T5916] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  143.022280][ T5916] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  143.027412][ T5916] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.032704][ T5916] usb 5-1: config 0 descriptor??
[  143.185383][ T7959] netlink: 'syz.0.618': attribute type 10 has an invalid length.
[  143.199944][ T7959] team0: Port device geneve1 added
[  143.282653][ T7963] netlink: 'syz.0.620': attribute type 10 has an invalid length.
[  143.286340][ T7963] batman_adv: batadv0: Adding interface: wlan0
[  143.288708][ T7963] batman_adv: batadv0: The MTU of interface wlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  143.298709][ T7963] batman_adv: batadv0: Interface activated: wlan0
[  143.449293][ T5916] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  143.452500][ T5916] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  143.455687][ T5916] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  143.458641][ T5916] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  143.461476][ T5916] plantronics 0003:047F:FFFF.0003: unknown main item tag 0x0
[  143.478617][ T5916] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  143.742591][  T124] usb 5-1: USB disconnect, device number 2
[  144.337860][ T7980] loop0: detected capacity change from 0 to 128
[  145.174317][ T7987] loop3: detected capacity change from 0 to 32768
[  145.182592][ T7987] XFS (loop3): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  145.299737][ T7987] XFS (loop3): Ending clean mount
[  145.412152][ T6681] XFS (loop3): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  146.192320][ T8012] loop3: detected capacity change from 0 to 32768
[  146.196885][ T8012] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.634 (8012)
[  146.201953][ T8018] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  146.216289][ T8018] overlayfs: failed to set xattr on upper
[  146.218385][ T8018] overlayfs: ...falling back to redirect_dir=nofollow.
[  146.220864][ T8012] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  146.225528][ T8012] BTRFS info (device loop3): using crc32c (crc32c-lib) checksum algorithm
[  146.228362][ T8012] BTRFS info (device loop3): disk space caching is enabled
[  146.230668][ T8012] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  146.298497][ T8012] BTRFS info (device loop3): rebuilding free space tree
[  146.308794][ T8012] BTRFS info (device loop3): disabling free space tree
[  146.311275][ T8012] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  146.314885][ T8012] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  146.385314][ T6681] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  146.550335][ T8043] loop0: detected capacity change from 0 to 32768
[  146.556950][ T8043] bcachefs (/dev/loop0): error validating superblock: Invalid superblock section members_v2: device 0: too many buckets (got 2251799813685376, max 2147483583)
[  146.556950][ T8043] members_v2 (size 152):
[  146.556950][ T8043] Device:                        0
[  146.556950][ T8043]   Label:                       (none)
[  146.556950][ T8043]   UUID:                        7af6772b-00de-4159-84cd-1faead05aceb
[  146.556950][ T8043]   Size:                        1073741824
[  146.556950][ T8043]   read errors:                 0
[  146.556950][ T8043]   write errors:                0
[  146.556950][ T8043]   checksum errors:             0
[  146.556950][ T8043]   seqread iops:                0
[  146.556950][ T8043]   seqwrite iops:               0
[  146.556950][ T8043]   randread iops:               0
[  146.556950][ T8043]   randwrite iops:              0
[  146.556950][ T8043]   Bucket size:                 8388608
[  146.556950][ T8043]   First bucket:                0
[  146.556950][ T8043]   Buckets:                     2251799813685376
[  146.556950][ T8043]   Last mount:                  1714681267
[  146.556950][ T8043]   Last superblock write:       42
[  146.556950][ T8043]   State:                       rw
[  146.556950][ T8043]   Data allowed:                journal,btree,user
[  146.556950][ T8043]   Has data:                    (none)
[  146.556950][ T8043]   Btree allocated bitmap blocksize:256
[  146.556950][ T8043]   Btree allocated bitmap:      00000000000000000000010000100000100110000
[  146.557103][ T8043] bcachefs: bch2_fs_get_tree() error: invalid_sb_members
[  146.813264][  T124] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  146.838727][ T8052] syz.0.648 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  146.942615][ T8058] loop0: detected capacity change from 0 to 256
[  146.945993][ T8058] exfat: Deprecated parameter 'namecase'
[  146.958445][ T8058] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e0d861, utbl_chksum : 0xe619d30d)
[  146.974126][  T124] usb 4-1: Using ep0 maxpacket: 16
[  146.977988][  T124] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  146.982001][  T124] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x33, changing to 0x3
[  146.987603][  T124] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  146.991865][  T124] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  146.996981][  T124] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  147.001309][  T124] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  147.008462][  T124] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  147.012887][  T124] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  147.016147][  T124] usb 4-1: Manufacturer: syz
[  147.020246][  T124] usb 4-1: config 0 descriptor??
[  147.119281][ T8064] netlink: 28 bytes leftover after parsing attributes in process `syz.0.654'.
[  147.213815][ T8072] netlink: 16 bytes leftover after parsing attributes in process `syz.0.658'.
[  147.246934][  T124] usb 4-1: USB disconnect, device number 3
[  147.309785][ T8079] netlink: 'syz.4.662': attribute type 12 has an invalid length.
[  147.312708][ T8079] netlink: 132 bytes leftover after parsing attributes in process `syz.4.662'.
[  147.329919][ T8079] loop4: detected capacity change from 0 to 1024
[  147.346017][ T8079] EXT4-fs: inline encryption not supported
[  147.348438][ T8079] EXT4-fs: Ignoring removed i_version option
[  147.366327][ T8079] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.838357][ T8079] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4183: comm syz.4.662: Allocating blocks 497-513 which overlap fs metadata
[  147.856449][ T8079] EXT4-fs (loop4): pa ffff888103583bc8: logic 256, phys. 385, len 8
[  147.860197][ T8079] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5434: group 0, free 0, pa_free 1
[  147.986469][ T7351] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.373950][ T8119] sg_write: process 301 (syz.3.675) changed security contexts after opening file descriptor, this is not allowed.
[  148.620095][ T8132] netlink: 40 bytes leftover after parsing attributes in process `syz.3.681'.
[  148.818683][ T8144] loop0: detected capacity change from 0 to 1024
[  148.845009][ T8144] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  148.965917][ T5852] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.075353][ T8164] usb usb1: usbfs: interface 0 claimed by hub while 'syz.4.696' sets config #0
[  149.075603][ T8163] loop3: detected capacity change from 0 to 512
[  149.081945][ T8164] usb usb1: usbfs: interface 0 claimed by hub while 'syz.4.696' sets config #1
[  149.101902][ T8163] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.697: casefold flag without casefold feature
[  149.112123][ T8163] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.697: couldn't read orphan inode 15 (err -117)
[  149.120068][ T8163] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  149.137497][ T8170] loop4: detected capacity change from 0 to 1024
[  149.148067][   T33] audit: type=1800 audit(1755548800.900:21): pid=8170 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.699" name="bus" dev="loop4" ino=25 res=0 errno=0
[  149.169456][ T6681] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.401760][ T8178] loop0: detected capacity change from 0 to 32768
[  149.407930][ T8178] (syz.0.703,8178,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  149.412798][ T8178] (syz.0.703,8178,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  149.440270][ T8178] JBD2: Ignoring recovery information on journal
[  149.469086][ T8178] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  149.480226][ T8178] (syz.0.703,8178,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x98842a5e, computed 0xe74db1cd. Applying ECC.
[  149.528775][ T8178] (syz.0.703,8178,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xdf8356d3, computed 0xb8c23ae4. Applying ECC.
[  149.533578][ T8178] (syz.0.703,8178,1):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0xdf8356d3, computed 0x2acb7e3c
[  149.537348][ T8178] (syz.0.703,8178,1):ocfs2_read_quota_phys_block:160 ERROR: status = -5
[  149.540501][ T8178] (syz.0.703,8178,1):ocfs2_quota_read:201 ERROR: status = -5
[  149.543007][ T8178] Quota error (device loop0): qtree_write_dquot: Error -5 occurred while creating quota
[  149.546558][ T8178] (syz.0.703,8178,1):ocfs2_acquire_dquot:890 ERROR: status = -5
[  149.606888][ T5852] ocfs2: Unmounting device (7,0) on (node local)
[  149.770684][ T8190] loop3: detected capacity change from 0 to 32768
[  149.781123][ T8190] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.708 (8190)
[  149.912806][ T8190] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  149.917575][ T8190] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  149.920296][ T8190] BTRFS info (device loop3): using free-space-tree
[  149.952634][ T6681] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  151.030394][ T8232] trusted_key: syz.0.718 sent an empty control message without MSG_MORE.
[  151.550102][ T8246] netlink: 12 bytes leftover after parsing attributes in process `syz.3.724'.
[  151.850757][ T8258] loop3: detected capacity change from 0 to 1024
[  151.902707][ T6923] hfsplus: b-tree write err: -5, ino 4
[  151.992848][ T8266] binder: 8265:8266 ioctl c018620c 200000000040 returned -22
[  152.824931][ T8276] loop3: detected capacity change from 0 to 131072
[  152.828713][ T8276] F2FS-fs (loop3): Wrong CP boundary, start(512) end(1536) blocks(0)
[  152.831924][ T8276] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  152.835910][ T8276] F2FS-fs (loop3): invalid crc value
[  152.893784][ T8276] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  152.900976][ T8276] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  152.903966][ T8276] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  153.391121][ T8290] loop4: detected capacity change from 0 to 32768
[  153.408723][ T8290] ERROR: (device loop4): diNewExt: no free extents
[  153.408723][ T8290] 
[  153.423290][ T8290] ERROR: (device loop4): remounting filesystem as read-only
[  153.426534][ T8290] ialloc: diAlloc returned -5!
[  153.470210][ T8294] loop0: detected capacity change from 0 to 32768
[  153.473301][ T8294] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.746 (8294)
[  153.478950][ T8294] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  153.482484][ T8294] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  153.509260][ T8294] BTRFS info (device loop0): rebuilding free space tree
[  153.516777][ T8294] BTRFS info (device loop0): disabling free space tree
[  153.519114][ T8294] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  153.522202][ T8294] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  153.626533][ T5852] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  154.361071][ T8329] loop3: detected capacity change from 0 to 1024
[  154.366765][ T8329] EXT4-fs: Ignoring removed bh option
[  154.368575][ T8329] EXT4-fs: inline encryption not supported
[  154.371156][ T8329] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  154.376986][ T8329] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c84ce018, mo2=0000]
[  154.385366][ T8329] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 2: comm syz.3.753: lblock 2 mapped to illegal pblock 2 (length 1)
[  154.391167][ T8329] Quota error (device loop3): qtree_write_dquot: dquota write failed
[  154.394354][ T8329] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm syz.3.753: lblock 0 mapped to illegal pblock 48 (length 1)
[  154.399876][ T8329] Quota error (device loop3): v2_write_file_info: Can't write info structure
[  154.402833][ T8329] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.753: Failed to acquire dquot type 0
[  154.407210][ T8329] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  154.412434][ T8329] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.753: mark_inode_dirty error
[  154.418966][ T8329] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  154.422639][ T8329] EXT4-fs (loop3): 1 orphan inode deleted
[  154.429930][ T8329] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  154.433894][ T6923] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 1: comm kworker/u9:9: lblock 1 mapped to illegal pblock 1 (length 1)
[  154.446821][ T6923] Quota error (device loop3): remove_tree: Can't read quota data block 1
[  154.449394][ T6923] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u9:9: Failed to release dquot type 0
[  154.457215][ T8334] netlink: set zone limit has 4 unknown bytes
[  154.520082][ T8329] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.523573][ T8329] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm syz.3.753: Invalid inode table block 1 in block_group 0
[  154.531923][ T8329] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  154.537348][ T8329] EXT4-fs error (device loop3): ext4_quota_off:7217: inode #3: comm syz.3.753: mark_inode_dirty error
[  154.906348][ T8353] 8021q: adding VLAN 0 to HW filter on device bond1
[  154.910865][ T8353] bond0: (slave bond1): Enslaving as an active interface with an up link
[  155.250439][ T8366] loop4: detected capacity change from 0 to 512
[  155.345319][ T8369] loop0: detected capacity change from 0 to 4096
[  155.359852][ T8369] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  155.370964][ T8369] ntfs3(loop0): Failed to load $Extend (-22).
[  155.372913][ T8369] ntfs3(loop0): Failed to initialize $Extend.
[  155.447216][ T8371] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.768'.
[  155.503272][ T5896] usb 5-1: new full-speed USB device number 3 using dummy_hcd
[  155.585787][ T8377] netlink: 'syz.0.771': attribute type 39 has an invalid length.
[  155.631274][ T8379] loop3: detected capacity change from 0 to 2048
[  155.647049][ T8379] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  155.654755][ T8379] EXT4-fs (loop3): Online resizing not supported with bigalloc
[  155.658872][ T5896] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  155.662396][ T5896] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  155.667622][ T5896] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 1024, setting to 64
[  155.672353][ T5896] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 28865, setting to 64
[  155.673699][ T6681] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.690796][ T5896] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  155.698283][ T5896] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  155.701526][ T5896] usb 5-1: Product: syz
[  155.703525][ T5896] usb 5-1: Manufacturer: syz
[  155.705402][ T5896] usb 5-1: SerialNumber: syz
[  155.711541][ T8366] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  155.718238][ T5896] cdc_mbim 5-1:1.0: skipping garbage
[  155.921496][ T8366] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  155.926396][ T8366] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  155.943295][ T1271] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  156.063346][  T124] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  156.098552][ T1271] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  156.102734][ T1271] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  156.106606][ T1271] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  156.111712][ T1271] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  156.115256][ T1271] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.121749][ T1271] usb 4-1: config 0 descriptor??
