last executing test programs:

1m47.782204997s ago: executing program 0 (id=54):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f00000000c0)='./bus\x00', 0x2000401, &(0x7f0000000100)={[{@noinline_xattr}, {@heap}, {@discard}, {@prjjquota={'prjjquota', 0x3d, 'mode=lfs'}}, {@gc_merge}, {@noextent_cache}, {@norecovery}, {@fsync_mode_strict}, {@lfs_mode}, {@nogc_merge}]}, 0x21, 0x5542, &(0x7f0000005800)="$eJzs3MtvG0UYAPDZPFr6oESIA7cuqpASqbbiPCq4BWjFM1VU4MAJHNux3NjeKHackBMHjogD/wkCiRNH/gYOnLkhDiBuSCDvrKsUqIQUxybk95N2v53Z2c8zq9bS5402ABfWQvrbL0m4Ea6EEGZDCNdDyI+TYsttxPB8COFmCGHmxJYU/Y86LoUQroYQbgyTx5xJceqL24Nb6z+/9eu331+eu/blNz9Mb9XAtL0YQujsxePDToxZM8aHRX910MpjZ21QxHiis1u0sxgPG9t5hsPqaFw1j6vNOD7bO+gN4067WhvGZmsn79/rxg/sDZqjPPkFD6v7ebve2M5jq5flsXkc53V0HL/bjnv9mKde5Ps4Tx/6/VGM/Y2jRlzP3m4ea91+0R/zZvXG0TAOilh8XKhl7Xo+j+3T3On/tBfeaXUPjtJBY7/XyrrpernyUrlyp1TZz+qNfmOtVO3U76yli832cFip36h2NppZ1mw3yrWss5QuNmu1UqWSLt5tbLeq3bRSKa+Wl0vrS8XR7fT1+++n7Xq6OIyvtroH/Va7l+5k+2m8YildKa++vJTeqqTvbm6lWw/u3dvceu/Dux/cf2XzzdeKQX+bVrq4sryyUqosl1YqS6e7Aedq/Z8Wkx7j+uFUkmlPAOD8Uf8D03B29f/+gxDOrP5fyL/MCur/0ztX9e9Fr//PYP1wKup/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAL68f5r97IDxZi+1rR/3TR9WzRTkIIMyGEP/7BbLj0WM7ZIs/8E8YP+y+fGP9dEvIMSdE/3K6GEDaK7fdnJnEnAAAA4P/p609ufh6r9bhbmPaEmKT4o83M9Y/GlC8JIcwv/DSmbDPD3XNjSpb/+54LR2PKNj/cPTWmZPEnt7lxZftX8v/ub8fwaCV5SGKY+esVY1stAAAwNbOPhclWIQAAAEzSZ088szvReTBhSRg9yhw9Cx79VX7xsO9KbHv0BwAAAOdXMu0JAAAAAGcur/+n9f6/k7z/DwAAAM5OfP8fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf7JzLzdqA3EcgP+2cSAvBUW5p5XcoIyUkGOOEQWkCUogLaQBaiC3lBBBhMesFrQv8BhrV98n2cNY5ucZ4DIzaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPr0p17Nf/34/LOtVpfmbHfd5OsRAAAAcGpTr+bNi2mqv22vv28vfWzrRUSUEXHX2L2KV0eZVZtT33N/fdKG3xFNwv4Z4/Z4ExFf0rGLD31/CgAAAPAijfan9WI5a5f8m9N06FbR2RnfYZq0Kd99zfToIiLq6d9MaeU+71OmsOb3PYrvmdKaCaxJprA05TbKlfYk6W8+h1m7ya2iSEX58Puz9R0AALii6qi47igEAACAa/o2dAPow+tH7yjisJR5sxQ4TsXkKMJiHwAAADxfxdANAAAAAHrXjP/P2f8vhtn/L/7Z/w8AAAAulvb/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoE+bejVfL5azrjnbXTd5egMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/9mfdxQIgTAIg73rO5O5/2GlQVNTkyoQPv7GYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgze/+8n9iapxJ5l4bS88jydqpsXVq7J0bR38YX78GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYn9eUiAEgiAK5oz/nfT9DysJegYRIqDhUUUtGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPii3/3yf2JqnEnmThtLxyPJ2lVj66qx96Bx9GC8/RsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgYuf+feOm4gCAP9vn6w9AHAHdEIRAYoCFXq+lpRtiAEUM/AlIUXotoVd+tBloVSFlYUOZuyAYEUICha3/AFM3pFbqUrYONxSJheWQfXbOaYK4EMU+ks9Hen7fcxy/77OlKF8/JwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlEbvTOMk23QmcVzsu/f41krW33+iz9zZeLCYtSyO6kz6/+Gl6oeo21wiAAAAHB1JWd+HEB6mm0tZH3fy+j8tj8lq/m+fmcRlPf9k3V/2Ze2ftV9+fvTC1kCdyTjZSS+tDgend6bSOrhZzrdn//WIVn7l82cvSX5D4vfXnx+l+fWMvr579912Hh6rI1sA4L84VfZFUP4+lPX9JhMD4MhoVQrvsv5POs3mBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFCH0Xp4qoyjEMJiaxpn7j++tbJbf2fjwWLZzt++vVE9Z3aKNIRwaXU4OF3jXObd9Rs3rywPh4Nr9QcvhxCaGv3tYvpXPpzh4BAauT4HFfw1Ho/39F3Hm895X0Fc3OwZDm7PS87NBw3+UAIA4FBKi5bV9Q/TzaVsX7QQwvi77fX/a5U4zFj/P/ro/L3qWNX6v1/bDOdfb+3qZ73rN26+sXp1+fLg8uCTN8/03+qfvXDu3IVe/qyk54kJAAAA+9MuWrX+jxd2rv+frMRhxvr/82/6X05H+i3fqv93mi76NZ0JAADA0fbcK3/+Ee2yP2q3wxfLa2vX+pPt1uczk20Dqe7ZsaJV6/9koemsAAAAgDqM1qNt6/8XK3GYcf3/6e9f/LF6ziSEcKJY/z+18unwYn3TmWt1/DnxPwyd1DxVAAAAGnKiaNX1/zR//z/eeuUhDiG8/uokLv4N4Ez1f/LeVz9Ux0oq7/+frW+KcynuTq5H3ndDaHW3ffnXxhIDAADgUDpetKzY/z3dXPr4p5MftL3/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFC3vwMAAP//lE5Bqw==")

1m47.421203081s ago: executing program 0 (id=60):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x40, &(0x7f0000000140)={[{@cache_strategy_disabled}, {@noacl}, {@noacl}, {}, {@nouser_xattr}]}, 0x1, 0x177, &(0x7f0000000240)="$eJzslL9KA0EQxr/diwkROztBLAwYi1zuLio2IsEXCPgPO6M5Q/RiQnKCiZXY+gC2tr5CGsEXUSsRUlpH9naTWyV/RNAgzq+Y+/Z2dm52Dj4QBPFveX56e7x+bV0YAKaQQEy9fzHCHK7ln+XiB9OpjbvWzcPVenW20q9mp/P170cA3GcN+L2zH08n1HMLvKe3wbGo9C4YTKX3wbGjtAuGPaWPNV0R+aZ5VPJc87DiFYSwRLBFcETIfO6vfclQ0Ppj2n690TzJe55b+0Exan7tLMea1p/+v7qzsbT52eCwlc6AYVPpVcS6s5Ej0e4/EwnrG798fxIkSPw1EfpT55ZhQfOniOYfab9cTdcbzVSpnC+6RffUcTIr1pJlLTvpwIhkHOJ/8cCfJrX6EwNyoyyK87zv12wZe2tHxn6OywP/40jOy7Xw/ujAbuQ+U+dYoJLGkHSCIIixMQcWeOYInNy4GyUIgiAIgiAIgiAI4tu8BwAA//9iEXZY")
openat(0xffffffffffffff9c, 0x0, 0x0, 0x1)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file3\x00', 0x0, 0x80)
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000000200)=ANY=[@ANYBLOB="80000000000000000002"])

1m47.226955938s ago: executing program 0 (id=62):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="140100001f0001000000000000000000060100800c0001"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x4000000)

1m47.113636814s ago: executing program 0 (id=64):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000180)='./file1\x00', 0x20108c0, &(0x7f0000006980)=ANY=[@ANYBLOB="646973636172642c696f636861727365743d63703837342c6572726f72733d72656d6f756e742d726f2c75737271756f74612c696f636861727365743d63703836312c696f636861727365743d6370313235302c696e7465677269747900696f636861727365743d69736f383835392d342c646973636172643d30783030303030303030303030303030396943b95b49aca56faf1cc22189cc312c796f636861727365743d6d6163677265656b2c71756f74612c726573697a653d3078303030303030303030303030376666662c646973636172643d3078303030303030303066666666666666662c756d61736b3d3078303030303030303030303032303034352c6673636f6e746578743d046e636f6e66696e65645f752c66736d616769633d3078303030303030303030303230303030392c324216873b95edfe8ceab2bb0b11835a5cf531ac6273c29a4d4f9d056f1bcb8cd0a969ed12cf99802b5b3201518ecfc59a4fd94dd5349dc55633bd2bde1128ad071807ef13a9f10c0fbf3ad861c2009067c5c6c84cdba2806fa74eddff8373799d0b8c1e6f7e2b205235161b610ae5c66d1d9cfc2bc0cb617ae49331ade71595c2a5438139933aada47236dafdffffff088a552445f95768ccecb0c35797e832beced2077fa197623cd3de51d69d7a4f77a80eb5f783f091e5ec6047a0f67676819f4bf66744c1cb0975b96baf730000000000000001004e257bbabf33e3fa8d0cca2fbb4dabe1c5634b06881b049910b34a55f5a213438b2cdf889b764ce26ae4e539fdffa2ea82c34b16308e26ce945d101d5f2e2577d8e2a21d9401194a97a6c281b603da7c66934f0c"], 0xfe, 0x61f6, &(0x7f000000cdc0)="$eJzs3c1vHGcdB/DfvvolNLV6qEqEkJuWl1KaxEkJgQJtD3Dg0gPKFSVy3SoiBZQElFYWceULB078BSAkjghxRBz4A3rgyo0TJyLZSKCeGDTe54lnN7tdp7Z31p7PR3JmfvPMep/Jd189L08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPH97/1grRURN36eFqxEfCY6Ee2IpbJejYil1ZW8fjcinou95ng2InoLEeXt9/55OuLViPjobMTO7uZ6ufjyAfvx3T/+/Xc/PPPW3/7Qu/jfP93rvDZpvfv3f/WfPz843DYDAABA0xRFUbTS1/xz6ft9u+5OAQAzkd//iyQvP/X1r//51l/mqT/qRtcRl/YWzkt/1Gr16a2rivEeVIuI2KrepvzMYHc8AJwwW/Fx3V2gRvJvtG5EnKm7E8Bca9XdAY7Fzu7meivl26q+H6wO2vOxIEP5b7Uend8xaTrN6DEms3p8bUcnnpnQn6UZ9WGe5Pzbo/nfGLT303rHnf+sTMq/Pzj1qXFy/p3R/Eccaf4LdebfHpt/U+X8u0+Uf+cEP//lDwAAAADA6Zf//r9S8/7fhcNvyoF80v7f1Rn1AQAAAAAAAACO2mHH/3vE+H8AAAAwt8rv6qXfnN1fNulabOXy662Ip0bWBxomnSyzXHc/AAAAAAAAAAAAAKBJuoNjeK+3InoR8dTyclEU5U/VaP2kDnv7k67p2w9NVveLPAAADHx0duRc/lbEYkRcT9f66y0vLxfF4tJysVwsLeTPs/2FxWKp8r02T8tlC/0DfCDu9ovyly1Wblc17fvytPbR31feV7/oHKBjR6SX/jcnNNcUNgAkg3ejHe9Ip0xRPD3pwwcM8fw/hVZipe7HFfOv7ocpAAAAcPyKoiha6XLe59I+/3bdnQIAZiK//4/uFzhU3Z7QHnE0v1+tVqvVavWnqquK8R5Ui4jYqt6m/MxgOH4AOGG24uO6u0CN5N9o3Yh4ru5OAHOtVXcHOBY7u5vrrZRvq/p+kMZ3z8eCDOW/1dq7Xb79uOk0o8eYzOrxtR2deGZCf56dUR/mSc6/PZr/jUF7P6133PnPyqT8+3unzDVPzr8zmv+I05N/e2z+TZXz7z5R/h35AwAAAADAHMt//1+x/zdvMgAAAAAAAACcODu7m+v5vNe8//9zY9Zz/ufplPNvPWn+S2le/idazr89kv+XR9brVOYfvrn//P/37ub67+/967N5etD8F/JMKz2yWukR0Ur31Oqm6WG27nHbvU6/vKdeq93ppmN+it47cStux0ZcGlq3nf4/9tvXhtrLnvaG2i8PtXcfa78y1N5L1x0olnL7hViPn8TteHuvvWxbmLL9i1PaiyntOf+O1/9Gyvl3Kz9l/supvTUyLT38sP3Y8746HXc/b9z6/C8vHf/mTDHpyseD7Ts/6+5EDF5xzvTjZ3c37ly4f/PevTtrkSZDSy9HmhyxnH9v72dh//X/hUF7ft2vPl8ffth/4vznxXZ0Hz22q8r8X6jMl9v70oz7Voecfz/95PzfTu3jn/8nOf/OxPxfrqE/AAAAAAAAAAAAAAAA8EmKotg7RfSNiLiazv+p69xMAGC28vt/keTlarVarVarT19dVYz3erWIiL9Wb1N+ZvjFuF8GAMyz/0XEP+ruBLWRf4Pl6/2V0xfr7gwwU3ff/+BHN2/f3rhzt+6eAAAAAAAAAACfVh7/c7Uy/vOLEbEyst7Q+K9vxuphx//s5plHA4we8UDfE2y3+512Zbjx52NvfO4Lk8b/Ph+Pj/+dx8TtVLdjgt6U9v6U9oUp7Ytjl+6nNfZEj4qc//OV8c7L/M+NDL/ehPFfR8e8b4Kc//nK47nM/0sj61XzL347d/lvHXTF7WgP5X/x3ns/vXj3/Q9eufXezXc33t348ZW1tUtXrl69du3axXdu3d64NPj3eHo9B3L+eexrx4E2S84/Zy7/Zsn5fyHV8m+WnP8XUy3/Zsn558978m+WnH/+7iP/Zsn5v5Rq+TdLzv8rqZZ/s+zsbi6U+b+cavk3S37+fzXV8m+WnP8rqZZ/s+T8L6Ra/s2S87+Y6gPk7/Lwp0jOP+/h8vxvlpz/Wqrl3yw5/8upln+z5PyvpFr+zZLzfzXV8m+WnP/XUi3/Zsn5X021/Jsl5//1VMu/WXL+11It/2bJ+X8j1fJvlpz/N1Mt/2bJ+b+Wavk3S87/W6mWf7Pk/L+davk3S87/O6mWf7Pk/F9PtfybZf/6/2bMmDGTZ+p+ZQIAAAAAAAAAAAAARs3icOK6txEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+zw4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsHdvMXLd9R3Az+zF3nUIMRCCkxrYJCaEZMmu7cQX2jQmXBugFEgo9ILtetdmwTe8dgkUyaaBEgmjooqq6UNbQKiNVFVYFQ+0ojQPVS9PpX2gLxVVJaRGVUABFamtKFvNnP//vzOzszOz3vF69vw/Hyn57c6cmXPmzJnZ/e76uwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJrd/ob5z9SKoqj/1/jf9qJ4Qf3jyantjcted723EAAAAFiv/2v8//mb0gWH+rhR0zJ/94p//NrS0tJS8b7R3x3/wtJSumKqKMa3FkXjuujKv7+/1rxM8EQxURtp+nykx+pHe1w/1uP68R7Xb+lx/dYe10/0uH7FDlhhsvx5TOPOdjU+3F7u0uLmYrxx3a4Ot3qitnVkJP4sp6HWuM3S+PFioThZzBezLcuXy9Yay3/j9vq63lrEdY00rWtn/Qj5wSeOxW2ohX28q2Vdy/cZfe/1xdQPf/CJY398/rlbO82eu6Hl/srtvPuO+nZ+KlxSbmut2Jr2SdzOkabt3NnhORlt2c5a43b1j9u38/k+t3N0eTM3VPtzPlGMND7+VmM/jTX/WC/tp53hsv++syiKS8ub3b7MinUVI8W2lktGlp+fifKIrN9H/VB6cTG2puP09j6O0/qc29V6nLa/JuLzf3u43dgq29D8NH3vk1tWPO9rPU6j+qNe7bXSfgwO+rUyLMdgPC6+1XjQT3Y8BneFx/+Ju1Y/BjseOx2OwfS4m47BO3odgyNbRhvbnJ6EWuM2y8fg7pblRxtrqjXms3d1PwZnzp86O7P4sY+/duHU0RPzJ+ZP7929e3bvvn0HDhyYOb5wcn62/P9V7u3ht60YSa+BO8K+i6+BV7ct23yoLn1pcK/DiS6vw+1tyw76dTjW/uBqG/OCXHlMl6+NR+s7feLySLHKa6zx/Nyz/tdhetxNr8Oxptdhx68pHV6HY328DuvLnL2nv+9Zxpr+67QN1+prwfamY7D9+5H2Y3DQ348MyzE4EY6Lf71n9a8FO8P2Pjm91u9HRlccg+nhhvee+iXp+/2JA43R6bi8rX7FDVuKC4vz5+57/Oj58+d2F2FsiJc0HSvtx+u2psdUrDheR9Z8vB5aeMWTt3W4fHvYVxOvrf9vYtXnqr7M/fd1f64aX90678+WS/cUYQzYRu/PTl/N6/szZcku+7O+zKdm1v+9eMqlTe+/46u8/8bc/5NyfemunhgdHytfv6Np74y3vB+3PlVjjfeuWmPdz8/09348Hv7b6Pfjm7u8H+9oW3bQ78fj7Q8uvh/Xev20Y33an8+JcJycnO3+flxfZseetR6TY13fj+8Msxb2/2tCUki5qOnYWe24TesaGxsPj2ssrqH1ON3bsvx4yGb1dT295+qO07vvLO9rND26ZRt1nE61LTvo4zS9X612nNZ6/fTt6rQ/nxPhuLh5b/fjtL7MM/ev/71zMn7Y9N65pdcxOD66pb7N4+kgLN/vlybjMXhfcaw4U5ws5hrXbmkcT7XGuqYf6O8Y3BL+2+j3yh1djsG725Yd9DGYvo6tduzVxpbfSAao/fmcCMfFUw90Pwbry7xx/2C/d707XJKWafretf3na6v9zOu2seX7K67xz7zq2/k3+7v/bLa+zMkDa82Z3ffTveGSGzrsp/bX72qvqbliY/bTjrCdzx1YfT/Vt6e+zBcO9nk8HSqK4uJHHm78vDf8fuXPL3z7ay2/d+n0O52LH3n4+zce/9u1bD8Am99PyrGt/FrX9Jupfn7/DwAAAGwKMfePhJnI/wAAAFAZMffHfxWeyP8AAABQGTH3j4WZZJL/d7zxuYWfXCxSM38piNen3fBIuVzsuM6Gz6eWltUvf/gr8z/6y4v9rXukKIofP/IbHZff8UjcrtJU2M4rb2q9fOUNL/a1/iOPLS/X3F//Yrj/+Hj6PQw6VXBni6L4xk2fa6xn6v2XG/OZR4405rsvPflEfZnnD5afx9s/+5Jy+T8I5d9Dx4+23P7ZsB++G+bs2zrvj3i7r15+zc79711eX7xd7Y4XNh72Ux8o7zf+nZzPP1EuH/fzatv/V599+qv15R9/VeftvzjSefufDvf7lTD/5+Xl8s3PQf3zeLtPh+2P64u3u+/L3+y4/Vc+Uy5/9s3lckfCjOu/O3y+683PLTTvr8drR1seV/GWcrm4/tlv/3bj+nh/8f7bt3/i8OWW/dF+fDzzz+X9zLQtHy+P64n+om399ftpPj7j+p/+rSMt+7nX+q+8+9mX1++3ff33ti032nb79r/Y9Ief/lzH9cXtOfRnZ1sez6F3hddxWP9THwjHY7j+f698rmW90ZF3tb7/xOW/uP1iy+OJ3vrDcv1XHjrRmP8x9aPfv+EFN77w0ivr+64ovvWe8v56rf/EH51p2f4v3XJP4/mI18eOfvv6VxPXf+6j06fPLF5YmGvaq42/nfP2cnu2Tkxuq2/vTeG9tf3zw2fOf3D+3NTs1GxRTFX3T+hdtS+H+f1yXFrr7e95LDyft/3eN7bd9U+fjZf/y6Pl5ZffVn7denVY7vPh8u3l87dUW+f6n7r9lsbru/ZM+XlLj30Adu76zwN9LRgef/v3BfF4P/vSDzb2Q/26xteN+Lpe5/Z/Z668n6+H/boU/jLzHbcsr695+fi3ES6/p3y9r3v/hbe5+Lz+SXi+3/Hd8v7jdsXH+53wfcw3d7S+38Xj4+sXR9rvv/FXPC6F95PiUnl9XCru78vP39Jx8+LfISku3dr4/HfS/dy6poe5msWPLc6cXDh94fGZ8/OL52cWP/bxw6fOXDh9/nDjb3ke/lCv2y+/P21rvD/Nze+7v5idLIriTDG7AW9Y12b76x/1t/1nHzs2t3/2rrn540cvHD//2Nn5cyeOLS4em59bvOvo8ePzH+11+4W5B3fvObh3/57pEwtzDx44eHDvwemF02fqm1FuVA/7Zj88ffrc4cZNFh+8/+DuBx64f3b61Jm5+Qf3z85OX+h1+8bXpun6rX99+tz8yaPnF07NTy8ufHz+wd0H9+3b0/OvAZ46e3xxaubchdMzFxbnz82Uj2XqfOPi+te+Xrenmhb/rfx+tl2t/EN8xTvv3Zf+PmvdVz656l2Vi7T9AdHnwt+i+YcXnT3Qz+cx94+HmWSS/wEAACAHMfdvCTOR/wEAAKAyYu7fGmYi/wMAAEBlxNw/EWaSSf7X/9f/76//X16v/59X///sR8pe6Wbv/8f+vP5/Hq5z/3/d69f/1/+vXv+///78Zt9+/X/9f1Yatv5/zP2TRZFl/gcAAIAcxNy/LcxE/gcAAIDKiLn/hjAT+R8AAAAqI+b+F4SZZJL/9f/76v/v6VW4qn7/3/n/9f+Lzdn/j0+O/n821ty/f++jLZ/q/wf6//r/+v/6//r/rNv4qtdcr/5/zP03hplkkv8BAAAgBzH3vzDMRP4HAACAyoi5/6YwE/kfAAAAKiPm/u1hJpnkf/1/5//X/9f/r3T/f73n/2/aGP3/zcH5/7vT/+/hqvv/E/r/m7H/Pz7Y7R/u/n/Pzdf/55oYtvP/x9z/ojCTTPI/AAAA5CDm/heHmcj/AAAAUBkx978kzET+BwAAgMqIuf/mMJNM8r/+v/6//r/+v/5/5/X3Pv9/+ZH+/3DR/+9O/78H5//Pq/8/4O0f7v7/oM//P/6m9tvr/9PJsPX/Y+5/aZhJJvkfAAAAchBz/y1hJvI/AAAAVEbM/S8LM5H/AQAAoDJi7t8RZpJJ/tf/1//X/9f/1//vvP7e/f+S/v9w0f/vTv+/B/1//X/9//76/x2++dX/p5Nh6//H3H9rmEkm+R8AAAByEHP/bWEm8j8AAABURsz9PxVmIv8DAABAZcTcvzPMJJP8r/+v/6//n1f//94t+v/6/9Wm/9+d/n8P+v/6//r/fZ7/f6W19P+39rozKmPY+v8x9788zCST/A8AAAA5iLn/FWEm8j8AAABURsz9rwwzkf8BAACgMmLunwozyST/6/9Xq///p3/91CsL/X/9/x7rH0T/vxYuHaL+fzwMhr7//5D+/zWl/9+d/n8P+v/6//r/G9L/Jx/D1v+Puf/2MJNM8j8AAADkIOb+O8JM5H8AAACojJj77wwzkf8BAACgMmLu3xVmkkn+1/+vVv8/0v/X/++2/o06//9YeD7Tcen8/87/vwH0/ztoepHq//eg/6//n33/P373q//PYAxb/z/m/leFmWSS/wEAACAHMfffVbT9Elf+BwAAgMpo5P5ionh1mIn8DwAAAJURc//dYSaZ5H/9/6vv/483faz/37r9+v+tcu3/b/D5/xP9/7zp/3e31v7/Fv1//X/9/8z6/+s7//9k+Fj/n2jY+v8x978mzCST/A8AAAA5iLn/njAT+R8AAAAqI/77zfLfvcr/AAAAUEUx90+HmWSS//X/nf8/p/5/Tf9/QP3/+Ij1/wv9/6Gj/9+d8//3oP+v/6//v67+v/P/027Y+v8x9782zCST/A8AAAA5iLn/vjAT+R8AAAAqI+b+mTAT+R8AAAAqI+b+2TCTTPK//r/+f079f+f/d/5//f/q0//vTv+/B/1//f+q9f+LQv+f62rY+v8x9+8OM8kk/wMAAEAOYu7fE2Yi/wMAAEBlxNy/N8xE/gcAAIDKiLn//jCTTPK//r/+v/6//r/+f+f16/9vTvr/3en/96D/r/9ftf6/8/9znQ1b/z/m/gfCTDLJ/wAAAJCDmPv3hZnI/wAAAFAZMffvDzMJ+b/Tv+sGAAAANpeY+w+EmWTy+3/9/4r0/3/z71vWrf+v/99t/YPp/0/q/4ep/z9cKtr/b39ZXDX9/x70//X/9f/1/xmoYev/x9x/MMwkk/wPAAAAOYi5/3VhJvI/AAAAVEbM/T8dZiL/AwAAQGXE3P8zYSaZ5P/B9v8n9f+bZHX+/8nW7df/73x8VKv/7/z/+v/DqaL9/4GpVP9/RP9f/3+4tl//X/+fla59/z9+1F//P+b+B8NMMsn/AAAAkIOY+382zET+BwAAgMqIuf+hMBP5HwAAACoj5v5DYSaZ5H/n/9f/d/5//f9r0/9/qGg3jP3/+sGj/18t+v/dVar/7/z/+v9Dtv36//r/rDRs5/+Puf/1YSaZ5H8AAADIQcz9D4eZyP8AAABQGTH3vyHMRP4HAACAyoi5/41hJpnkf/1//X/9f/1/5//vvH79/81J/787/f8e9P/1//X/9f8ZqGHr/8fc/6Ywk0zyPwAAAOQg5v43h5nI/wAAAFAZMfe/JcxE/gcAAIDKiLn/rWEmmeR//X/9f/1//X/9/87r1//fnPT/u9P/70H/X/9f/1//n4Eatv5/zP0/F2aSSf4HAACAHMTc/0iYifwPAAAAlRFz/9vCTOR/AAAAqIyY+98eZpJJ/tf/38T9/zH9f/1//X/9/97rzY3+f3f6/z3o/+v/6//r/zNQw9b/j7n/HWEmmeR/AAAAyEHM/T8fZiL/AwAAQGXE3P/OMBP5HwAAACoj5v5fCDPJJP/r/2/i/n8lz/+/dLH5dhXr/9cX0/+/Xv3/+o30/7Og/9+d/n8PHfr/W/X/8+r/L4V3ef1//X8GYtj6/zH3vyvMJJP8DwAAADmIuf/dYSbyPwAAAFRGzP3vCTOR/wEAAKAyYu5/NMwkk/yv/59l/z895OHr/692/v/JxnWbvP/v/P/O/6//vwGq2/9f8111pP/fg/P/6/87/7/+PwM1bP3/mPsfCzPJJP8DAABADmLuf2+YifwPAAAAlRFz/y+Gmcj/AAAAUBkx978vzCST/K//n2X/f4jP/79a/3+znv9/rCgml9eTU/9/oun5TMel/r/+/waobv9/MPT/e9D/1/8f5v5/OJonV7m9/j/DaNj6/zH3vz/MJJP8DwAAADmIuf+XwkzkfwAAAKiMmPt/OcxE/gcAAIDKiLn/V8JMMsn/+v/6//r/zv/v/P+d16//vznp/3en/9+D/r/+/zD3/3vQ/2cYDVv/P+b+Xw0zWTX4ff+/+niYAAAAwBCJuf8DYSaZ/P4fAAAAchBz/+EwE/kfAAAAKiPm/iNhJpnkf/3/9v5/PKOq/r/+v/6//r/+/2Y0uP7/y24sCv3/yvT/J/rcAP1//X/9f/1/BmrY+v8x9x8NM8kk/wMAAEAOYu7/tTAT+R8AAAAqI+b+Y2Em8j8AAABURsz9c2EmmeT/69j/Hx/O/r/z/19t///H+v/6/4H+f2f6/xvD+f+7y7b/3y/9f/1//X/9fwZq2Pr/MffPh5lkkv8BAACgwtKPg2PuPx5mIv8DAABAZcTcfyLMRP4HAACAyoi5/4NhJpnkf+f/1/93/v/r0f8fa1le/7+k/6//Pwj6/93p//eg/6//r/+v/89ADVv/P+b+hTCTTPI/AAAA5CDm/g+Fmcj/AAAAUBkx9384zET+BwAAgMqIuf9kmEkm+V//X/8/9/5/rSguOf+//n+n9ev/b076/93p//eg/6//r/+v/89ADVv/P+b+U//P3n002XVWexw+9pUVbtWty0fwmBFDGJmPwJQZVYzJJgdZ5Awm52CyyTmDyTnnbHKOJhqqRLm11pK6z+m9JfXuPnu/7/NM1m2V+p7TVlvwp+tXO27pZP8DAABAD3L33zNusf8BAACgGbn77xW32P8AAADQjNz9945bOtn/+n/9f+/9/2orz//f/fv1/+fo//X/U1jr749t/n37ReH79v93uOO1d9P/6//1/4P0//p//T97za3/z91/n7ilk/0PAAAAPcjdf9+4xf4HAACAZuTuv1/cYv8DAABAM3L3Xxu3dLL/9f/6f/2//n9X/3+T/l//v2ye/z9M/z9C/6//1//r/5nU3Pr/3P33j1s62f8AAADQg9z9D4hb7H8AAABoRu7+B8Yt9j8AAAA0I3f/g+KWTva//l//r/9fSv9/3PP/93w9+n/9/yb6/2H6/xH6f/2//l//z6Tm1v/n7n9w3NLJ/gcAAIAe5O5/SNxi/wMAAEAzcvc/NG6x/wEAAKAZufsfFrd0sv/1//p//f9S+v8jev6//l//v3A3rM7/naD/X6f/HzHS/69W+v8hF93Pb/7ylvP+96H/1/+zbm79f+7+h8ctd16tjl/uFwkAAADMSu7+R8Qtnfz8HwAAAHqQu/903GL/AwAAQDNy918Xt3Sy//X/+n/9v/5f/7/59fX/y+T5/8MO3v/f/nb3uHu//X8zz/8/u+m/uWy/nz+obb//6fv/274z9P8s29z6/9z9Z+KWTvY/AAAA9CB3/yPjFvsfAAAAmpG7/1Fxi/0PAAAAzcjd/+i4pZP9r/9vrf//n12fd0H/v1O76P/1//p//X/r9P/DPP9/xM5fc6fqw2b7/31su59f+vv3/H/9P+vm1v/n7n9M3NLJ/gcAAIAe5O5/bNxi/wMAAEAzcvc/Lm6x/wEAAKAZufsfH7d0sv/1/631/7s/z/P/9f+bXl//r/9vmf5/mP5/RCvP/7/M75pt9/MHte33r//X/7Nubv1/7v4nxC2d7H8AAADoQe7+J8Yt9j8AAAA0I3f/k+IW+x8AAACakbv/yXFLJ/tf/6//X0b/n6+g/9f/H37/n/T/y/O/+v9R+v8RrfT/l2nb/fzS37/+X//Purn1/7n7nxK3dLL/AQAAoAe5+58at9j/AAAA0Izc/U+LW+x/AAAAaEbu/qfHLZ3sf/2//n8Z/b/n/+v/Pf9f/39x9P/D9P8j9P/6f/2//p9Jza3/z91/fdzSyf4HAACAHuTuf0bcYv8DAABAM3L3PzNusf8BAACgGbn7nxW3dLL/9f/6f/2//l//v/n19f/LpP8fpv8fof/X/+v/9f9Makb9/wWfdXL17Lilk/0PAAAAPcjd/5y4xf4HAACAZuTuf27cYv8DAABAM3L3Py9u6WT/6/9n0//v5Hxt9f+nVquV/n/Vaf9/6oI/z/q+1P/r/4+A/n+Y/n+E/l//r//X/zOpGfX/Ox/n7n9+3NLJ/gcAAIAe5O5/Qdxi/wMAAEAzcve/MG6x/wEAAKAZuftfFLd0sv/1/7Pp/3e01f97/v/e74+e+n/P/1+n/z8a+v9h+v8R+n/9v/5f/8+k5tb/5+5/cdx0/KrL/hIBAACAmcnd/5K4pZOf/wMAAEAPcve/NG6x/wEAAGChrl/7ldz9L4tbOtn/+v9p+//jF/ya/l//v/f7Q/+v/9f/Hz79/zD9/wj9v/5f/6//Z1Jz6/9z9788bulk/wMAAEAPcvffELfY/wAAANCM3P2viFvsfwAAAGhG7v5Xxi2d7H/9v+f/6//1//r/za+v/18m/f8w/f8I/b/+f7v9/4nz/6f+nzZcQv9/9uzZ04fe/+fuf1Xc0sn+BwAAgCbt+Vlp7v5Xxy32PwAAADQjd/9r4hb7HwAAAJqRu/+1cUsn+1//32n/n9/qy+r/r1ut9P/6f/2//n+Y/n+Y/n+E/l//7/n/+n8mNbfn/+fuf13c0sn+BwAAgB7k7r8xbrH/AQAAoBm5+18ft9j/AAAA0Izc/W+IWzrZ//r/Tvt/z//X/+v/j7r/v3Wl/z8Si+j/T+3/+nPv/8/o//X/A7rr/+9yp10f6v/1/6ybW/+fu/+NcUsn+x8AAAB6kLv/TXGL/Q8AAADNyN3/5rjF/gcAAIBm5O5/S9x0rJP9r//X/+v/9f/6/82vf8TP/z++Wq30/xNYRP8/YO79/zTP/9/7b/l5+n/9/5Lfv/5f/8+6ufX/ufvfGrd0sv8BAACgB7n73xa32P8AAADQjNz9b49b7H8AAABoRu7+d8Qtnex//b/+X/+v/59V/3/FIfT/ZxbR/3v+/0T0/8Pm0f/vT/+v/1/y+9f/6/+5eNvq/3P3vzNu6WT/AwAAQA9y978rbrH/AQAAoBm5+98dt9j/AAAA0Izc/e+JWzrZ//p//f+l9P/5Pnvr/0/F72u1/z8xp/5/5++Zk7v+/3Xy/H/9/0T0/8P0/yP0//p//f/1+n+mNLfn/+fuf2/c0sn+BwAAgB7k7n9f3Pqfbu1/AAAAaEbu/vfHLfY/AAAANCN3/wfilk72v/5f/+/5/57/P6vn/58+hOf/6/+7ov8fpv8fof/X/+v/Pf+fSc2t/8/d/8G4pZP9DwAAAD3I3f+huMX+BwAAgGbk7v9w3GL/AwAAQDNy998Ut3Sy//X/+n/9v/5f/3/uz1D/3wb9/7Cj6f9P6f/1/9XPXxH/Fuj/9f9jn0+b5tb/5+7/SNzSyf4HAACAHuTu/2jcYv8DAABAM3L3fyxusf8BAABgkY5t+LXc/R+PWzrZ//p//b/+f8L+/8qV/n+h/f+m19f/L9NW+v/8ptD/e/5/6Kf/v3rXR9t+/v+xS3z/e//zaxv9/wXrQ/9Pk+bW/+fu/0Tc0sn+BwAAgB7k7v9k3GL/AwAAQDNy938qbrH/AQAAoBm5+z8dt/Sw//9P/7/S/x+k/z+j//f8f/2//n9uPP9/mP5/hP5/q8/PX/r79/x//T/r5tb/5+7/TNzSw/4HAACATuTu/2zcYv8DAABAM3L3fy5usf8BAACgGTu7P+OyDve//l//7/n/+n/9/+bX1/8vk/5/mP5/hP5f/6//1/8zqbn1/5/f+ayTqy/ELZ3sfwAAAOhB7v4vxi32PwAAADQjd/+X4hb7HwAAAJqRu//LcUsn+1//r/9fRv9/9uzZ0/p//f/ur+d8/3+z/p+i/x+m/x+h/9f/6//1/0xqbv1/7v6vxC2d7H8AAADoQe7+r8Yt9j8AAAA0I3f/1+IW+x8AAACakbv/63FLJ/tf/z+D/v+k/t/z//X/K8//1/9PRP8/TP8/osX+/+TFf/nb7ucPatvvX/+v/2fd3Pr/3P3fiFs62f8AAADQg9z934xb7H8AAABoRu7+b8Ut9j8AAAA0I3f/t+OWTva//v/o+v/b/tn18vz/U6vN71//r//X/+v/D5v+f5j+f0SL/f8l2HY/v/T3r//X/7Nubv1/7v7vxC27h99Vl/ZVAgAAAHOSu/+7cUsnP/8HAACAHuTu/17cYv8DAABAM3L3fz9u6WT/6/9n8Pz/Bvt/z//f/P2h/591/3+l/r8N+v9h+v8R+n/9v/5/ov4/v5v1/72bW/+fu/8HcUsn+x8AAAB6kLv/h3GL/Q8AAADNyN3/o7jF/gcAAIBm5O6/OW65YP9vartbof/X/+v/9f/6/82vr/9fJv3/sIvt/0+sDtb/J/2//l//32v/7/n/nDO3/j93/4/jFj//BwAAgMW5ap9fz93/k7jF/gcAAIBm5O7/adxi/wMAAEAzcvf/LG655cptvaUjpf/X/+v/9f/6/82vr/9fJv3/MM//H6H/n6Kfv0b/30b/v1rp/zm4ufX/uft/Hrf4+T8AAAA0I3f/L+IW+x8AAACakbv/l3GL/Q8AAADNyN3/q7ilk/2v/9f/H7D/30kz9f/n6P/P0f9vpv8/Gvr/Yfr/Efp/z//X/3v+P5OaW/+fu//XcUsn+x8AAAB6kLv/N3GL/Q8AAADNyN3/27jF/gcAAIBm5O7/XdzSyf6ftP+/MSrsi+n/4x+1/n/x/b/n/+v/9f/6/1nR/w/T/4/Q/+v/9f/6fyY1t/4/d//v45ZO9j8AAAD0IHf/H+IW+x8AAACakbv/j3GL/Q8AAADNyN3/p7ilk/3v+f/6f/2//l//v/n19f/LpP8fpv/frP6g9P/6f/2//p9Jza3/z93/57ilk/0PAAAAPcjd/5e4xf4HAACAZuTuvyVusf8BAACgGbn7/xq3dLL/9f/6f/2//l//v/n19f/LNKv+/5j+/8LPvev/j7+s5/9vvf/Pt6D/1//r/5nE3Pr/3P1/i1s62f8AAADQg9z9f49b7H8AAABoRu7+f8Qt9j8AAAA0I3f/P+OWTvb/SP9/on6j/n+Q/n/3+9f/b/7+0P/r//X/h29W/b/n/y/m+f9F/+/5//p//T+Tmlv/n7v/X3FLJ/sfAAAAepC7/9a4xf4HAACAZuTu/3fcYv8DAABAM3L3/ydu6WT/e/7/kvr/a/T/+n/9v/5f/z9C/z9M/z9C/6//v4T3f/Wej/X/+n/Wza3/z93/3wAAAP//tmNCRw==")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000240)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
ioctl$FS_IOC_FSGETXATTR(r0, 0x801c581f, 0x0)

