last executing test programs:

35.814040761s ago: executing program 1 (id=645):
r0 = syz_io_uring_setup(0x10b, &(0x7f0000000140)={0x0, 0x334e, 0x10, 0x3, 0x800}, &(0x7f00000003c0)=<r1=>0x0, &(0x7f0000000300)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000540)=0xfffffffc, 0x0, 0x4)
r3 = io_uring_register$IORING_REGISTER_PERSONALITY(r0, 0x9, 0x0, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd, 0x0, 0x0, 0x40009, 0x4, 0x0, {0x0, r3}})
io_uring_enter(r0, 0x7277, 0x0, 0x0, 0x0, 0x0)

35.727539431s ago: executing program 1 (id=647):
r0 = syz_open_dev$vim2m(&(0x7f0000000040), 0x0, 0x2)
ioctl(r0, 0xffffffff, 0x0)

35.674290969s ago: executing program 1 (id=648):
syz_mount_image$udf(&(0x7f0000000040), &(0x7f0000000f40)='./file1\x00', 0xa00010, &(0x7f0000000440)=ANY=[@ANYBLOB='iocharset=iso8859-1,nostrict,iocharset=default,anchor=00000000000000000145,gid=', @ANYRESDEC=0x0, @ANYBLOB="2c706172746974696f6e3d30303030303030303030303030303030303030322c756e64656c6574652c706172746974696f6e3d30303030303030303030303030303030303030312c756e686964652c001e066340c987db28915dbe6892bc3dce41ae76eaf528dc889820692d753009e30e567403a6c30e933de68a0a923eec1dccf226b58adb7d968bafe76628bceade8672fb893f87dc88", @ANYRES64, @ANYRES32, @ANYRES8], 0x1, 0xc5a, &(0x7f0000001040)="$eJzs3U9sHNd9B/DfGy3FldxWTOwqThoHm7ZIZcVy9S+mYhXOqqbZBpBlIRRzC8CVuFIXpkiCpBrZSAumlx56CFAUPeTEojUKpGhgNEXQI9O6QHLxocipJ6KFjaDogSkCBCgQMJjZt+KSIm3ZJCVK/nxs8js7897sezPrGZrgmxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMTvv3Th5Km0xYYDD6AxAMB9cWnsKydPb3X/BwAeWVe2+/9/AAAAAAAAAAAAAABgv0hRxOORYvbSapqoXnfVL3YGbt0eHxndutqhVNU8UJUvv+qnTp85+4Xnhs/18mJn+j3q77ZPxStjVy40Xpy5OTvXnp9vTzbGpzvXZibb97yHndbf7Hh1ABo3X701ef36fOP0s2c2bL499O7gY0eHzg8/feKpXtnxkdHRsfUi9f7ytQ/dkK7tRngcjCJORIpnvvuT1IqIInZ+LOr399xvdqjqxPGqE+Mjo1VHpjqt6YVy4+XegSgiGn2Vmr1jtPW5iNrAfe3D9poRi2XzywYfL7s3Ntuaa12dajcut+YWOgudmenLqdvasj+NKOJciliKiJXBu3c3EEXUIsW3j6ymq/mpH9Vx+Hw1MHj7dhR72Md7ULazMRCxVDwE52wfG4wiXo4UP3vrWFzL15nqWvO5iJfL/H7EG2W+EJHKD8bZiHe2+BzxcKpFEX9Rnv/zq2myuh70risXv9r48vT1mb6yvevKB7w/3HWleED3h0Ob8v7Y59emehTRqq74q+nD/7ADAAAAAAAAAAAAAAAAwG47FEV8MlK89B9/XI0rjmpc+pHzw38w9Kv9Y8affJ/9lGWfjYjF4t7G5B7MAwMvp8spPeCxxB9l9SjiT/L4v2++T1mnCQAAAAAAAAAAAAAAAAAAYC8V8eNI8fzbx9JS9M8p3pm+0bjSujrVnRW2N/dvb870tbW1tUbqZjPnRM7FnEs5l3Ou5Iwi18/ZzDmRczHnUs7lnCs540Cun7OZcyLnYs6lnMs5V3JGLdfP2cw5kXMx51LO5ZwrOWOfzN0LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAoKaKIX0SKb319NUWKiGbERHRzefBBtw4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA2mIr4XKRp/2LyzrhYRqfq361j57Ww0D5b58WgOl/lCNC/kbFVZa37zAbSfnRlIRfwoUgzW37xzwvP5H+i+uvMxiDe+sf7qU7VuHuhtHHp38LGjR84Pj37mye2W01YNOH6xM33rdmN8ZHR0rG91Lb/7x/vWDeX3LXan60TE/Guvv9qamvqbn0ZUC+25vObeF8qPwAev9TAupNpHpacWqoWo7YtmPJi+b1B/UBco9lR5/38nUvzu2//Zu+F37//1+JXuqzt3+Pj5n67f/5/fvKN7vP/XNtfL9//ynr7V/f/xvnXP559GBmoR9YWbswNHI+rzr71+onOzdaN9oz199uTJLw4Pf/HMyYGDEfXrnal239KuHC4AAAAAAAAAAAAAAACA+ycV8aVI0frRampExO1qvNbQ+eGnTzx1IA5U4602jNt+ZezKhcaLMzdn59rz8+3Jxvh059rMZPte365eDfcaHxndk868r0N73P5D9RdnZl+b69z4o4Uttx+uX7g6vzDXurb15jgURUSzf83xqsHjI6NVo6c6remq6uUtB9N/cAOpiP+KFNfONtJn87o8/n/zCP8N4/8XN+9oF8f/f+bw+vi/j/UVLd8zpSJ+Hil+5y+fjM9W7Twcdx2zXO7vIsXxc5/O5eJgWa7Xhu5zBbojA8uyP40U//SLjWV74yEfXy976gMd3IdAef6PRIrv/fl34jfzuo3Pf9j6/B/evKM9ev7DE33rDq8/r6A9N7/jrpPP/4lI8cLjb8ZvVWv+/z2f/9F79saxbuH153Ps0fn/9b51Q/l9f3u3Og8AAAAAAAAAAPAQG0hF/H2k+MFoLT2X193L3/9Nbt7RHv391yf61k1u+Pu/vVvY8UEFAAAAgH1iIBXx40hxY+HNO2OoN47/7hv/+Xvr4z9H0qat1e/5fq16bsBu/v6v31B+34mddxsAAAAAAAAAAAAAAAAAAAD2lZSKeC7Ppz5Rjeef3HY+9eVI8dL/PJPLpaNlud488EPV9/qlmekTF6amZuqx0Lo61W6Mzbautcu6T0SK1b/9dK77pWp+9d5889053tfnYp+LFKP/0CvbnYu9Nzf5E+tlT5VlPxYp/vsfN5bNU1PnuaOrsqfLsn8dKb72L72ya2vl1l7Zo+tlz5RlvxMpfvi1Rm+/h8v99p6P+on1ss9emyl2/6QAAAAAAAAAAAAAAAAAAADwkTOQivizSPG/N5fujOXP8/8P9L2svPGNvvn+N7ldzfM/VM3/v93yh5n/v3quwOJ27woAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAI+mFEW8HilmL62m5cHydVf9Ymf61u3xkdGtqx1KVc0DVfnyq37q9JmzX3hu+Fwv37v+bvtkvDJ25ULjxZmbs3Pt+fn2ZGN8unNtZrJ9z3vYaf3NjlcHoHHz1VuT16/PN04/e2bD5ttD7w4+dnTo/PDTJ55ajIiy7PjI6OhYX5nawId+97ukbdYfjCL+KlI8892fpB8MRhSx82PxPp+dvXao6sTxqhPjI6NVR6Y6remFcuPl3oEoIhp9lZq9Y5TP216eix1pRpSfl6Js8PGye2OzrbnW1al243JrbqGz0JmZvpy6rS3704gizqWIpYhYGbx7dwNRxKuR4ttHVtO/DkYc6B2Hz18a+8rJ09u3o9jDPt6Dsp2NgYil4iE4Z/vYYBTxz5HiZ28di38bjKhF9ys+F/Fymd+PeCO65zuVH4yzEe9s8Tni4VSLIv6vPP/nV9Nbg+X1oHddufjVxpenr8/0le1dVx76+8P9tM+vTfUo4ofVFX81/bv/rgEAAAAAAAAAAAAAAAD2kSJ+I1I8//axVI0PvjOmuDN9o3GldXWqO6yvN/avN2Z6bW1trZG62cw5kXMx51LO5ZwrOaPI9XM2y6yvrU3k14s5l3Iu51zJGQdy/ZzNnBM5F3Mu5VzOuZIzarl+zmbOiZyLOZdyLudcyRn7ZOweAAAAAAAAAAAAAAAAAADwaCmqf1J86+uraW2wO7/0RHRz2Xygj7xfBgAA//8XrPrB")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