[  156.213414][  T124] usb 1-1: Using ep0 maxpacket: 32
[  156.219978][  T124] usb 1-1: config 0 has an invalid interface number: 132 but max is 0
[  156.223411][  T124] usb 1-1: config 0 has no interface number 0
[  156.225901][  T124] usb 1-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  156.234030][  T124] usb 1-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  156.237405][  T124] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  156.240518][  T124] usb 1-1: Product: syz
[  156.242247][  T124] usb 1-1: Manufacturer: syz
[  156.244270][  T124] usb 1-1: SerialNumber: syz
[  156.248400][  T124] usb 1-1: config 0 descriptor??
[  156.254135][  T124] em28xx 1-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[  156.257856][  T124] em28xx 1-1:0.132: Video interface 132 found:
[  156.532593][ T8366] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  156.539750][ T8366] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  156.542473][ T1271] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  156.658725][  T124] em28xx 1-1:0.132: unknown em28xx chip ID (0)
[  156.748758][ T5896] cdc_mbim 5-1:1.0: bind() failure
[  156.753001][ T5896] cdc_ncm 5-1:1.1: probe with driver cdc_ncm failed with error -71
[  156.755895][ T5896] cdc_mbim 5-1:1.1: probe with driver cdc_mbim failed with error -71
[  156.759088][ T5896] usbtest 5-1:1.1: probe with driver usbtest failed with error -71
[  156.765948][ T5896] usb 5-1: USB disconnect, device number 3
[  156.864002][  T124] em28xx 1-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5)
[  156.869000][  T124] em28xx 1-1:0.132: board has no eeprom
[  156.924841][  T124] em28xx 1-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[  156.927870][  T124] em28xx 1-1:0.132: analog set to bulk mode.
[  156.931359][   T10] em28xx 1-1:0.132: Registering V4L2 extension
[  156.941089][  T124] usb 1-1: USB disconnect, device number 9
[  156.946901][  T124] em28xx 1-1:0.132: Disconnecting em28xx
[  157.009324][   T10] em28xx 1-1:0.132: Config register raw data: 0xffffffed
[  157.012199][   T10] em28xx 1-1:0.132: AC97 chip type couldn't be determined
[  157.019852][   T10] em28xx 1-1:0.132: No AC97 audio processor
[  157.026797][   T10] usb 1-1: Decoder not found
[  157.028673][   T10] em28xx 1-1:0.132: failed to create media graph
[  157.031109][   T10] em28xx 1-1:0.132: V4L2 device video103 deregistered
[  157.037586][   T10] em28xx 1-1:0.132: Remote control support is not available for this card.
[  157.040833][  T124] em28xx 1-1:0.132: Closing input extension
[  157.053205][  T124] em28xx 1-1:0.132: Freeing device
[  157.823317][ T8412] loop0: detected capacity change from 0 to 4096
[  157.841826][ T8413] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  157.925483][   T33] audit: type=1800 audit(1755548809.680:22): pid=8414 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.785" name="file1" dev="loop0" ino=15 res=0 errno=0
[  158.544943][ T1271] usb 4-1: USB disconnect, device number 4
[  158.600266][ T8420] loop3: detected capacity change from 0 to 4096
[  158.614437][ T8420] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[  158.656119][ T8420] ntfs3(loop3): Failed to load $Extend (-22).
[  158.658570][ T8420] ntfs3(loop3): Failed to initialize $Extend.
[  159.422380][ T8433] loop3: detected capacity change from 0 to 1024
[  159.448408][ T8433] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  159.452681][ T8433] ext4 filesystem being mounted at /173/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  159.549702][ T6681] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  159.990756][ T8440] overlayfs: missing 'lowerdir'
[  160.394837][ T8442] loop4: detected capacity change from 0 to 4096
[  160.398959][ T8442] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512).
[  160.418241][ T8442] ntfs3(loop4): Failed to initialize $Extend/$Reparse.
[  160.420809][ T8442] ntfs3(loop4): ino=5, mi_enum_attr
[  160.500508][ T8449] loop4: detected capacity change from 0 to 64
[  160.598121][ T8455] syz.3.801: attempt to access beyond end of device
[  160.598121][ T8455] nbd3: rw=4096, sector=2, nr_sectors = 2 limit=0
[  160.603476][ T8455] EXT4-fs (nbd3): unable to read superblock
[  160.625406][ T8458] netlink: 8 bytes leftover after parsing attributes in process `syz.4.803'.
[  161.964643][ T8480] loop3: detected capacity change from 0 to 4096
[  161.975431][ T8480] NILFS (loop3): invalid segment: Checksum error in segment payload
[  161.978127][ T8480] NILFS (loop3): trying rollback from an earlier position
[  161.989925][ T8480] NILFS (loop3): recovery complete
[  161.992223][ T8481] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  162.255943][ T8483] loop3: detected capacity change from 0 to 32768
[  162.280936][ T8483] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  162.301650][ T8483] XFS (loop3): Ending clean mount
[  162.339124][ T6681] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  162.381218][ T8501] nbd: couldn't find device at index 255
[  162.556743][ T8513] loop4: detected capacity change from 0 to 1024
[  162.559346][ T8513] EXT4-fs: Ignoring removed nomblk_io_submit option
[  162.562149][ T8513] EXT4-fs: Ignoring removed nomblk_io_submit option
[  162.567170][ T8513] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  162.581692][ T8513] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.606330][ T7351] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  163.163195][ T1271] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  163.323217][ T1271] usb 4-1: Using ep0 maxpacket: 8
[  163.327557][ T1271] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  163.331814][ T1271] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89
[  163.338043][ T1271] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 7
[  163.342502][ T1271] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  163.346550][ T1271] usb 4-1: New USB device found, idVendor=0c2e, idProduct=0720, bcdDevice=9b.f7
[  163.349822][ T1271] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.356705][ T1271] usb 4-1: config 0 descriptor??
[  163.360169][ T1271] metro_usb 4-1:0.0: Metrologic USB to Serial converter detected
[  163.364282][ T1271] usb 4-1: Metrologic USB to Serial converter now attached to ttyUSB0
[  163.580273][ T5896] usb 4-1: USB disconnect, device number 5
[  163.598077][ T5896] metro-usb ttyUSB0: Metrologic USB to Serial converter now disconnected from ttyUSB0
[  163.604066][ T5896] metro_usb 4-1:0.0: device disconnected
[  164.127160][ T8545] loop3: detected capacity change from 0 to 256
[  164.435558][ T8550] loop3: detected capacity change from 0 to 1024
[  164.458529][ T4657] hfsplus: b-tree write err: -5, ino 4
[  165.083286][ T1271] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  165.133376][   T10] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[  165.233306][ T1271] usb 1-1: Using ep0 maxpacket: 8
[  165.237226][ T1271] usb 1-1: config 0 has an invalid interface number: 186 but max is 0
[  165.241226][ T1271] usb 1-1: config 0 has no interface number 0
[  165.244459][ T1271] usb 1-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  165.248676][ T1271] usb 1-1: config 0 interface 186 altsetting 0 has an endpoint descriptor with address 0x9A, changing to 0x8A
[  165.253064][ T1271] usb 1-1: config 0 interface 186 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  165.257796][ T1271] usb 1-1: config 0 interface 186 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  165.266953][ T1271] usb 1-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5
[  165.270422][ T1271] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.273895][ T1271] usb 1-1: Product: syz
[  165.275620][ T1271] usb 1-1: Manufacturer: syz
[  165.277462][ T1271] usb 1-1: SerialNumber: syz
[  165.281532][ T1271] usb 1-1: config 0 descriptor??
[  165.295861][   T10] usb 5-1: unable to get BOS descriptor or descriptor too short
[  165.299566][   T10] usb 5-1: not running at top speed; connect to a high speed hub
[  165.304897][   T10] usb 5-1: config 1 has an invalid descriptor of length 157, skipping remainder of the config
[  165.308896][   T10] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  165.312326][   T10] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  165.326016][   T10] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  165.329739][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.332845][   T10] usb 5-1: SerialNumber: syz
[  165.493083][ T1271] iowarrior 1-1:0.186: IOWarrior product=0x1505, serial= interface=186 now attached to iowarrior0
[  165.549095][   T10] cdc_ncm 5-1:1.0: invalid descriptor buffer length
[  165.551803][   T10] cdc_ncm 5-1:1.0: CDC Union missing and no IAD found
[  165.563248][   T10] cdc_ncm 5-1:1.0: bind() failure
[  165.568999][   T10] usb 5-1: USB disconnect, device number 4
[  165.584646][ T8601] loop3: detected capacity change from 0 to 512
[  165.599612][ T8601] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.605437][ T8601] ext4 filesystem being mounted at /196/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  165.634288][ T6681] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.703771][ T1271] usb 1-1: USB disconnect, device number 10
[  165.953438][  T124] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  166.103498][  T124] usb 4-1: Using ep0 maxpacket: 8
[  166.113335][  T124] usb 4-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=dc.00
[  166.123464][  T124] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.126640][  T124] usb 4-1: Product: syz
[  166.128320][  T124] usb 4-1: Manufacturer: syz
[  166.130156][  T124] usb 4-1: SerialNumber: syz
[  166.136834][  T124] usb 4-1: config 0 descriptor??
[  166.141711][  T124] radio-usb-si4713 4-1:0.0: Si4713 development board discovered: (10C4:8244)
[  166.350248][ T8621] loop4: detected capacity change from 0 to 512
[  166.389749][ T8621] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  166.394905][ T8621] ext4 filesystem being mounted at /140/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  166.619730][ T8618] loop0: detected capacity change from 0 to 32768
[  166.632810][ T8618] (syz.0.867,8618,0):ocfs2_read_blocks_sync:112 ERROR: status = -12
[  166.636567][ T8618] (syz.0.867,8618,0):ocfs2_read_locked_inode:597 ERROR: status = -12
[  166.640445][ T8618] (syz.0.867,8618,1):_ocfs2_get_system_file_inode:144 ERROR: status = -12
[  166.646113][ T8618] (syz.0.867,8618,1):ocfs2_init_local_system_inodes:496 ERROR: status=-22, sysfile=8, slot=0
[  166.650378][ T8618] (syz.0.867,8618,1):ocfs2_init_local_system_inodes:505 ERROR: status = -22
[  166.655888][ T8618] (syz.0.867,8618,1):ocfs2_mount_volume:1758 ERROR: status = -22
[  166.667207][ T8618] (syz.0.867,8618,1):ocfs2_fill_super:1177 ERROR: status = -22
[  167.079251][  T124] radio-usb-si4713 4-1:0.0: probe with driver radio-usb-si4713 failed with error -71
[  167.084892][  T124] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  167.094884][  T124] usb 4-1: USB disconnect, device number 6
[  167.266394][ T8630] loop0: detected capacity change from 0 to 128
[  167.274950][ T8630] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  167.284071][ T8630] ext4 filesystem being mounted at /272/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  167.292514][ T7351] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.352270][ T5852] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  167.376282][ T8633] netlink: 8 bytes leftover after parsing attributes in process `syz.4.870'.
[  167.679522][ T8637] loop0: detected capacity change from 0 to 32768
[  168.253272][ T5914] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  168.415264][ T5914] usb 1-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  168.419363][ T5914] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  168.426793][ T5914] usb 1-1: config 0 descriptor??
[  168.441934][ T8670] loop3: detected capacity change from 0 to 16
[  168.448091][ T8670] erofs (device loop3): mounted with root inode @ nid 36.
[  168.550071][ T8674] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input7
[  168.678915][ T8683] netlink: 'syz.4.889': attribute type 4 has an invalid length.
[  169.000602][ T8691] loop3: detected capacity change from 0 to 32768
[  169.004355][ T8691] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.893 (8691)
[  169.011354][ T8691] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  169.015347][ T8691] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  169.018544][ T8691] BTRFS info (device loop3): using free-space-tree
[  169.049158][ T5914] usb 1-1: Cannot set autoneg
[  169.051314][ T5914] MOSCHIP usb-ethernet driver 1-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  169.059158][ T5914] usb 1-1: USB disconnect, device number 11
[  169.085151][ T6681] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  169.221557][ T8711] loop3: detected capacity change from 0 to 256
[  169.231047][ T8711] exFAT-fs (loop3): failed to load upcase table (idx : 0x0001034b, chksum : 0x6322ccb6, utbl_chksum : 0xe619d30d)
[  169.355674][ T8714] loop3: detected capacity change from 0 to 4096
[  169.645764][ T8716] loop4: detected capacity change from 0 to 32768
[  169.654904][ T8716] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  169.675350][ T8716] XFS (loop4): Ending clean mount
[  169.679179][ T8716] XFS (loop4): Quotacheck needed: Please wait.
[  169.702109][ T8716] XFS (loop4): Quotacheck: Done.