1m46.848975121s ago: executing program 0 (id=66):
membarrier(0x2, 0x0)

1m46.440930934s ago: executing program 0 (id=68):
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, 0x0, 0x20000050)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000300)={0x200000, 0x200000, 0xfffffffe, 0x0, 0x0, 0x1})
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0xc, 0x20000ae, 0x2, 0x3, 0xc1f6, 0x3, 0x8000000000000005, 0x3, 0x8d000003})
openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x8042, 0x154)
capset(0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0x2, 0xfffffffe})
syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b)

1m46.071218223s ago: executing program 32 (id=68):
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, 0x0, 0x20000050)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000300)={0x200000, 0x200000, 0xfffffffe, 0x0, 0x0, 0x1})
quotactl$Q_SETQUOTA(0xffffffff80000801, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000100)={0xc, 0x20000ae, 0x2, 0x3, 0xc1f6, 0x3, 0x8000000000000005, 0x3, 0x8d000003})
openat$iommufd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x8042, 0x154)
capset(0x0, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0x2, 0xfffffffe})
syz_genetlink_get_family_id$ieee802154(0x0, 0xffffffffffffffff)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
socket$pppl2tp(0x18, 0x1, 0x1)
syz_genetlink_get_family_id$l2tp(0x0, 0xffffffffffffffff)
write$binfmt_script(r1, &(0x7f0000000040), 0x208e24b)

2.392719769s ago: executing program 2 (id=1356):
r0 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r0, &(0x7f00000007c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000640)=[{0x10}, {0x18, 0x110, 0xc, "f8"}], 0x28}, 0x0)

2.312779675s ago: executing program 2 (id=1357):
syz_genetlink_get_family_id$net_dm(0x0, 0xffffffffffffffff)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x75b08000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000340)=@abs={0x0, 0x0, 0x4e27}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0x3)
ioctl$TCSETSW2(r3, 0x80047456, 0x0)

1.911925832s ago: executing program 1 (id=1359):
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x48, &(0x7f0000000880)=0xfc0, 0x4)

1.842346362s ago: executing program 1 (id=1361):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000240)=ANY=[@ANYBLOB="180300000005000000000000000000001801000011af000000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000020000838500000073000000180100002020752500000000806020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000400000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000500)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10)
futex_waitv(&(0x7f0000000180)=[{0x0, &(0x7f0000000000), 0x2}], 0x1, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x5, 0x0, 0x0, &(0x7f0000000000), 0x0)

1.7545725s ago: executing program 1 (id=1365):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3804402, &(0x7f0000000240)={[{@user_xattr}, {@abort}, {@resuid}, {@user_xattr}, {@discard}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@nolazytime}, {@noinit_itable}, {@nomblk_io_submit}, {@nodelalloc}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40000}}]}, 0x1, 0x571, &(0x7f0000001980)="$eJzs3d1rW+UfAPDvSd/28ttvHYyhIlLYhZO5dG19meCFXooOB3o/S5uV0WQZTTrWOnC7cDfeiAgiDsRr9d7L4T/gXzHQwZBRFPEmcpKTLmuTNuuyNV0+Hzjt85xz0ud8c87z9PvkJCSAgTWR/shFPB8RXyYRh1u2DUe2caKx39r9a3PpkkSt9tGfSSTZuub+Sfb7YFZ5LiJ+/TziZG5zu5WV1cXZYrGwlNUnq6XLk5WV1VMXS7MLhYXCpemZmTOvz0y/9eYbPYv1lXN/f/vh7ffOfHF87Zuf7x6pH9X/sm2tcTyG662ViZjInpOReGfDjlM9aKyfJLt9AOzIUNbPRyIdAw7HUNbrgWffZxFRAwZUms3X/m8YgMHTzAOac/sezYP3jHvvNiZAm+Mfbrw2Evvqc6MDa8lDM6N0vjveg/bTNn7549ZX6RK9ex0CYFvXb0TE6eHhzeNfko1/O3e6i302tmH8g6fndpr/vNou/8mt5z/RJv852Kbv7sT2/T93twfNdJTmf2+3zX/Xb1qND2W1Q/WcbyS5cLFYSMe2dNJ8IkbG0vpW93POrN2pddo2EaMR0cj/0iVtv5kLZsdxd3js4cfMz1ZnHyfmVvduRLzQNv9N1s9/0ub8p8/HuS7bOFa49VKnba35b/v4n6zaDxEvtz3/D+5oJVvfn5ysXw+Tzatis79uHvutU/u7HX96/g804v8nmxJujH88ab1fW3n0Nr7f92+h07bt429//Y8mH9fLo9m6q7PV6tJUxGjyweb10w8e26w390/jP3F86/Gv3fW/PyI+6TL+m0d/enHn8T9ZafzzW1//G87/oxfuvP/pd53a7+78v1YvncjWdDP+dXuAj/PcAQAAAAAAQL/J1T8Dm+Ty6+VcLp9vvL/jaBzIFcuV6skL5eVL843Pyo7HSK55p/twy/shprL3wzbr0xvqMxFxJCK+Htpfr+fnysX53Q4eAAAAAAAAAAAAAAAAAAAA+sTBDp//T/0+tNtHBzxxvvIbBte2/b8X3/QE9CX//2Fw6f8wuPR/GFz6Pwwu/R8Gl/4Pg0v/h8Gl/wMAAAAAAAAAAAAAAAAAAAAAAAAAAEBPnTt7Nl1qa/evzaX1+Ssry4vlK6fmC5XFfGl5Lj9XXrqcXyiXF4qF/Fy5tN3fK5bLl6emY/nqZLVQqU5WVlbPl8rLl6rnL5Z+PBRRGHkqUQEAAAAAAAAAAAAAAAAAAMDeUllZXZwtFgtLCvXCWPTFYeyhwvBTbrQ21rhy+yH2Z7mw2yMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADzwXwAAAP//4GIwiQ==")

1.642870958s ago: executing program 1 (id=1368):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000000)='highspeed\x00', 0xa)
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x3, @loopback, 0x8}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f00000000c0)="b2", 0x1, 0x24008844, &(0x7f0000000080)={0xa, 0x2, 0x80398, @empty, 0xfffffffe}, 0x1c)
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000009c0)={{0x12, 0x1, 0x250, 0x0, 0x0, 0x0, 0x20, 0x1477, 0x1021, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0x6, 0x0, 0x4, [{{0x9, 0x4, 0x0, 0x8, 0x2, 0x3, 0x1, 0x0, 0x7, {0x9, 0x21, 0x200, 0xc, 0x1, {0x22, 0x5d1}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0x3, 0x6, 0x7}}}}}]}}]}}, 0x0)
shutdown(r0, 0x1)

1.420474873s ago: executing program 2 (id=1372):
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}, {0x77359400}}, 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r1, 0x8933, 0x0)
connect$can_bcm(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x100, 0x0)
ptrace(0x5d93520a0fc74dee, 0xffffffffffffffff)

1.228203443s ago: executing program 2 (id=1373):
syz_mount_image$exfat(&(0x7f00000005c0), &(0x7f0000000240)='./file0\x00', 0x3000050, &(0x7f0000000600)=ANY=[], 0x2, 0x14fe, &(0x7f0000002180)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==")
ioctl(0xffffffffffffffff, 0x2, &(0x7f0000000440))
fsmount(0xffffffffffffffff, 0x0, 0x8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mount$nfs(&(0x7f0000000100)='\xd2\xa6.', 0x0, 0x0, 0x44, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
creat(&(0x7f0000000100)='./file3\x00', 0x0)

985.067219ms ago: executing program 2 (id=1374):
r0 = socket$inet6(0xa, 0x2, 0x0)
inotify_init()
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r1}, 0x18)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0)
epoll_create(0x3ff)
epoll_create1(0x80000)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
r5 = syz_open_dev$vcsa(&(0x7f0000000380), 0x7b95b611, 0x802)
writev(r5, &(0x7f00000003c0)=[{&(0x7f0000000000)='x', 0xf9f}, {&(0x7f00000001c0)='\x00\x00\x00\x00', 0x4}, {&(0x7f0000000400)='!', 0x1}], 0x3)
sendmmsg$inet(r0, &(0x7f0000004880)=[{{&(0x7f0000000040)={0x2, 0x4e23, @local}, 0x10, 0x0, 0x0, &(0x7f0000000380)=[@ip_retopts={{0x24, 0x0, 0x7, {[@timestamp_addr={0x44, 0x14, 0x6, 0x1, 0x0, [{@broadcast, 0x401}, {@multicast1}]}]}}}], 0x28}}], 0x1, 0x4000080)