35.490190593s ago: executing program 1 (id=653):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file1\x00', 0x101880a, &(0x7f0000000400)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c61636c2c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474722c6673796e635f6d6f64653d706f7369782c646973636172645f756e69743d7365676d656e742c6261636b67726f756e645f67633d6f6e2c6e6f696e6c696e655f78617474722c646973636172645f756e69743d626c6f636b2c6673796e635f6d6f64653d7374726963742c617467632c657874656e745f63616368652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303031343033302c00271d57a599b8b169a579679e220c689eaaec4fa6229021e75c68a687d319b615573b0b0ceefba8e2e2419434463974ef8174b66469344931de0ccad650792761"], 0x1, 0x550b, &(0x7f00000079c0)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy")
mkdirat(0xffffffffffffff9c, &(0x7f0000000640)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

34.951581711s ago: executing program 1 (id=657):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSET={0x3c, 0x9, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x2b}, @NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0xfffffffc}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="4800000010000d0428bd7000fcdbff2500008000", @ANYRES32=0x0, @ANYBLOB="1000000000000000280012800b0001006272696467650000180002800500190084000000"], 0x48}, 0x1, 0x0, 0x0, 0x10}, 0x4000000)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0300000000000000280012800a00010076786c616e00"], 0x50}, 0x1, 0x0, 0x0, 0x13d33d22cca65c15}, 0x4008840)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0x1, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x5}}}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

34.048423384s ago: executing program 1 (id=662):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000380), r0)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0902000000000000000001000000050002000a00000014000700ff00000000000000000000000000000108000b00", @ANYBLOB='%4'], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x0)

33.935192521s ago: executing program 32 (id=662):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000380), r0)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000180)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="0902000000000000000001000000050002000a00000014000700ff00000000000000000000000000000108000b00", @ANYBLOB='%4'], 0x38}, 0x1, 0x0, 0x0, 0x800}, 0x0)

2.045665262s ago: executing program 0 (id=942):
r0 = openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x8882, 0x0)
write$FUSE_POLL(r0, 0x0, 0x0)

1.870549893s ago: executing program 0 (id=944):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'rng\x00', 0x0, 0x0, 'ansi_cprng\x00'}, 0x58)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f00000000c0)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r1, 0xffffffffffffffff, 0x0)

1.786629109s ago: executing program 0 (id=946):
syz_mount_image$msdos(&(0x7f00000002c0), &(0x7f0000000280)='./file0\x00', 0x4, &(0x7f00000000c0)={[{@dots}, {}, {@fat=@usefree}, {@dots}]}, 0x1, 0x25e, &(0x7f0000000480)="$eJzs3c9qE1EUB+Bjm392Y9fiYsCNq6A+gUEqiAEhkoWuDFQ3rQjTTXRjfAufwUfyMbrqbsSZmKSxFbRpb6fzfRDmMD+GnJlF7g3cm7y99+Fg/+PR++LHt+j1smhFzOIkYje2Yjsqt+bHrbLuxKpZ/LvWf1wDAGzOaDQZpO6By5Xng0k7Iror54ovCRsCAAAAAAAAAADgwlKs/wcA0jpv/X/76lth46oZXJ4PJjvz+dtp4+8JmgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAonRTFneIvr9T9AQCbZ/wHgOYpx/8nEWH8B4DG8P0fAJrn1es3LwbD4d4oy3oRx7PpeDqujlX+7Plw72FW2l1edTydjrcX+aMqz07n7diZ54/PzDvx4H6V/8qevhyu5d3Y/7Pd7iU8AgAAAAAAAAAAAAAAAAAAAEiuny2cub+/3z8vr6qV3wdY27/firutK7sNAAAAAAAAAAAAAAAAAAAAqLWjT58PJoeH7/L6FbVuPm3RvtGP7uv1aKPmRepPJgAAAAAAAAAAAAAAAAAAaJ7lpt/UnQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAOsv///9d3I71MxctFm/WSXqrAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwA33MwAA//8M3Y8w")
keyctl$KEYCTL_CAPABILITIES(0x1f, &(0x7f0000000140)=""/247, 0xf7)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
renameat2(0xffffffffffffff9c, &(0x7f0000000280)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0)