[  169.726887][ T7351] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  170.336478][ T8747] loop0: detected capacity change from 0 to 512
[  170.340023][ T8747] EXT4-fs: Ignoring removed nomblk_io_submit option
[  170.356064][ T8747] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  170.359613][ T8747] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2
[  170.365403][ T8747] EXT4-fs (loop0): 1 truncate cleaned up
[  170.368480][ T8747] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  170.401099][ T5852] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  170.488961][ T8754] loop0: detected capacity change from 0 to 512
[  170.492226][ T8754] msdos: Bad value for 'time_offset'
[  170.552768][ T8758] tmpfs: Bad value for 'size'
[  170.657443][ T8764] loop3: detected capacity change from 0 to 1024
[  170.669652][ T8764] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  170.867824][ T8771] input: syz0 as /devices/virtual/input/input8
[  171.268476][ T8797] GUP no longer grows the stack in syz.4.926 (8797): 200000005000-200000008000 (200000004000)
[  171.272203][ T8797] CPU: 1 UID: 0 PID: 8797 Comm: syz.4.926 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  171.272224][ T8797] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  171.272233][ T8797] Call Trace:
[  171.272240][ T8797]  <TASK>
[  171.272246][ T8797]  dump_stack_lvl+0x189/0x250
[  171.272270][ T8797]  ? __pfx_dump_stack_lvl+0x10/0x10
[  171.272287][ T8797]  ? __pfx__printk+0x10/0x10
[  171.272305][ T8797]  ? find_vma+0xe7/0x160
[  171.272334][ T8797]  fixup_user_fault+0x661/0x720
[  171.272357][ T8797]  fault_in_user_writeable+0x72/0xe0
[  171.272373][ T8797]  futex_lock_pi+0x773/0xa90
[  171.272401][ T8797]  ? __pfx_futex_lock_pi+0x10/0x10
[  171.272444][ T8797]  ? __pfx_futex_wake_mark+0x10/0x10
[  171.272477][ T8797]  ? __pfx_userfaultfd_unmap_complete+0x10/0x10
[  171.272504][ T8797]  do_futex+0x292/0x420
[  171.272525][ T8797]  ? __pfx_do_futex+0x10/0x10
[  171.272543][ T8797]  ? __vm_munmap+0x301/0x3d0
[  171.272565][ T8797]  __se_sys_futex+0x36f/0x400
[  171.272587][ T8797]  ? __pfx___se_sys_futex+0x10/0x10
[  171.272606][ T8797]  ? rcu_is_watching+0x15/0xb0
[  171.272622][ T8797]  ? __x64_sys_futex+0x21/0xf0
[  171.272639][ T8797]  do_syscall_64+0xfa/0x3b0
[  171.272668][ T8797]  ? lockdep_hardirqs_on+0x9c/0x150
[  171.272687][ T8797]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.272702][ T8797]  ? exc_page_fault+0x9f/0xf0
[  171.272723][ T8797]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  171.272768][ T8797] RIP: 0033:0x7f7748d8ebe9
[  171.272783][ T8797] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  171.272796][ T8797] RSP: 002b:00007f7749c97038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  171.272812][ T8797] RAX: ffffffffffffffda RBX: 00007f7748fb5fa0 RCX: 00007f7748d8ebe9
[  171.272824][ T8797] RDX: 00000000fffffffd RSI: 000000000000008d RDI: 0000200000004000
[  171.272834][ T8797] RBP: 00007f7748e11e19 R08: 0000000000000000 R09: 0000000000000000
[  171.272844][ T8797] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  171.272853][ T8797] R13: 00007f7748fb6038 R14: 00007f7748fb5fa0 R15: 00007ffcb44c4df8
[  171.272876][ T8797]  </TASK>
[  171.637495][ T8824] loop3: detected capacity change from 0 to 128
[  171.663891][   T10] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  171.843275][   T10] usb 5-1: Using ep0 maxpacket: 32
[  171.848067][   T10] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  171.851938][   T10] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x32, changing to 0x2
[  171.856117][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid maxpacket 108, setting to 64
[  171.859827][   T10] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  171.918290][   T10] usb 5-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16
[  171.926811][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  171.933190][   T10] usb 5-1: Product: syz
[  171.935571][   T10] usb 5-1: Manufacturer: syz
[  171.937593][   T10] usb 5-1: SerialNumber: syz
[  171.973950][   T10] usb 5-1: config 0 descriptor??
[  172.090477][   T10] usb 5-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  172.199041][ T5875] usb 5-1: Failed to submit usb control message: -71
[  172.199346][   T10] usb 5-1: USB disconnect, device number 5
[  172.202304][ T5875] usb 5-1: unable to send the bmi data to the device: -71
[  172.202344][ T5875] usb 5-1: unable to get target info from device
[  172.202356][ T5875] usb 5-1: could not get target info (-71)
[  172.202639][ T5875] usb 5-1: could not probe fw (-71)
[  172.695290][ T8839] 9pnet_fd: Insufficient options for proto=fd
[  172.708991][ T8839] lo speed is unknown, defaulting to 1000
[  172.711862][ T8839] lo speed is unknown, defaulting to 1000
[  172.727936][ T8839] lo speed is unknown, defaulting to 1000
[  172.756580][ T8839] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  172.801825][ T8839] infiniband 3yz0: RDMA CMA: cma_listen_on_dev, error -98
[  172.892207][ T8840] loop0: detected capacity change from 0 to 16
[  172.896408][ T8840] erofs: Unknown parameter 'K،jxIE'
[  172.938880][ T8839] lo speed is unknown, defaulting to 1000
[  172.946026][ T8839] lo speed is unknown, defaulting to 1000
[  172.949007][ T8839] lo speed is unknown, defaulting to 1000
[  173.139176][ T8853] netlink: 16 bytes leftover after parsing attributes in process `syz.3.949'.
[  173.307123][ T8855] loop4: detected capacity change from 0 to 32768
[  173.345793][ T8855] (syz.4.950,8855,1):ocfs2_read_blocks:239 ERROR: status = -12
[  173.348981][ T8855] (syz.4.950,8855,1):ocfs2_read_virt_blocks:1029 ERROR: status = -12
[  173.352153][ T8855] (syz.4.950,8855,1):ocfs2_read_dir_block:511 ERROR: status = -12
[  173.355421][ T8855] (syz.4.950,8855,1):ocfs2_read_blocks:239 ERROR: status = -12
[  173.358328][ T8855] (syz.4.950,8855,1):ocfs2_read_virt_blocks:1029 ERROR: status = -12
[  173.361424][ T8855] (syz.4.950,8855,1):ocfs2_read_dir_block:511 ERROR: status = -12
[  173.370029][ T8855] (syz.4.950,8855,1):ocfs2_read_blocks:239 ERROR: status = -12
[  173.374362][ T8855] (syz.4.950,8855,1):ocfs2_read_virt_blocks:1029 ERROR: status = -12
[  173.377460][ T8855] (syz.4.950,8855,1):ocfs2_read_dir_block:511 ERROR: status = -12
[  173.380619][ T8855] (syz.4.950,8855,1):ocfs2_init_global_system_inodes:465 ERROR: status = -22
[  173.384085][ T8855] (syz.4.950,8855,1):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 1, possibly corrupt fs?
[  173.384108][ T8855] (syz.4.950,8855,1):ocfs2_init_global_system_inodes:476 ERROR: status = -22
[  173.391881][ T8855] (syz.4.950,8855,1):ocfs2_initialize_super:2198 ERROR: status = -22
[  173.395157][ T8855] (syz.4.950,8855,1):ocfs2_fill_super:1177 ERROR: status = -22
[  173.599254][ T8880] netlink: 'syz.4.961': attribute type 10 has an invalid length.
[  173.615500][ T8882] loop3: detected capacity change from 0 to 128
[  173.619339][ T8882] ufs: You didn't specify the type of your ufs filesystem
[  173.619339][ T8882] 
[  173.619339][ T8882] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  173.619339][ T8882] 
[  173.619339][ T8882] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  173.637928][ T8882] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2
[  173.642935][ T8880] 8021q: adding VLAN 0 to HW filter on device team0
[  173.647862][ T8880] bond0: (slave team0): Enslaving as an active interface with an up link
[  173.993298][   T10] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  174.033266][ T5914] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  174.153307][   T10] usb 4-1: Using ep0 maxpacket: 16
[  174.157272][   T10] usb 4-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4
[  174.160857][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.166460][   T10] usb 4-1: config 0 descriptor??
[  174.173581][   T10] gspca_main: sonixj-2.14.0 probing 0471:0327
[  174.196971][ T5914] usb 1-1: unable to get BOS descriptor or descriptor too short
[  174.205663][ T5914] usb 1-1: config 8 has an invalid interface number: 43 but max is 0
[  174.208839][ T5914] usb 1-1: config 8 has no interface number 0
[  174.210962][ T5914] usb 1-1: config 8 interface 43 altsetting 255 bulk endpoint 0x4 has invalid maxpacket 64
[  174.214236][ T5914] usb 1-1: config 8 interface 43 has no altsetting 0
[  174.219065][ T5914] usb 1-1: New USB device found, idVendor=0582, idProduct=935b, bcdDevice=be.6c
[  174.222138][ T5914] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  174.225609][ T5914] usb 1-1: Product: syz
[  174.227505][ T5914] usb 1-1: Manufacturer: syz
[  174.229031][ T5914] usb 1-1: SerialNumber: syz
[  174.235237][ T8896] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  174.432168][ T8908] netlink: 4 bytes leftover after parsing attributes in process `syz.4.975'.
[  174.510735][ T5914] usb 1-1: USB disconnect, device number 12
[  174.617430][ T8910] loop4: detected capacity change from 0 to 256
[  174.626079][ T8910] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  174.680169][ T8912] netlink: 'syz.4.977': attribute type 66 has an invalid length.
[  174.723021][ T8914] loop4: detected capacity change from 0 to 128
[  175.227024][   T10] usb 4-1: USB disconnect, device number 7
[  175.445020][ T8925] netlink: 'syz.0.982': attribute type 1 has an invalid length.
[  175.448163][ T8925] netlink: 'syz.0.982': attribute type 1 has an invalid length.
[  175.450702][ T8925] netlink: 'syz.0.982': attribute type 1 has an invalid length.
[  175.454725][ T8925] block nbd0: shutting down sockets
[  175.726375][ T8938] loop4: detected capacity change from 0 to 16
[  175.729473][ T8938] erofs (device loop4): EXPERIMENTAL 48-bit layout support in use. Use at your own risk!
[  175.733037][ T8938] erofs (device loop4): EXPERIMENTAL metadata compression support in use. Use at your own risk!
[  175.738107][ T8938] erofs (device loop4): bogus i_mode (0) @ nid 916717819658240
[  175.951870][ T8946] loop4: detected capacity change from 0 to 4096
[  175.962582][ T8946] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  176.002195][ T8946] EXT4-fs error (device loop4): ext4_get_first_dir_block:3553: inode #12: block 80: comm syz.4.992: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=6, rec_len=0, size=4096 fake=0
[  176.014703][ T8946] EXT4-fs error (device loop4): ext4_get_first_dir_block:3556: inode #12: comm syz.4.992: directory missing '..'
[  176.047579][ T7351] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.175732][ T8952] loop0: detected capacity change from 0 to 256
[  176.584279][ T8954] loop0: detected capacity change from 0 to 32768
[  176.614793][ T8954] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  176.662331][ T8954] XFS (loop0): Ending clean mount
[  176.673999][ T8954] XFS (loop0): Quotacheck needed: Please wait.
[  176.741837][ T8954] XFS (loop0): Quotacheck: Done.
[  176.763033][ T8960] loop4: detected capacity change from 0 to 32768
[  176.766993][ T8960] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.998 (8960)
[  176.787132][ T8960] BTRFS info (device loop4): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  176.794508][ T8960] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  176.798283][ T8960] BTRFS info (device loop4): using free-space-tree
[  176.855418][ T5852] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  177.078997][ T7351] BTRFS info (device loop4): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  177.111074][ T8993] netlink: 'syz.0.1003': attribute type 2 has an invalid length.
[  177.115055][ T8993] netlink: 1184 bytes leftover after parsing attributes in process `syz.0.1003'.
[  177.115940][ T8985] loop3: detected capacity change from 0 to 32768
[  177.160264][ T8985] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  177.227212][ T8985] XFS (loop3): Ending clean mount
[  177.238866][ T8985] XFS (loop3): Quotacheck needed: Please wait.
[  177.278570][ T8985] XFS (loop3): Quotacheck: Done.
[  177.357817][ T6681] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  177.422145][ T9011] loop4: detected capacity change from 0 to 128
[  177.544431][ T9016] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  177.662211][ T9024] netlink: 648 bytes leftover after parsing attributes in process `syz.4.1015'.
[  177.736705][ T9013] loop0: detected capacity change from 0 to 32768
[  177.747469][ T9013] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  177.764759][ T9013] XFS (loop0): Ending clean mount
[  177.805305][ T5852] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  178.107987][ T9057] loop0: detected capacity change from 0 to 1024
[  178.110545][ T9057] EXT4-fs: Ignoring removed orlov option
[  178.112704][ T9057] EXT4-fs (loop0): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  178.226467][ T9057] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  178.849225][ T9070] loop3: detected capacity change from 0 to 1024
[  178.867097][ T9070] hfsplus: unable to load nls mapping ""
[  179.005012][ T5852] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.125915][ T9091] netlink: 'syz.0.1039': attribute type 3 has an invalid length.