432.689958ms ago: executing program 1 (id=1376):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000640)=ANY=[@ANYRES16=0x0, @ANYRESDEC, @ANYRES32, @ANYRESOCT, @ANYBLOB="013ced044bdd1d80c6a59bca5c1f9d57c0bf983de420f461a7414616093c243234af9243259143a1df24ac0219d7c378a66c310c8b4a0a5be52831340548247ed220c3c9fbc83337fa0b63b0a54e73ff5f9b6625b0faa1fb755e1af638d96ec92d0802aa01c49d12703c6452c7b0edad1ecfdc926cf6ee88d55c25512d52b43a773f9cd35d70e03d69b2af2ead1c39ef1c55"], 0xfa, 0x6260, &(0x7f0000000740)="$eJzs3c9vHGf9B/DP/vSPfJtaPVT9Rgi5aflRSpM4KSFQoO0BDlx6QLmiRK5bRaSAkoDSyiKufOHAib8AhMQRIY6IQ/+AHrhy48SJSDYSqCcGjfd54tnNbteu45215/WS7JnPPDP2M37v7A/vzD4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMT3v/eDtVZE3Ph5WrAS8X/RiWhHLJX1akQsra7k9bsR8VzsNcezEdFbiCi33/v2dMSrEfHx2Yid3c31cvHlA/bju3/82+9+eOatv/6hd/E/f7rXeW3Sevfv/+rff35wtH0GAACApimKomill/nn0uv7dt2dAgBmIj/+F0lefurrX//jrb/MU3/UarVarZ5BXVWM96BaRMRWdZvyOYO34wHghNmKT+ruAjWSf6N1I+JM3Z0A5lqr7g5wLHZ2N9dbKd9W9fFgddCezwUZyn+r9ej6jknTaUbPMZnV7Ws7OvHMhP4szagP8yTn3x7N/8agvZ/WO+78Z2VS/v3BpU+Nk/PvjOY/4vTk3x6bf1Pl/LuHyr8jfwAAAAAAmGP5//8rNb//u3D0XTmQT3v/d3VGfQAAAAAAAACAJ+2o4/89Yvw/AAAAmFvla/XSb87uL5v0WWzl8uutiKdG1gca5qPBZLnufgAAAAAAAAAAAABAk3QH5/Beb0X0IuKp5eWiKMqvqtH6sI66/UnX9P2HJqv7Th4AAAY+PjtyLX8rYjEirkd777P+esvLy0WxuLRcLBdLC/n5bH9hsViqvK7N03LZQv8AT4i7/aL8YYuV7aqmvV6e1j7688rf1S86B+jYE9JLf80JzTWFDQDJ4NFoxyPSKVMUT0968gFDHP+n0Eqs1H27Yv7VfTMFAAAAjl9RFEUrDfN3Lo3v1667UwDATOTH/9H3BQ5UR4xvbx9yfbVarVar1TOpq4rxHlSLiNiqblM+ZzAcPwCcMFvxSd1doEbyb7RuRDxXdyeAudaquwMci53dzfVWyrdVfTxYHbTnc0GG8t9q7W2Xtx83nWb0HJNZ3b62oxPPTOjPszPqwzzJ+bdH878xaO+n9Y47/1mZlH9/75K55sn5d0bzH3F68m+Pzb+pcv7dQ+XfkT8AAAAAAMyx/P//Fe//5l0GAAAAAAAAgBNnZ3dzPV/3mt///9yY9Vz/eTrl/FuHzX8pzcv/RMv5t0fy//LIep3K/MM394//f+1urv/+3j//P08Pmv9CnmmlW1Yr3SJa6Te1uml6lL173Hav0y9/U6/V7nTTOT9F7524FbdjIy4NrdtOf4/99rWh9rKnvaH2y0Pt3cfarwy199LnDhRLuf1CrMdP4na8vddeti1M2f/FKe3FlPacf8f9fyPl/LuVrzL/5dTeGpmWHn7Yfuy4r07H/Z43bn3+l5eOf3em2o7Oo32rKvfvfA392fubnOnHz+5u3Llw/+a9e3fWIk2Gll6ONHnCcv69va+F/fv/Fwbt+X6/erw+/LB/6PznxXZ0J+b/QmW+3N+XZty3OuT8++kr5/92ah9//J/k/Ccf/y/X0B8AAAAAAAAAAAAAAAD4NEVR7F0i+kZEXE3X/9R1bSYAMFv58b9I8nK1Wq1Wz0sdK3vf56Y/6pNcVxXjvV4tIuKj6jblc4ZfjPthAMA8+29E/L3uTlAb+TdY/ry/cvpi3Z0BZuru+x/86Obt2xt37tbdEwAAAAAAAADgs8rjf65Wxn9+MSJWRtYbGv/1zVg96vif3TzzaIDRJzzQ9wTb7X6nXRlu/PnYG5/7wqTxv8/H4+N/5zFxO9X9mKA3pb0/pX1hSvvi2KX7aY290KMi5/98ZbzzMv9zI8OvN2H819Ex75sg53++cnsu8//SyHrV/Ivfzl3+WwddcTvaQ/lfvPfeTy/eff+DV269d/PdjXc3fnxlbe3SlatXr127dvGdW7c3Lg2+H0+v50DOP4997TzQZsn558zl3yw5/y+kWv7NkvP/Yqrl3yw5//x8T/7NkvPPr33k3yw5/5dSLf9myfl/JdXyb5ad3c2FMv+XUy3/ZsnH/1dTLf9myfm/kmr5N0vO/0Kq5d8sOf+LqT5A/j4e/hTJ+ed3uBz/zZLzX0v1lPyXZtUvZiPnfznVjv9myflfSbX8myXn/2qq5d8sOf+vpVr+zZLzv5pq+TdLzv/rqZZ/s+T8r6Va/s2S8/9GquXfLDn/b6Za/s2S838t1fJvlpz/t1It/2bJ+X871fJvlpz/d1It/2bJ+b+eavk3y/7n/5sxY+aUzfTjM29e9z0TAAAAAAAAAAAAADBqFich172PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/YwcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2LvXGLnO8g7gZ/bmtUOwgRCc1MDaMcY4S3Z9iS+0LiYQLgFKgYRCL9iud20WfMNrl0CRbBookTAqqqiafmgLKGojVRVWxQdapTQfql4+kfYD/VJRVUJqVJkooCK1Fc1WM+d9X8/Mzs6MveP12XN+Pyl5dmfOmfPOmfecnWfX/zkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzTa/dfaLtSzL6v81/rchy15S/3rtxIbGbW+61SMEAAAAluv/Gv9/YX264VAfKzUt8/ev+e63FhYWFrIPD//e6FcXFtIdE1k2uibLGvdFV/79I7XmZYLHsvHaUNP3Qz02P9zj/pEe94/2uH+sx/1retw/3uP+RTtgkbX572MaD7a18eWGfJdmd2Sjjfu2dljrsdqaoaH4u5yGWmOdhdHj2Vx2MpvNpluWz5etNZZ/enN9W+/M4raGmra1qT5DfvTZY3EMtbCPt7Zs69pjRj98Szbx4x999tifnL96V6facze0PF4+zu1b6uP8fLglH2stW5P2SRznUNM4N3V4TYZbxllrrFf/un2cL/Q5zuFrw1xR7a/5eDbU+PrZxn4aaf61XtpPm8Jt/31PlmWXrg27fZlF28qGsnUttwxde33G8xlZf4z6VHp5NnJd83RzH/O0Xme2ts7T9mMivv6bw3ojS4yh+WX64efGFr3u1ztPo/qzXupYaZ+Dgz5WijIH47x4tvGkH+84B7eG5//ZbUvPwY5zp8McTM+7aQ5u6TUHh8aGG2NOL0Ktsc61ObizZfnhxpZqjfrctu5zcOr8qbNT85/+zBvnTh09MXti9vTunTund+/du3///qnjcydnp/P/3+DeLr512VA6BraEfRePgde3Lds8VRe+PrjjcLzLcbihbdlBH4cj7U+utjIH5OI5nR8bD9d3+vjloWyJY6zx+uxY/nGYnnfTcTjSdBx2/JnS4Tgc6eM4rC9zdkd/71lGmv7rNIab9bNgQ9McbH8/0j4HB/1+pChzcDzMi3/dsfTPgk1hvI9PXu/7keFFczA93XDuqd+S3u+P72+UTvPy7vodt41lF+Znz9336NHz58/tzEJZEa9omivt83Vd03PKFs3Xoeuer4fmXvP43R1u3xD21fgb6/8bX/K1qi+z577ur1Xjp1vn/dly664slAFb6f3Z6ad5fX+mXrLL/qwv8/mp5b8XT31p0/l3dInzb+z7X8y3lx7qseHRkfz4HU57Z7TlfNz6Uo00zl21xrZfmOrvfDwa/lvp8/EdXc7HG9uWHfT5eLT9ycXzca3XbzuWp/31HA/z5OR09/NxfZmNu653To50PR/fE2ot7P83hE4h9UVNc2epeZu2NTIyGp7XSNxC6zzd3bL8aOjN6tt6ateNzdPt9+SPNZye3TUrNU8n2pYd9DxN56ul5mmt12/fbkz76zke5sUdu7vP0/oyz+xZ/rlzbfyy6dw51msOjg6P1cc8miZhfr5fWBvn4H3ZsexMdjKbadw71phPtca2Ju/vbw6Ohf9W+ly5scsc3N627KDnYPo5ttTcq40sfvID0P56jod58cT93edgfZm37Rvse9ft4Za0TNN71/bfry31O6+723bTzfydV32cf7uv++9m68uc3H+9fWb3/XRvuOW2Dvup/fhd6piayVZmP20M47y6f+n9VB9PfZmvHuhzPh3KsuziJx9o/L43/H3lLy5871stf3fp9Dedi5984Pnbj//d9YwfgNXvxbysy3/WNf1lqp+//wMAAACrQuz7h0JN9P8AAABQGrHvj/8qPNH/AwAAQGnEvn8k1KQi/f/Gt12de/FilpL5C0G8P+2Gh/LlYsZ1Onw/sXBN/fYHnpz9yV9d7G/bQ1mW/fSh3+y4/MaH4rhyE2GcVx5svX3xihf72v6RR64t15xf/1p4/Ph8+p0GnSK401mWPb3+y43tTHzkcqM+89CRRv3Apccfqy/zwoH8+7j+c6/Il//DEP49dPxoy/rPhf3wg1Cn3915f8T1vnn5DZv2feja9uJ6tS0vbTztJz6aP278nJyvPJYvH/fzUuP/6y899c368o++rvP4Lw51Hv9T4XGffPDqXH3G/c+r8+WbX4P693G9L4Txx+09Gda/7xvf6Tj+K1/Mlz/79ny5I6HG7W8P3299+9W55v31aO1oy/PK3pEvF7c//b3fadwfHy8+fvv4xw9fbtkf7fPjmX/OH2eqbfl4e9xO9Jdt268/TvP8jNt/6rePtOznXtu/8oHnXl1/3Pbt39u23HDb+u2f2PRHX/hyx+3F8Rz687Mtz+fQ+8NxHLb/xEfDfAz3/++VL7dsNzry/tbzT1z+axsutjyf6J0/zrd/5c0nGvU/Jn7yB7e95PaXXnptfd9l2bMfzB+v1/ZP/PGZlvF//c4djdcj3h8z+u3bX0rc/rlPTZ4+M39hbqZprzY+O+c9+XjWjK9dVx/v+nBubf/+8JnzH5s9NzE9MZ1lE+X9CL0b9o1Qn8/Lpetdf8cj4fW8+/efXrftn74Ub/+Xh/PbL787/7n1+rDcV8LtG/LXb6G2zO0/sfnOxvFdeyb/viXHPgCbtv7n/r4WDM+//X1BnO9nX/mxxn6o39f4uRGP62WO//sz+eN8O+zXhfDJzFvuvLa95uXjZyNc/mB+vC97/4XTXHxd/zS83u/9Qf74cVzx+X4/vI/5zsbW812cH9++ONT++I1P8bgUzifZpfz+uFTc35dfuLPj8OLnkGSX7mp8/7vpce66rqe5lPlPz0+dnDt94dGp87Pz56fmP/2Zw6fOXDh9/nDjszwPf7zX+tfOT+sa56eZ2b17sum1WZadyaZX4IR1c8Zf/6q/8Z995NjMvultM7PHj144fv6Rs7PnThybnz82OzO/7ejx47Of6rX+3MzBnbsO7N63a/LE3MzB/QcO7D4wOXf6TH0Y+aB62Dv9icnT5w43Vpk/uOfAzvvv3zM9eerMzOzBfdPTkxd6rd/42TRZX/s3Js/Nnjx6fu7U7OT83GdmD+48sHfvrp6fBnjq7PH5ialzF05PXZifPTeVP5eJ842b6z/7eq1POc3/W/5+tl0t/yC+7H337k2fz1r35OeWfKh8kbYPEL0aPovmH192dn8/38e+fzTUpCL9PwAAAFRB7PvHQk30/wAAAFAase9fE2qi/wcAAIDSiH3/eKhJRfp/+X/5//7y//n9g8z/d8rPZ33l/0fl/1co/3/2k3mudLXn/2N+Xv6/Gm5x/n/Z25f/l/8vX/6///z8ah+//L/8P4sVLf8f+/61WVbJ/h8AAACqIPb960JN9P8AAABQGrHvvy3URP8PAAAApRH7/peEmlSk/5f/7yv/v6tX4Kr8+f/BX///xvP/rv8v/5/rK/8fXxz5/8q47vz9hx5u+Vb+P5D/l/+X/5f/l/9n2UaXvOdW5f9j3397qElF+n8AAACogtj3vzTURP8PAAAApRH7/vWhJvp/AAAAKI3Y928INalI/y//7/r/8v/y/6XO/y/3+v9Ng5H/Xx1c/787+f8ebjj/Pz64/P/6pYcn/z/g8Y8OdvzFzv/3HL78PzdF0a7/H/v+l4WaVKT/BwAAgCqIff/LQ030/wAAAFAase9/RaiJ/h8AAABKI/b9d4SaVKT/X07+P2au5f/l/+X/c/L/uVLl/7te/z//Sv6/WOT/uyt//j9/P+P6/zemcvn/AY+/2Pn/QV//f/TB9vXl/+mkaPn/2Pe/MtSkIv0/AAAAVEHs++8MNdH/AwAAQGnEvv9VoSb6fwAAACiN2PdvDDWpSP/v+v/y//L/8v/y/5233zv/n5P/Lxb5/+7Kn/+/Vdf/l//P5P+rlf/v8OZX/p9Oipb/j33/XaEmFen/AQAAoApi3393qIn+HwAAAEoj9v0/E2qi/wcAAIDSiH3/plCTivT/8v/y//L/1cr/3zsm/y//X27y/93J//cg/y//L//f5/X/F7ue/P+aXg9GaRQt/x/7/leHmlSk/wcAAIAqiH3/a0JN9P8AAABQGrHvf22oif4fAAAASiP2/ROhJhXp/+X/y5X//7O/eeK1mfy//H+P7Zc0/x+ngfx/xcn/dyf/34P8v/z/Ks3/v+u7eV0t+X+qo2j5/9j3bw41qUj/DwAAAFUQ+/4toSb6fwAAACiN2PffE2qi/wcAAIDSiH3/1lCTivT/8v/lyv9H8v/y/922X9L8fyL/X23y/x00HaTy/z3I/8v/r9L8fzaw6//Hd7/y/wxG0fL/se9/XahJl8ZvsJ/EAwAAANxsse/fFmpSkb//AwAAQBXEvv/1oSb6fwAAACiN2PdvDzWpSP8v/y//L/8v/y//33n78v+r0+rK/69ZdEvRrv8/Jv8v/y//X7H8v+v/M1hFy//Hvv8NoSYV6f8BAACgCmLfvyPURP8PAAAApRH/5V3+7171/wAAAFBGse+fDDWpSP8v/y//X6X8f03+X/5f/r/0Vlf+f7Gi5f9d/1/+X/5f/l/+n+UoWv4/9v1vDDWpSP8PAAAAVRD7/vtCTfT/AAAAUBqx758KNdH/AwAAQGnEvn861KQi/b/8v/x/lfL/rv8v/y//X37y/93J//cg/1+q/H+Wyf/XBy//z61UtPx/7Pt3hppUpP8HAACAKoh9/65QE/0/AAAAlEbs+3eHmuj/AQAAoDRi378n1KQi/b/8v/y//L/8v/x/5+3L/69O8v/dyf/3IP+/Mvn/Tm+cVtP4l1DI/L/r/3OLFS3/H/v++0NNKtL/AwAAQBXEvn9vqIn+HwAAAEoj9v37Qk1C/3+T/nkSAAAAsIJi378/1KQif/+X/y9J/v+3/qFl2/L/8v/dtj+Y/P9a+f9Q5f+LpaT5//bD4obJ//cg/3/T8vPZ0ECGeMvGL/8v/8+NKVr+P/b9B0JNKtL/AwAAQBXEvv9NoSb6fwAAACiN2Pf/bKiJ/h8AAABKI/b9PxdqUpH+X/6/JPn/NvL/8v/dtu/6//L/ZVbS/P/AlCr/PyT/v5ry//3k51f7+OX/5f9Z7Obn/+NX/eX/Y99/MNSkIv0/AAAAVEHs+38+1ET/DwAAAKUR+/43h5ro/wEAAKA0Yt9/KNSkIv3/DeT/G3fK/7eS/28dv/x/5/lRrfz/m7N2Rcz/1yeP/H+5FDj/P9rP9uX/Xf9f/n9Fxt/+o2Yg45f/l/9nsaJd/z/2/W8JNalI/w8AAABVEPv+B0JN9P8AAABQGrHvf2uoif4fAAAASiP2/W8LNalI/+/6//L/8v/y/67/33n78v+rU4Hz/32R/5f/l/9fveOX/5f/Z7Gi5f9j3/9gqElF+n8AAACogtj3vz3URP8PAAAApRH7/neEmuj/AQAAoDRi3//OUJOK9P/y//L/8v/y//L/nbcv/786yf93J//fg/y//L/8v/w/A1W0/H/s+98ValKR/h8AAACqIPb9D4Wa6P8BAACgNGLf/+5QE/0/AAAAlEbs+98TalKR/l/+X/5f/l/+X/6/8/bl/1cn+f/uVib/P5oeRv5f/l/+X/5f/r/aipb/j33/e0NNKtL/AwAAQBXEvv8XQk30/wAAAFAase9/X6iJ/h8AAABKI/b9vxhqUpH+X/5f/r9Y+f+Fi83ryf/L/2eDyv/XV5L/rwT5/+5c/7+HDvn/NfL/8v/y//L/3LCi5f9j3//+UJOK9P8AAABQBbHv/0Coif4fAAAASiP2/R8MNdH/AwAAQGnEvv/hUJOK9P/y/5XM/6enXLz8v+v/95P/H1kv/5+5/r/8/xLk/7uT/+/B9f/l/+X/5f8ZqKLl/2Pf/0ioSUX6fwAAAKiC2Pd/KNRE/w8AAAClEfv+Xwo10f8DAABAacS+/8OhJhXp/+X/K5n/L/D1/8uW/x9pmR9Vuv7/eNPrmeal/L/8/wqQ/+9O/r8H+X/5/yLn/8NsXrvE+vL/FFHR8v+x7/9IqElF+n8AAACogtj3/3Koif4fAAAASiP2/b8SaqL/BwAAgNKIff+vhppUpP8vYf7/Uib/L/9fmPx/6/yoUv7f9f8Xk/9fGfL/3cn/9yD/L/9f5Px/D/L/FFHR8v+x7/+1UJMlG7/n/6uPpwkAAAAUSOz7PxpqUpG//wMAAEAVxL7/cKiJ/h8AAABKI/b9R0JNKtL/lzD/v8zr/8crqvbK/7deeVX+v3X88v9Zh/kxJP8v/y//vwIGl/9/1e1ZJv8v/y//L/8v/y//z3IULf8f+/6joSYV6f8BAACgCmLf/+uhJvp/AAAAKI3Y9x8LNdH/AwAAQOGNpERwd7Hvnwk1qUj/fwvz/6PFzP+X7fr/tfDYNz///1P5f9f/D+T/O5P/Xxmu/9+d/H8P8v/y//L/8v8MVNHy/7Hvnw01qUj/DwAAACWWfh0c+/7joSb6fwAAACiN2PefCDXR/wMAAEBpxL7/Y6EmFen/Xf+/7Pl/1/8vZv5/pGV5+f+c/L/8/yDI/3c3wPz/WByf/L/8fyT/L/8v/0+7ouX/Y98/F2pSkf4fAAAAqiD2/R8PNdH/AwAAQGnEvv8ToSb6fwAAACiN2Pf/P3v30WTXVfVx+NhYaQQfgbFHDGFkPgJTZlQxxUSTgyRyBpNzMBmTMybYYHLOOZicozHBUCXK0lpLat3b57bUR33P2ft5JgurLPeV3fit/6v6se8Xt3Sy//X/+v/e+//LhuGE9//1/+u+vv5/mfT/47z/v4H+X/+v/9f/M6m59f+5+6+OWzrZ/wAAANCD3P33j1vsfwAAAGhG7v4HxC32PwAAADQjd/8D45ZO9r/+X//fe/8/bOX9/51/vv7/DP2//n8KK/39Fev/vN2i8F37/7vd/Zr76P/1//r/Ufp//b/+n/PNrf/P3f+guKWT/Q8AAAA9yN3/4LjF/gcAAIBm5O5/SNxi/wMAAEAzcvdfE7d0sv/1//p//f8i+v/L8q9xyfv/m/T/+v9l8/7/OP3/Bvp//b/+X//PpObW/+fuf2jc0sn+BwAAgB7k7n9Y3GL/AwAAQDNy9z88brH/AQAAoBm5+x8Rt3Sy//X/+n/9/yL6/9tuOH7Y+//n/Xr0//r/dfT/4/T/G+j/9f/6f/0/k5pb/5+7/5FxSyf7HwAAAHqQu/9RcYv9DwAAAM3I3f/ouMX+BwAAgGbk7n9M3NLJ/tf/6//1/xP2/yeHYbhk/f+g/z/v16P/1/+vc91w9t8J+v9V+v8NNvT/w6D/H7Pnfn79L285n38X+n/9P6vm1v/n7n9s3HLPYTh8sb9IAAAAYFZy9z8ubunk9/8BAACgB7n7j8ct9j8AAAA0I3f/ibilk/2v/9f/6/+X8v6//l//r//fC+//j9t//3/lXa6+b7/9v/f/x3n/f+r+/47vDP0/yza3/j93/8m4pZP9DwAAAD3I3f/4uMX+BwAAgGbk7n9C3GL/AwAAQDNy9z8xbulk/+v/W+v/77Tj553T/5+uXfT/+v+L6f8P1V9J/6//nz/9/zjv/29w+l9zx+oP9f/6f+//6//Zn7n1/7n7nxS3dLL/AQAAoAe5+58ct9j/AAAA0Izc/U+JW+x/AAAAaEbu/qfGLZ3sf/1/a/3/zp/n/X/9/7qv7/1//X/LLq6/v7L+Zy70/6Hr/r+B9/8v8rtm2/38fm378+v/9f+smlv/n7v/aXFLJ/sfAAAAepC7/+lxi/0PAAAAzcjd/4y4xf4HAACAZuTuf2bc0sn+1//r/5fR/+dX0P/r/y99/5/0/8vk/f9x+v8NWun/L9K2+/mlf379v/6fVXPr/3P3Pytu6WT/AwAAQA9y9z87brH/AQAAoBm5+58Tt9j/AAAA0Izc/c+NWzrZ//p//f8y+n/v/+v/vf+v/98b/f84/f8G+n/9v/5f/8+k5tb/5+6/Nm7pZP8DAABAD3L3Py9usf8BAACgGbn7nx+3XMj+PzT1pwIAAACmlLv/BXFLJ7//r//X/+v/9f/6//VfX/+/TPr/cfr/DTrv/4cT+n/9v/6fac2o/z/nZx0dXhi3dLL/AQAAoAe5+18Ut9j/AAAA0Izc/S+OW+x/AAAAaEbu/pfELZ3s//b6/yNL7f9P53xt9f/HhmHQ/w+d9v/HzvnnWd+X+n/9/wHQ/4/T/2/Qef+/7X5+6Z9f/6//Z9WM+v/Tf5y7/6VxSyf7HwAAAHqQu/9lcYv9DwAAAM3I3f/yuMX+BwAAgGbk7n9F3NLJ/m+v//f+/zCb/t/7/+d/f/TU/3v/f5X+/2Do/8fp/zfQ/+v/9f/6fyY1t/4/d/8r46bDhy76lwgAAADMTO7+V8Utnfz+PwAAAPQgd/+r4xb7HwAAABbq2pUfyd3/mrilk/2v/5+2/z98zo/p//X/539/6P/1//r/S29Tf7/pb5n+P+j/9f/6f/2//p8JzK3/z93/2rilk/0PAAAAPcjdf13cYv8DAABAM3L3vy5usf8BAACgGbn7Xx+3dLL/9f/e/9f/6/839f9nn0PV/+v/58/7/+MW0f/frP/X/y/z80/Q/x85+x/1/7ThAvr/U6dOHb/k/X/u/jfELZ3sfwAAAOhB7v43xi32PwAAADQjd/+b4hb7HwAAAJqRu//NcUsn+1//32n/n9/qy+r/TwyD/t/7//p//f84/f+4RfT/3v/X/y/083v/X//Pqrm9/5+7/y1xSyf7HwAAAHqQu/+tcYv9DwAAAM3I3X993GL/AwAAQDNy978tbulk/+v/O+3/vf+v/9f/H3T/f/ug/z8Qi+j/j+3+9efe/5/U/+v/R3TX/9/rHjv+UP+v/2fV3Pr/3P1vj1s62f8AAADQg9z974hb7H8AAABoRu7+d8Yt9j8AAAA0I3f/u+KmKzrZ//p//b/+X/+v/1//9Q/4/f/DwzDo/yewiP5/xNz7/2ne/z//v+Vn6f/1/0v+/Pp//T+r5tb/5+5/d9zSyf4HAACAHuTuf0/cdMT+BwAAgGbk7n9v3GL/AwAAQDNy978vbulk/+v/9f/6f/1/8/3/yUX0/97/n4j+f9w8+v/d6f/1/0v+/Pp//T97t63+P3f/++OWTvY/AAAA9CB3/wfiFvsfAAAAmpG7/4Nxi/0PAAAAzcjd/6G4pZP9r//X/19I/5+fU//fVv9/ZHb9/9Edf71O3v/X/09E/z9O/7+B/l//r/+/Vv/PlOb2/n/u/g/HLZ3sfwAAAOhB7v4b4tb/69b+BwAAgGbk7v9I3GL/AwAAQDNy9380bulk/+v/9f/e/9f/N//+v/6/K/r/cfr/DfT/+n/9v/f/mdTc+v/c/R+LWzrZ/wAAANCD3P0fj1vsfwAAAGhG7v4b4xb7HwAAAJqRu/+muKWT/a//1//r//X/+v8z/wz1/23Q/487mP7/mP5f/1/9/GXx3wL9v/5/08+nTXPr/3P3fyJu6WT/AwAAQA9y938ybrH/AQAAoBm5+2+OW+x/AAAAWKQr1vxY7v5PxS2d7H/9v/5f/6//1/+v//r6/2XaSv+f3xT6f+//h376/7vu+KOlvf9//v/90v/r/5ne3Pr/3P2fjls62f8AAADQg9z9n4lb7H8AAABoRu7+z8Yt9j8AAAA0I3f/5+KWTva//l//r//X/+v/1399/f8yef9/nP5/A/3/Vt/PX/rn1//r/1k1t/4/d//n45ZO9j8AAAD0IHf/F+IW+x8AAACakbv/i3GL/Q8AAADNOL37My7rcP/r//X/+n/9v/5//dfX/y+T/n+c/n8D/b/+X/+v/2dSc+v/v3T6Zx0dvhy3dLL/AQAAoAe5+78St9j/AAAA0Izc/V+NW+x/AAAAaEbu/q/FLZ3s/733/6cG/f/u9P87P//0/f+pU6eO6//1/zt/PWf7/1v0/xT9/zj9/wb6f/2//l//z6Tm1v/n7v963NLJ/gcAAIAe5O7/Rtxi/wMAAEAzcvd/M26x/wEAAKAZufu/Fbd0sv+9/z+D/v+o/t/7//r/wfv/q/3/5Wf+paz/vzD6/3H6/w1a7P+P7v2Xv+1+fr+2/fn1//p/Vs2t/8/d/+24pZP9DwAAAD3I3f+duMX+BwAAgGbk7v9u3GL/AwAAQDNy938vbulk/+v/D67/v+PvXS/v/x8b1n9+/b/+X//v/f9LTf8/Tv+/QYv9/wXYdj+/9M+v/9f/s2pu/X/u/u/HLTuH36EL+1UCAAAAc5K7/wdxSye//w8AAAA9yN3/w7jF/gcAAIBm5O7/UdzSyf7X/8/g/f8G+3/v/6///tD/z7r/v1z/3wb9/zj9/wb6f/2//n+i/j+/m/X/vZtb/5+7/8dxSyf7HwAAAHqQu/8ncYv9DwAAAM3I3f/TuMX+BwAAgGbk7r8lbjln/69ru1uh/9f/6//1//r/9V9f/79M+v9xe+3/jwz76/+T/l//r//vtf/3/j9nzK3/z93/s7jF7/8DAADA4hza5cdz9/88brH/AQAAoBm5+38Rt9j/AAAA0Izc/b+MW269fFsf6UDp//X/+n/9v/5//dfX/y+T/n/cLN//v/7G+o/6/yb6/6v0/230/8Og/2f/5tb/5+7/Vdzi9/8BAACgGbn7fx232P8AAADQjNz9v4lb7H8AAABoRu7+38Ytnex//b/+f5/9/+k0U/9/hv7/DP3/evr/g6H/HzfL/v8c+v8m+n/v/zfS/3v/nynMrf/P3f+7uKWT/Q8AAAA9yN3/+7jF/gcAAIBm5O7/Q9xi/wMAAEAzcvf/MW7pZP9vrf+Pv9X6/8X3/97/1//r//X/s6L/H6f/30D/r//X/+v/mdTc+v/c/X+KWzrZ/wAAANCD3P1/jlvsfwAAAGhG7v6/xC32PwAAADQjd/9f45ZO9r/3//X/+n/9v/5//dfX/y+T/n+c/n+9+gel/9f/6//1/0xqbv1/7v6/xS2d7H8AAADoQe7+v8ct9j8AAAA0I3f/rXGL/Q8AAADNyN3/j7ilk/2v/9f/6//1//r/9V9f/79M+v9x2+z/733nzV/W+/9b7//zI+j/9f/6fyYxt/4/d/9tcUsn+x8AAAB6kLv/n3GL/Q8AAADNyN3/r7jF/gcAAIBm5O7/d9zSyf7f0P8fqT9R/z9K/7/z8+v/139/NNz/7whc9f/r6f8Phv5/3HLe/4+fr//fwfv/8/78+n/9P6vm1v/n7v9P3NLJ/gcAAIAe5O6/PW6x/wEAAKAZufv/G7fY/wAAANCM3P3/i1s62f/e/19S/3+V/l//P9f+fwf9/3r6/4Oh/x+3nP7f+//r6P/n/fn1//p/Vs2t/8/d//8AAAD//ym6NlQ=")
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='hugetlbfs\x00', 0x800007, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f00000002c0)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000340)='./file0\x00')