1.598977666s ago: executing program 0 (id=948):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1e000000000000000600000007"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.278791101s ago: executing program 0 (id=949):
mkdirat(0xffffffffffffff9c, &(0x7f0000006f40)='./file0\x00', 0x190)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000008300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000002100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
syz_fuse_handle_req(r0, &(0x7f00000021c0), 0x2000, &(0x7f00000041c0)={&(0x7f00000001c0)={0x50, 0x0, 0x0, {0x7, 0x29, 0x7, 0x2100039, 0x0, 0x0, 0x1, 0x57, 0x0, 0x0, 0x2}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r0, &(0x7f0000004300)="d5c2280baf4e05cfa1d1112770cf43a123827586f0f2675b130041ff58ba6533ea7947f2f65b1d458fe88a96133ea3927f41fa6976fad8c967c88679769ee674b80debcd1ec6ce1eb490888bd66a52141fa82f51882b22a8e36ff462b51560307cd0048156800ad137f359719a9c5d6ad6a8c999984f22461c4ca6614ca4cbbd5e9103a3459228e3bd35e3c1cd5f2a83fbefafe7c5a39617ba1d856f37977da077ffcf4d52f5bb3feffa9e100b0279cb635a61ae9f5f4491bb1c9f04c041818a1ae9a25cbca38c4b4754a8be4f52db20ca464b3b4faf0ea8ff193b414e7b7a4ec8aec2e77adc43d09c62d37fc0aa6296a56a9445f264a245d41e77de43c2694cc5885ebd454a3b78b60172e3e6a2fd79efa8b5fbbe827512aa0656920858da51616244ad32e53ed039a270c042662bc966a8fa05e23a51c76585a6f753e57c63b5a1dd11c4ce8773702c5c759471b79ee9bed600d99853afda9b675f071bdf6ff4eb99cb1ae0128ac1f8132f9b7bef82221276395e59f1323c9f9f6bb937a9db0bc2088670ffc3e6233ba73d4e324df7bc866e84e82ab707ab8aadd593913dd3533cddb396e804a63155ad6911962bc49bad21faba90b5570b62d98eb5328214a7198b36ea6df9a72dc248311040e01539112e1d6bcb4ed9d7fb70d22768ec6603e4727b6ed2616eb9108524985ccd70f1361f68b1fb7088829acdd59ec5af9e84409737f0d852a3c55993cb7398b5640c458bc036115b86de7b8e68f1cff882ee5707040571c3e5c9602c773459cfecad4917d8ba2902bd64a676e2c6e507d06dbc806c13c0fd18175087440ce7d7300dfe745b8e98ac63b400e449a3f2518c6112c9864fde68f580ebc2d72e4bbd03f16a7289be813c258b02f76ce901afdafc69046c947c9e801ac635b2a95cca291c052c7f8149c92aaeaab41edb34a70604a7538c4bb6486b983416843fe6a65d7b828d66deb991e71526b7627e71c6a795a02e787bc561ec4b65d4742a129c59bc71b323850cb416f3d32494d6dbfe3ea73cb473b093ae0b0ebbbd3e3251ece756b3cc381f05ea1b8c3f7fbcbb16fc446fc084725e6c3a608221aad8d8179112f9e5ee3697346a0dc0645e530df523cf4daea14764c25da2da863adebaccefc2c83a9257b3131ac2fe04a27bf3aea8979b6f3091b4fef99e203725368d297bad3b020273d0b606d2368e2ecb0776349cb86bbcbaa5c910636527e3cbeca06b4135170d8808c5f113fcd77ecb2f099d1e663617a46ffc5275c8fcc339d315ca1583f66fe7a7e6430405c0be889826c07