[  179.128226][ T9091] netlink: 716 bytes leftover after parsing attributes in process `syz.0.1039'.
[  179.362744][ T9114] overlayfs: failed to decode file handle (len=6, type=251, flags=0, err=-22)
[  179.393286][ T5896] usb 4-1: new full-speed USB device number 8 using dummy_hcd
[  179.509938][ T9122] loop0: detected capacity change from 0 to 256
[  179.514600][ T9122] exfat: Deprecated parameter 'namecase'
[  179.516922][ T9122] exfat: Deprecated parameter 'utf8'
[  179.525094][ T9122] exFAT-fs (loop0): failed to load upcase table (idx : 0x0001ff53, chksum : 0xd72bb7d8, utbl_chksum : 0xe619d30d)
[  179.544625][ T5896] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  179.548003][ T5896] usb 4-1: New USB device found, idVendor=056e, idProduct=00e6, bcdDevice= 0.00
[  179.551357][ T5896] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  179.560300][ T5896] usb 4-1: config 0 descriptor??
[  179.589984][ T9124] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1054'.
[  179.829240][ T9126] loop0: detected capacity change from 0 to 32768
[  179.832816][ T9126] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1055 (9126)
[  179.839980][ T9126] BTRFS info (device loop0): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  179.843955][ T9126] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[  179.847380][ T9126] BTRFS info (device loop0): disk space caching is enabled
[  179.849975][ T9126] BTRFS warning (device loop0): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  179.889781][ T9126] BTRFS info (device loop0): rebuilding free space tree
[  179.902165][ T9126] BTRFS info (device loop0): disabling free space tree
[  179.905086][ T9126] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  179.908909][ T9126] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  179.958566][ T5852] BTRFS info (device loop0): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  179.967785][ T5896] hid (null): unknown global tag 0xe
[  179.973983][ T5896] elecom 0003:056E:00E6.0005: unknown main item tag 0x7
[  179.977436][ T5896] elecom 0003:056E:00E6.0005: unknown global tag 0xe
[  179.996800][ T5896] elecom 0003:056E:00E6.0005: item 0 0 1 14 parsing failed
[  180.000606][ T5896] elecom 0003:056E:00E6.0005: probe with driver elecom failed with error -22
[  180.150691][ T9145] netlink: 'syz.0.1057': attribute type 1 has an invalid length.
[  180.171942][ T5914] usb 4-1: USB disconnect, device number 8
[  180.221227][ T9149] netlink: 'syz.4.1059': attribute type 1 has an invalid length.
[  180.224517][ T9149] netlink: 'syz.4.1059': attribute type 2 has an invalid length.
[  180.251274][ T9152] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1060'.
[  180.257290][ T9152] netlink: 'syz.4.1060': attribute type 6 has an invalid length.
[  180.263502][ T9152] netlink: 'syz.4.1060': attribute type 5 has an invalid length.
[  180.266680][ T9152] netlink: 'syz.4.1060': attribute type 4 has an invalid length.
[  180.544172][   T10] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  180.694674][   T10] usb 5-1: Using ep0 maxpacket: 16
[  180.701567][   T10] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 65, using maximum allowed: 30
[  180.706935][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  180.710922][   T10] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 65
[  180.716359][   T10] usb 5-1: New USB device found, idVendor=1e71, idProduct=2006, bcdDevice= 0.00
[  180.719901][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.727269][   T10] usb 5-1: config 0 descriptor??
[  180.760280][ T9156] loop3: detected capacity change from 0 to 4096
[  181.166405][   T10] nzxt-smart2 0003:1E71:2006.0006: item fetching failed at offset 10/11
[  181.170391][   T10] nzxt-smart2 0003:1E71:2006.0006: probe with driver nzxt-smart2 failed with error -22
[  181.357054][   T10] usb 5-1: USB disconnect, device number 6
[  181.562304][ T9179] loop3: detected capacity change from 0 to 32768
[  181.590626][ T9179] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  181.608215][ T9190] loop0: detected capacity change from 0 to 1024
[  181.646933][ T9179] XFS (loop3): Ending clean mount
[  181.651107][ T9179] XFS (loop3): Quotacheck needed: Please wait.
[  181.656385][ T9190] hfsplus: can't free extent
[  181.687114][ T9179] XFS (loop3): Quotacheck: Done.
[  181.727733][ T9195] loop0: detected capacity change from 0 to 2048
[  181.744538][ T9196] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  181.761784][ T6681] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  181.762065][   T33] audit: type=1800 audit(1755548833.510:23): pid=9195 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1077" name="file1" dev="loop0" ino=15 res=0 errno=0
[  181.915563][ T9196] NILFS (loop0): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  181.919229][ T9196] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=4)
[  182.032962][ T9196] Remounting filesystem read-only
[  182.052092][ T5852] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer
[  182.218590][ T9221] loop3: detected capacity change from 0 to 256
[  182.226822][ T9221] exfat: Deprecated parameter 'utf8'
[  182.229166][ T9221] exfat: Deprecated parameter 'utf8'
[  182.278630][ T9221] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x7bac8b1f, utbl_chksum : 0xe619d30d)
[  182.481839][ T9219] loop0: detected capacity change from 0 to 32768
[  182.487523][ T9219] 
[  182.487523][ T9219]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  182.487523][ T9219] 
[  182.506013][ T9219] find_entry called with index = 0
[  182.508995][ T9219] read_mapping_page failed!
[  182.510477][ T9219] ERROR: (device loop0): txCommit: 
[  182.510477][ T9219] 
[  182.517523][ T9219] jfs_unlink: dtDelete returned -116
[  182.521722][ T9219] jfs_unlink: dtDelete returned -116
[  182.547412][   T70] ERROR: (device loop0): diWrite: ixpxd invalid
[  182.547412][   T70] 
[  182.550976][   T70] ERROR: (device loop0): txCommit: 
[  182.550976][   T70] 
[  182.555084][   T70] jfs_write_inode: jfs_commit_inode failed!
[  182.557551][ T5852] 
[  182.557551][ T5852]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  182.557551][ T5852] 
[  182.561012][ T5852] 
[  182.561012][ T5852]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  182.561012][ T5852] 
[  182.698720][ T9226] loop0: detected capacity change from 0 to 4096
[  182.920209][ T9236] netlink: 'syz.0.1091': attribute type 4 has an invalid length.
[  182.930193][ T9236] netlink: 'syz.0.1091': attribute type 4 has an invalid length.
[  182.942606][ T5914] lo speed is unknown, defaulting to 1000
[  182.948808][ T5914] 3yz0: Port: 1 Link ACTIVE
[  182.976675][ T9238] loop3: detected capacity change from 0 to 512
[  182.979765][ T9238] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  183.022893][ T9238] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1128: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  183.029911][ T9238] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.1092: bg 0: block 248: padding at end of block bitmap is not set
[  183.037105][ T9238] Quota error (device loop3): write_blk: dquota write failed
[  183.040097][ T9238] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  183.048482][ T9238] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1092: Failed to acquire dquot type 1
[  183.052663][ T9238] EXT4-fs (loop3): 1 truncate cleaned up
[  183.056416][ T9238] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  183.095093][ T6681] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  183.136816][ T9252] loop0: detected capacity change from 0 to 256
[  183.155202][ T9252] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6e84b2e, utbl_chksum : 0xe619d30d)
[  183.310486][ T9267] tipc: Started in network mode
[  183.312432][ T9267] tipc: Node identity fe80000000000000000000000000001, cluster identity 4711
[  183.324738][ T9267] tipc: Enabled bearer <udp:syz0>, priority 10
[  183.387286][ T9277] loop4: detected capacity change from 0 to 1024
[  183.713264][ T5896] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[  183.891655][ T5896] usb 4-1: config 0 has an invalid interface number: 113 but max is 0
[  183.902348][ T5896] usb 4-1: config 0 has no interface number 0
[  183.910425][ T5896] usb 4-1: config 0 interface 113 has no altsetting 0
[  183.960177][ T5896] usb 4-1: New USB device found, idVendor=054c, idProduct=02e1, bcdDevice=e2.c8
[  183.977888][ T5896] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.981122][ T5896] usb 4-1: Product: syz
[  183.982953][ T5896] usb 4-1: Manufacturer: syz
[  183.986440][ T5896] usb 4-1: SerialNumber: syz
[  183.990943][ T5896] usb 4-1: config 0 descriptor??
[  184.033247][   T10] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  184.187961][   T10] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  184.192020][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  184.196348][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  184.199582][    C1] usb 4-1: NFC: Urb failure (status -71)
[  184.205330][    C1] usb 4-1: NFC: Urb failure (status -71)
[  184.207908][   T10] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  184.209859][ T5896] usb 4-1: NFC: Unable to get FW version
[  184.216486][   T10] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  184.219911][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.224267][   T10] usb 5-1: config 0 descriptor??
[  184.229191][ T5896] pn533_usb 4-1:0.113: probe with driver pn533_usb failed with error -71
[  184.237391][ T5896] usb 4-1: USB disconnect, device number 9
[  184.398083][   T33] audit: type=1326 audit(1755548836.150:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9284 comm="syz.0.1113" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f596f58ebe9 code=0x7ffc0000
[  184.406845][   T33] audit: type=1326 audit(1755548836.150:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9284 comm="syz.0.1113" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f596f58ebe9 code=0x7ffc0000
[  184.415592][   T33] audit: type=1326 audit(1755548836.150:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9284 comm="syz.0.1113" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f596f58ebe9 code=0x7ffc0000
[  184.424801][   T33] audit: type=1326 audit(1755548836.150:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9284 comm="syz.0.1113" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f596f58ebe9 code=0x7ffc0000
[  184.434879][   T33] audit: type=1326 audit(1755548836.150:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9284 comm="syz.0.1113" exe="/syz-executor" sig=0 arch=c000003e syscall=50 compat=0 ip=0x7f596f58ebe9 code=0x7ffc0000
[  184.448604][   T33] audit: type=1326 audit(1755548836.150:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9284 comm="syz.0.1113" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f596f58ebe9 code=0x7ffc0000
[  184.451069][ T5914] tipc: Node number set to 4269801488
[  184.462260][   T33] audit: type=1326 audit(1755548836.150:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9284 comm="syz.0.1113" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f596f58ebe9 code=0x7ffc0000
[  184.668497][   T10] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  184.908693][ T9295] loop3: detected capacity change from 0 to 512
[  184.914620][ T9295] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  184.942613][ T9295] EXT4-fs (loop3): 1 truncate cleaned up
[  184.946407][ T9295] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  185.019204][ T9295] EXT4-fs (loop3): shut down requested (0)
[  185.088408][ T6681] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.408922][ T9302] loop3: detected capacity change from 0 to 40427
[  185.412845][ T9302] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  185.416296][ T9302] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  185.491598][ T9302] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  185.501124][ T9302] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  185.504835][ T9302] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  185.699058][ T9308] loop0: detected capacity change from 0 to 32768
[  185.701848][ T9308] XFS: ikeep mount option is deprecated.
[  185.752639][ T9308] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  185.794644][ T9308] XFS (loop0): Ending clean mount
[  185.799572][ T9308] XFS (loop0): Quotacheck needed: Please wait.
[  185.838354][ T9308] XFS (loop0): Quotacheck: Done.
[  185.943743][ T9320] loop3: detected capacity change from 0 to 64
[  185.962981][   T54] Bluetooth: hci1: unexpected cc 0x0402 length: 61 > 1
[  185.966219][   T54] Bluetooth: hci1: Ignoring error of Inquiry Cancel command
[  185.968556][   T54] Bluetooth: hci1: unexpected event for opcode 0x0402
[  186.161450][ T9324] autofs: Unknown parameter '0x0000000000000000'
[  186.684631][ T5852] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  187.007906][ T1271] usb 5-1: USB disconnect, device number 7
[  187.050519][ T9336] loop4: detected capacity change from 0 to 32768
[  187.059816][ T9336] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  187.086345][ T9336] XFS (loop4): Ending clean mount
[  187.127750][ T7351] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  187.134541][   T51] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  187.296905][   T51] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  187.305730][   T51] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  187.309481][   T51] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84
[  187.314136][   T51] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  187.320345][   T51] usb 4-1: New USB device found, idVendor=0bfd, idProduct=010c, bcdDevice=2d.16
[  187.325856][   T51] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  187.328962][   T51] usb 4-1: Product: syz
[  187.330587][   T51] usb 4-1: Manufacturer: syz
[  187.333252][   T51] usb 4-1: SerialNumber: syz
[  187.338902][   T51] usb 4-1: config 0 descriptor??