231.700857ms ago: executing program 3 (id=1377):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={0x0, 0xffffffffffffffff, 0x500, 0x0, 0x0}, 0x30)

231.567303ms ago: executing program 3 (id=1378):
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f00000000c0), 0x400, 0x0)
ioctl$RTC_WKALM_SET(r0, 0x4028700f, &(0x7f0000000000)={0x0, 0x3, {0x800001, 0x20000000, 0x7, 0x1b, 0x6, 0x22000060, 0x4, 0x15e, 0x1}})

180.714495ms ago: executing program 3 (id=1379):
r0 = syz_clone(0x20300000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
fchdir(r1)
capset(&(0x7f0000000240)={0x20071026}, &(0x7f0000000080)={0x200000, 0x200000})
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = syz_open_procfs(r0, &(0x7f0000000100)='io\x00')
preadv(r2, &(0x7f00000001c0)=[{&(0x7f0000000340)=""/230, 0xe6}], 0x1, 0x401, 0x9)

180.548623ms ago: executing program 1 (id=1380):
llistxattr(&(0x7f0000000200)='./file1\x00', 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f0000000940)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000080)="ab553fec94248c32e27d04000000288a", 0x10)
r4 = accept$alg(r3, 0x0, 0x0)
sendmsg$alg(r4, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@op={0x18, 0x117, 0x3, 0x1}, @assoc={0x18, 0x117, 0x4, 0x40}], 0x30}, 0x0)
write$binfmt_script(r4, &(0x7f0000000600), 0xfec8)
recvmmsg(r4, &(0x7f00000008c0)=[{{0x0, 0x0, &(0x7f00000005c0)=[{&(0x7f00000001c0)=""/200, 0xc8}, {&(0x7f0000000300)=""/225, 0xe1}], 0x2, 0x0, 0x0, 0x2000000}}], 0x1, 0xcb, 0x0)
getsockopt(0xffffffffffffffff, 0x200000000114, 0x8, 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_inet6_tcp_SIOCINQ(0xffffffffffffffff, 0x541b, &(0x7f0000000100))
sendmsg$IPSET_CMD_ADD(r5, 0x0, 0x80)

62.641949ms ago: executing program 3 (id=1381):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000000c0)={0x10, 0x8, &(0x7f0000000180)=ANY=[@ANYBLOB="180200000000000000000000000000008510000001000000950000000000000085100000020000008500000094000000950000000000000095"], &(0x7f0000000040)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0xa}, 0x94)

62.488506ms ago: executing program 3 (id=1382):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000090f00080000000000000000850000000e000000850000007d00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='sys_exit\x00', r0}, 0x10)
select(0x40, &(0x7f0000000100)={0x7, 0x4, 0x5, 0x10001, 0x1, 0x1, 0x4, 0xf6b}, &(0x7f0000000300)={0x6, 0x9, 0x6, 0x2f21, 0x4, 0x1000, 0x3ff, 0x3}, 0x0, 0x0)

244.081µs ago: executing program 2 (id=1383):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r1, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x0, @broadcast}, 0x10)
sendmmsg(r1, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)

0s ago: executing program 3 (id=1384):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, @vifc_lcl_addr=@local, @dev}, 0x10)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, 0x0, 0x8010)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x2a, &(0x7f00000007c0)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x20, 0xfc, 0x2, 0x0, @private=0xa010100, @multicast1=0xe0000300}, @echo={0x8, 0x0, 0x0, 0x8000, 0x3}}}}}, 0x0)
syz_emit_ethernet(0x3e, &(0x7f0000000380)={@local, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x20, 0x1, 0x2, 0x0, @rand_addr=0x1c, @multicast1=0xe0000300}, @redirect={0x5, 0x0, 0x0, @local, {0x5, 0x4, 0x1, 0x19, 0x400, 0x65, 0xfff6, 0x1, 0x33, 0x0, @private=0xa010100, @broadcast}}}}}}, 0x0)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r2, 0x0, 0xd2, &(0x7f00000000c0)={@dev={0xac, 0x14, 0x14, 0x37}, @multicast1, 0x0, "fc79348df081496d0420922f45a71c1daa8b610468cd140526c41efcd3a4a422", 0x3, 0x1, 0x1}, 0x3c)

kernel console output (not intermixed with test programs):