fcafa17f04e08bc39570a1f499092d390c5dba82d259f652307ff941e9f1f569a48144da846f14452df295553de6ef4e9ba0cd98dd16cf89d8bead08eacd4eea71cc5f8232349f2d8519b1172c724d3bbc415c19c9e679b5a96bc9051cf6f243f243366622023ab1b7039a89152e7db97f291bb3f0213c445c25caf5f0a5a2b382c841cd8a490dc97d008966e94ed0b5ce07bcc0c13b39c349e4b596147a633f3a73ab6012a1582d3d283293bd7c01f99cdbad8e18d24867c39ed0dc3fc3cc800edd23af24b225acb2cca5aa264bcda40e1432cf2cc0050efdff48fd49ae4225a983d1b12facbaaba73294eb225fff64a677d0ed2cd71bab61b3fde8a1fdae638d2036283a8a4ff5a548d05cb706f56ce7e3f55a688fa6c70393c53c33be11f34a38f61f80c8e94e50fc9d7c3695d234705bb9e0b2a8316cf54d7963f548d49f153bf796d0970ed1264c19d79eb77fd0aad4844796cec73a08206b9eca76f2ad76318a20d52e7d3338eac40d03775cca0c2b29a451cb10bc141289c2703198e7137200a360463000fab97d0da72a7b4e8aadfa8a2e559a7d06bf49d6d4a932cb29994ef7ca0c1beabf05b898bb2338e89a67373d50614300f13523fe451d4058e5a522d364ec884099ee3c6e6db8d4ec1e5dc08d127b6301a308a1d6798878c28ef828b91b529a22b7519d249a189a7eb942b94ce26148ea8bf16a44261cd9691ba980ec2d0c710dbee41756cb39b88213ad5763239ae7636e983580c41a40b0f3a3af9fa6f995ed1981d073f63a623554bb01869bdfda190bc8d9507cc067b897e1c5f0d087cf8dfcb171169541fa3cce7c3a620544c74f2d3234935a0acf6c804c43992812925cbaaa24f497e7a00efb20c45c7acb80adb3322cbe0f08d1015b40f5ae1366003ebea977b7b95f803487d10aedca3fd018cfa7b267dae604ed0ada202cbebd731f86b7c6764911d4ff0c75a318ee43b1b556781ac58fbd773b2bd0dd693f9b12fa149bbe392cb2d6bf72015912f4a120e47654d42d14107c67b4502b5ad62044d0022c7f8b255a3e46da4bb8f9e44515e4076ce7b1aefd57c4e264b2cbee4a9e8612ce8517b028067644c927a9ce7564449c8fb0471a87b9b76f374c7c2559379a3004326bdc91be5ec52672dc5fac0883ec527f2a1248601bb9267c3123568b815b90b40ba06c250e3068dee2d7fc232141eaaa130443a5775d049464ec454a7c980d9eebaa4f67a75075a6bc28ded9a5f07fe658a2b9eafa37f14055155409d1aa50be6343d13d515d0531b84644d2f58c280d6d008dee95607f67eb74c900f664d97f411f4ac6afc18f11b6fb75e78b3ff25680ed3bbf5b20969678475b86faa02a751e4cec87735645753f245047371c9e6e2e7ab5a9ea3182b4c96934a21b9df3628b478f5ef705aeda49a0609d4b8f5bf34424581557d029438306002fd4e9cff5a2d4e7d5e23c2992032d314b8fbb46ccda250070fc1b679c9c8646c5fe22d8fe2e0fff73d8153fc46ef7885aeaa2d1eabbe455544d46fdef8e3ef9debfe589870942bcc7196e62736e927c311782b5e4da2889d530a7c1550bff4909d2055941655cbcc5c924a477c80fc3b8a904cd9e62f5fb005b5b00154db5becbe327c0f3ec8314ef3fb53977ec24ff7d15aa83a13b23ab99c5332306023005d2dfb70d3ea2aefababd019ae16d304c083e38997cc94bdeb746fc151849c98dc2a23554e6fe789d3aba8bf4e31133c7f93a3cdcd884271dfdd2c45be398a5349ef5d08456178dfafa31cb4c607f09394d71b3405b3d615c7c59c125db88f