[  187.344460][   T51] kvaser_usb 4-1:0.0: error -ENODEV: Cannot get usb endpoint(s)
[  187.374959][ T9362] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  187.556113][ T1271] usb 4-1: USB disconnect, device number 10
[  188.366702][ T9384] loop3: detected capacity change from 0 to 32768
[  188.371449][ T9384] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1146 (9384)
[  188.377328][ T9384] BTRFS info (device loop3 state S): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  188.380917][ T9384] BTRFS info (device loop3 state S): using blake2b (blake2b-256-generic) checksum algorithm
[  188.384213][ T9384] BTRFS info (device loop3 state S): using free-space-tree
[  188.394139][ T4657] BTRFS warning (device loop3 state S): checksum verify failed on logical 5332992 mirror 1 wanted 0xb929531db417ae5491593d99afe1510df15bdaa63fb6603d26a93ec9245f098d found 0x8883588ed640b7a5f22f0afabea3add9399913a6417ca0e34e9d294b2a9d89c6 level 0, ignored
[  188.404893][   T70] BTRFS warning (device loop3 state S): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xb0a94d7ee065037a65389cfe9114fa45a636cde09d54bd2302c1c963c1dcf690 level 0, ignored
[  188.423781][   T70] page: refcount:3 mapcount:0 mapping:ffff8881131beda0 index:0x517 pfn:0x11eb1b
[  188.431578][   T70] memcg:ffff88811af68000
[  188.434298][   T70] aops:btree_aops ino:1
[  188.437225][   T70] flags: 0x57ff00000004000(private|node=1|zone=2|lastcpupid=0x7ff)
[  188.442740][   T70] raw: 057ff00000004000 0000000000000000 dead000000000122 ffff8881131beda0
[  188.447987][   T70] raw: 0000000000000517 ffff88803efef2c0 00000003ffffffff ffff88811af68000
[  188.451956][   T70] page dumped because: eb page dump
[  188.454772][   T70] page_owner tracks the page as allocated
[  188.456704][   T70] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x8c40(GFP_NOFS|__GFP_NOFAIL), pid 9384, tgid 9383 (syz.3.1146), ts 188404734877, free_ts 188403941191
[  188.462167][   T70]  post_alloc_hook+0x240/0x2a0
[  188.463972][   T70]  get_page_from_freelist+0x21e4/0x22c0
[  188.465778][   T70]  __alloc_frozen_pages_noprof+0x181/0x370
[  188.467672][   T70]  alloc_pages_bulk_noprof+0x560/0x710
[  188.469573][   T70]  alloc_eb_folio_array+0xfc/0x4a0
[  188.471417][   T70]  alloc_extent_buffer+0x38c/0x2a40
[  188.474080][   T70]  read_tree_root_path+0x283/0xae0
[  188.475810][   T70]  load_global_roots_objectid+0x42f/0xba0
[  188.477714][   T70]  init_tree_roots+0xb4f/0x1ff0
[  188.479591][   T70]  open_ctree+0x1b2f/0x3a10
[  188.481125][   T70]  btrfs_get_tree+0xf55/0x1820
[  188.482757][   T70]  vfs_get_tree+0x92/0x2b0
[  188.484245][   T70]  do_new_mount+0x2a2/0x9e0
[  188.485765][   T70]  __se_sys_mount+0x317/0x410
[  188.487503][   T70]  do_syscall_64+0xfa/0x3b0
[  188.489343][   T70]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  188.491501][   T70] page last free pid 9370 tgid 9370 stack trace:
[  188.494074][   T70]  __free_frozen_pages+0xbc4/0xd30
[  188.496160][   T70]  rcu_core+0xcab/0x1770
[  188.497849][   T70]  handle_softirqs+0x286/0x870
[  188.499870][   T70]  __irq_exit_rcu+0xca/0x1f0
[  188.501719][   T70]  irq_exit_rcu+0x9/0x30
[  188.503521][   T70]  sysvec_apic_timer_interrupt+0xa6/0xc0
[  188.505377][   T70]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  188.509743][   T70] BTRFS critical (device loop3 state S): corrupt leaf: root=2 block=5337088 slot=6, bad key order, prev (4300255232 169 0) current (5292032 169 0)
[  188.514888][   T70] BTRFS error (device loop3 state S): read time tree block corruption detected on logical 5337088 mirror 1
[  188.520511][ T9384] BTRFS error (device loop3 state S): failed to load root extent
[  188.524610][   T27] BTRFS warning (device loop3 state CS): checksum verify failed on logical 5341184 mirror 1 wanted 0x000000000000a5dfc01f4c277f0b81815915cb99da5074f609a3f7f617cf284a found 0xc53d3c5bb04ba5dfc01f4c277f0b81815915cb99da5074f609a3f7f617cf284a level 0, ignored
[  188.534866][ T9384] BTRFS warning (device loop3 state CS): mismatching generation and generation_v2 found in root item. This root was probably mounted with an older kernel. Resetting all new fields.
[  188.544636][   T70] BTRFS error (device loop3 state CS): parent transid verify failed on logical 5292032 mirror 1 wanted 2 found 5
[  188.582852][ T6681] BTRFS info (device loop3 state CS): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  188.800674][ T9403] loop3: detected capacity change from 0 to 16
[  188.808143][ T9403] erofs (device loop3): mounted with root inode @ nid 36.
[  188.838963][   T33] kauditd_printk_skb: 3 callbacks suppressed
[  188.838972][   T33] audit: type=1800 audit(1755548840.590:34): pid=9403 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1147" name="file1" dev="loop3" ino=86 res=0 errno=0
[  189.099189][ T9419] loop0: detected capacity change from 0 to 256
[  189.118838][ T9419] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  189.123260][ T9419] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  189.129890][ T9419] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  189.206504][ T9427] loop0: detected capacity change from 0 to 256
[  189.213023][ T9429] loop3: detected capacity change from 0 to 512
[  189.218707][ T9427] FAT-fs (loop0): Directory bread(block 64) failed
[  189.220895][ T9427] FAT-fs (loop0): Directory bread(block 65) failed
[  189.223058][ T9427] FAT-fs (loop0): Directory bread(block 66) failed
[  189.226309][ T9427] FAT-fs (loop0): Directory bread(block 67) failed
[  189.228960][ T9427] FAT-fs (loop0): Directory bread(block 68) failed
[  189.231603][ T9427] FAT-fs (loop0): Directory bread(block 69) failed
[  189.235151][ T9427] FAT-fs (loop0): Directory bread(block 70) failed
[  189.238346][ T9427] FAT-fs (loop0): Directory bread(block 71) failed
[  189.239943][ T9429] EXT4-fs (loop3): too many log groups per flexible block group
[  189.241011][ T9427] FAT-fs (loop0): Directory bread(block 72) failed
[  189.247443][ T9427] FAT-fs (loop0): Directory bread(block 73) failed
[  189.248382][ T9429] EXT4-fs (loop3): failed to initialize mballoc (-12)
[  189.252283][ T9429] EXT4-fs (loop3): mount failed
[  189.326883][ T9437] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1163'.
[  189.923992][ T9449] loop0: detected capacity change from 0 to 131072
[  189.932337][ T9449] F2FS-fs (loop0): Test dummy encryption mode enabled
[  189.936094][ T9449] F2FS-fs (loop0): invalid crc value
[  189.970903][ T9449] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  189.975817][ T9449] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  190.075887][ T9449] fscrypt: AES-256-XTS using implementation "xts(ecb(aes-fixed-time))"
[  190.087512][   T33] audit: type=1800 audit(1755548841.840:35): pid=9449 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1169" name="file1" dev="loop0" ino=10 res=0 errno=0
[  190.779097][ T9475] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1176'.
[  190.787129][ T9451] loop3: detected capacity change from 0 to 262144
[  190.859108][ T9451] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  190.864820][ T9451] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  191.014341][ T5848] Bluetooth: hci2: command 0x0406 tx timeout
[  191.045886][   T10] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  191.223282][   T10] usb 1-1: Using ep0 maxpacket: 16
[  191.226927][   T10] usb 1-1: config 15 has an invalid interface number: 107 but max is 0
[  191.233785][   T10] usb 1-1: config 15 has no interface number 0
[  191.238704][   T10] usb 1-1: config 15 interface 107 altsetting 8 endpoint 0x7 has invalid maxpacket 512, setting to 64
[  191.243021][   T10] usb 1-1: config 15 interface 107 altsetting 8 endpoint 0xB has invalid maxpacket 512, setting to 64
[  191.458007][   T10] usb 1-1: config 15 interface 107 has no altsetting 0
[  191.466771][   T10] usb 1-1: New USB device found, idVendor=0424, idProduct=7800, bcdDevice= d.c3
[  191.470103][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.473340][   T10] usb 1-1: Product: syz
[  191.474824][   T10] usb 1-1: Manufacturer: syz
[  191.476374][   T10] usb 1-1: SerialNumber: syz
[  191.649719][ T9493] loop3: detected capacity change from 0 to 2048
[  191.720843][   T10] usb 1-1: USB disconnect, device number 13
[  191.779870][ T9493] loop3: detected capacity change from 0 to 32768
[  191.783239][ T9493] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1181 (9493)
[  191.789119][ T9493] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  191.792296][ T9493] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  191.794982][ T9493] BTRFS info (device loop3): using free-space-tree
[  191.855633][ T6681] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  192.114567][ T9519] netlink: 'syz.4.1186': attribute type 3 has an invalid length.
[  192.117696][ T9519] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1186'.
[  192.277716][ T9529] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1192'.
[  192.431346][ T9523] loop4: detected capacity change from 0 to 32768
[  192.441042][ T9523] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1189 (9523)
[  192.452893][ T9523] BTRFS info (device loop4): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  192.459395][ T9523] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  192.463537][ T9523] BTRFS info (device loop4): using free-space-tree
[  192.973263][   T33] audit: type=1804 audit(1755548844.720:36): pid=9572 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1189" name="/newroot/232/file0/file1" dev="loop4" ino=260 res=1 errno=0
[  193.013794][   T33] audit: type=1804 audit(1755548844.770:37): pid=9523 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.1189" name="/newroot/232/file0/file1" dev="loop4" ino=260 res=1 errno=0
[  193.093009][ T7351] BTRFS info (device loop4): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  193.439889][ T9578] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  193.531500][ T9575] loop0: detected capacity change from 0 to 32768
[  193.551116][ T9586] x_tables: (null)_tables: cgroup match: used from hooks PREROUTING, but only valid from INPUT/OUTPUT/POSTROUTING
[  194.064093][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  194.066195][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  194.413945][ T9601] loop4: detected capacity change from 0 to 32768
[  194.416485][ T9601] XFS: noikeep mount option is deprecated.
[  194.419693][ T9599] loop3: detected capacity change from 0 to 32768
[  194.425059][ T9599] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1215 (9599)
[  194.430835][ T9599] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  194.431623][ T9601] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  194.434191][ T9599] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  194.440603][ T9599] BTRFS info (device loop3): using free-space-tree
[  194.460145][ T9601] XFS (loop4): Ending clean mount
[  194.462459][ T9599] BTRFS info (device loop3): rebuilding free space tree
[  194.466666][ T9601] XFS (loop4): Quotacheck needed: Please wait.
[  194.511214][ T9601] XFS (loop4): Quotacheck: Done.
[  194.567655][   T12] BTRFS info (device loop3): qgroup scan completed (inconsistency flag cleared)
[  194.585966][   T33] audit: type=1804 audit(1755548846.340:38): pid=9601 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1216" name="/newroot/236/file0/bus" dev="loop4" ino=9291 res=1 errno=0
[  194.660112][ T7351] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  194.734858][ T6681] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  194.900923][ T9632] loop4: detected capacity change from 0 to 2048
[  194.909342][ T9632] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  194.998933][ T9630] loop0: detected capacity change from 0 to 32768
[  195.001790][ T9630] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1220 (9630)
[  195.016598][ T9630] BTRFS info (device loop0 state S): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  195.019859][ T9630] BTRFS info (device loop0 state S): using blake2b (blake2b-256-generic) checksum algorithm
[  195.022932][ T9630] BTRFS info (device loop0 state S): using free-space-tree
[  195.157830][ T9630] BTRFS info (device loop0 state MCS): max_inline set to 0
[  195.183576][ T5852] BTRFS info (device loop0 state CS): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  195.211617][ T9640] loop4: detected capacity change from 0 to 32768
[  195.215559][ T9640] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1222 (9640)
[  195.231224][ T9640] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  195.238873][ T9640] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  195.242489][ T9640] BTRFS info (device loop4): using free-space-tree
[  195.261184][ T9659] Bluetooth: MGMT ver 1.23
[  195.347896][ T9674] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1227'.
[  195.350735][ T9640] BTRFS info (device loop4): rebuilding free space tree
[  195.363804][ T9674] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1227'.
[  195.426137][ T9681] loop3: detected capacity change from 0 to 512
[  195.446446][ T9681] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  195.480825][ T9681] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c118, mo2=0002]
[  195.490357][ T9681] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.1229: corrupted in-inode xattr: e_value size too large
[  195.512261][ T5856] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared)
[  195.516963][ T9681] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1229: couldn't read orphan inode 15 (err -117)
[  195.537223][ T9681] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  195.589274][ T7351] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  195.594617][   T33] audit: type=1800 audit(1755548847.340:39): pid=9681 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1229" name="file1" dev="loop3" ino=18 res=0 errno=0
[  195.624643][   T33] audit: type=1804 audit(1755548847.360:40): pid=9681 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1229" name="/newroot/336/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0/file1" dev="loop3" ino=18 res=1 errno=0
[  195.660136][ T6681] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  195.675073][   T33] audit: type=1800 audit(1755548847.360:41): pid=9681 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1229" name="file1" dev="loop3" ino=18 res=0 errno=0
[  195.950925][ T9704] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1238'.