 9
[   88.272695][   T47] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   88.292489][   T47] usb 2-1: config 0 interface 0 has no altsetting 0
[   88.329816][   T47] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[   88.337239][   T47] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   88.342656][   T47] usb 2-1: config 0 interface 0 has no altsetting 0
[   88.346381][   T47] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[   88.350047][   T47] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   88.354373][   T47] usb 2-1: config 0 interface 0 has no altsetting 0
[   88.358150][   T47] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[   88.362302][   T47] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   88.366650][   T47] usb 2-1: config 0 interface 0 has no altsetting 0
[   88.375900][   T47] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[   88.379855][   T47] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   88.384225][   T47] usb 2-1: config 0 interface 0 has no altsetting 0
[   88.389284][   T47] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[   88.393212][   T47] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   88.397613][   T47] usb 2-1: config 0 interface 0 has no altsetting 0
[   88.401425][   T47] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[   88.404897][   T47] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[   88.409322][   T47] usb 2-1: config 0 interface 0 has no altsetting 0
[   88.414483][   T47] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[   88.418123][   T47] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[   88.422077][   T47] usb 2-1: Product: syz
[   88.423811][   T47] usb 2-1: Manufacturer: syz
[   88.425682][   T47] usb 2-1: SerialNumber: syz
[   88.429461][   T47] usb 2-1: config 0 descriptor??
[   88.438438][   T47] yurex 2-1:0.0: USB YUREX device now attached to Yurex #0
[   88.706515][    C1] usb 2-1: yurex_control_callback - control failed: -71
[   88.709829][   T24] usb 2-1: USB disconnect, device number 6
[   88.716045][   T24] yurex 2-1:0.0: USB YUREX #0 now disconnected
[   89.195922][ T6836] loop2: detected capacity change from 0 to 32768
[   89.296494][ T6836] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[   89.296513][ T6836]   allowing incompatible features above 0.0: (unknown version)
[   89.296521][ T6836]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[   89.314707][ T6836] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[   89.318126][ T6836] bcachefs (loop2): initializing new filesystem
[   89.327261][ T6836] bcachefs (loop2): going read-write
[   89.337281][ T6836] bcachefs (loop2): marking superblocks
[   89.350835][ T6836] bcachefs (loop2): initializing freespace
[   89.356119][ T6836] bcachefs (loop2): done initializing freespace
[   89.361592][ T6836] bcachefs (loop2): reading snapshots table
[   89.364176][ T6836] bcachefs (loop2): reading snapshots done
[   89.392304][ T6836] bcachefs (loop2): done starting filesystem
[   89.597048][ T6855] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[   89.609172][ T6855] Error validating options; rc = [-22]
[   89.865283][ T6836] syz.2.298 (6836) used greatest stack depth: 17448 bytes left
[   89.870976][ T6856] bcachefs (loop2): requested incompat feature 1.16: reflink_p_may_update_opts currently not enabled, allowed up to 1.16: reflink_p_may_update_opts
[   89.870976][ T6856]   set version_upgrade=incompat to enable
[   89.984847][ T5840] bcachefs (loop2): shutting down
[   89.985506][ T6864] loop1: detected capacity change from 0 to 256
[   89.987149][ T5840] bcachefs (loop2): going read-only
[   89.993733][ T6864] exfat: Deprecated parameter 'utf8'
[   90.008694][ T5840] bcachefs (loop2): finished waiting for writes to stop
[   90.010495][ T6864] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d)
[   90.018332][ T5840] bcachefs (loop2): flushing journal and stopping allocators, journal seq 3
[   90.085902][ T5840] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 3
[   90.093821][ T5840] bcachefs (loop2): clean shutdown complete, journal seq 4
[   90.097597][ T5840] bcachefs (loop2): marking filesystem clean
[   90.143268][ T5840] bcachefs (loop2): shutdown complete
[   90.311583][ T6879] warning: `syz.1.312' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   90.770043][ T2206] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[   90.940422][ T2206] usb 2-1: Using ep0 maxpacket: 8
[   90.945737][ T2206] usb 2-1: unable to get BOS descriptor or descriptor too short
[   90.950437][ T2206] usb 2-1: config 8 has an invalid interface number: 24 but max is 1
[   90.953869][ T2206] usb 2-1: config 8 has an invalid interface number: 242 but max is 1
[   90.957309][ T2206] usb 2-1: config 8 has no interface number 0
[   90.960866][ T2206] usb 2-1: config 8 has no interface number 1
[   90.963386][ T2206] usb 2-1: config 8 interface 24 altsetting 2 endpoint 0xE has invalid maxpacket 1535, setting to 1024
[   90.967733][ T2206] usb 2-1: config 8 interface 24 altsetting 2 endpoint 0x85 has an invalid bInterval 255, changing to 11
[   90.974174][ T2206] usb 2-1: config 8 interface 24 has no altsetting 0
[   90.977018][ T2206] usb 2-1: config 8 interface 242 has no altsetting 0
[   90.983685][ T2206] usb 2-1: New USB device found, idVendor=10cf, idProduct=5503, bcdDevice=75.af
[   90.987337][ T2206] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   90.999792][ T2206] usb 2-1: Product: syz
[   91.001595][ T2206] usb 2-1: Manufacturer: syz
[   91.003499][ T2206] usb 2-1: SerialNumber: syz
[   91.011698][ T6894] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   91.248439][ T2206] comedi comedi5: driver 'vmk80xx' has successfully auto-configured 'K8055 (VM110)'.
[   91.262542][ T2206] vmk80xx 2-1:8.242: driver 'vmk80xx' failed to auto-configure device.
[   91.263025][ T6906] loop2: detected capacity change from 0 to 8
[   91.270824][ T2206] usb 2-1: USB disconnect, device number 7
[   91.285915][ T6906] SQUASHFS error: lzo decompression failed, data probably corrupt
[   91.292779][ T6906] SQUASHFS error: Failed to read block 0x91: -5
[   91.295466][ T6906] SQUASHFS error: Unable to read metadata cache entry [8f]
[   91.298736][ T6906] SQUASHFS error: Unable to read inode 0x11f
[   91.659887][ T5916] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   91.815232][ T6916] loop1: detected capacity change from 0 to 1024
[   91.819085][ T6916] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   91.831857][ T6916] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm syz.1.329: bg 0: block 10: padding at end of block bitmap is not set
[   91.834726][ T5916] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   91.840811][ T6916] Quota error (device loop1): write_blk: dquota write failed
[   91.845475][ T6916] Quota error (device loop1): find_free_dqentry: Can't write quota data block 2
[   91.850500][ T6916] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[   91.854569][ T6916] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.329: Failed to acquire dquot type 0
[   91.859468][ T6916] Quota error (device loop1): write_blk: dquota write failed
[   91.863161][ T5916] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   91.863304][ T6916] Quota error (device loop1): find_free_dqentry: Can't write quota data block 2
[   91.871404][ T6916] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[   91.875447][ T6916] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.329: Failed to acquire dquot type 0
[   91.877599][ T5916] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   91.880713][ T6916] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.329: Freeing blocks not in datazone - block = 0, count = 4096
[   91.893635][ T5916] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   91.895515][ T6916] Quota error (device loop1): write_blk: dquota write failed
[   91.897466][ T5916] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   91.907118][ T6916] Quota error (device loop1): find_free_dqentry: Can't write quota data block 2
[   91.913921][ T6916] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[   91.919255][ T6916] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.329: Failed to acquire dquot type 0
[   91.925890][ T5916] usb 3-1: config 0 descriptor??
[   91.935146][ T6914] overlayfs: failed to clone upperpath
[   91.939025][ T6916] EXT4-fs (loop1): 1 orphan inode deleted
[   91.952042][ T6916] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   91.972928][ T6916] EXT4-fs error (device loop1): ext4_search_dir:1474: inode #2: block 16: comm syz.1.329: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[   92.010736][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.369029][ T5916] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[   92.683448][ T6945] loop1: detected capacity change from 0 to 1024
[   92.726925][ T6945] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.761410][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.047350][ T6983] loop1: detected capacity change from 0 to 512
[   94.074868][ T6983] EXT4-fs (loop1): Test dummy encryption mode enabled
[   94.077296][ T6983] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   94.083169][ T6983] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.354: bad orphan inode 131083
[   94.088314][ T6983] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   94.106696][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.294328][ T6997] loop2: detected capacity change from 0 to 1024
[   94.342134][ T6999] loop1: detected capacity change from 0 to 512
[   94.365412][ T6999] EXT4-fs (loop1): Test dummy encryption mode enabled
[   94.369008][ T6999] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   94.378899][ T6999] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.359: bad orphan inode 131083
[   94.399546][ T6999] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   94.441251][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.496363][ T7007] loop1: detected capacity change from 0 to 128
[   94.964457][ T5916] usb 3-1: USB disconnect, device number 6
[   95.119891][ T5916] usb 3-1: new full-speed USB device number 7 using dummy_hcd
[   95.271760][ T5916] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[   95.276389][ T5916] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 1023, setting to 64
[   95.281853][ T5916] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[   95.288244][ T5916] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   95.292161][ T5916] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   95.295436][ T5916] usb 3-1: SerialNumber: syz
[   95.304700][ T7003] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   95.307946][ T7003] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   95.313277][ T5916] cdc_acm 3-1:1.0: Control and data interfaces are not separated!
[   95.317069][ T5916] cdc_acm 3-1:1.0: probe with driver cdc_acm failed with error -12
[   95.526481][ T2206] usb 3-1: USB disconnect, device number 7
[   95.692364][ T7035] loop1: detected capacity change from 0 to 40427
[   95.708984][ T7035] F2FS-fs (loop1): invalid crc value
[   95.718046][ T7041] Illegal XDP return value 4294967294 on prog  (id 33) dev N/A, expect packet loss!
[   95.754444][ T7035] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   95.758465][ T7035] F2FS-fs (loop1): Start checkpoint disabled!
[   95.766070][ T7035] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[   95.774117][   T33] audit: type=1326 audit(1756744930.275:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7034 comm="syz.1.374" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e1018ebe9 code=0x7ffc0000
[   95.813059][  T351] kworker/u9:3: attempt to access beyond end of device
[   95.813059][  T351] loop1: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[   95.820949][  T351] CPU: 1 UID: 0 PID: 351 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[   95.820961][  T351] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   95.820966][  T351] Workqueue: writeback wb_workfn (flush-7:1)
[   95.820980][  T351] Call Trace:
[   95.820983][  T351]  <TASK>
[   95.820987][  T351]  dump_stack_lvl+0x189/0x250
[   95.820999][  T351]  ? __pfx_dump_stack_lvl+0x10/0x10
[   95.821007][  T351]  ? __pfx_queue_work_on+0x10/0x10
[   95.821045][  T351]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   95.821055][  T351]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   95.821069][  T351]  f2fs_handle_critical_error+0x37c/0x540
[   95.821082][  T351]  f2fs_write_end_io+0x886/0xb60
[   95.821097][  T351]  __submit_merged_bio+0x27a/0x6a0
[   95.821106][  T351]  ? up_write+0x1c4/0x420
[   95.821116][  T351]  __submit_merged_write_cond+0x44c/0x530
[   95.821128][  T351]  f2fs_sync_node_pages+0x1479/0x15e0
[   95.821146][  T351]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[   95.821155][  T351]  ? __percpu_counter_sum+0x1c2/0x1e0
[   95.821176][  T351]  ? do_raw_spin_lock+0x121/0x290
[   95.821185][  T351]  ? rcu_is_watching+0x15/0xb0
[   95.821193][  T351]  ? blk_start_plug+0x52/0x1b0
[   95.821204][  T351]  f2fs_write_node_pages+0x303/0x6e0
[   95.821216][  T351]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[   95.821231][  T351]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[   95.821240][  T351]  do_writepages+0x32e/0x550
[   95.821252][  T351]  ? reacquire_held_locks+0x127/0x1d0
[   95.821259][  T351]  ? writeback_sb_inodes+0x384/0x1010
[   95.821271][  T351]  __writeback_single_inode+0x145/0xff0
[   95.821280][  T351]  ? do_raw_spin_unlock+0x4d/0x240
[   95.821290][  T351]  writeback_sb_inodes+0x6c7/0x1010
[   95.821310][  T351]  ? __pfx_writeback_sb_inodes+0x10/0x10
[   95.821337][  T351]  ? rcu_is_watching+0x15/0xb0
[   95.821348][  T351]  wb_writeback+0x43b/0xaf0
[   95.821360][  T351]  ? queue_io+0x3b1/0x590
[   95.821370][  T351]  ? __pfx_wb_writeback+0x10/0x10
[   95.821382][  T351]  ? _raw_spin_unlock_irq+0x23/0x50
[   95.821393][  T351]  wb_workfn+0x409/0xef0
[   95.821407][  T351]  ? __pfx_wb_workfn+0x10/0x10
[   95.821416][  T351]  ? __lock_acquire+0xab9/0xd20
[   95.821431][  T351]  ? process_scheduled_works+0x9ef/0x17b0
[   95.821440][  T351]  ? _raw_spin_unlock_irq+0x23/0x50
[   95.821448][  T351]  ? process_scheduled_works+0x9ef/0x17b0
[   95.821454][  T351]  ? process_scheduled_works+0x9ef/0x17b0
[   95.821461][  T351]  process_scheduled_works+0xae1/0x17b0
[   95.821481][  T351]  ? __pfx_process_scheduled_works+0x10/0x10
[   95.821495][  T351]  worker_thread+0x8a0/0xda0
[   95.821514][  T351]  kthread+0x711/0x8a0
[   95.821524][  T351]  ? __pfx_worker_thread+0x10/0x10
[   95.821530][  T351]  ? __pfx_kthread+0x10/0x10
[   95.821540][  T351]  ? _raw_spin_unlock_irq+0x23/0x50
[   95.821554][  T351]  ? lockdep_hardirqs_on+0x9c/0x150
[   95.821562][  T351]  ? __pfx_kthread+0x10/0x10
[   95.821571][  T351]  ret_from_fork+0x3fc/0x770
[   95.821580][  T351]  ? __pfx_ret_from_fork+0x10/0x10
[   95.821590][  T351]  ? __switch_to_asm+0x39/0x70
[   95.821598][  T351]  ? __switch_to_asm+0x33/0x70
[   95.821605][  T351]  ? __pfx_kthread+0x10/0x10
[   95.821614][  T351]  ret_from_fork_asm+0x1a/0x30
[   95.821630][  T351]  </TASK>
[   95.821633][  T351] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[   95.956514][  T351] CPU: 1 UID: 0 PID: 351 Comm: kworker/u9:3 Not tainted syzkaller #0 PREEMPT(full) 
[   95.956538][  T351] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   95.956545][  T351] Workqueue: writeback wb_workfn (flush-7:1)
[   95.956564][  T351] Call Trace:
[   95.956570][  T351]  <TASK>
[   95.956575][  T351]  dump_stack_lvl+0x189/0x250
[   95.956595][  T351]  ? __pfx_dump_stack_lvl+0x10/0x10
[   95.956608][  T351]  ? __pfx_queue_work_on+0x10/0x10
[   95.956619][  T351]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   95.956632][  T351]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   95.956654][  T351]  f2fs_handle_critical_error+0x37c/0x540
[   95.956674][  T351]  f2fs_write_end_io+0x886/0xb60
[   95.956698][  T351]  __submit_merged_bio+0x27a/0x6a0
[   95.956711][  T351]  ? up_write+0x1c4/0x420
[   95.956726][  T351]  __submit_merged_write_cond+0x44c/0x530
[   95.956748][  T351]  f2fs_sync_node_pages+0x1479/0x15e0
[   95.956779][  T351]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[   95.956794][  T351]  ? __percpu_counter_sum+0x1c2/0x1e0
[   95.956832][  T351]  ? do_raw_spin_lock+0x121/0x290
[   95.956848][  T351]  ? rcu_is_watching+0x15/0xb0
[   95.956858][  T351]  ? blk_start_plug+0x52/0x1b0
[   95.956886][  T351]  f2fs_write_node_pages+0x303/0x6e0
[   95.956904][  T351]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[   95.956929][  T351]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[   95.956946][  T351]  do_writepages+0x32e/0x550
[   95.956966][  T351]  ? reacquire_held_locks+0x127/0x1d0
[   95.956977][  T351]  ? writeback_sb_inodes+0x384/0x1010
[   95.956997][  T351]  __writeback_single_inode+0x145/0xff0
[   95.957033][  T351]  ? do_raw_spin_unlock+0x4d/0x240
[   95.957050][  T351]  writeback_sb_inodes+0x6c7/0x1010
[   95.957083][  T351]  ? __pfx_writeback_sb_inodes+0x10/0x10
[   95.957131][  T351]  ? rcu_is_watching+0x15/0xb0
[   95.957152][  T351]  wb_writeback+0x43b/0xaf0
[   95.957171][  T351]  ? queue_io+0x3b1/0x590
[   95.957187][  T351]  ? __pfx_wb_writeback+0x10/0x10
[   95.957206][  T351]  ? _raw_spin_unlock_irq+0x23/0x50
[   95.957223][  T351]  wb_workfn+0x409/0xef0
[   95.957246][  T351]  ? __pfx_wb_workfn+0x10/0x10
[   95.957261][  T351]  ? __lock_acquire+0xab9/0xd20
[   95.957286][  T351]  ? process_scheduled_works+0x9ef/0x17b0
[   95.957303][  T351]  ? _raw_spin_unlock_irq+0x23/0x50
[   95.957317][  T351]  ? process_scheduled_works+0x9ef/0x17b0
[   95.957327][  T351]  ? process_scheduled_works+0x9ef/0x17b0
[   95.957338][  T351]  process_scheduled_works+0xae1/0x17b0
[   95.957371][  T351]  ? __pfx_process_scheduled_works+0x10/0x10
[   95.957396][  T351]  worker_thread+0x8a0/0xda0
[   95.957427][  T351]  kthread+0x711/0x8a0
[   95.957442][  T351]  ? __pfx_worker_thread+0x10/0x10
[   95.957455][  T351]  ? __pfx_kthread+0x10/0x10
[   95.957470][  T351]  ? _raw_spin_unlock_irq+0x23/0x50
[   95.957484][  T351]  ? lockdep_hardirqs_on+0x9c/0x150
[   95.957499][  T351]  ? __pfx_kthread+0x10/0x10
[   95.957512][  T351]  ret_from_fork+0x3fc/0x770
[   95.957531][  T351]  ? __pfx_ret_from_fork+0x10/0x10
[   95.957547][  T351]  ? __switch_to_asm+0x39/0x70
[   95.957558][  T351]  ? __switch_to_asm+0x33/0x70
[   95.957570][  T351]  ? __pfx_kthread+0x10/0x10
[   95.957583][  T351]  ret_from_fork_asm+0x1a/0x30
[   95.957608][  T351]  </TASK>
[   95.957612][  T351] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[   96.141100][ T7060] loop2: detected capacity change from 0 to 16
[   96.149417][ T7060] erofs (device loop2): mounted with root inode @ nid 36.
[   96.636668][ T7068] loop1: detected capacity change from 0 to 256
[   96.656564][ T7068] exFAT-fs (loop1): start_clu is invalid cluster(0x400)
[   96.745726][ T7075] loop1: detected capacity change from 0 to 1024
[   96.754932][ T7075] hfsplus: unable to find HFS+ superblock
[   96.769580][ T7077] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[   97.913707][ T7081] loop1: detected capacity change from 0 to 262144
[   98.005347][ T7081] F2FS-fs (loop1): invalid crc value
[   98.064131][ T7081] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   98.068419][ T7081] F2FS-fs (loop1): Start checkpoint disabled!
[   98.089029][ T7081] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   98.150857][ T7109] syz.3.404 uses obsolete (PF_INET,SOCK_PACKET)
[   98.238810][ T7116] loop2: detected capacity change from 0 to 512
[   98.289776][ T7116] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   98.294854][ T7116] ext4 filesystem being mounted at /127/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   98.333103][ T7116] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #2: block 7: comm syz.2.406: lblock 12 mapped to illegal pblock 7 (length 22)
[   98.349942][ T7116] EXT4-fs (loop2): Remounting filesystem read-only
[   98.387830][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.445288][   T33] kauditd_printk_skb: 16 callbacks suppressed
[   98.445302][   T33] audit: type=1326 audit(1756744932.945:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7125 comm="syz.2.409" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c5b8ebe9 code=0x7ffc0000
[   98.486825][   T33] audit: type=1326 audit(1756744932.945:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7125 comm="syz.2.409" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c5b8ebe9 code=0x7ffc0000
[   98.497224][   T33] audit: type=1326 audit(1756744932.945:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7125 comm="syz.2.409" exe="/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7f51c5b8ebe9 code=0x7ffc0000
[   98.512237][   T33] audit: type=1326 audit(1756744932.945:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7125 comm="syz.2.409" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c5b8ebe9 code=0x7ffc0000
[   98.525617][   T33] audit: type=1326 audit(1756744932.945:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7125 comm="syz.2.409" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c5b8ebe9 code=0x7ffc0000
[   98.764009][   T33] audit: type=1326 audit(1756744933.265:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7133 comm="syz.2.413" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c5b8ebe9 code=0x7ffc0000
[   98.789744][   T33] audit: type=1326 audit(1756744933.265:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7133 comm="syz.2.413" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c5b8ebe9 code=0x7ffc0000
[   98.804974][   T33] audit: type=1326 audit(1756744933.295:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7133 comm="syz.2.413" exe="/syz-executor" sig=0 arch=c000003e syscall=274 compat=0 ip=0x7f51c5b8ebe9 code=0x7ffc0000
[   98.820960][   T33] audit: type=1326 audit(1756744933.295:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7133 comm="syz.2.413" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c5b8ebe9 code=0x7ffc0000
[   98.839801][   T33] audit: type=1326 audit(1756744933.295:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7133 comm="syz.2.413" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c5b8ebe9 code=0x7ffc0000
[   99.094353][ T7152] netlink: 4 bytes leftover after parsing attributes in process `syz.1.405'.
[   99.264504][ T7168] loop2: detected capacity change from 0 to 128
[   99.486249][ T5842] Bluetooth: Unexpected start frame (len 16)
[   99.488629][ T5842] Bluetooth: Frame is too long (len 16, expected len 4)
[   99.493541][ T7183] loop1: detected capacity change from 0 to 764
[  100.446347][ T7196] netlink: 'syz.2.441': attribute type 3 has an invalid length.
[  100.648647][ T7200] netlink: 'syz.2.442': attribute type 2 has an invalid length.
[  100.828280][ T5842] Bluetooth: hci2: unexpected event for opcode 0x1804
[  101.163087][   T24] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  101.200182][ T2206] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  101.339831][   T24] usb 2-1: Using ep0 maxpacket: 8
[  101.343759][   T24] usb 2-1: config 162 has an invalid interface number: 45 but max is 1
[  101.347228][   T24] usb 2-1: config 162 has an invalid interface number: 87 but max is 1
[  101.350994][   T24] usb 2-1: config 162 has no interface number 0
[  101.359758][   T24] usb 2-1: config 162 has no interface number 1
[  101.362444][   T24] usb 2-1: config 162 interface 45 altsetting 4 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  101.367734][   T24] usb 2-1: config 162 interface 87 altsetting 1 has an invalid descriptor for endpoint zero, skipping
[  101.380140][   T24] usb 2-1: config 162 interface 87 altsetting 1 has an endpoint descriptor with address 0xA6, changing to 0x86
[  101.381359][ T2206] usb 3-1: Using ep0 maxpacket: 32
[  101.384644][   T24] usb 2-1: config 162 interface 87 altsetting 1 endpoint 0x86 has invalid maxpacket 23105, setting to 1024
[  101.384664][   T24] usb 2-1: config 162 interface 87 altsetting 1 bulk endpoint 0x86 has invalid maxpacket 1024
[  101.384678][   T24] usb 2-1: config 162 interface 87 altsetting 1 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  101.384695][   T24] usb 2-1: config 162 interface 45 has no altsetting 0
[  101.398556][ T2206] usb 3-1: config index 0 descriptor too short (expected 35577, got 27)
[  101.401378][   T24] usb 2-1: config 162 interface 87 has no altsetting 0
[  101.409706][ T2206] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  101.414305][ T2206] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  101.418355][ T2206] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92
[  101.424790][   T24] usb 2-1: New USB device found, idVendor=067b, idProduct=2303, bcdDevice=32.4e
[  101.426537][ T2206] usb 3-1: config 1 has no interface number 0
[  101.428940][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  101.431124][ T2206] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  101.431141][ T2206] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  101.443098][   T24] usb 2-1: Product: syz
[  101.444723][   T24] usb 2-1: Manufacturer: syz
[  101.446456][ T2206] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found
[  101.446937][   T24] usb 2-1: SerialNumber: syz
[  101.588598][ T7243] netlink: 'syz.3.462': attribute type 3 has an invalid length.
[  101.591437][ T7243] netlink: 8 bytes leftover after parsing attributes in process `syz.3.462'.
[  101.649200][ T2206] snd_usb_pod 3-1:1.1: set_interface failed
[  101.655841][ T2206] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected
[  101.658198][ T2206] snd_usb_pod 3-1:1.1: probe with driver snd_usb_pod failed with error -71
[  101.667488][   T24] pl2303 2-1:162.45: required endpoints missing
[  101.671890][ T2206] usb 3-1: USB disconnect, device number 8
[  101.681713][   T24] pl2303 2-1:162.87: required interrupt-in endpoint missing
[  101.695517][   T24] usb 2-1: USB disconnect, device number 8
[  102.313175][ T7261] netlink: 4 bytes leftover after parsing attributes in process `syz.3.471'.
[  102.323004][ T7261] veth1_to_hsr: entered promiscuous mode
[  102.325572][ T7261] macsec1: entered promiscuous mode
[  102.327828][ T7261] macsec1: entered allmulticast mode
[  102.331818][ T7261] veth1_to_hsr: entered allmulticast mode
[  102.344806][ T7261] veth1_to_hsr: left allmulticast mode
[  102.349613][ T7261] veth1_to_hsr: left promiscuous mode
[  102.407983][ T7257] loop2: detected capacity change from 0 to 32768
[  102.504510][ T7257] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,metadata_target=invalid label 246,noinodes_use_key_cache,journal_flush_delay=3,journal_reclaim_delay=1000,nocow
[  102.504530][ T7257]   allowing incompatible features above 0.0: (unknown version)
[  102.504538][ T7257]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  102.522931][ T7257] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[  102.526320][ T7257] bcachefs (loop2): initializing new filesystem
[  102.534379][ T7257] bcachefs (loop2): going read-write
[  102.540980][ T7257] bcachefs (loop2): marking superblocks
[  102.547746][ T7257] bcachefs (loop2): initializing freespace
[  102.554402][ T7257] bcachefs (loop2): done initializing freespace
[  102.558542][ T7257] bcachefs (loop2): reading snapshots table
[  102.561179][ T7257] bcachefs (loop2): reading snapshots done
[  102.575482][ T7280] overlayfs: failed to clone upperpath
[  102.584989][ T7257] bcachefs (loop2): done starting filesystem
[  102.620133][ T7257] bcachefs (loop2): shutdown by ioctl type 1emergency read only at seq 4
[  102.623829][ T5894] bcachefs (loop2): going read-only
[  102.626074][ T5894] bcachefs (loop2): finished waiting for writes to stop
[  102.649749][ T5894] bcachefs (loop2): flushing journal and stopping allocators, journal seq 4
[  102.655568][ T5840] bcachefs (loop2): shutting down
[  102.655800][ T5894] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 4
[  102.664902][ T5894] bcachefs (loop2): unclean shutdown complete, journal seq 4
[  102.672165][ T5894] bcachefs (loop2): done going read-only, filesystem not clean
[  102.679789][ T5896] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  102.692519][ T5840] bcachefs (loop2): shutdown complete
[  102.854063][ T5896] usb 2-1: Using ep0 maxpacket: 16
[  102.860459][ T5896] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  102.865179][ T5896] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  102.875550][ T5896] usb 2-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  102.879349][ T5896] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  102.883089][ T5896] usb 2-1: Product: syz
[  102.884861][ T5896] usb 2-1: Manufacturer: syz
[  102.886844][ T5896] usb 2-1: SerialNumber: syz
[  102.892791][ T5896] usb 2-1: config 0 descriptor??
[  102.901721][ T5896] em28xx 2-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  102.905707][ T5896] em28xx 2-1:0.0: Audio interface 0 found (Vendor Class)
[  103.516478][ T5896] em28xx 2-1:0.0: chip ID is em2710/2820
[  103.725440][ T5896] em28xx 2-1:0.0: Config register raw data: 0xfffffffb
[  103.733860][ T5896] em28xx 2-1:0.0: AC97 chip type couldn't be determined
[  103.736786][ T5896] em28xx 2-1:0.0: No AC97 audio processor
[  103.748475][ T5896] usb 2-1: USB disconnect, device number 9
[  103.758208][ T5896] em28xx 2-1:0.0: Disconnecting em28xx
[  103.772447][ T5896] em28xx 2-1:0.0: Freeing device
[  103.843101][ T7302] loop2: detected capacity change from 0 to 1024
[  103.909103][ T7304] loop2: detected capacity change from 0 to 64
[  103.926352][ T7304] Trying to free block not in datazone
[  104.023577][ T7308] loop2: detected capacity change from 0 to 2048
[  104.217624][ T7318] loop2: detected capacity change from 0 to 512
[  104.222027][ T7318] EXT4-fs: Ignoring removed i_version option
[  104.224618][ T7318] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  104.255913][ T7318] EXT4-fs (loop2): 1 truncate cleaned up
[  104.259393][ T7318] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  104.307384][ T7318] EXT4-fs warning (device loop2): ext4_group_extend:1891: can't read last block, resize aborted
[  104.385749][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.502186][ T7341] netlink: 'syz.1.503': attribute type 8 has an invalid length.
[  104.850599][ T5842] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  104.855351][ T5842] Bluetooth: hci2: Injecting HCI hardware error event
[  104.858888][ T5842] Bluetooth: hci2: hardware error 0x00
[  104.919778][ T2206] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  105.069778][ T2206] usb 2-1: Using ep0 maxpacket: 8
[  105.073294][ T2206] usb 2-1: config index 0 descriptor too short (expected 301, got 45)
[  105.076447][ T2206] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  105.083363][ T2206] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  105.086805][ T2206] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  105.091020][ T2206] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  105.095970][ T2206] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  105.098988][ T2206] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.113516][ T7383] overlayfs: failed to clone upperpath
[  105.307155][ T2206] usb 2-1: usb_control_msg returned -32
[  105.309317][ T2206] usbtmc 2-1:16.0: can't read capabilities
[  105.428685][ T7399] overlayfs: failed to clone lowerpath
[  105.662206][ T7406] usbtmc 2-1:16.0: usb_control_msg returned -32
[  105.664984][ T2206] usb 2-1: USB disconnect, device number 10
[  106.009516][ T7405] loop2: detected capacity change from 0 to 131072
[  106.013680][ T7405] F2FS-fs (loop2): invalid crc value
[  106.045276][ T7405] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  106.053833][ T7405] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  106.695722][ T7441] bridge1: entered promiscuous mode
[  106.940552][ T5842] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  106.967167][ T7465] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  107.260384][ T2206] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  107.419768][ T2206] usb 2-1: Using ep0 maxpacket: 16
[  107.427061][ T2206] usb 2-1: New USB device found, idVendor=5fc9, idProduct=0063, bcdDevice=93.52
[  107.430855][ T2206] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  107.434432][ T2206] usb 2-1: Product: syz
[  107.436569][ T2206] usb 2-1: Manufacturer: syz
[  107.438754][ T2206] usb 2-1: SerialNumber: syz
[  107.448412][ T2206] usb 2-1: config 0 descriptor??
[  107.660103][ T2206] usb 2-1: USB disconnect, device number 11
[  107.741351][ T7489] loop2: detected capacity change from 0 to 128
[  107.846842][ T7495] netlink: 12 bytes leftover after parsing attributes in process `syz.2.572'.
[  108.428443][ T7545] loop2: detected capacity change from 0 to 256
[  108.468401][ T7545] FAT-fs (loop2): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  108.483233][ T7545] FAT-fs (loop2): bogus number of directory entries (1)
[  108.485906][ T7545] FAT-fs (loop2): Can't find a valid FAT filesystem
[  108.852523][ T7551] batman_adv: batadv0: Adding interface: ipvlan2
[  108.855400][ T7551] batman_adv: batadv0: The MTU of interface ipvlan2 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  108.869235][ T7551] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  108.873853][ T7551] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  108.878190][ T7551] batman_adv: batadv0: Interface activated: ipvlan2
[  108.957800][ T7561] netlink: 8 bytes leftover after parsing attributes in process `syz.3.602'.
[  109.254391][ T7576] netlink: 44 bytes leftover after parsing attributes in process `syz.2.609'.
[  109.257312][ T7576] netlink: 24 bytes leftover after parsing attributes in process `syz.2.609'.
[  109.332000][ T7588] loop2: detected capacity change from 0 to 256
[  109.360898][ T7588] FAT-fs (loop2): Directory bread(block 64) failed
[  109.363259][ T7588] FAT-fs (loop2): Directory bread(block 65) failed
[  109.365651][ T7588] FAT-fs (loop2): Directory bread(block 66) failed
[  109.368065][ T7588] FAT-fs (loop2): Directory bread(block 67) failed
[  109.371036][ T7588] FAT-fs (loop2): Directory bread(block 68) failed
[  109.373479][ T7588] FAT-fs (loop2): Directory bread(block 69) failed
[  109.375756][ T7588] FAT-fs (loop2): Directory bread(block 70) failed
[  109.378030][ T7588] FAT-fs (loop2): Directory bread(block 71) failed
[  109.381721][ T7588] FAT-fs (loop2): Directory bread(block 72) failed
[  109.383943][ T7588] FAT-fs (loop2): Directory bread(block 73) failed
[  109.472498][ T7594] loop2: detected capacity change from 0 to 1764
[  109.755110][ T5894] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  109.924947][ T5894] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  109.928187][ T5894] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  109.931400][ T5894] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x94, changing to 0x84
[  109.935214][ T5894] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  109.971574][ T5894] usb 2-1: New USB device found, idVendor=0bfd, idProduct=010c, bcdDevice=2d.16
[  109.975193][ T5894] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  109.978143][ T5894] usb 2-1: Product: syz
[  109.979807][ T5894] usb 2-1: Manufacturer: syz
[  109.984979][ T5894] usb 2-1: SerialNumber: syz
[  109.998754][ T7603] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  110.208432][ T5894] usb 2-1: config 0 descriptor??
[  110.265621][ T5894] kvaser_usb 2-1:0.0: error -ENODEV: Cannot get usb endpoint(s)
[  110.470235][ T7616] Zero length message leads to an empty skb
[  110.474693][   T24] usb 2-1: USB disconnect, device number 12
[  110.930684][ T7633] loop2: detected capacity change from 0 to 32768
[  110.946261][ T7633] ERROR: (device loop2): diNewExt: no free extents
[  110.946261][ T7633] 
[  110.953611][ T7633] ERROR: (device loop2): remounting filesystem as read-only
[  110.956188][ T7633] ialloc: diAlloc returned -5!
[  111.156972][ T7658] loop2: detected capacity change from 0 to 256
[  111.167692][ T7659] loop1: detected capacity change from 0 to 1764
[  111.204588][ T7659] iso9660: Corrupted directory entry in block 2 of inode 1920
[  111.303146][ T7667] loop2: detected capacity change from 0 to 128
[  111.315472][ T7667] FAT-fs (loop2): Directory bread(block 414) failed
[  111.318374][ T7667] FAT-fs (loop2): Directory bread(block 415) failed
[  111.325073][ T7667] FAT-fs (loop2): Directory bread(block 416) failed
[  111.327842][ T7667] FAT-fs (loop2): Directory bread(block 417) failed
[  111.334920][ T7667] FAT-fs (loop2): Directory bread(block 418) failed
[  111.338820][ T7667] FAT-fs (loop2): Directory bread(block 419) failed
[  111.342991][ T7667] FAT-fs (loop2): Directory bread(block 420) failed
[  111.345871][ T7667] FAT-fs (loop2): Directory bread(block 421) failed
[  111.663265][ T7681] loop2: detected capacity change from 0 to 8192
[  112.132180][ T7698] netlink: 24 bytes leftover after parsing attributes in process `syz.3.667'.
[  112.330734][ T7669] syz.1.653 (7669): drop_caches: 2
[  112.973524][ T7726] loop1: detected capacity change from 0 to 256
[  112.982319][ T7726] exfat: Deprecated parameter 'utf8'
[  113.012570][ T7726] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  113.139954][ T7734] loop1: detected capacity change from 0 to 512
[  113.164382][ T7734] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  113.180540][ T7734] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c01c, mo2=0002]
[  113.190884][ T7734] System zones: 1-12
[  113.192796][ T7734] EXT4-fs (loop1): Can't support bigalloc feature without extents feature
[  113.192796][ T7734] 
[  113.197129][ T7734] EXT4-fs (loop1): Skipping orphan cleanup due to unknown ROCOMPAT features
[  113.216095][ T7734] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  113.237092][ T7734] EXT4-fs (loop1): Can't support bigalloc feature without extents feature
[  113.237092][ T7734] 
[  113.262700][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  113.424189][ T7750] loop1: detected capacity change from 0 to 764
[  113.479626][ T7752] loop2: detected capacity change from 0 to 2048
[  113.492447][ T7753] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  113.510504][ T7752] NILFS error (device loop2): nilfs_check_folio: bad entry in directory #12: rec_len is smaller than minimal - offset=1024, inode=0, rec_len=0, name_len=0
[  113.522085][ T7752] Remounting filesystem read-only
[  113.572125][ T7757] bridge: RTM_NEWNEIGH with invalid ether address
[  113.716771][ T7765] loop1: detected capacity change from 0 to 1024
[  113.900494][ T7779] netlink: 'syz.3.702': attribute type 3 has an invalid length.
[  113.918649][   T24] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  114.041084][   T33] audit: type=1326 audit(1756744948.545:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7791 comm="syz.1.707" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e1018ebe9 code=0x7ffc0000
[  114.070348][   T33] audit: type=1326 audit(1756744948.545:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7791 comm="syz.1.707" exe="/syz-executor" sig=0 arch=c000003e syscall=444 compat=0 ip=0x7f9e1018ebe9 code=0x7ffc0000
[  114.079027][   T33] audit: type=1326 audit(1756744948.545:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7791 comm="syz.1.707" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e1018ebe9 code=0x7ffc0000
[  114.090701][   T24] usb 3-1: Using ep0 maxpacket: 16
[  114.105164][   T33] audit: type=1326 audit(1756744948.545:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7791 comm="syz.1.707" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e1018ebe9 code=0x7ffc0000
[  114.114533][   T24] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  114.119624][   T24] usb 3-1: New USB device found, idVendor=046d, idProduct=c293, bcdDevice= 0.00
[  114.125994][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.136654][   T24] usb 3-1: config 0 descriptor??
[  114.139040][   T33] audit: type=1326 audit(1756744948.545:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7791 comm="syz.1.707" exe="/syz-executor" sig=0 arch=c000003e syscall=446 compat=0 ip=0x7f9e1018ebe9 code=0x7ffc0000
[  114.168567][   T33] audit: type=1326 audit(1756744948.545:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7791 comm="syz.1.707" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e1018ebe9 code=0x7ffc0000
[  114.194233][   T33] audit: type=1326 audit(1756744948.545:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7791 comm="syz.1.707" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e1018ebe9 code=0x7ffc0000
[  115.043160][   T24] logitech 0003:046D:C293.0003: hidraw0: USB HID vff.fa Device [HID 046d:c293] on usb-dummy_hcd.2-1/input0
[  115.050034][   T24] logitech 0003:046D:C293.0003: no inputs found
[  115.076219][   T24] usb 3-1: USB disconnect, device number 9
[  115.395976][ T7818] netlink: 'syz.3.718': attribute type 3 has an invalid length.
[  116.369201][ T7836] loop1: detected capacity change from 0 to 128
[  116.393548][   T33] audit: type=1800 audit(1756744950.895:40): pid=7836 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.726" name="file1" dev="loop1" ino=1048653 res=0 errno=0
[  116.412390][ T7836] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 52)