[  196.173487][    T9] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  196.323234][    T9] usb 5-1: Using ep0 maxpacket: 16
[  196.328024][    T9] usb 5-1: config 0 has an invalid interface number: 48 but max is 0
[  196.331484][    T9] usb 5-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config
[  196.335915][    T9] usb 5-1: config 0 has no interface number 0
[  196.338555][    T9] usb 5-1: too many endpoints for config 0 interface 48 altsetting 48: 48, using maximum allowed: 30
[  196.343061][    T9] usb 5-1: config 0 interface 48 altsetting 48 has 0 endpoint descriptors, different from the interface descriptor's value: 48
[  196.348523][    T9] usb 5-1: config 0 interface 48 has no altsetting 0
[  196.351413][    T9] usb 5-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice= 0.5a
[  196.355156][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  196.360396][    T9] usb 5-1: config 0 descriptor??
[  196.579962][    T9] usb 5-1: string descriptor 0 read error: -71
[  196.587600][    T9] usb 5-1: USB disconnect, device number 8
[  196.908199][ T9715] loop0: detected capacity change from 0 to 32768
[  196.912036][ T9715] BTRFS: device fsid 34a2da50-e117-4d40-8878-8e0fb0127b5f devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1243 (9715)
[  196.922127][ T9715] BTRFS info (device loop0): first mount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f
[  196.926427][ T9715] BTRFS info (device loop0): using xxhash64 (xxhash64-generic) checksum algorithm
[  196.930349][ T9715] BTRFS info (device loop0): using free-space-tree
[  196.970860][   T33] audit: type=1800 audit(2000000001.240:42): pid=9715 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1243" name="file1" dev="loop0" ino=260 res=0 errno=0
[  197.002340][ T5852] BTRFS info (device loop0): last unmount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f
[  197.008846][ T6937] Bluetooth: hci3: Frame reassembly failed (-84)
[  197.012904][ T6937] Bluetooth: hci3: Frame reassembly failed (-84)
[  197.140343][ T9734] input: syz0 as /devices/virtual/input/input10
[  197.277520][ T9741] delete_channel: no stack
[  197.320165][ T9745] veth0: entered promiscuous mode
[  197.323665][ T9745] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1250'.
[  197.368773][ T9745] veth0 (unregistering): left promiscuous mode
[  197.541277][ T9757] loop4: detected capacity change from 0 to 512
[  197.560391][ T9757] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 227 vs 220 free clusters
[  197.572955][ T9757] EXT4-fs error (device loop4): ext4_clear_blocks:876: inode #13: comm syz.4.1255: attempt to clear invalid blocks 1024 len 1
[  197.582163][ T9757] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #13: comm syz.4.1255: invalid indirect mapped block 1819239214 (level 0)
[  197.588551][ T9757] EXT4-fs (loop4): 1 truncate cleaned up
[  197.595699][ T9757] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  197.631522][ T7351] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.804107][    T9] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  197.953386][    T9] usb 1-1: Using ep0 maxpacket: 8
[  197.959566][    T9] usb 1-1: unable to get BOS descriptor or descriptor too short
[  197.966378][    T9] usb 1-1: config 7 has an invalid descriptor of length 255, skipping remainder of the config
[  197.976597][    T9] usb 1-1: config 7 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  197.985563][    T9] usb 1-1: config 7 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  197.990210][    T9] usb 1-1: config 7 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  197.997005][    T9] usb 1-1: config 7 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  198.004829][    T9] usb 1-1: New USB device found, idVendor=0489, idProduct=e0b5, bcdDevice=ae.2a
[  198.009403][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  198.012921][    T9] usb 1-1: Product: syz
[  198.016556][    T9] usb 1-1: Manufacturer: syz
[  198.018582][    T9] usb 1-1: SerialNumber: syz
[  198.026047][ T9761] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  198.148430][ T9779] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1265'.
[  198.251191][    T9] usb 1-1: USB disconnect, device number 14
[  198.252481][ T9785] loop4: detected capacity change from 0 to 256
[  198.256921][ T9785] exFAT-fs (loop4): failed to read boot sector
[  198.258895][ T9785] exFAT-fs (loop4): failed to recognize exfat type
[  198.533868][ T5896] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  198.683196][ T5896] usb 5-1: Using ep0 maxpacket: 32
[  198.687715][ T5896] usb 5-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  198.691333][ T5896] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  198.697185][ T5896] usb 5-1: config 0 descriptor??
[  198.903766][ T5896] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  198.909923][ T5896] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  198.914713][ T5896] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  198.919357][ T5896] usb 5-1: media controller created
[  198.943805][ T5896] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  199.013395][ T5848] Bluetooth: hci3: command 0xfc11 tx timeout
[  199.013415][   T54] Bluetooth: hci3: Entering manufacturer mode failed (-110)
[  199.106522][ T5896] az6027: usb out operation failed. (-71)
[  199.111489][ T5896] az6027: usb out operation failed. (-71)
[  199.113877][ T5896] stb0899_attach: Driver disabled by Kconfig
[  199.116263][ T5896] az6027: no front-end attached
[  199.116263][ T5896] 
[  199.119496][ T5896] az6027: usb out operation failed. (-71)
[  199.121852][ T5896] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  199.126942][ T5896] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.4/usb5/5-1/input/input11
[  199.137566][ T5896] dvb-usb: schedule remote query interval to 400 msecs.
[  199.140597][ T5896] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  199.145699][ T5896] usb 5-1: USB disconnect, device number 9
[  199.182125][ T5896] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  199.676514][ T9798] netlink: 'syz.0.1274': attribute type 2 has an invalid length.
[  199.679555][ T9798] netlink: 'syz.0.1274': attribute type 11 has an invalid length.
[  199.682525][ T9798] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1274'.
[  199.930355][ T9796] loop4: detected capacity change from 0 to 32768
[  199.995133][ T7351] read_mapping_page failed!
[  199.997162][ T7351] ERROR: (device loop4): txCommit: 
[  199.997162][ T7351] 
[  200.011615][ T7351] ERROR: (device loop4): remounting filesystem as read-only
[  200.470863][ T9817] loop0: detected capacity change from 0 to 4096
[  200.475437][ T9817] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  200.479983][ T9817] ntfs3(loop0): It is recommened to use chkdsk.
[  200.838889][ T9819] loop3: detected capacity change from 0 to 8192
[  200.842883][ T9819] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  200.856136][   T12] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  200.890414][ T9819] ntfs3(loop3): Failed to initialize $Extend/$Reparse.
[  200.894179][ T9819] ntfs3(loop3): ino=5, mi_enum_attr
[  200.957555][   T12] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.029697][   T12] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.116499][   T12] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  201.314824][   T12] bridge_slave_1: left allmulticast mode
[  201.318919][ T5848] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  201.325183][ T5848] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  201.329002][ T5848] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  201.334309][ T5848] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  201.338551][ T5848] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  201.407814][   T12] bridge_slave_1: left promiscuous mode
[  201.410838][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  201.414082][   T33] audit: type=1326 audit(2000000005.690:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9829 comm="syz.3.1290" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f300df8ebe9 code=0x7ffc0000
[  201.421162][   T33] audit: type=1326 audit(2000000005.690:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9829 comm="syz.3.1290" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f300df8ebe9 code=0x7ffc0000
[  201.429237][   T12] bridge_slave_0: left allmulticast mode
[  201.429811][   T33] audit: type=1326 audit(2000000005.690:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9829 comm="syz.3.1290" exe="/syz-executor" sig=0 arch=c000003e syscall=259 compat=0 ip=0x7f300df8ebe9 code=0x7ffc0000
[  201.430993][   T12] bridge_slave_0: left promiscuous mode
[  201.437880][   T33] audit: type=1326 audit(2000000005.690:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9829 comm="syz.3.1290" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f300df8ebe9 code=0x7ffc0000
[  201.437903][   T33] audit: type=1326 audit(2000000005.690:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9829 comm="syz.3.1290" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f300df8ebe9 code=0x7ffc0000
[  201.437921][   T33] audit: type=1326 audit(2000000005.690:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9829 comm="syz.3.1290" exe="/syz-executor" sig=0 arch=c000003e syscall=269 compat=0 ip=0x7f300df8ebe9 code=0x7ffc0000
[  201.437938][   T33] audit: type=1326 audit(2000000005.690:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9829 comm="syz.3.1290" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f300df8ebe9 code=0x7ffc0000
[  201.710713][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  202.045868][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  202.050823][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  202.055249][   T12] bond0 (unregistering): (slave bond1): Releasing backup interface
[  202.058772][   T12] bond0 (unregistering): (slave team0): Releasing backup interface
[  202.062549][   T12] bond0 (unregistering): Released all slaves
[  202.251679][   T12] bond1 (unregistering): Released all slaves
[  202.290223][ T9825] lo speed is unknown, defaulting to 1000
[  202.352218][ T9844] loop3: detected capacity change from 0 to 512
[  202.355017][ T9844] EXT4-fs: Ignoring removed orlov option
[  202.357448][ T9844] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  202.361727][ T9844] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  202.377505][ T9844] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.1296: corrupted in-inode xattr: e_value size too large
[  202.387255][ T9844] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1296: couldn't read orphan inode 15 (err -117)
[  202.392932][ T9844] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  202.504045][ T6681] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.845514][ T9858] loop0: detected capacity change from 0 to 512
[  202.867356][ T9858] EXT4-fs (loop0): Invalid default hash set in the superblock
[  203.098056][ T9825] chnl_net:caif_netlink_parms(): no params data found
[  203.182948][   T12] hsr_slave_0: left promiscuous mode
[  203.186646][   T12] hsr_slave_1: left promiscuous mode
[  203.189516][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  203.192676][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  203.198345][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  203.202857][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  203.226164][   T12] veth1_macvtap: left promiscuous mode
[  203.228655][   T12] veth0_macvtap: left promiscuous mode
[  203.231096][   T12] veth1_vlan: left promiscuous mode
[  203.234858][   T12] veth0_vlan: left promiscuous mode
[  203.235014][ T9857] loop3: detected capacity change from 0 to 32768
[  203.240270][ T9857] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1300 (9857)
[  203.246130][ T9857] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  203.249426][ T9857] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  203.252074][ T9857] BTRFS info (device loop3): using free-space-tree
[  203.360782][ T6681] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  203.413323][   T54] Bluetooth: hci0: command tx timeout
[  203.713561][   T51] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  203.868876][   T51] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  203.876388][   T51] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  203.877879][    T9] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  203.880359][   T51] usb 1-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.00
[  203.887377][   T51] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  203.907080][   T51] usb 1-1: config 0 descriptor??
[  204.045225][    T9] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  204.049776][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  204.059610][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  204.075160][    T9] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  204.081882][    T9] usb 4-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  204.086260][   T12] team0 (unregistering): Port device team_slave_1 removed
[  204.102740][    T9] usb 4-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  204.106411][    T9] usb 4-1: Manufacturer: syz
[  204.111948][    T9] usb 4-1: config 0 descriptor??
[  204.166703][   T12] team0 (unregistering): Port device team_slave_0 removed
[  204.321966][   T51] arvo 0003:1E7D:30D4.0008: bogus close delimiter
[  204.335793][   T51] arvo 0003:1E7D:30D4.0008: item 0 0 2 10 parsing failed
[  204.339976][   T51] arvo 0003:1E7D:30D4.0008: parse failed
[  204.353857][   T51] arvo 0003:1E7D:30D4.0008: probe with driver arvo failed with error -22
[  204.534487][ T5896] usb 1-1: USB disconnect, device number 15
[  204.556431][    T9] appleir 0003:05AC:8243.0009: unknown main item tag 0x0
[  204.578399][    T9] appleir 0003:05AC:8243.0009: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.3-1/input0
[  204.736402][ T9825] bridge0: port 1(bridge_slave_0) entered blocking state
[  204.739034][ T9825] bridge0: port 1(bridge_slave_0) entered disabled state
[  204.741538][ T9825] bridge_slave_0: entered allmulticast mode
[  204.744390][ T9825] bridge_slave_0: entered promiscuous mode
[  204.747939][ T9825] bridge0: port 2(bridge_slave_1) entered blocking state
[  204.750096][ T9825] bridge0: port 2(bridge_slave_1) entered disabled state
[  204.752300][ T9825] bridge_slave_1: entered allmulticast mode
[  204.757510][ T9825] bridge_slave_1: entered promiscuous mode
[  204.803667][ T9825] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  204.810719][ T9825] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  204.827219][    T9] usb 4-1: USB disconnect, device number 11
[  204.863802][ T9825] team0: Port device team_slave_0 added
[  204.872141][ T9825] team0: Port device team_slave_1 added
[  204.915345][ T9825] batman_adv: batadv0: Adding interface: batadv_slave_0
[  204.919088][ T9825] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  204.927857][ T9825] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  204.932218][ T9825] batman_adv: batadv0: Adding interface: batadv_slave_1
[  204.936194][ T9825] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  204.945850][ T9825] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  204.985337][ T9825] hsr_slave_0: entered promiscuous mode
[  204.988355][ T9825] hsr_slave_1: entered promiscuous mode
[  205.005078][   T12] IPVS: stop unused estimator thread 0...