[  116.466233][ T7828] loop2: detected capacity change from 0 to 32768
[  116.483213][ T7828] (syz.2.723,7828,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  116.504409][ T7828] (syz.2.723,7828,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  116.562747][ T7828] JBD2: Ignoring recovery information on journal
[  116.589408][ T7841] loop1: detected capacity change from 0 to 2048
[  116.611315][ T7841] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found!
[  116.613547][ T7828] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  116.630325][ T7841] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  116.763002][   T33] audit: type=1800 audit(1756744951.265:41): pid=7828 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.723" name="file1" dev="loop2" ino=16979 res=0 errno=0
[  116.838069][ T7854] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  116.848262][ T7854] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  116.852116][ T7854] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  116.863625][ T7854] overlayfs: inode number too big (/cgroup.controllers, ino=4611686018427387908, xinobits=2)
[  116.867905][ T7854] evm: overlay not supported
[  116.879020][ T7852] overlayfs: inode number too big (/cgroup.controllers, ino=4611686018427387908, xinobits=2)
[  117.091629][ T5840] ocfs2: Unmounting device (7,2) on (node local)
[  117.195314][ T7874] netlink: 'syz.2.739': attribute type 6 has an invalid length.
[  117.198090][ T7874] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.739'.
[  117.291561][ T7880] netlink: 20 bytes leftover after parsing attributes in process `syz.2.746'.
[  117.369841][ T2206] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  117.393028][ T7886] loop2: detected capacity change from 0 to 64
[  117.530023][ T2206] usb 2-1: Using ep0 maxpacket: 8
[  117.536180][ T2206] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  117.541232][ T2206] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  117.545004][ T2206] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.550725][ T2206] usb 2-1: config 0 descriptor??
[  117.749811][ T5894] usb 3-1: new full-speed USB device number 10 using dummy_hcd
[  117.767155][ T2206] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  117.902416][ T5894] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  117.908201][ T5894] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  117.914037][ T5894] usb 3-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  117.917354][ T5894] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.923595][ T5894] usb 3-1: config 0 descriptor??
[  118.228983][   T47] usb 2-1: USB disconnect, device number 13
[  118.336563][ T5894] isku 0003:1E7D:319C.0004: unknown main item tag 0x0
[  118.343890][ T5894] isku 0003:1E7D:319C.0004: hidraw0: USB HID v0.00 Device [HID 1e7d:319c] on usb-dummy_hcd.2-1/input0
[  118.536113][ T5894] isku 0003:1E7D:319C.0004: couldn't init struct isku_device
[  118.540749][ T5894] isku 0003:1E7D:319C.0004: couldn't install keyboard
[  118.545434][ T5894] isku 0003:1E7D:319C.0004: probe with driver isku failed with error -71
[  118.554903][ T5894] usb 3-1: USB disconnect, device number 10
[  118.821143][ T7910] input: syz1 as /devices/virtual/input/input6
[  119.098712][ T7922] loop2: detected capacity change from 0 to 1024
[  119.111907][ T7922] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  119.147501][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.150966][ T5894] usb 2-1: new full-speed USB device number 14 using dummy_hcd
[  119.252095][ T7928] loop2: detected capacity change from 0 to 16
[  119.259229][ T7928] erofs (device loop2): rootino(nid 36) is not a directory(i_mode 17700)
[  119.314406][ T5894] usb 2-1: config 0 has an invalid interface number: 50 but max is 0
[  119.317837][ T5894] usb 2-1: config 0 has no interface number 0
[  119.323664][ T5894] usb 2-1: New USB device found, idVendor=0b48, idProduct=1009, bcdDevice=87.f7
[  119.326924][ T5894] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  119.332982][ T5894] usb 2-1: Product: syz
[  119.334735][ T5894] usb 2-1: Manufacturer: syz
[  119.336298][ T5894] usb 2-1: SerialNumber: syz
[  119.343187][ T5894] usb 2-1: config 0 descriptor??
[  119.349472][ T5894] ttusb_dec_send_command: command bulk message failed: error -22
[  119.355207][ T5894] ttusb-dec 2-1:0.50: probe with driver ttusb-dec failed with error -22
[  119.403370][ T7932] loop2: detected capacity change from 0 to 1024
[  119.435886][ T7932] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  119.445512][ T7932] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: inode #11: comm syz.2.769: missing EA_INODE flag
[  119.455338][ T7932] EXT4-fs (loop2): Remounting filesystem read-only
[  119.473293][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.641941][ T7942] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  119.663856][ T5916] usb 2-1: USB disconnect, device number 14
[  120.548379][ T7953] netlink: 'syz.3.776': attribute type 1 has an invalid length.
[  120.717234][ T7949] loop1: detected capacity change from 0 to 32768
[  120.723439][ T7949] *** Log Format Error ! ***
[  120.726004][ T7949] lmLogInit: exit(-22)
[  120.727815][ T7949] lmLogOpen: exit(-22)
[  120.729513][ T7949] jfs_mount_rw failed, return code = -22
[  120.892400][ T7969] loop1: detected capacity change from 0 to 1024
[  120.905612][ T7969] EXT4-fs: Ignoring removed orlov option
[  120.915650][ T7969] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  120.927393][ T7971] loop2: detected capacity change from 0 to 2048
[  120.944885][ T7969] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  120.971573][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.972045][ T6386]  loop2: p2 < > p4
[  120.986198][ T6386] loop2: p4 size 8192 extends beyond EOD, truncated
[  121.011915][ T7971]  loop2: p2 < > p4
[  121.015937][ T7971] loop2: p4 size 8192 extends beyond EOD, truncated
[  121.043448][ T7975] loop1: detected capacity change from 0 to 1024
[  121.072489][ T7975] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.077545][ T6386] udevd[6386]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  121.096239][ T6096] udevd[6096]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  121.152899][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.158404][ T6386] udevd[6386]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  121.164045][ T6096] udevd[6096]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  121.328985][ T7993] loop2: detected capacity change from 0 to 8
[  121.755404][ T7998] loop2: detected capacity change from 0 to 32768
[  121.761455][ T7998] (syz.2.797,7998,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  121.766343][ T7998] (syz.2.797,7998,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  121.777192][ T7998] JBD2: Ignoring recovery information on journal
[  121.808397][ T7998] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  121.888612][ T5840] ocfs2: Unmounting device (7,2) on (node local)
[  122.193117][ T8017] netlink: 8 bytes leftover after parsing attributes in process `syz.1.805'.
[  122.589402][ T8015] loop2: detected capacity change from 0 to 131072
[  122.600242][ T8015] F2FS-fs (loop2): Test dummy encryption mode enabled
[  122.604504][ T8015] F2FS-fs (loop2): invalid crc value
[  122.664505][ T8015] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  122.670233][ T8015] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  122.685843][ T8015] netlink: 12 bytes leftover after parsing attributes in process `syz.2.804'.
[  122.735669][ T8015] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))"
[  122.753925][ T8015] overlayfs: missing 'lowerdir'
[  122.870849][ T8015] fscrypt: AES-256-XTS using implementation "xts(ecb(aes-fixed-time))"
[  122.963260][   T24] usb 2-1: new full-speed USB device number 15 using dummy_hcd
[  123.121994][   T24] usb 2-1: config 1 has an invalid interface number: 35 but max is 0
[  123.125567][   T24] usb 2-1: config 1 has no interface number 0
[  123.128437][   T24] usb 2-1: config 1 interface 35 altsetting 0 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[  123.153370][   T24] usb 2-1: New USB device found, idVendor=17cc, idProduct=1000, bcdDevice=2d.0a
[  123.156619][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.159352][   T24] usb 2-1: Product: syz
[  123.171609][   T24] usb 2-1: Manufacturer: syz
[  123.173622][   T24] usb 2-1: SerialNumber: syz
[  123.396392][   T24] snd-usb-audio 2-1:1.35: probe with driver snd-usb-audio failed with error -71
[  123.735575][   T24] usb 2-1: USB disconnect, device number 15
[  123.765942][ T8053] RDS: rds_bind could not find a transport for ::ffff:0.0.0.224, load rds_tcp or rds_rdma?
[  125.110883][ T8106] loop1: detected capacity change from 0 to 256
[  125.127390][ T8106] FAT-fs (loop1): Directory bread(block 64) failed
[  125.131657][ T8106] FAT-fs (loop1): Directory bread(block 65) failed
[  125.140326][ T8106] FAT-fs (loop1): Directory bread(block 66) failed
[  125.144652][ T8106] FAT-fs (loop1): Directory bread(block 67) failed
[  125.147495][ T8106] FAT-fs (loop1): Directory bread(block 68) failed
[  125.155669][ T8106] FAT-fs (loop1): Directory bread(block 69) failed
[  125.158397][ T8106] FAT-fs (loop1): Directory bread(block 70) failed
[  125.158635][ T8108] can0: slcan on ttyS3.
[  125.168441][ T8106] FAT-fs (loop1): Directory bread(block 71) failed
[  125.173322][ T8106] FAT-fs (loop1): Directory bread(block 72) failed
[  125.176050][ T8106] FAT-fs (loop1): Directory bread(block 73) failed
[  125.251875][ T8107] can0 (unregistered): slcan off ttyS3.
[  125.509131][ T8124] loop1: detected capacity change from 0 to 256
[  125.561945][ T8124] FAT-fs (loop1): Directory bread(block 64) failed
[  125.571246][ T8124] FAT-fs (loop1): Directory bread(block 65) failed
[  125.573962][ T8124] FAT-fs (loop1): Directory bread(block 66) failed
[  125.581752][ T8124] FAT-fs (loop1): Directory bread(block 67) failed
[  125.584516][ T8124] FAT-fs (loop1): Directory bread(block 68) failed
[  125.597566][ T8124] FAT-fs (loop1): Directory bread(block 69) failed
[  125.602385][ T8124] FAT-fs (loop1): Directory bread(block 70) failed
[  125.605044][ T8124] FAT-fs (loop1): Directory bread(block 71) failed
[  125.617999][ T8124] FAT-fs (loop1): Directory bread(block 72) failed
[  125.620906][ T8124] FAT-fs (loop1): Directory bread(block 73) failed
[  125.756247][ T8130] loop1: detected capacity change from 0 to 2048
[  125.788022][ T6386] udevd[6386]: incorrect nilfs2 checksum on /dev/loop1
[  125.789629][ T8130] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  125.830654][ T6386] udevd[6386]: incorrect nilfs2 checksum on /dev/loop1
[  125.841275][ T8133] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  125.910399][ T8118] loop2: detected capacity change from 0 to 40427
[  125.915029][ T8118] F2FS-fs (loop2): build fault injection rate: 14
[  125.917763][ T8118] F2FS-fs (loop2): build fault injection type: 0x3bfe8c
[  125.923367][ T8118] F2FS-fs (loop2): invalid crc value
[  125.943799][    C1] F2FS-fs (loop2): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  125.955419][    C1] F2FS-fs (loop2): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  126.031393][ T8118] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  126.035038][ T8118] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[  126.041090][ T8142] loop1: detected capacity change from 0 to 1024
[  126.044003][ T8118] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  126.076303][ T8118] F2FS-fs (loop2): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  126.087613][ T8142] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  126.094310][   T33] audit: type=1800 audit(1756744960.595:42): pid=8118 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.842" name="file2" dev="loop2" ino=10 res=0 errno=0
[  126.104006][ T8118] F2FS-fs (loop2): inject inconsistent footer in sanity_check_node_footer of f2fs_get_dnode_of_data+0x249/0x1cf0
[  126.111319][ T8142] ext4 filesystem being mounted at /241/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  126.116126][ T8118] F2FS-fs (loop2): inconsistent node block, node_type:1, nid:10, node_footer[nid:10,ino:10,ofs:0,cpver:0,blkaddr:0]
[  126.157759][ T5840] syz-executor: attempt to access beyond end of device
[  126.157759][ T5840] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  126.166841][ T5840] CPU: 1 UID: 0 PID: 5840 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  126.166862][ T5840] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  126.166870][ T5840] Call Trace:
[  126.166876][ T5840]  <TASK>
[  126.166882][ T5840]  dump_stack_lvl+0x189/0x250
[  126.166905][ T5840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  126.166921][ T5840]  ? __pfx_queue_work_on+0x10/0x10
[  126.166934][ T5840]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  126.166950][ T5840]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  126.166984][ T5840]  f2fs_handle_critical_error+0x37c/0x540
[  126.167008][ T5840]  f2fs_write_end_io+0x886/0xb60
[  126.167037][ T5840]  __submit_merged_bio+0x27a/0x6a0
[  126.167060][ T5840]  __submit_merged_write_cond+0x255/0x530
[  126.167084][ T5840]  f2fs_write_data_pages+0x261d/0x3000
[  126.167133][ T5840]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  126.167164][ T5840]  ? is_bpf_text_address+0x26/0x2b0
[  126.167211][ T5840]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  126.167227][ T5840]  ? lockdep_hardirqs_on+0x9c/0x150
[  126.167255][ T5840]  ? __lock_acquire+0xab9/0xd20
[  126.167280][ T5840]  ? do_raw_spin_lock+0x121/0x290
[  126.167305][ T5840]  ? do_raw_spin_unlock+0x4d/0x240
[  126.167320][ T5840]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  126.167339][ T5840]  do_writepages+0x32e/0x550
[  126.167365][ T5840]  ? do_raw_spin_unlock+0x4d/0x240
[  126.167384][ T5840]  filemap_fdatawrite+0x199/0x240
[  126.167400][ T5840]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  126.167458][ T5840]  ? do_raw_spin_unlock+0x4d/0x240
[  126.167477][ T5840]  f2fs_sync_dirty_inodes+0x31f/0x830
[  126.167503][ T5840]  f2fs_write_checkpoint+0x95a/0x1df0
[  126.167538][ T5840]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  126.167592][ T5840]  ? kill_f2fs_super+0x298/0x6c0
[  126.167610][ T5840]  kill_f2fs_super+0x2c3/0x6c0
[  126.167628][ T5840]  ? __pfx_kill_f2fs_super+0x10/0x10
[  126.167639][ T5840]  ? radix_tree_delete_item+0x2b6/0x400
[  126.167661][ T5840]  ? shrinker_free+0x2ce/0x3e0
[  126.167677][ T5840]  deactivate_locked_super+0xbc/0x130
[  126.167694][ T5840]  cleanup_mnt+0x425/0x4c0
[  126.167753][ T5840]  ? lockdep_hardirqs_on+0x9c/0x150
[  126.167772][ T5840]  task_work_run+0x1d4/0x260
[  126.167792][ T5840]  ? __pfx_task_work_run+0x10/0x10
[  126.167806][ T5840]  ? __x64_sys_umount+0x122/0x160
[  126.167826][ T5840]  ? exit_to_user_mode_loop+0x40/0x110
[  126.167847][ T5840]  exit_to_user_mode_loop+0xec/0x110
[  126.167864][ T5840]  do_syscall_64+0x2bd/0x3b0
[  126.167881][ T5840]  ? lockdep_hardirqs_on+0x9c/0x150
[  126.167897][ T5840]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.167909][ T5840]  ? exc_page_fault+0x9f/0xf0
[  126.167927][ T5840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.167938][ T5840] RIP: 0033:0x7f51c5b8ff17
[  126.167951][ T5840] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  126.167966][ T5840] RSP: 002b:00007fffbc079c28 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  126.167980][ T5840] RAX: 0000000000000000 RBX: 00007f51c5c11c05 RCX: 00007f51c5b8ff17
[  126.167988][ T5840] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffbc079ce0
[  126.167995][ T5840] RBP: 00007fffbc079ce0 R08: 0000000000000000 R09: 0000000000000000
[  126.168002][ T5840] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffbc07ad70
[  126.168009][ T5840] R13: 00007f51c5c11c05 R14: 000000000001ec33 R15: 00007fffbc07adb0
[  126.168034][ T5840]  </TASK>
[  126.170042][ T5840] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  126.184060][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.405083][ T8150] loop1: detected capacity change from 0 to 1024
[  126.421333][ T8150] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  126.442231][ T8150] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=c855c01c, mo2=0003]
[  126.447732][ T8150] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  126.482319][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  126.565458][ T8159] 9pnet_fd: Insufficient options for proto=fd
[  128.033562][ T8171] loop2: detected capacity change from 0 to 32768
[  128.053622][ T8171] (syz.2.858,8171,0):ocfs2_journal_init:961 ERROR: Journal file size (0) is too small!
[  128.057666][ T8171] (syz.2.858,8171,0):ocfs2_check_volume:2347 ERROR: Could not initialize journal!
[  128.062774][ T8171] (syz.2.858,8171,0):ocfs2_check_volume:2432 ERROR: status = -22
[  128.065813][ T8171] (syz.2.858,8171,0):ocfs2_mount_volume:1764 ERROR: status = -22
[  128.080167][ T8171] (syz.2.858,8171,0):ocfs2_fill_super:1177 ERROR: status = -22
[  128.630086][   T47] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  128.642542][ T8196] loop1: detected capacity change from 0 to 512
[  128.683994][ T8196] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.690086][ T8196] ext4 filesystem being mounted at /249/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  128.704612][   T33] audit: type=1800 audit(1756744963.205:43): pid=8196 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.870" name="bus" dev="loop1" ino=18 res=0 errno=0
[  128.733374][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.791841][   T47] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  128.795238][   T47] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.804092][   T47] usb 3-1: config 0 descriptor??
[  128.807729][   T47] cp210x 3-1:0.0: cp210x converter detected
[  129.010741][ T5916] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  129.169736][ T5916] usb 2-1: Using ep0 maxpacket: 32
[  129.173184][ T5916] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[  129.176630][ T5916] usb 2-1: config 0 has no interface number 0
[  129.178778][ T5916] usb 2-1: config 0 interface 184 has no altsetting 0
[  129.183773][ T5916] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  129.186945][ T5916] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  129.190292][ T5916] usb 2-1: Product: syz
[  129.192193][ T5916] usb 2-1: Manufacturer: syz
[  129.194028][ T5916] usb 2-1: SerialNumber: syz
[  129.198123][ T5916] usb 2-1: config 0 descriptor??
[  129.204651][ T5916] smsc75xx v1.0.0
[  129.214521][   T47] cp210x 3-1:0.0: failed to get vendor val 0x000e size 3: -32
[  129.427321][   T47] usb 3-1: cp210x converter now attached to ttyUSB0
[  129.643575][   T47] usb 3-1: USB disconnect, device number 11
[  129.654876][   T47] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  129.700451][   T47] cp210x 3-1:0.0: device disconnected
[  129.822829][ T5916] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  129.829519][ T5916] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  129.833941][ T5916] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_bind
[  129.838134][ T5916] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -71
[  129.843287][ T5916] usb 2-1: USB disconnect, device number 16
[  130.373576][ T8238] loop1: detected capacity change from 0 to 1024
[  130.424053][ T8236] loop2: detected capacity change from 0 to 40427
[  130.427961][ T8236] F2FS-fs (loop2): Wrong SSA boundary, start(3584) end(4096) blocks(0)
[  130.431523][ T8236] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  130.435015][ T8236] F2FS-fs (loop2): build fault injection type: 0x6
[  130.463439][ T8236] F2FS-fs (loop2): invalid crc value
[  130.514812][ T8236] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  130.519013][ T8236] F2FS-fs (loop2): Start checkpoint disabled!
[  130.525035][ T8236] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  130.527954][ T8236] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  130.854897][ T8249] loop1: detected capacity change from 0 to 8
[  130.863788][ T8249] squashfs: Unknown parameter '0xffffffffffffffff184467440737095516150177777777777777777777700000000000000000000000δ/'jCzR܍ٳ01[^!p&Џ7uPOUߐ#{>y^X:CmC>8tK2'
[  131.979137][ T8263] loop1: detected capacity change from 0 to 512
[  131.994098][ T8263] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  132.031029][ T8263] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.044390][ T8263] ext4 filesystem being mounted at /258/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  132.068675][ T8263] EXT4-fs error (device loop1): ext4_xattr_block_find:1869: inode #15: comm syz.1.898: corrupted xattr block 19: overlapping e_value 
[  132.080893][ T8263] EXT4-fs (loop1): Remounting filesystem read-only
[  132.149042][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.554423][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  132.558344][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  132.864476][ T8284] netlink: 5028 bytes leftover after parsing attributes in process `syz.1.903'.
[  132.868923][ T8284] netlink: 5028 bytes leftover after parsing attributes in process `syz.1.903'.
[  133.330476][ T8293] loop2: detected capacity change from 0 to 32768
[  133.364660][ T8293] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  133.388619][ T8293] XFS (loop2): Ending clean mount
[  133.395650][ T8293] XFS (loop2): Quotacheck needed: Please wait.
[  133.412703][ T8310] loop1: detected capacity change from 0 to 4096
[  133.426665][ T8293] XFS (loop2): Quotacheck: Done.
[  133.456464][ T5840] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  133.624698][ T8316] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  133.657891][ T8318] loop2: detected capacity change from 0 to 64
[  133.835137][ T8328] kernel read not supported for file /!selinu (pid: 8328 comm: syz.2.923)
[  133.839163][   T33] audit: type=1800 audit(1756744968.335:44): pid=8328 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.923" name=2173656C696E75FF7F dev="mqueue" ino=14617 res=0 errno=0
[  133.998964][ T8335] loop2: detected capacity change from 0 to 4096
[  134.033000][ T8335] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  134.143535][ T8344] loop2: detected capacity change from 0 to 256
[  134.175017][ T8344] FAT-fs (loop2): Directory bread(block 64) failed
[  134.182668][ T8344] FAT-fs (loop2): Directory bread(block 65) failed
[  134.185569][ T8344] FAT-fs (loop2): Directory bread(block 66) failed
[  134.189788][ T8344] FAT-fs (loop2): Directory bread(block 67) failed
[  134.195576][ T8344] FAT-fs (loop2): Directory bread(block 68) failed
[  134.201700][ T8344] FAT-fs (loop2): Directory bread(block 69) failed
[  134.205720][ T8344] FAT-fs (loop2): Directory bread(block 70) failed
[  134.211722][ T8344] FAT-fs (loop2): Directory bread(block 71) failed
[  134.217339][ T8344] FAT-fs (loop2): Directory bread(block 72) failed
[  134.221711][ T8344] FAT-fs (loop2): Directory bread(block 73) failed
[  134.228299][ T8351] loop1: detected capacity change from 0 to 512
[  134.270279][ T8351] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.279515][ T8351] ext4 filesystem being mounted at /271/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  134.315318][ T8351] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  134.349406][ T8351] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  134.393574][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.503260][ T8370] ptrace attach of "/syz-executor exec"[5848] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        "[8370]
[  134.703988][ T8363] loop2: detected capacity change from 0 to 40427
[  134.708903][ T8363] F2FS-fs (loop2): build fault injection rate: 771
[  134.719830][ T8363] F2FS-fs (loop2): invalid crc value
[  134.823641][ T8363] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  134.850115][ T8363] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  134.870180][ T8377] loop1: detected capacity change from 0 to 32768
[  134.902580][ T5840] syz-executor: attempt to access beyond end of device
[  134.902580][ T5840] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  134.910163][ T5840] CPU: 1 UID: 0 PID: 5840 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  134.910174][ T5840] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  134.910179][ T5840] Call Trace:
[  134.910182][ T5840]  <TASK>
[  134.910186][ T5840]  dump_stack_lvl+0x189/0x250
[  134.910199][ T5840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  134.910208][ T5840]  ? __pfx_queue_work_on+0x10/0x10
[  134.910215][ T5840]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  134.910225][ T5840]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  134.910238][ T5840]  f2fs_handle_critical_error+0x37c/0x540
[  134.910250][ T5840]  f2fs_write_end_io+0x886/0xb60
[  134.910264][ T5840]  __submit_merged_bio+0x27a/0x6a0
[  134.910275][ T5840]  __submit_merged_write_cond+0x255/0x530
[  134.910287][ T5840]  f2fs_write_data_pages+0x261d/0x3000
[  134.910310][ T5840]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  134.910336][ T5840]  ? __mod_zone_page_state+0xd7/0x140
[  134.910356][ T5840]  ? folios_put_refs+0x560/0x640
[  134.910374][ T5840]  ? __pfx_folios_put_refs+0x10/0x10
[  134.910383][ T5840]  ? rcu_is_watching+0x15/0xb0
[  134.910400][ T5840]  ? __lock_acquire+0xab9/0xd20
[  134.910427][ T5840]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  134.910443][ T5840]  do_writepages+0x32e/0x550
[  134.910466][ T5840]  ? do_raw_spin_unlock+0x4d/0x240
[  134.910484][ T5840]  filemap_fdatawrite+0x199/0x240
[  134.910498][ T5840]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  134.910525][ T5840]  ? do_raw_spin_unlock+0x4d/0x240
[  134.910534][ T5840]  f2fs_sync_dirty_inodes+0x31f/0x830
[  134.910547][ T5840]  f2fs_write_checkpoint+0x95a/0x1df0
[  134.910562][ T5840]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  134.910584][ T5840]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  134.910591][ T5840]  ? kfree+0x18e/0x440
[  134.910600][ T5840]  ? kill_f2fs_super+0x298/0x6c0
[  134.910631][ T5840]  kill_f2fs_super+0x2c3/0x6c0
[  134.910642][ T5840]  ? __pfx_kill_f2fs_super+0x10/0x10
[  134.910648][ T5840]  ? radix_tree_delete_item+0x2b6/0x400
[  134.910660][ T5840]  ? shrinker_free+0x2ce/0x3e0
[  134.910669][ T5840]  deactivate_locked_super+0xbc/0x130
[  134.910678][ T5840]  cleanup_mnt+0x425/0x4c0
[  134.910686][ T5840]  ? lockdep_hardirqs_on+0x9c/0x150
[  134.910696][ T5840]  task_work_run+0x1d4/0x260
[  134.910707][ T5840]  ? __pfx_task_work_run+0x10/0x10
[  134.910715][ T5840]  ? __x64_sys_umount+0x122/0x160
[  134.910725][ T5840]  ? exit_to_user_mode_loop+0x40/0x110
[  134.910736][ T5840]  exit_to_user_mode_loop+0xec/0x110
[  134.910746][ T5840]  do_syscall_64+0x2bd/0x3b0
[  134.910755][ T5840]  ? lockdep_hardirqs_on+0x9c/0x150
[  134.910764][ T5840]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.910770][ T5840]  ? exc_page_fault+0x9f/0xf0
[  134.910780][ T5840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.910787][ T5840] RIP: 0033:0x7f51c5b8ff17
[  134.910794][ T5840] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  134.910800][ T5840] RSP: 002b:00007fffbc079c28 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  134.910809][ T5840] RAX: 0000000000000000 RBX: 00007f51c5c11c05 RCX: 00007f51c5b8ff17
[  134.910814][ T5840] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffbc079ce0
[  134.910818][ T5840] RBP: 00007fffbc079ce0 R08: 0000000000000000 R09: 0000000000000000
[  134.910822][ T5840] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffbc07ad70
[  134.910826][ T5840] R13: 00007f51c5c11c05 R14: 0000000000020e58 R15: 00007fffbc07adb0
[  134.910855][ T5840]  </TASK>
[  134.910858][ T5840] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  135.041747][ T5840] CPU: 1 UID: 0 PID: 5840 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  135.041765][ T5840] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  135.041772][ T5840] Call Trace:
[  135.041777][ T5840]  <TASK>
[  135.041782][ T5840]  dump_stack_lvl+0x189/0x250
[  135.041804][ T5840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  135.041819][ T5840]  ? __pfx_queue_work_on+0x10/0x10
[  135.041838][ T5840]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  135.041855][ T5840]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  135.041880][ T5840]  f2fs_handle_critical_error+0x37c/0x540
[  135.041904][ T5840]  f2fs_write_end_io+0x886/0xb60
[  135.041932][ T5840]  __submit_merged_bio+0x27a/0x6a0
[  135.041954][ T5840]  __submit_merged_write_cond+0x255/0x530
[  135.041977][ T5840]  f2fs_write_data_pages+0x261d/0x3000
[  135.042024][ T5840]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  135.042078][ T5840]  ? __mod_zone_page_state+0xd7/0x140
[  135.042103][ T5840]  ? folios_put_refs+0x560/0x640
[  135.042125][ T5840]  ? __pfx_folios_put_refs+0x10/0x10
[  135.042137][ T5840]  ? rcu_is_watching+0x15/0xb0
[  135.042157][ T5840]  ? __lock_acquire+0xab9/0xd20
[  135.042187][ T5840]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  135.042206][ T5840]  do_writepages+0x32e/0x550
[  135.042233][ T5840]  ? do_raw_spin_unlock+0x4d/0x240
[  135.042251][ T5840]  filemap_fdatawrite+0x199/0x240
[  135.042268][ T5840]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  135.042326][ T5840]  ? do_raw_spin_unlock+0x4d/0x240
[  135.042345][ T5840]  f2fs_sync_dirty_inodes+0x31f/0x830
[  135.042371][ T5840]  f2fs_write_checkpoint+0x95a/0x1df0
[  135.042405][ T5840]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  135.042455][ T5840]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  135.042466][ T5840]  ? kfree+0x18e/0x440
[  135.042482][ T5840]  ? kill_f2fs_super+0x298/0x6c0
[  135.042500][ T5840]  kill_f2fs_super+0x2c3/0x6c0
[  135.042517][ T5840]  ? __pfx_kill_f2fs_super+0x10/0x10
[  135.042528][ T5840]  ? radix_tree_delete_item+0x2b6/0x400
[  135.042551][ T5840]  ? shrinker_free+0x2ce/0x3e0
[  135.042567][ T5840]  deactivate_locked_super+0xbc/0x130
[  135.042583][ T5840]  cleanup_mnt+0x425/0x4c0
[  135.042597][ T5840]  ? lockdep_hardirqs_on+0x9c/0x150
[  135.042641][ T5840]  task_work_run+0x1d4/0x260
[  135.042661][ T5840]  ? __pfx_task_work_run+0x10/0x10
[  135.042674][ T5840]  ? __x64_sys_umount+0x122/0x160
[  135.042694][ T5840]  ? exit_to_user_mode_loop+0x40/0x110
[  135.042715][ T5840]  exit_to_user_mode_loop+0xec/0x110
[  135.042732][ T5840]  do_syscall_64+0x2bd/0x3b0
[  135.042748][ T5840]  ? lockdep_hardirqs_on+0x9c/0x150
[  135.042764][ T5840]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.042775][ T5840]  ? exc_page_fault+0x9f/0xf0
[  135.042794][ T5840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  135.042805][ T5840] RIP: 0033:0x7f51c5b8ff17
[  135.042817][ T5840] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  135.042833][ T5840] RSP: 002b:00007fffbc079c28 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  135.042846][ T5840] RAX: 0000000000000000 RBX: 00007f51c5c11c05 RCX: 00007f51c5b8ff17
[  135.042855][ T5840] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffbc079ce0
[  135.042863][ T5840] RBP: 00007fffbc079ce0 R08: 0000000000000000 R09: 0000000000000000
[  135.042869][ T5840] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffbc07ad70
[  135.042876][ T5840] R13: 00007f51c5c11c05 R14: 0000000000020e58 R15: 00007fffbc07adb0
[  135.042900][ T5840]  </TASK>
[  135.042905][ T5840] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  135.600437][ T8204] usb 2-1: new full-speed USB device number 17 using dummy_hcd
[  135.751496][ T8204] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  135.755725][ T8204] usb 2-1: New USB device found, idVendor=057e, idProduct=200e, bcdDevice= 0.00
[  135.759470][ T8204] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.765207][ T8204] usb 2-1: config 0 descriptor??
[  135.779766][   T47] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  135.929976][   T47] usb 3-1: Using ep0 maxpacket: 8
[  135.938275][   T47] usb 3-1: config 4 has an invalid interface number: 244 but max is 0
[  135.943114][   T47] usb 3-1: config 4 has no interface number 0
[  135.945900][   T47] usb 3-1: config 4 interface 244 altsetting 1 endpoint 0x1 has an invalid bInterval 41, changing to 7
[  135.953346][   T47] usb 3-1: config 4 interface 244 altsetting 1 endpoint 0x2 has invalid wMaxPacketSize 0
[  135.957409][   T47] usb 3-1: config 4 interface 244 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 0
[  135.961677][   T47] usb 3-1: config 4 interface 244 has no altsetting 0
[  135.968430][   T47] usb 3-1: New USB device found, idVendor=05ac, idProduct=fa33, bcdDevice=cb.aa
[  135.978746][   T47] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  135.982205][   T47] usb 3-1: Product: syz
[  135.984031][   T47] usb 3-1: Manufacturer: syz
[  135.986041][   T47] usb 3-1: SerialNumber: syz
[  136.200044][ T8204] nintendo 0003:057E:200E.0005: unbalanced collection at end of report description
[  136.205142][ T8204] nintendo 0003:057E:200E.0005: HID parse failed
[  136.216254][ T8204] nintendo 0003:057E:200E.0005: probe - fail = -22
[  136.219066][ T8204] nintendo 0003:057E:200E.0005: probe with driver nintendo failed with error -22
[  136.234923][   T47] ipheth 3-1:4.244: Unable to find endpoints
[  136.260806][   T47] usb 3-1: USB disconnect, device number 12
[  136.387423][ T8204] usb 2-1: USB disconnect, device number 17
[  137.550842][ T8204] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  137.723301][ T8204] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  137.728002][ T8204] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  137.736219][ T8204] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  137.744312][ T8204] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.752895][ T8494] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  137.766689][ T8204] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  137.965403][ T8204] usb 3-1: USB disconnect, device number 13
[  138.348125][ T8561] loop1: detected capacity change from 0 to 512
[  138.361053][ T8561] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  138.365205][ T8561] EXT4-fs (loop1): group descriptors corrupted!
[  138.417694][ T8564] loop1: detected capacity change from 0 to 256
[  138.616383][ T8568] netlink: 12 bytes leftover after parsing attributes in process `syz.2.977'.
[  138.705153][ T8566] loop1: detected capacity change from 0 to 32768
[  138.758764][ T8566] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  138.819303][ T8566] XFS (loop1): Ending clean mount
[  138.868115][ T5848] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  140.230332][ T8601] process 'syz.3.983' launched './file0' with NULL argv: empty string added
[  141.424843][   T33] audit: type=1326 audit(1756744975.925:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8630 comm="syz.3.995" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff0df18ebe9 code=0x0
[  141.801002][ T8644] loop1: detected capacity change from 0 to 65
[  141.811594][ T8644] BFS-fs: bfs_fill_super(): NOTE: filesystem loop1 was created with 512 inodes, the real maximum is 511, mounting anyway
[  142.058864][ T8655] loop1: detected capacity change from 0 to 2048
[  142.072810][ T8655] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=18576, location=18576
[  142.079835][ T8655] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  142.296942][ T8665] loop2: detected capacity change from 0 to 512
[  142.301261][ T8659] loop1: detected capacity change from 0 to 32768
[  142.307648][ T8659] (syz.1.1006,8659,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0xd3209cc6. Applying ECC.
[  142.319809][ T8659] (syz.1.1006,8659,1):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0xb3775c19, computed 0xd3209cc6
[  142.326466][ T8665] EXT4-fs (loop2): Test dummy encryption mode enabled
[  142.329136][ T8659] (syz.1.1006,8659,1):ocfs2_validate_inode_block:1455 ERROR: Checksum failed for dinode 18
[  142.342646][ T8659] (syz.1.1006,8659,1):ocfs2_read_locked_inode:597 ERROR: status = -5
[  142.345701][ T8659] (syz.1.1006,8659,1):ocfs2_init_global_system_inodes:452 ERROR: status = -5
[  142.349264][ T8659] (syz.1.1006,8659,1):ocfs2_init_global_system_inodes:476 ERROR: status = -5
[  142.355214][ T8659] (syz.1.1006,8659,1):ocfs2_initialize_super:2198 ERROR: status = -5
[  142.358233][ T8659] (syz.1.1006,8659,1):ocfs2_fill_super:1177 ERROR: status = -5
[  142.362472][ T8665] EXT4-fs error (device loop2): __ext4_iget:5464: inode #11: block 1: comm syz.2.1009: invalid block
[  142.367334][ T8665] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.1009: couldn't read orphan inode 11 (err -117)
[  142.389293][ T8665] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.440155][ T8665] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 216 vs 220 free clusters
[  142.468323][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.961716][ T8692] loop2: detected capacity change from 0 to 1024
[  143.036376][ T8681] loop1: detected capacity change from 0 to 40427
[  143.048904][ T8681] F2FS-fs (loop1): invalid crc value
[  143.050444][   T33] audit: type=1326 audit(1756744977.545:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8693 comm="syz.3.1021" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff0df18ebe9 code=0x0
[  143.143158][ T8681] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  143.149976][ T5842] Bluetooth: hci1: link tx timeout
[  143.152648][ T5842] Bluetooth: hci1: killing stalled connection 10:aa:aa:aa:aa:aa
[  143.156198][   T33] audit: type=1326 audit(1756744977.655:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8696 comm="syz.2.1022" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c5b8ebe9 code=0x7ffc0000
[  143.156837][ T5842] Bluetooth: hci1: link tx timeout
[  143.167750][ T5842] Bluetooth: hci1: killing stalled connection 11:aa:aa:aa:aa:aa
[  143.168348][   T33] audit: type=1326 audit(1756744977.665:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8696 comm="syz.2.1022" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c5b8ebe9 code=0x7ffc0000
[  143.182257][ T8681] F2FS-fs (loop1): Start checkpoint disabled!
[  143.198720][ T8681] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  143.211831][   T33] audit: type=1326 audit(1756744977.695:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8696 comm="syz.2.1022" exe="/syz-executor" sig=0 arch=c000003e syscall=125 compat=0 ip=0x7f51c5b8ebe9 code=0x7ffc0000
[  143.242213][   T33] audit: type=1326 audit(1756744977.695:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8696 comm="syz.2.1022" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c5b8ebe9 code=0x7ffc0000
[  143.258226][   T33] audit: type=1800 audit(1756744977.725:51): pid=8681 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1015" name="file1" dev="loop1" ino=10 res=0 errno=0
[  143.273652][ T7604] kworker/u9:5: attempt to access beyond end of device
[  143.273652][ T7604] loop1: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  143.282930][ T7604] kworker/u9:5: attempt to access beyond end of device
[  143.282930][ T7604] loop1: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  143.288173][ T7604] CPU: 0 UID: 0 PID: 7604 Comm: kworker/u9:5 Not tainted syzkaller #0 PREEMPT(full) 
[  143.288189][ T7604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  143.288198][ T7604] Workqueue: writeback wb_workfn (flush-7:1)
[  143.288217][ T7604] Call Trace:
[  143.288223][ T7604]  <TASK>
[  143.288229][ T7604]  dump_stack_lvl+0x189/0x250
[  143.288248][ T7604]  ? __pfx_dump_stack_lvl+0x10/0x10
[  143.288263][ T7604]  ? __pfx_queue_work_on+0x10/0x10
[  143.288275][ T7604]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  143.288291][ T7604]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  143.288317][ T7604]  f2fs_handle_critical_error+0x37c/0x540
[  143.288341][ T7604]  f2fs_write_end_io+0x886/0xb60
[  143.288368][ T7604]  __submit_merged_bio+0x27a/0x6a0
[  143.288391][ T7604]  __submit_merged_write_cond+0x255/0x530
[  143.288414][ T7604]  f2fs_write_data_pages+0x261d/0x3000
[  143.288463][ T7604]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  143.288493][ T7604]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  143.288561][ T7604]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  143.288591][ T7604]  ? trace_f2fs_writepages+0x7f/0x200
[  143.288609][ T7604]  ? f2fs_write_node_pages+0x478/0x6e0
[  143.288629][ T7604]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  143.288652][ T7604]  ? __lock_acquire+0xab9/0xd20
[  143.288673][ T7604]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  143.288692][ T7604]  do_writepages+0x32e/0x550
[  143.288714][ T7604]  ? reacquire_held_locks+0x127/0x1d0
[  143.288725][ T7604]  ? writeback_sb_inodes+0x384/0x1010
[  143.288748][ T7604]  __writeback_single_inode+0x145/0xff0
[  143.288764][ T7604]  ? do_raw_spin_unlock+0x4d/0x240
[  143.288782][ T7604]  writeback_sb_inodes+0x6c7/0x1010
[  143.288820][ T7604]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  143.288873][ T7604]  ? rcu_is_watching+0x15/0xb0
[  143.288895][ T7604]  wb_writeback+0x43b/0xaf0
[  143.288918][ T7604]  ? queue_io+0x3b1/0x590
[  143.288936][ T7604]  ? __pfx_wb_writeback+0x10/0x10
[  143.288958][ T7604]  ? _raw_spin_unlock_irq+0x23/0x50
[  143.288978][ T7604]  wb_workfn+0x409/0xef0
[  143.289005][ T7604]  ? __pfx_wb_workfn+0x10/0x10
[  143.289023][ T7604]  ? __lock_acquire+0xab9/0xd20
[  143.289049][ T7604]  ? process_scheduled_works+0x9ef/0x17b0
[  143.289073][ T7604]  ? _raw_spin_unlock_irq+0x23/0x50
[  143.289087][ T7604]  ? process_scheduled_works+0x9ef/0x17b0
[  143.289097][ T7604]  ? process_scheduled_works+0x9ef/0x17b0
[  143.289111][ T7604]  process_scheduled_works+0xae1/0x17b0
[  143.289147][ T7604]  ? __pfx_process_scheduled_works+0x10/0x10
[  143.289173][ T7604]  worker_thread+0x8a0/0xda0
[  143.289211][ T7604]  kthread+0x711/0x8a0
[  143.289229][ T7604]  ? __pfx_worker_thread+0x10/0x10
[  143.289241][ T7604]  ? __pfx_kthread+0x10/0x10
[  143.289256][ T7604]  ? _raw_spin_unlock_irq+0x23/0x50
[  143.289270][ T7604]  ? lockdep_hardirqs_on+0x9c/0x150
[  143.289285][ T7604]  ? __pfx_kthread+0x10/0x10
[  143.289301][ T7604]  ret_from_fork+0x3fc/0x770
[  143.289317][ T7604]  ? __pfx_ret_from_fork+0x10/0x10
[  143.289336][ T7604]  ? __switch_to_asm+0x39/0x70
[  143.289349][ T7604]  ? __switch_to_asm+0x33/0x70
[  143.289363][ T7604]  ? __pfx_kthread+0x10/0x10
[  143.289379][ T7604]  ret_from_fork_asm+0x1a/0x30
[  143.289409][ T7604]  </TASK>
[  143.289414][ T7604] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  144.237167][   T33] audit: type=1326 audit(1756744978.735:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8726 comm="syz.2.1035" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c5b8ebe9 code=0x7ffc0000
[  144.267057][   T33] audit: type=1326 audit(1756744978.735:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8726 comm="syz.2.1035" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c5b8ebe9 code=0x7ffc0000
[  144.285242][   T33] audit: type=1326 audit(1756744978.745:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8726 comm="syz.2.1035" exe="/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7f51c5b8ebe9 code=0x7ffc0000
[  145.010112][ T8746] loop2: detected capacity change from 0 to 40427
[  145.043272][ T8746] F2FS-fs (loop2): invalid crc value
[  145.117971][ T8746] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  145.122903][ T8746] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  145.151937][ T5840] syz-executor: attempt to access beyond end of device
[  145.151937][ T5840] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  145.157122][ T5840] CPU: 0 UID: 0 PID: 5840 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  145.157138][ T5840] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  145.157146][ T5840] Call Trace:
[  145.157151][ T5840]  <TASK>
[  145.157156][ T5840]  dump_stack_lvl+0x189/0x250
[  145.157177][ T5840]  ? __pfx_dump_stack_lvl+0x10/0x10
[  145.157192][ T5840]  ? __pfx_queue_work_on+0x10/0x10
[  145.157202][ T5840]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  145.157217][ T5840]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  145.157241][ T5840]  f2fs_handle_critical_error+0x37c/0x540
[  145.157262][ T5840]  f2fs_write_end_io+0x886/0xb60
[  145.157288][ T5840]  __submit_merged_bio+0x27a/0x6a0
[  145.157309][ T5840]  __submit_merged_write_cond+0x255/0x530
[  145.157330][ T5840]  f2fs_write_data_pages+0x261d/0x3000
[  145.157374][ T5840]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  145.157427][ T5840]  ? __lock_acquire+0xab9/0xd20
[  145.157459][ T5840]  ? __lock_acquire+0xab9/0xd20
[  145.157481][ T5840]  ? do_raw_spin_lock+0x121/0x290
[  145.157529][ T5840]  ? do_raw_spin_unlock+0x4d/0x240
[  145.157544][ T5840]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  145.157562][ T5840]  do_writepages+0x32e/0x550
[  145.157587][ T5840]  ? do_raw_spin_unlock+0x4d/0x240
[  145.157604][ T5840]  filemap_fdatawrite+0x199/0x240
[  145.157619][ T5840]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  145.157672][ T5840]  ? do_raw_spin_unlock+0x4d/0x240
[  145.157689][ T5840]  f2fs_sync_dirty_inodes+0x31f/0x830
[  145.157712][ T5840]  f2fs_write_checkpoint+0x95a/0x1df0
[  145.157749][ T5840]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  145.157799][ T5840]  ? kill_f2fs_super+0x298/0x6c0
[  145.157814][ T5840]  kill_f2fs_super+0x2c3/0x6c0
[  145.157831][ T5840]  ? __pfx_kill_f2fs_super+0x10/0x10
[  145.157840][ T5840]  ? radix_tree_delete_item+0x2b6/0x400
[  145.157863][ T5840]  ? shrinker_free+0x2ce/0x3e0
[  145.157880][ T5840]  deactivate_locked_super+0xbc/0x130
[  145.157895][ T5840]  cleanup_mnt+0x425/0x4c0
[  145.157908][ T5840]  ? lockdep_hardirqs_on+0x9c/0x150
[  145.157925][ T5840]  task_work_run+0x1d4/0x260
[  145.157940][ T5840]  ? __pfx_task_work_run+0x10/0x10
[  145.157949][ T5840]  ? __x64_sys_umount+0x122/0x160
[  145.157960][ T5840]  ? exit_to_user_mode_loop+0x40/0x110
[  145.157972][ T5840]  exit_to_user_mode_loop+0xec/0x110
[  145.157982][ T5840]  do_syscall_64+0x2bd/0x3b0
[  145.157991][ T5840]  ? lockdep_hardirqs_on+0x9c/0x150
[  145.158002][ T5840]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.158009][ T5840]  ? exc_page_fault+0x9f/0xf0
[  145.158019][ T5840]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  145.158025][ T5840] RIP: 0033:0x7f51c5b8ff17
[  145.158033][ T5840] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  145.158039][ T5840] RSP: 002b:00007fffbc079c28 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  145.158048][ T5840] RAX: 0000000000000000 RBX: 00007f51c5c11c05 RCX: 00007f51c5b8ff17
[  145.158053][ T5840] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fffbc079ce0
[  145.158057][ T5840] RBP: 00007fffbc079ce0 R08: 0000000000000000 R09: 0000000000000000
[  145.158062][ T5840] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fffbc07ad70
[  145.158066][ T5840] R13: 00007f51c5c11c05 R14: 0000000000023674 R15: 00007fffbc07adb0
[  145.158079][ T5840]  </TASK>
[  145.158082][ T5840] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  145.250827][ T5842] Bluetooth: hci1: command 0x0406 tx timeout
[  145.678155][ T8779] loop2: detected capacity change from 0 to 512
[  145.695819][ T8779] FAT-fs (loop2): bogus sectors per cluster 0
[  145.699783][ T8779] FAT-fs (loop2): Can't find a valid FAT filesystem
[  146.316882][ T8805] loop1: detected capacity change from 0 to 1024
[  146.383450][ T8805] hfsplus: b-tree write err: -5, ino 3
[  146.403853][ T8805] hfsplus: bad catalog file entry
[  146.428789][ T8512] hfsplus: bad catalog file entry
[  146.565605][ T8819] loop1: detected capacity change from 0 to 512
[  146.573044][ T8819] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  146.583000][ T8819] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a002c0a8, mo2=0002]
[  146.586435][ T8819] System zones: 1-12
[  146.595415][ T8819] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: inode #11: comm syz.1.1060: iget: bogus i_mode (700)
[  146.600409][ T8819] EXT4-fs (loop1): Remounting filesystem read-only
[  146.611070][ T8819] EXT4-fs (loop1): 1 orphan inode deleted
[  146.616950][ T8819] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.653708][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.824922][ T8842] loop1: detected capacity change from 0 to 1024
[  146.910155][ T7604] hfsplus: b-tree write err: -5, ino 4
[  147.167735][ T8855] loop1: detected capacity change from 0 to 1024
[  147.183450][ T8855] EXT4-fs: Ignoring removed orlov option
[  147.185918][ T8855] EXT4-fs: Ignoring removed mblk_io_submit option
[  147.201579][ T8855] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  147.226336][ T8855] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.255810][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  147.329907][ T5842] Bluetooth: hci1: command 0x0406 tx timeout
[  147.695969][ T8872] block device autoloading is deprecated and will be removed.
[  147.826933][ T8878] loop2: detected capacity change from 0 to 512
[  147.841519][ T8878] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  147.848189][ T8878] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.1078: invalid indirect mapped block 8 (level 2)
[  147.857604][ T8878] EXT4-fs (loop2): Remounting filesystem read-only
[  147.861207][ T8878] EXT4-fs (loop2): 1 truncate cleaned up
[  147.864653][ T8878] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.888580][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.414505][ T8891] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1083'.
[  148.454908][ T8891] loop1: detected capacity change from 0 to 1024
[  148.466365][ T8891] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  148.471697][ T8891] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  148.512204][ T8891] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  148.516231][ T8891] EXT4-fs (loop1): orphan cleanup on readonly fs
[  148.528679][ T8891] EXT4-fs error (device loop1): ext4_map_blocks:814: inode #3: block 3: comm syz.1.1083: lblock 3 mapped to illegal pblock 3 (length 1)
[  148.541023][ T8891] __quota_error: 4 callbacks suppressed
[  148.541075][ T8891] Quota error (device loop1): write_blk: dquota write failed
[  148.546042][ T8891] Quota error (device loop1): find_free_dqentry: Can't write quota data block 3
[  148.549553][ T8891] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  148.554243][ T8891] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.1083: Failed to acquire dquot type 0
[  148.560777][ T8891] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 3: comm syz.1.1083: lblock 3 mapped to illegal pblock 3 (length 1)
[  148.568366][ T8891] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  148.572310][ T8891] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.1083: Failed to acquire dquot type 0
[  148.578508][ T8891] EXT4-fs error (device loop1): ext4_free_blocks:6696: comm syz.1.1083: Freeing blocks not in datazone - block = 0, count = 4096
[  148.587584][ T8891] EXT4-fs error (device loop1): ext4_map_blocks:778: inode #3: block 3: comm syz.1.1083: lblock 3 mapped to illegal pblock 3 (length 1)
[  148.594495][ T8891] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  148.597752][ T8891] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.1083: Failed to acquire dquot type 0
[  148.602310][ T8891] EXT4-fs (loop1): 1 orphan inode deleted
[  148.617598][ T8891] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  148.941093][ T8904] loop2: detected capacity change from 0 to 32768
[  148.978116][ T8904] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[  149.016038][ T5840] ocfs2: Unmounting device (7,2) on (node local)
[  149.111962][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.304362][ T8911] loop2: detected capacity change from 0 to 32768
[  149.307811][ T8911] bcachefs (/dev/loop2): error validating superblock: Invalid time precision: 0 (min 1, max 1000000000)
[  149.311808][ T8911] bcachefs: bch2_fs_get_tree() error: invalid_sb_time_precision
[  149.550919][ T8919] loop2: detected capacity change from 0 to 32768
[  149.554563][ T8919] bcachefs (/dev/loop2): error validating superblock: Invalid superblock section clean: entry type btree_keys overruns end of section
[  149.554563][ T8919] clean (size 2912):
[  149.554563][ T8919] flags:          0
[  149.554563][ T8919] journal_seq:    8
[  149.554563][ T8919] prio_ptrs: 
[  149.554563][ T8919] usage: type=key_version v=0
[  149.554563][ T8919] usage: type=reserved v=0
[  149.554563][ T8919] usage: type=reserved v=0
[  149.554563][ T8919] usage: type=reserved v=0
[  149.554563][ T8919] usage: type=reserved v=0
[  149.554563][ T8919] data_usage: btree: 1/1 [0]=2816
[  149.554563][ T8919] data_usage: journal: 1/1 [0]=0
[  149.554563][ T8919] data_usage: user: 1/1 [0]=32
[  149.554563][ T8919] dev_usage: dev=0  
[  149.554563][ T8919]   free: buckets=83 sectors=0 fragmented=0
[  149.554563][ T8919]   sb: buckets=25 sectors=6152 fragmented=248
[  149.554563][ T8919]   journal: buckets=8 sectors=2048 fragmented=0
[  149.554563][ T8919]   btree: buckets=11 sectors=2816 fragmented=0
[  149.554563][ T8919]   user: buckets=1 sectors=32 fragmented=224
[  149.554563][ T8919]   cached: buckets=0 sectors=0 fragmented=0
[  149.554563][ T8919]   parity: buckets=0 sectors=0 fragmented=0
[  149.554563][ T8919]   stripe: buckets=0 sectors=0 fragmented=0
[  149.554563][ T8919]   need_gc_gens: buckets=0 sectors=0 fragmented=0
[  149.554563][ T8919]   need_discard: buckets=0 sectors=0 fragmented=0
[  149.554563][ T8919] clock: read=0
[  149.554563][ T8919] clock: write=1288
[  149.554563][ T8919] btree_root: btree=extents level=0 u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 249e7ae2af8ee3
[  149.554649][ T8919] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean
[  149.899819][ T8204] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  150.067163][ T8204] usb 3-1: New USB device found, idVendor=05d1, idProduct=2021, bcdDevice=31.00
[  150.078720][ T8204] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.085808][ T8204] usb 3-1: Product: syz
[  150.087572][ T8204] usb 3-1: Manufacturer: syz
[  150.089508][ T8204] usb 3-1: SerialNumber: syz
[  150.108727][ T8204] usb 3-1: config 0 descriptor??
[  150.128120][ T8204] ftdi_sio 3-1:0.0: FTDI USB Serial Device converter detected
[  150.140944][ T8204] usb 3-1: Detected FT4232HP
[  150.213287][ T8932] loop1: detected capacity change from 0 to 512
[  150.224490][ T8932] fscrypt (loop1, inode 2): Error -61 getting encryption context
[  150.228445][ T8932] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -61
[  150.233880][ T8932] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #13: comm syz.1.1102: iget: bad i_size value: 12154757448730
[  150.239506][ T8932] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1102: couldn't read orphan inode 13 (err -117)
[  150.246941][ T8932] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  150.286226][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.346515][ T8204] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  150.362486][ T8204] usb 3-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  150.416756][ T8941] tmpfs: Bad value for 'mpol'
[  150.622482][ T5896] usb 3-1: USB disconnect, device number 14
[  150.634437][ T5896] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  150.638589][ T5896] ftdi_sio 3-1:0.0: device disconnected
[  151.538497][ T8952] loop2: detected capacity change from 0 to 4096
[  151.538643][ T8956] loop1: detected capacity change from 0 to 512
[  151.564706][ T8956] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  151.574590][ T8952] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512).
[  151.583813][ T8956] ext4 filesystem being mounted at /336/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  151.605232][ T8956] Quota error (device loop1): do_check_range: Getting block 1702428675 out of range 1-5
[  151.611850][ T8956] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  151.619119][ T8956] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.1112: Failed to acquire dquot type 1
[  151.661138][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.806690][ T8969] capability: warning: `syz.3.1117' uses deprecated v2 capabilities in a way that may be insecure
[  152.023041][ T8982] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  152.034799][ T8952] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  152.210054][ T2206] usb 2-1: new full-speed USB device number 18 using dummy_hcd
[  152.339895][ T5896] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  152.386213][ T2206] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  152.393245][ T2206] usb 2-1: New USB device found, idVendor=28bd, idProduct=0933, bcdDevice= 0.00
[  152.397059][ T2206] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  152.404786][ T2206] usb 2-1: config 0 descriptor??
[  152.693995][ T5896] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  152.698310][ T5896] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  152.701720][ T5896] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  152.704937][ T5896] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  152.709606][ T5896] usb 3-1: config 0 descriptor??
[  152.890055][ T2206] input: HID 28bd:0933 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:28BD:0933.0006/input/input7
[  152.964947][ T2206] uclogic 0003:28BD:0933.0006: input,hidraw0: USB HID v0.01 Mouse [HID 28bd:0933] on usb-dummy_hcd.1-1/input0
[  153.086666][ T2206] usb 2-1: USB disconnect, device number 18
[  153.124198][ T5896] cp2112 0003:10C4:EA90.0007: hidraw1: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.2-1/input0
[  153.317780][ T5896] cp2112 0003:10C4:EA90.0007: Part Number: 0x00 Device Version: 0x00
[  153.651066][ T9022] loop1: detected capacity change from 0 to 4096
[  153.659257][ T9022] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  153.663246][ T9022] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  153.671245][ T9022] ntfs3(loop1): Failed to load $MFT.
[  153.718181][ T9025] loop1: detected capacity change from 0 to 4096
[  153.722186][ T5896] cp2112 0003:10C4:EA90.0007: error setting SMBus config
[  153.727326][ T9025] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  153.733919][ T5896] cp2112 0003:10C4:EA90.0007: probe with driver cp2112 failed with error -71
[  153.746827][ T5896] usb 3-1: USB disconnect, device number 15
[  153.756930][ T9025] ntfs3(loop1): Failed to initialize $Extend/$Reparse.
[  153.771992][   T33] audit: type=1800 audit(1756744988.275:59): pid=9025 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1143" name="bus" dev="loop1" ino=33 res=0 errno=0
[  153.948441][ T9029] sit0: entered promiscuous mode
[  153.958245][ T9029] netlink: 21 bytes leftover after parsing attributes in process `syz.1.1145'.
[  153.998521][ T9031] loop1: detected capacity change from 0 to 256
[  154.002783][ T9031] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  154.007115][ T9031] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  154.015770][ T9031] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[  154.144060][ T9037] loop1: detected capacity change from 0 to 128
[  154.150511][ T9037] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  154.156740][ T9037] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  154.272923][ T9043] futex_wake_op: syz.1.1152 tries to shift op by 32; fix this program
[  154.940644][ T9094] loop1: detected capacity change from 0 to 32768
[  154.984189][ T9094] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,erasure_code,recovery_pass_last=initialize_subvolumes,nojournal_transaction_names,read_only,reconstruct_alloc
[  154.984208][ T9094]   allowing incompatible features above 0.0: (unknown version)
[  154.984215][ T9094]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  155.001773][ T9094] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[  155.005006][ T9094] bcachefs (loop1): recovering from clean shutdown, journal seq 10
[  155.012260][ T9094] bcachefs (loop1): Version upgrade required:
[  155.012260][ T9094] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  155.012260][ T9094] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  155.012260][ T9094]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  155.043128][ T9094] bcachefs (loop1): dropping and reconstructing all alloc info
[  155.067057][ T9094] bcachefs (loop1): accounting_read... done
[  155.071617][ T9094] bcachefs (loop1): alloc_read... done
[  155.075086][ T9094] bcachefs (loop1): done starting filesystem
[  155.113549][ T5848] bcachefs (loop1): shutting down
[  155.137276][ T5848] bcachefs (loop1): shutdown complete
[  156.159964][ T5313] usb 3-1: new full-speed USB device number 16 using dummy_hcd
[  156.633528][ T5313] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  156.638845][ T5313] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  156.643960][ T5313] usb 3-1: New USB device found, idVendor=0461, idProduct=4e72, bcdDevice= 0.00
[  156.647994][ T5313] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.656677][ T5313] usb 3-1: config 0 descriptor??
[  156.659621][ T9119] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  157.138671][ T5313] hid-rmi 0003:0461:4E72.0008: hidraw0: USB HID v0.00 Device [HID 0461:4e72] on usb-dummy_hcd.2-1/input0
[  157.362767][ T5894] usb 3-1: USB disconnect, device number 16
[  158.252413][   T33] audit: type=1326 audit(1756744992.755:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9160 comm="syz.1.1204" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e1018ebe9 code=0x7ffc0000
[  158.271201][   T33] audit: type=1326 audit(1756744992.755:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9160 comm="syz.1.1204" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e1018ebe9 code=0x7ffc0000
[  158.290653][   T33] audit: type=1326 audit(1756744992.765:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9160 comm="syz.1.1204" exe="/syz-executor" sig=0 arch=c000003e syscall=429 compat=0 ip=0x7f9e1018ebe9 code=0x7ffc0000
[  158.321973][   T33] audit: type=1326 audit(1756744992.765:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9160 comm="syz.1.1204" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e1018ebe9 code=0x7ffc0000
[  158.350991][   T33] audit: type=1326 audit(1756744992.765:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9160 comm="syz.1.1204" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9e1018ebe9 code=0x7ffc0000
[  159.274455][ T9213] loop2: detected capacity change from 0 to 32768
[  159.968375][ T9225] loop2: detected capacity change from 0 to 2048
[  160.007227][ T9225] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: writeback.
[  160.127514][ T9235] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  160.358763][ T5840] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  160.428183][ T9241] loop2: detected capacity change from 0 to 4096
[  160.432982][ T9241] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512).
[  160.445537][ T9241] ntfs3(loop2): Failed to initialize $Bitmap (-2).
[  161.307635][ T9277] loop1: detected capacity change from 0 to 2048
[  161.328133][ T9277] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  161.357119][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.494461][ T9288] ALSA: mixer_oss: invalid OSS volume ''
[  161.691497][ T5896] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  161.831356][ T9304] ip6gretap1: entered promiscuous mode
[  161.833754][ T9304] ip6gretap1: entered allmulticast mode
[  161.844206][ T5896] usb 3-1: config 0 has an invalid interface number: 29 but max is 0
[  161.847104][ T5896] usb 3-1: config 0 has no interface number 0
[  161.849555][ T5896] usb 3-1: config 0 interface 29 has no altsetting 0
[  161.852570][ T5896] usb 3-1: New USB device found, idVendor=357d, idProduct=7788, bcdDevice=81.0d
[  161.856224][ T5896] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.861843][   T24] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  161.865781][ T5896] usb 3-1: config 0 descriptor??
[  162.020035][   T24] usb 2-1: Using ep0 maxpacket: 32
[  162.025408][   T24] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86
[  162.030280][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[  162.034032][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid wMaxPacketSize 0
[  162.037356][   T24] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  162.043367][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  162.047505][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  162.053625][   T24] usb 2-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  162.056871][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.060273][   T24] usb 2-1: Product: syz
[  162.061895][   T24] usb 2-1: Manufacturer: syz
[  162.063862][   T24] usb 2-1: SerialNumber: syz
[  162.067316][   T24] usb 2-1: config 0 descriptor??
[  162.074965][ T5896] usb 3-1: string descriptor 0 read error: -71
[  162.077827][ T5896] usb-storage 3-1:0.29: USB Mass Storage device detected
[  162.087982][ T5896] usb-storage 3-1:0.29: Quirks match for vid 357d pid 7788: 4800000
[  162.151265][ T5896] usb 3-1: USB disconnect, device number 17
[  162.272501][   T24] usb 2-1: USB disconnect, device number 19
[  162.651960][ T9326] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 3946
[  162.810580][ T9330] loop1: detected capacity change from 0 to 1024
[  162.828038][ T9330] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.853209][ T5848] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.920590][ T5896] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  163.079756][ T5896] usb 3-1: Using ep0 maxpacket: 16
[  163.083668][ T5896] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  163.086832][ T5896] usb 3-1: config 0 has no interface number 0
[  163.101606][ T5896] usb 3-1: New USB device found, idVendor=1a86, idProduct=752d, bcdDevice=2d.4d
[  163.105483][ T5896] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.108836][ T5896] usb 3-1: Product: syz
[  163.110709][ T5896] usb 3-1: Manufacturer: syz
[  163.112739][ T5896] usb 3-1: SerialNumber: syz
[  163.120363][ T5896] usb 3-1: config 0 descriptor??
[  163.126032][ T5896] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  163.130804][ T9336] loop1: detected capacity change from 0 to 32768
[  163.137894][ T9336] bcachefs (/dev/loop1): error validating superblock: Invalid superblock: optional field extends past end of superblock (type 1)
[  163.146879][ T9336] bcachefs: bch2_fs_get_tree() error: invalid_sb_field_size
[  163.158596][ T5896] snd-usb-audio 3-1:0.1: probe with driver snd-usb-audio failed with error -2
[  163.193912][ T6386] udevd[6386]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.1/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  163.332952][ T5896] usb 3-1: USB disconnect, device number 18
[  163.429757][ T5313] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  163.619772][ T5313] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  163.624420][ T5313] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  163.629170][ T5313] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  163.636443][ T5313] usb 2-1: New USB device found, idVendor=20d6, idProduct=cb17, bcdDevice= 0.00
[  163.640445][ T5313] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.648667][ T5313] usb 2-1: config 0 descriptor??
[  163.893632][   T33] audit: type=1326 audit(1756744998.395:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9365 comm="syz.2.1283" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c5b8ebe9 code=0x7ffc0000
[  163.905579][   T33] audit: type=1326 audit(1756744998.395:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9365 comm="syz.2.1283" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c5b8ebe9 code=0x7ffc0000
[  163.914378][   T33] audit: type=1326 audit(1756744998.395:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9365 comm="syz.2.1283" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f51c5b8ebe9 code=0x7ffc0000
[  163.929788][   T33] audit: type=1326 audit(1756744998.395:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9365 comm="syz.2.1283" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c5b8ebe9 code=0x7ffc0000
[  163.944661][   T33] audit: type=1326 audit(1756744998.395:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9365 comm="syz.2.1283" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c5b8ebe9 code=0x7ffc0000
[  163.954912][   T33] audit: type=1326 audit(1756744998.395:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9365 comm="syz.2.1283" exe="/syz-executor" sig=0 arch=c000003e syscall=32 compat=0 ip=0x7f51c5b8ebe9 code=0x7ffc0000
[  163.963998][   T33] audit: type=1326 audit(1756744998.395:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9365 comm="syz.2.1283" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c5b8ebe9 code=0x7ffc0000
[  163.975652][   T33] audit: type=1326 audit(1756744998.395:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9365 comm="syz.2.1283" exe="/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f51c5b8ebe9 code=0x7ffc0000
[  163.983460][   T33] audit: type=1326 audit(1756744998.395:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9365 comm="syz.2.1283" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f51c5b8ebe9 code=0x7ffc0000
[  163.998256][   T33] audit: type=1326 audit(1756744998.395:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9365 comm="syz.2.1283" exe="/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f51c5b8ebe9 code=0x7ffc0000
[  164.077997][ T5313] hid-udraw 0003:20D6:CB17.0009: unbalanced collection at end of report description
[  164.087033][ T5313] hid-udraw 0003:20D6:CB17.0009: parse failed
[  164.092053][ T5313] hid-udraw 0003:20D6:CB17.0009: probe with driver hid-udraw failed with error -22
[  164.101152][ T9368] loop2: detected capacity change from 0 to 32768
[  164.284246][ T5313] usb 2-1: USB disconnect, device number 20
[  164.876085][ T9402] misc userio: Invalid payload size
[  165.294626][ T9404] loop1: detected capacity change from 0 to 32768
[  165.300338][ T9404] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  165.313122][ T9404] XFS (loop1): Ending clean mount
[  165.319052][ T9404] XFS (loop1): Quotacheck needed: Please wait.
[  165.340594][ T9404] XFS (loop1): Quotacheck: Done.
[  165.360438][ T5848] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  166.051912][ T5235] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  166.056236][ T5235] Bluetooth: hci1: Injecting HCI hardware error event
[  166.061849][ T5842] Bluetooth: hci1: hardware error 0x00
[  166.090906][ T9428] loop2: detected capacity change from 0 to 4096
[  166.097186][ T9428] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512).
[  166.113975][ T9428] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  166.499046][ T9442] loop2: detected capacity change from 0 to 256
[  166.506784][ T9442] exfat: Deprecated parameter 'utf8'
[  166.519040][ T9442] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  166.626153][ T9448] loop2: detected capacity change from 0 to 256
[  166.648471][ T9448] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x5441951d, utbl_chksum : 0xe619d30d)
[  166.750834][    C0] hrtimer: interrupt took 36852 ns
[  167.041761][ T9477] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  167.255994][ T9474] loop2: detected capacity change from 0 to 40427
[  167.259878][ T9474] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  167.270801][ T9474] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  167.349192][ T9474] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  167.355617][ T9474] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  167.358487][ T9474] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  167.694945][ T9514] loop2: detected capacity change from 0 to 256
[  167.713663][ T9514] FAT-fs (loop2): Directory bread(block 64) failed
[  167.716039][ T9514] FAT-fs (loop2): Directory bread(block 65) failed
[  167.721674][ T9514] FAT-fs (loop2): Directory bread(block 66) failed
[  167.725810][ T9514] FAT-fs (loop2): Directory bread(block 67) failed
[  167.733314][ T9514] FAT-fs (loop2): Directory bread(block 68) failed
[  167.737946][ T9514] FAT-fs (loop2): Directory bread(block 69) failed
[  167.741400][ T9514] FAT-fs (loop2): Directory bread(block 70) failed
[  167.743936][ T9514] FAT-fs (loop2): Directory bread(block 71) failed
[  167.746696][ T9514] FAT-fs (loop2): Directory bread(block 72) failed
[  167.749366][ T9514] FAT-fs (loop2): Directory bread(block 73) failed
[  168.139972][ T5842] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  168.455914][ T9531] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
[  168.459088][ T9531] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  168.528645][ T9525] loop2: detected capacity change from 0 to 32768
[  168.532563][ T9525] XFS: noikeep mount option is deprecated.
[  168.540957][ T9525] XFS (loop2): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  168.559858][ T9525] XFS (loop2): Ending clean mount
[  168.602826][ T5840] XFS (loop2): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  168.736751][ T9541] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1350'.
[  168.741339][ T9541] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1350'.
[  169.544783][ T9575] loop1: detected capacity change from 0 to 1024
[  169.548749][ T9575] EXT4-fs: Ignoring removed nomblk_io_submit option
[  169.557137][ T9575] EXT4-fs (loop1): unsupported descriptor size 0
[  169.949793][   T24] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  169.990383][ T9598] loop2: detected capacity change from 0 to 256
[  170.068774][ T9598] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  170.081956][ T9598] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  170.100097][   T24] usb 2-1: Using ep0 maxpacket: 32
[  170.240220][ T9598] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  170.249144][   T24] usb 2-1: unable to get BOS descriptor or descriptor too short
[  170.258531][   T24] usb 2-1: unable to read config index 0 descriptor/start: -71
[  170.268021][   T24] usb 2-1: can't read configurations, error -71
[  171.054919][ T9607] loop1: detected capacity change from 0 to 32768
[  171.088096][ T5848] non-latin1 character 0x2e66 found in JFS file name
[  171.092630][ T5848] mount with iocharset=utf8 to access
[  171.288648][  T118] ------------[ cut here ]------------
[  171.291314][  T118] WARNING: CPU: 0 PID: 118 at fs/jfs/jfs_dmap.c:2875 dbAdjTree+0x454/0x4e0
[  171.294946][  T118] Modules linked in:
[  171.296937][  T118] CPU: 0 UID: 0 PID: 118 Comm: jfsCommit Not tainted syzkaller #0 PREEMPT(full) 
[  171.301608][  T118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  171.305858][  T118] RIP: 0010:dbAdjTree+0x454/0x4e0
[  171.307945][  T118] Code: 5a ff ff ff e8 bd 25 81 fe eb 05 e8 b6 25 81 fe 48 83 c4 28 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 9d 25 81 fe 90 <0f> 0b 90 eb e1 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c e1 fb ff ff
[  171.316116][  T118] RSP: 0018:ffffc900024df508 EFLAGS: 00010293
[  171.318710][  T118] RAX: ffffffff833e85f3 RBX: ffff888028c4b010 RCX: ffff888106718000
[  171.322184][  T118] RDX: 0000000000000000 RSI: 0000000000000155 RDI: 0000000000020056
[  171.325576][  T118] RBP: 0000000000020056 R08: ffffea0000a312c7 R09: 1ffffd4000146258
[  171.328917][  T118] R10: dffffc0000000000 R11: fffff94000146259 R12: ffff888028c4b018
[  171.332459][  T118] R13: dffffc0000000000 R14: 0000000000000004 R15: 0000000000000155
[  171.335813][  T118] FS:  0000000000000000(0000) GS:ffff8880b861b000(0000) knlGS:0000000000000000
[  171.339566][  T118] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  171.342568][  T118] CR2: 00007ff0df3bcc48 CR3: 0000000026e90000 CR4: 00000000000006f0
[  171.345968][  T118] Call Trace:
[  171.347453][  T118]  <TASK>
[  171.348739][  T118]  ? __pfx_lock_metapage+0x10/0x10
[  171.351174][  T118]  dbJoin+0x238/0x300
[  171.352994][  T118]  ? do_read_cache_folio+0x4c6/0x590
[  171.355315][  T118]  dbFreeBits+0x4e1/0xdb0
[  171.357207][  T118]  dbFree+0x336/0x650
[  171.358952][  T118]  txFreeMap+0x9e6/0xde0
[  171.360875][  T118]  ? do_raw_spin_unlock+0x4d/0x240
[  171.363101][  T118]  xtTruncate+0xcea/0x2e70
[  171.365383][  T118]  ? __pfx_xtTruncate+0x10/0x10
[  171.367734][  T118]  ? reacquire_held_locks+0x127/0x1d0
[  171.370199][  T118]  ? __mark_inode_dirty+0x4cc/0xe10
[  171.372500][  T118]  ? __asan_memset+0x22/0x50
[  171.374533][  T118]  ? __dquot_initialize+0x218/0xcb0
[  171.376849][  T118]  jfs_free_zero_link+0x33a/0x4a0
[  171.379096][  T118]  ? __pfx_jfs_free_zero_link+0x10/0x10
[  171.381649][  T118]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[  171.384320][  T118]  jfs_evict_inode+0x363/0x440
[  171.386446][  T118]  ? evict+0x4f8/0x9c0
[  171.388259][  T118]  ? __pfx_jfs_evict_inode+0x10/0x10
[  171.390614][  T118]  evict+0x504/0x9c0
[  171.392318][  T118]  ? __pfx_evict+0x10/0x10
[  171.394173][  T118]  ? do_raw_spin_unlock+0x4d/0x240
[  171.396130][  T118]  ? _raw_spin_unlock+0x28/0x50
[  171.398158][  T118]  ? iput+0x6d8/0x9d0
[  171.400029][  T118]  jfs_lazycommit+0x43f/0xa90
[  171.402111][  T118]  ? __pfx_jfs_lazycommit+0x10/0x10
[  171.404338][  T118]  ? __pfx_default_wake_function+0x10/0x10
[  171.406781][  T118]  ? __kthread_parkme+0x7b/0x200
[  171.408823][  T118]  ? __kthread_parkme+0x1a1/0x200
[  171.411101][  T118]  kthread+0x711/0x8a0
[  171.412849][  T118]  ? __pfx_jfs_lazycommit+0x10/0x10
[  171.414998][  T118]  ? __pfx_kthread+0x10/0x10
[  171.416984][  T118]  ? _raw_spin_unlock_irq+0x23/0x50
[  171.419187][  T118]  ? lockdep_hardirqs_on+0x9c/0x150
[  171.421480][  T118]  ? __pfx_kthread+0x10/0x10
[  171.423507][  T118]  ret_from_fork+0x3fc/0x770
[  171.425512][  T118]  ? __pfx_ret_from_fork+0x10/0x10
[  171.427727][  T118]  ? __switch_to_asm+0x39/0x70
[  171.429920][  T118]  ? __switch_to_asm+0x33/0x70
[  171.431929][  T118]  ? __pfx_kthread+0x10/0x10
[  171.433938][  T118]  ret_from_fork_asm+0x1a/0x30
[  171.435758][  T118]  </TASK>
[  171.436920][  T118] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  171.439555][  T118] CPU: 0 UID: 0 PID: 118 Comm: jfsCommit Not tainted syzkaller #0 PREEMPT(full) 
[  171.443260][  T118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  171.447221][  T118] Call Trace:
[  171.448620][  T118]  <TASK>
[  171.449870][  T118]  dump_stack_lvl+0x99/0x250
[  171.451757][  T118]  ? __asan_memcpy+0x40/0x70
[  171.453638][  T118]  ? __pfx_dump_stack_lvl+0x10/0x10
[  171.455781][  T118]  ? __pfx__printk+0x10/0x10
[  171.457699][  T118]  vpanic+0x281/0x750
[  171.459351][  T118]  ? __pfx__printk+0x10/0x10
[  171.461181][  T118]  ? __pfx_vpanic+0x10/0x10
[  171.463070][  T118]  ? is_bpf_text_address+0x26/0x2b0
[  171.465186][  T118]  panic+0xb9/0xc0
[  171.466780][  T118]  ? __pfx_panic+0x10/0x10
[  171.468600][  T118]  __warn+0x31b/0x4b0
[  171.470223][  T118]  ? dbAdjTree+0x454/0x4e0
[  171.472093][  T118]  ? dbAdjTree+0x454/0x4e0
[  171.473893][  T118]  report_bug+0x2be/0x4f0
[  171.475671][  T118]  ? dbAdjTree+0x454/0x4e0
[  171.477521][  T118]  ? dbAdjTree+0x454/0x4e0
[  171.479383][  T118]  ? dbAdjTree+0x456/0x4e0
[  171.481221][  T118]  handle_bug+0x84/0x160
[  171.483017][  T118]  exc_invalid_op+0x1a/0x50
[  171.484899][  T118]  asm_exc_invalid_op+0x1a/0x20
[  171.486845][  T118] RIP: 0010:dbAdjTree+0x454/0x4e0
[  171.488977][  T118] Code: 5a ff ff ff e8 bd 25 81 fe eb 05 e8 b6 25 81 fe 48 83 c4 28 5b 41 5c 41 5d 41 5e 41 5f 5d c3 cc cc cc cc cc e8 9d 25 81 fe 90 <0f> 0b 90 eb e1 44 89 e1 80 e1 07 80 c1 03 38 c1 0f 8c e1 fb ff ff
[  171.496780][  T118] RSP: 0018:ffffc900024df508 EFLAGS: 00010293
[  171.499189][  T118] RAX: ffffffff833e85f3 RBX: ffff888028c4b010 RCX: ffff888106718000
[  171.502544][  T118] RDX: 0000000000000000 RSI: 0000000000000155 RDI: 0000000000020056
[  171.505885][  T118] RBP: 0000000000020056 R08: ffffea0000a312c7 R09: 1ffffd4000146258
[  171.509114][  T118] R10: dffffc0000000000 R11: fffff94000146259 R12: ffff888028c4b018
[  171.512436][  T118] R13: dffffc0000000000 R14: 0000000000000004 R15: 0000000000000155
[  171.515781][  T118]  ? dbAdjTree+0x453/0x4e0
[  171.517642][  T118]  ? dbAdjTree+0x453/0x4e0
[  171.519531][  T118]  ? __pfx_lock_metapage+0x10/0x10
[  171.521583][  T118]  dbJoin+0x238/0x300
[  171.523266][  T118]  ? do_read_cache_folio+0x4c6/0x590
[  171.525440][  T118]  dbFreeBits+0x4e1/0xdb0
[  171.527277][  T118]  dbFree+0x336/0x650
[  171.528951][  T118]  txFreeMap+0x9e6/0xde0
[  171.530789][  T118]  ? do_raw_spin_unlock+0x4d/0x240
[  171.532965][  T118]  xtTruncate+0xcea/0x2e70
[  171.534837][  T118]  ? __pfx_xtTruncate+0x10/0x10
[  171.536983][  T118]  ? reacquire_held_locks+0x127/0x1d0
[  171.539259][  T118]  ? __mark_inode_dirty+0x4cc/0xe10
[  171.541504][  T118]  ? __asan_memset+0x22/0x50
[  171.543505][  T118]  ? __dquot_initialize+0x218/0xcb0
[  171.545733][  T118]  jfs_free_zero_link+0x33a/0x4a0
[  171.547766][  T118]  ? __pfx_jfs_free_zero_link+0x10/0x10
[  171.549978][  T118]  ? __pfx_inode_wait_for_writeback+0x10/0x10
[  171.552491][  T118]  jfs_evict_inode+0x363/0x440
[  171.554540][  T118]  ? evict+0x4f8/0x9c0
[  171.556265][  T118]  ? __pfx_jfs_evict_inode+0x10/0x10
[  171.558389][  T118]  evict+0x504/0x9c0
[  171.560040][  T118]  ? __pfx_evict+0x10/0x10
[  171.561966][  T118]  ? do_raw_spin_unlock+0x4d/0x240
[  171.564143][  T118]  ? _raw_spin_unlock+0x28/0x50
[  171.566089][  T118]  ? iput+0x6d8/0x9d0
[  171.567696][  T118]  jfs_lazycommit+0x43f/0xa90
[  171.569630][  T118]  ? __pfx_jfs_lazycommit+0x10/0x10
[  171.571672][  T118]  ? __pfx_default_wake_function+0x10/0x10
[  171.574035][  T118]  ? __kthread_parkme+0x7b/0x200
[  171.576116][  T118]  ? __kthread_parkme+0x1a1/0x200
[  171.578279][  T118]  kthread+0x711/0x8a0
[  171.580001][  T118]  ? __pfx_jfs_lazycommit+0x10/0x10
[  171.582211][  T118]  ? __pfx_kthread+0x10/0x10
[  171.584117][  T118]  ? _raw_spin_unlock_irq+0x23/0x50
[  171.586256][  T118]  ? lockdep_hardirqs_on+0x9c/0x150
[  171.588364][  T118]  ? __pfx_kthread+0x10/0x10
[  171.590347][  T118]  ret_from_fork+0x3fc/0x770
[  171.592170][  T118]  ? __pfx_ret_from_fork+0x10/0x10
[  171.594269][  T118]  ? __switch_to_asm+0x39/0x70
[  171.596184][  T118]  ? __switch_to_asm+0x33/0x70
[  171.598101][  T118]  ? __pfx_kthread+0x10/0x10
[  171.600031][  T118]  ret_from_fork_asm+0x1a/0x30
[  171.601962][  T118]  </TASK>
[  171.603963][  T118] Kernel Offset: disabled
[  171.605680][  T118] Rebooting in 86400 seconds..