[  205.137086][ T9883] loop0: detected capacity change from 0 to 4096
[  205.141099][ T9883] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512).
[  205.141515][ T9825] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  205.153991][ T9825] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  205.160177][ T9825] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  205.168395][ T9825] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  205.261928][ T9825] bridge0: port 2(bridge_slave_1) entered blocking state
[  205.265152][ T9825] bridge0: port 2(bridge_slave_1) entered forwarding state
[  205.268190][ T9825] bridge0: port 1(bridge_slave_0) entered blocking state
[  205.271091][ T9825] bridge0: port 1(bridge_slave_0) entered forwarding state
[  205.290020][   T33] audit: type=1800 audit(2000000009.560:50): pid=9890 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1303" name="file1" dev="loop0" ino=30 res=0 errno=0
[  205.447417][ T9825] 8021q: adding VLAN 0 to HW filter on device bond0
[  205.467221][ T6937] bridge0: port 1(bridge_slave_0) entered disabled state
[  205.471217][ T6937] bridge0: port 2(bridge_slave_1) entered disabled state
[  205.494943][   T54] Bluetooth: hci0: command tx timeout
[  205.502622][ T9825] 8021q: adding VLAN 0 to HW filter on device team0
[  205.520050][ T6933] bridge0: port 1(bridge_slave_0) entered blocking state
[  205.522596][ T6933] bridge0: port 1(bridge_slave_0) entered forwarding state
[  205.562870][ T6933] bridge0: port 2(bridge_slave_1) entered blocking state
[  205.565610][ T6933] bridge0: port 2(bridge_slave_1) entered forwarding state
[  205.796219][ T9894] loop3: detected capacity change from 0 to 8192
[  206.080019][ T9825] 8021q: adding VLAN 0 to HW filter on device batadv0
[  206.500229][ T9902] loop3: detected capacity change from 0 to 32768
[  206.503286][ T9902] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1307 (9902)
[  206.510875][ T9902] BTRFS info (device loop3): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  206.511654][ T9825] veth0_vlan: entered promiscuous mode
[  206.514761][ T9902] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  206.520263][ T9902] BTRFS info (device loop3): using free-space-tree
[  206.531246][ T9825] veth1_vlan: entered promiscuous mode
[  206.568002][   T33] audit: type=1800 audit(2000000010.840:51): pid=9902 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1307" name="file1" dev="loop3" ino=260 res=0 errno=0
[  206.587004][ T9825] veth0_macvtap: entered promiscuous mode
[  206.599069][ T9825] veth1_macvtap: entered promiscuous mode
[  206.638213][ T6681] BTRFS info (device loop3): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  206.656216][ T9825] batman_adv: batadv0: Interface activated: batadv_slave_0
[  206.681732][ T9825] batman_adv: batadv0: Interface activated: batadv_slave_1
[  206.694836][ T5875] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  206.698415][ T5875] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  206.702256][ T5875] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  206.748969][ T6743] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  206.862982][ T6925] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  206.867263][ T6925] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  206.898620][ T6925] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  206.901590][ T6925] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  207.109058][ T9929] loop0: detected capacity change from 0 to 32768
[  207.112041][ T9929] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.1311 (9929)
[  207.118800][ T9929] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  207.122103][ T9929] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  207.132132][ T9929] BTRFS info (device loop0): using free-space-tree
[  207.290606][ T5852] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  207.375429][ T5896] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  207.533450][ T5896] usb 6-1: Using ep0 maxpacket: 8
[  207.541590][ T5896] usb 6-1: unable to get BOS descriptor or descriptor too short
[  207.547536][ T5896] usb 6-1: config 4 has an invalid interface number: 255 but max is 0
[  207.551013][ T5896] usb 6-1: config 4 has no interface number 0
[  207.553733][ T5896] usb 6-1: config 4 interface 255 has no altsetting 0
[  207.555983][ T9969] loop3: detected capacity change from 0 to 1024
[  207.557469][ T9967] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  207.568828][ T5896] usb 6-1: New USB device found, idVendor=a257, idProduct=2013, bcdDevice= e.87
[  207.572714][ T5896] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  207.575427][ T9969] Quota error (device loop3): do_check_range: Getting block 64 out of range 1-5
[  207.580442][ T9969] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  207.582830][ T5896] usb 6-1: Product: syz
[  207.586227][   T54] Bluetooth: hci0: command tx timeout
[  207.587116][ T5896] usb 6-1: Manufacturer: syz
[  207.588304][ T9969] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1321: Failed to acquire dquot type 0
[  207.590058][ T5896] usb 6-1: SerialNumber: syz
[  207.599867][ T9969] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[  207.606818][ T9969] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #13: comm syz.3.1321: corrupted inode contents
[  207.610646][ T9969] EXT4-fs error (device loop3): ext4_dirty_inode:6538: inode #13: comm syz.3.1321: mark_inode_dirty error
[  207.617459][ T9969] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #13: comm syz.3.1321: corrupted inode contents
[  207.621935][ T9969] EXT4-fs error (device loop3): __ext4_ext_dirty:206: inode #13: comm syz.3.1321: mark_inode_dirty error
[  207.626233][ T9969] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #13: comm syz.3.1321: corrupted inode contents
[  207.630606][ T9969] EXT4-fs error (device loop3) in ext4_orphan_del:305: Corrupt filesystem
[  207.634042][ T9969] EXT4-fs error (device loop3): ext4_do_update_inode:5653: inode #13: comm syz.3.1321: corrupted inode contents
[  207.637650][ T9969] EXT4-fs error (device loop3): ext4_truncate:4666: inode #13: comm syz.3.1321: mark_inode_dirty error
[  207.641588][ T9969] EXT4-fs error (device loop3) in ext4_process_orphan:347: Corrupt filesystem
[  207.647467][ T9969] EXT4-fs (loop3): 1 truncate cleaned up
[  207.649942][ T9969] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  207.682703][ T9969] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  207.692861][ T9969] EXT4-fs: Ignoring removed orlov option
[  207.696670][ T9969] EXT4-fs: Remounting file system with no journal so ignoring journalled data option
[  207.700476][ T9969] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  207.705447][ T9969] EXT4-fs (loop3): warning: mounting fs with errors, running e2fsck is recommended
[  207.712464][ T9969] EXT4-fs (loop3): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  207.758709][ T6681] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.816222][ T9979] netlink: 100 bytes leftover after parsing attributes in process `syz.3.1324'.
[  207.823054][ T5896] usb 6-1: USB disconnect, device number 2
[  207.870032][ T9982] loop9: detected capacity change from 0 to 7
[  207.889524][ T9982] Dev loop9: unable to read RDB block 7
[  207.891976][ T9982]  loop9: unable to read partition table
[  207.900274][ T9982] loop9: partition table beyond EOD, truncated
[  207.902675][ T9982] loop_reread_partitions: partition scan of loop9 (被x ) failed (rc=-5)
[  208.541146][ T9998] overlayfs: conflicting options: nfs_export=on,index=off
[  208.722528][T10009] loop3: detected capacity change from 0 to 512
[  208.777164][T10009] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.1338: casefold flag without casefold feature
[  208.784062][T10009] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1338: couldn't read orphan inode 15 (err -117)
[  208.797262][T10009] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  208.991507][ T6681] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.135730][T10019] loop5: detected capacity change from 0 to 32768
[  209.181084][T10019] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  209.194322][T10019] XFS (loop5): Ending clean mount
[  209.227448][ T9825] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  209.471179][T10056] loop5: detected capacity change from 0 to 64
[  209.493499][T10056] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1357'.
[  209.497101][T10056] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1357'.
[  209.570485][T10058] sit1: entered promiscuous mode
[  209.572317][T10058] sit1: entered allmulticast mode
[  209.616269][T10060] loop5: detected capacity change from 0 to 128
[  209.650935][T10054] loop3: detected capacity change from 0 to 32768
[  209.654178][   T54] Bluetooth: hci0: command tx timeout
[  209.657785][T10054] (syz.3.1356,10054,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  209.664605][T10054] (syz.3.1356,10054,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  209.679369][T10054] (syz.3.1356,10054,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xcfdff595, computed 0xefed4a20. Applying ECC.
[  209.689770][T10054] JBD2: Ignoring recovery information on journal
[  209.744845][T10054] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  209.832177][ T6681] ocfs2: Unmounting device (7,3) on (node local)
[  209.876065][ T1271] hid-generic 00A0:0006:0003.000A: unknown main item tag 0x0
[  209.879250][ T1271] hid-generic 00A0:0006:0003.000A: unknown main item tag 0x0
[  209.882136][ T1271] hid-generic 00A0:0006:0003.000A: unknown main item tag 0x0
[  209.886953][ T1271] hid-generic 00A0:0006:0003.000A: unknown main item tag 0x0
[  209.889940][ T1271] hid-generic 00A0:0006:0003.000A: unknown main item tag 0x0
[  209.892917][ T1271] hid-generic 00A0:0006:0003.000A: unknown main item tag 0x0
[  209.896593][ T1271] hid-generic 00A0:0006:0003.000A: unknown main item tag 0x0
[  209.899536][ T1271] hid-generic 00A0:0006:0003.000A: unknown main item tag 0x0
[  209.902523][ T1271] hid-generic 00A0:0006:0003.000A: unknown main item tag 0x0
[  209.906299][ T1271] hid-generic 00A0:0006:0003.000A: unknown main item tag 0x0
[  209.917465][ T1271] hid-generic 00A0:0006:0003.000A: hidraw0: <UNKNOWN> HID v0.05 Device [syz1] on syz0
[  210.224221][T10072] loop3: detected capacity change from 0 to 32768
[  210.239259][T10072] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  210.257706][T10072] 
[  210.258752][T10072] ======================================================
[  210.261461][T10072] WARNING: possible circular locking dependency detected
[  210.264192][T10072] 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 Not tainted
[  210.267470][T10072] ------------------------------------------------------
[  210.268098][T10094] loop5: detected capacity change from 0 to 256
[  210.271402][T10072] syz.3.1363/10072 is trying to acquire lock:
[  210.274943][T10094] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  210.276301][T10072] ffff888106602618 (sb_internal#3){.+.+}-{0:0}, at: ocfs2_write_begin_nolock+0x1ca6/0x4340
[  210.276353][T10072] 
[  210.276353][T10072] but task is already holding lock:
[  210.276358][T10072] ffff88811331cee0 (&ocfs2_file_ip_alloc_sem_key
[  210.280380][T10094] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  210.284185][T10072] ){++++}-{4:4}, at: ocfs2_write_begin+0x198/0x310
[  210.284218][T10072] 
[  210.284218][T10072] which lock already depends on the new lock.