VM DIAGNOSIS:
16:43:25  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000031 RBX=0000000000000031 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc900024decb0
R8 =ffff8880207e8237 R9 =1ffff110040fd046 R10=dffffc0000000000 R11=ffffffff854f3380
R12=dffffc0000000000 R13=ffffffff99afa8d4 R14=ffffffff99def420 R15=0000000000000000
RIP=ffffffff854f33fc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b861b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ff0df3bcc48 CR3=0000000026e90000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=6161616161616161 6161616161616161
XMM06=6161616161616161 6161616161616161 XMM07=6161616161616161 6161616161616161
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007ff0df212fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=58a97a63666f1d00 RBX=ffffffff819683c8 RCX=58a97a63666f1d00 RDX=0000000000000001
RSI=ffffffff8d9b77c7 RDI=ffffffff8be33680 RBP=ffffc90000177f20 RSP=ffffc90000177de0
R8 =ffff888136632f9b R9 =1ffff11026cc65f3 R10=dffffc0000000000 R11=ffffed1026cc65f4
R12=ffffffff8fa38a30 R13=0000000000000001 R14=0000000000000001 R15=1ffff110200d5000
RIP=ffffffff8b79a3f3 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c1b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000000110c26fe5a CR3=00000000392f0000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007ff0df397498 00007ff0df397470 XMM03=00007ff0df3974a8 00007ff0df3974a0
XMM04=00007ff0dfefd100 00007ff0df397460 XMM05=00007ff0df397478 00007ff0df3974c0
XMM06=00007ff0df3974b8 00007ff0df3974b0 XMM07=00007ff0df3974a8 00007ff0df3974a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007ff0df212fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