[  210.284218][T10072] 
[  210.284225][T10072] 
[  210.284225][T10072] the existing dependency chain (in reverse order) is:
[  210.284230][T10072] 
[  210.284230][T10072] -> #4 (&ocfs2_file_ip_alloc_sem_key){++++}-{4:4}:
[  210.284254][T10072]        lock_acquire+0x120/0x360
[  210.290533][T10094] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  210.292815][T10072]        down_write+0x96/0x1f0
[  210.315254][T10072]        ocfs2_try_remove_refcount_tree+0xb6/0x320
[  210.317937][T10072]        ocfs2_xattr_set+0x595/0x11f0
[  210.320183][T10072]        ocfs2_set_acl+0x701/0x7b0
[  210.322283][T10072]        ocfs2_iop_set_acl+0x1aa/0x2a0
[  210.324531][T10072]        vfs_set_acl+0x887/0xb00
[  210.326494][T10072]        filename_setxattr+0x2e0/0x600
[  210.328730][T10072]        path_setxattrat+0x364/0x3a0
[  210.330845][T10072]        __x64_sys_setxattr+0xbc/0xe0
[  210.332983][T10072]        do_syscall_64+0xfa/0x3b0
[  210.335091][T10072]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.337534][T10072] 
[  210.337534][T10072] -> #3 (&oi->ip_xattr_sem){++++}-{4:4}:
[  210.340475][T10072]        lock_acquire+0x120/0x360
[  210.342421][T10072]        down_read+0x46/0x2e0
[  210.344233][T10072]        ocfs2_init_acl+0x2f9/0x720
[  210.346510][T10072]        ocfs2_mknod+0x1321/0x2050
[  210.348651][T10072]        ocfs2_create+0x1a5/0x440
[  210.350694][T10072]        path_openat+0x14f4/0x3830
[  210.352746][T10072]        do_filp_open+0x1fa/0x410
[  210.354773][T10072]        do_sys_openat2+0x121/0x1c0
[  210.357076][T10072]        __x64_sys_openat+0x138/0x170
[  210.359158][T10072]        do_syscall_64+0xfa/0x3b0
[  210.361178][T10072]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.363806][T10072] 
[  210.363806][T10072] -> #2 (jbd2_handle){++++}-{0:0}:
[  210.366613][T10072]        lock_acquire+0x120/0x360
[  210.368771][T10072]        start_this_handle+0x1fa7/0x21c0
[  210.371133][T10072]        jbd2__journal_start+0x2c1/0x5b0
[  210.373435][T10072]        jbd2_journal_start+0x2a/0x40
[  210.375725][T10072]        ocfs2_start_trans+0x376/0x6d0
[  210.377950][T10072]        ocfs2_fileattr_set+0x301/0x7e0
[  210.380191][T10072]        vfs_fileattr_set+0x932/0xb90
[  210.382415][T10072]        ioctl_setflags+0x17b/0x200
[  210.384534][T10072]        do_vfs_ioctl+0x8ed/0x1430
[  210.386742][T10072]        __se_sys_ioctl+0x82/0x170
[  210.388715][T10072]        do_syscall_64+0xfa/0x3b0
[  210.390727][T10072]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.393250][T10072] 
[  210.393250][T10072] -> #1 (&journal->j_trans_barrier){.+.+}-{4:4}:
[  210.396705][T10072]        lock_acquire+0x120/0x360
[  210.398713][T10072]        down_read+0x46/0x2e0
[  210.400732][T10072]        ocfs2_start_trans+0x36a/0x6d0
[  210.402938][T10072]        ocfs2_fileattr_set+0x301/0x7e0
[  210.405038][T10072]        vfs_fileattr_set+0x932/0xb90
[  210.407089][T10072]        ioctl_setflags+0x17b/0x200
[  210.409201][T10072]        do_vfs_ioctl+0x8ed/0x1430
[  210.411198][T10072]        __se_sys_ioctl+0x82/0x170
[  210.413202][T10072]        do_syscall_64+0xfa/0x3b0
[  210.415278][T10072]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.417891][T10072] 
[  210.417891][T10072] -> #0 (sb_internal#3){.+.+}-{0:0}:
[  210.421023][T10072]        validate_chain+0xb9b/0x2140
[  210.423148][T10072]        __lock_acquire+0xab9/0xd20
[  210.425201][T10072]        lock_acquire+0x120/0x360
[  210.427155][T10072]        ocfs2_start_trans+0x26b/0x6d0
[  210.429316][T10072]        ocfs2_write_begin_nolock+0x1ca6/0x4340
[  210.431774][T10072]        ocfs2_write_begin+0x1bb/0x310
[  210.433911][T10072]        generic_perform_write+0x2c5/0x900
[  210.436222][T10072]        ocfs2_file_write_iter+0x157a/0x1d10
[  210.438598][T10072]        vfs_write+0x5c9/0xb30
[  210.440620][T10072]        ksys_write+0x145/0x250
[  210.442708][T10072]        do_syscall_64+0xfa/0x3b0
[  210.444769][T10072]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.447399][T10072] 
[  210.447399][T10072] other info that might help us debug this:
[  210.447399][T10072] 
[  210.451422][T10072] Chain exists of:
[  210.451422][T10072]   sb_internal#3 --> &oi->ip_xattr_sem --> &ocfs2_file_ip_alloc_sem_key
[  210.451422][T10072] 
[  210.457040][T10072]  Possible unsafe locking scenario:
[  210.457040][T10072] 
[  210.459866][T10072]        CPU0                    CPU1
[  210.461968][T10072]        ----                    ----
[  210.464073][T10072]   lock(&ocfs2_file_ip_alloc_sem_key);
[  210.466256][T10072]                                lock(&oi->ip_xattr_sem);
[  210.469058][T10072]                                lock(&ocfs2_file_ip_alloc_sem_key);
[  210.472273][T10072]   rlock(sb_internal#3);
[  210.474068][T10072] 
[  210.474068][T10072]  *** DEADLOCK ***
[  210.474068][T10072] 
[  210.477394][T10072] 4 locks held by syz.3.1363/10072:
[  210.479434][T10072]  #0: ffff888023650cf8 (&f->f_pos_lock){+.+.}-{4:4}, at: fdget_pos+0x247/0x320
[  210.482971][T10072]  #1: ffff888106602428 (sb_writers#16){.+.+}-{0:0}, at: vfs_write+0x211/0xb30
[  210.486442][T10072]  #2: ffff88811331d240 (&sb->s_type->i_mutex_key#34){+.+.}-{4:4}, at: ocfs2_file_write_iter+0x429/0x1d10
[  210.490798][T10072]  #3: ffff88811331cee0 (&ocfs2_file_ip_alloc_sem_key){++++}-{4:4}, at: ocfs2_write_begin+0x198/0x310
[  210.495184][T10072] 
[  210.495184][T10072] stack backtrace:
[  210.497417][T10072] CPU: 1 UID: 0 PID: 10072 Comm: syz.3.1363 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  210.497436][T10072] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  210.497446][T10072] Call Trace:
[  210.497454][T10072]  <TASK>
[  210.497461][T10072]  dump_stack_lvl+0x189/0x250
[  210.497481][T10072]  ? __pfx_dump_stack_lvl+0x10/0x10
[  210.497496][T10072]  ? __pfx__printk+0x10/0x10
[  210.497514][T10072]  ? print_lock_name+0xde/0x100
[  210.497531][T10072]  print_circular_bug+0x2ee/0x310
[  210.497548][T10072]  check_noncircular+0x134/0x160
[  210.497564][T10072]  validate_chain+0xb9b/0x2140
[  210.497585][T10072]  __lock_acquire+0xab9/0xd20
[  210.497606][T10072]  ? ocfs2_write_begin_nolock+0x1ca6/0x4340
[  210.497621][T10072]  lock_acquire+0x120/0x360
[  210.497640][T10072]  ? ocfs2_write_begin_nolock+0x1ca6/0x4340
[  210.497657][T10072]  ? do_raw_spin_unlock+0x4d/0x240
[  210.497675][T10072]  ocfs2_start_trans+0x26b/0x6d0
[  210.497691][T10072]  ? ocfs2_write_begin_nolock+0x1ca6/0x4340
[  210.497714][T10072]  ? __pfx_ocfs2_start_trans+0x10/0x10
[  210.497729][T10072]  ? __kasan_kmalloc+0x93/0xb0
[  210.497751][T10072]  ocfs2_write_begin_nolock+0x1ca6/0x4340
[  210.497772][T10072]  ? rcu_is_watching+0x15/0xb0
[  210.497794][T10072]  ? __pfx_ocfs2_write_begin_nolock+0x10/0x10
[  210.497833][T10072]  ? __bfs+0x154/0x2a0
[  210.497844][T10072]  ? __pfx_hlock_conflict+0x10/0x10
[  210.497860][T10072]  ? check_path+0x21/0x40
[  210.497873][T10072]  ? check_noncircular+0xe0/0x160
[  210.497888][T10072]  ? lockdep_unlock+0x89/0x120
[  210.497905][T10072]  ? validate_chain+0x897/0x2140
[  210.497926][T10072]  ? __lock_acquire+0xab9/0xd20
[  210.497947][T10072]  ? ocfs2_write_begin+0x198/0x310
[  210.497965][T10072]  ? down_write+0x162/0x1f0
[  210.497977][T10072]  ? __pfx_down_write+0x10/0x10
[  210.498000][T10072]  ocfs2_write_begin+0x1bb/0x310
[  210.498015][T10072]  ? __pfx_seqcount_lockdep_reader_access+0x10/0x10
[  210.498033][T10072]  ? __pfx_ocfs2_write_begin+0x10/0x10
[  210.498052][T10072]  generic_perform_write+0x2c5/0x900
[  210.498073][T10072]  ? __pfx_generic_perform_write+0x10/0x10
[  210.498089][T10072]  ? file_update_time+0x2da/0x490
[  210.498105][T10072]  ? __generic_file_write_iter+0xf9/0x230
[  210.498120][T10072]  ? ocfs2_file_write_iter+0x1551/0x1d10
[  210.498142][T10072]  ocfs2_file_write_iter+0x157a/0x1d10
[  210.498162][T10072]  ? aa_file_perm+0x13a/0x1550
[  210.498182][T10072]  ? __pfx_ocfs2_file_write_iter+0x10/0x10
[  210.498202][T10072]  ? __pfx_aa_file_perm+0x10/0x10
[  210.498218][T10072]  ? __lock_acquire+0xab9/0xd20
[  210.498241][T10072]  ? rcu_read_lock_any_held+0xb3/0x120
[  210.498256][T10072]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  210.498274][T10072]  vfs_write+0x5c9/0xb30
[  210.498293][T10072]  ? __pfx_ocfs2_file_write_iter+0x10/0x10
[  210.498314][T10072]  ? __pfx_vfs_write+0x10/0x10
[  210.498334][T10072]  ? __fget_files+0x2a/0x420
[  210.498348][T10072]  ksys_write+0x145/0x250
[  210.498366][T10072]  ? __pfx_ksys_write+0x10/0x10
[  210.498382][T10072]  ? rcu_is_watching+0x15/0xb0
[  210.498396][T10072]  ? do_syscall_64+0xbe/0x3b0
[  210.498417][T10072]  do_syscall_64+0xfa/0x3b0
[  210.498435][T10072]  ? lockdep_hardirqs_on+0x9c/0x150
[  210.498453][T10072]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.498466][T10072]  ? exc_page_fault+0x9f/0xf0
[  210.498483][T10072]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  210.498497][T10072] RIP: 0033:0x7f300df8ebe9
[  210.498511][T10072] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  210.498524][T10072] RSP: 002b:00007f300ee75038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  210.498538][T10072] RAX: ffffffffffffffda RBX: 00007f300e1b5fa0 RCX: 00007f300df8ebe9
[  210.498549][T10072] RDX: 0000000000000050 RSI: 0000200000000100 RDI: 0000000000000004
[  210.498558][T10072] RBP: 00007f300e011e19 R08: 0000000000000000 R09: 0000000000000000
[  210.498566][T10072] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  210.498575][T10072] R13: 00007f300e1b6038 R14: 00007f300e1b5fa0 R15: 00007ffd985420c8
[  210.498590][T10072]  </TASK>
[  210.498709][    C1] vkms_vblank_simulate: vblank timer overrun
[  210.513257][  T124] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  210.665235][ T6681] ocfs2: Unmounting device (7,3) on (node local)
[  210.813259][  T124] usb 1-1: Using ep0 maxpacket: 32
[  210.817306][  T124] usb 1-1: config 0 interface 0 altsetting 7 endpoint 0x81 has invalid wMaxPacketSize 0
[  210.820814][  T124] usb 1-1: config 0 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 10
[  210.825290][  T124] usb 1-1: config 0 interface 0 has no altsetting 0
[  210.827460][  T124] usb 1-1: New USB device found, idVendor=20bc, idProduct=5500, bcdDevice= 0.00
[  210.830765][  T124] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  210.834967][  T124] usb 1-1: config 0 descriptor??
[  211.244824][  T124] betop 0003:20BC:5500.000B: hidraw0: USB HID v8.00 Device [HID 20bc:5500] on usb-dummy_hcd.0-1/input0
[  211.248728][  T124] betop 0003:20BC:5500.000B: no inputs found
[  211.450783][  T124] usb 1-1: USB disconnect, device number 16

VM DIAGNOSIS:
20:23:26  Registers:
info registers vcpu 0

CPU#0
RAX=48860b6abcd96a00 RBX=0000000000000001 RCX=dffffc0000000000 RDX=ffffffff902a7c00
RSI=ffffffff8172c195 RDI=ffffffff8e139ee0 RBP=dffffc0000000000 RSP=ffffc9000422e750
R8 =0000000000000022 R9 =0000000000000000 R10=ffffc9000422e8d8 R11=ffffffff81ac3870
R12=00007f0bcd516dc0 R13=ffffffff8172c195 R14=ffffffff8e139ee0 R15=ffffffff8172c195
RIP=ffffffff819d6c15 RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f0bcd5176c0 ffffffff 00c00000
GS =0000 ffff8880b861c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f0bc241f000 CR3=000000003c138000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=00007f0bcd5165a0 00007f0bcd516580
XMM02=00007f0bcd5166e0 00007f0bcd516560 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00007f0bcd5165a0 XMM05=0000000000000000 00007f0bcd5166e0
XMM06=00007f0bcd5166e0 00007f0bcd516560 XMM07=00007f0bcd5165a0 00007f0bcd516580
XMM08=2108421084210842 10842108428e7d2b XMM09=0000000000000000 00007f0bcc812fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000037 RBX=0000000000000037 RCX=0000000000000000 RDX=00000000000003f8
RSI=000000000000122c RDI=000000000000122d RBP=00000000000003f8 RSP=ffffc900077f6750
R8 =ffff888106788237 R9 =1ffff11020cf1046 R10=dffffc0000000000 R11=ffffffff854efeb0
R12=dffffc0000000000 R13=ffffffff99af98d4 R14=ffffffff99dee3a0 R15=0000000000000000
RIP=ffffffff854eff2c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f300ee756c0 ffffffff 00c00000
GS =0000 ffff8881a3c1c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b2d81aff8 CR3=000000003d92e000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ffffffffffffffff ffffff0000000000 XMM01=0101010101010101 0101010000000000
XMM02=695f746e756f6d5f 7a79730032736667 XMM03=ffffffffffffffff ffffffffffffffff
XMM04=1360034e5d53002c 74696d6d6f635f63 XMM05=5cf3945eb98408b4 4938eecd7e6e9eec
XMM06=0000000000000000 00b0be19cd0096ec XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 00001b7d1475bf98 XMM09=0000000000000000 00007f300e012fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