72380140345d24c56094711dd833221d6b7c5864d049585605c1301c31982d19e403b601b797fe99d0bbfe30d647a913da72b4c5306f6123e7c572828308a9a8f4c686d07125d0006229c2e890ff7d3c354dde61ccd3b26069a81a98e112e61a930f253d607cda5023f002a09df6b1371638d9661c5a06bed166434f07120ad21476de8ad47296af4b449d581cddc74f9be42a84596fb0634f330a856216a9b32b080c8b66e9f51a758b9ca2e1215ddfe633714ca512032f6547217b1a60fcdb27ac8a04bc7851718b38607bc92c13118a323c3221bad99a8639762abcc4a08654da9938aeb301c55546f5ae7f61439dd883a1b2dede156a57c805ab12337d5381a2fb25b32916a8827fc4de8e2ecc70eeebeb01659d6bf88055477b863fb897d5db275a0c222d261e7df79474858b721e57747fe8997faaf36f5f175b23dd3c5efb2b93fb5824da18d635cd7027a3b0b1c87e7c90a5681682b8a7c47dc82fdd3f329c7b60270100dec8ccdd310245b92f4b0bd9a92e1f2a5733b1b91966be15a4761b06f6fe3b05b60ee7964b4d028257c2210ca88031db0590190d3714c1b6ec86e2821dca03db2fc0c9f0ad9800d1773c8037e9b38c7eb7c99618b731e0526f8453c7e1bb67cffcc2d96cc297e1f917b13dd7dda2a8b12191ed107c1e076ffd4965b9415f830be97935cac23a87f07e26354273c2663c7ef19a27dfe08543fa057e1285c909051602981f5929078214058684bc80bed493f6ef853012cb654d180e414fd484f5cb2cfd06c9b753f417697ff42794649e05fcaa3d53ad0fdfbb0db57dc549115e59978b14dd621370d136176098af2f39a2de72482a29b616e8b308b3d9b46ac9abf3d57ff89fe59b5a97966cc4b97d06c20ee4fd765e1c2abce54dc271a7c7efe656648800c27a9988583b4b76572222cb28916b9ff5f6f649de93923179809405c879a90cb450f604cbe8af55cf2a6d844a59ab0393b394e09c79e1b3c403af6eba69330f6969f78a49eb7022e77a39363f11e07fcc69f670f63c11497352f3f5bfea0aee446da35428cebe28f1c2d23ef3ff97e16ceeb2f88ab19b2b69dcdcc81b947b483cc06c776c52232489f86f4c377eb38056042e2e9e0943fc0ef1490df472b9b244235598894a2ffc296f0a2e4257baca6a3ea8cfb1a22ea8295ab9e5faaa2a9e964ae7625dbf945cdbb369265f429d475ab69413cc5bcb89af57b1b966bd0076f799a401d4b46e5045aceb1ef36e5bbfb037bb7681f2a38ef1df9b84baa3598201d13a813165355bf052bb5e456dc0abdefed995b4eb37a39b313af800f6029243a6a7bec75a23389a90034cac8df6713b919028a14649d756d0093550278aad494de2dfeb76220fd3ee5be31f73839ace7f0d6da650e26f5ded30471ed55d2e814fc1b89102e5917b4e58840ecc211eaffa5a2937abeb882ccdf29308e3ac30e23d66ee79c29b4fb7e793a55e344cac298e30f1ca3333df8b58f43126a3404a61501ce06b75e6e6a4bf13dbfb05efd7b9b4219efd428c8f7f345884640d19f5515abcce05f315f00e65d9aa8022890a23da45ede06f455d66e0c96bbf7e9cc74eddca999a51174b4784eba8a9ebed13415de6bd0f160443d43b78181cfa381313a54e25f6751a38f290e5972ff7f70692e18c4737af2a7f6d4eac52ea594a22be4fd00fac1484e6d2d4d3196b49212b49598f5bc77b34d8a3633cf7212c869557d6eb27bf0d0a02555d9318194e9de9c9730ac72daee7cad6c2d4b248a8744515670766a8f1c739917fb859d98974532477989f4c24345f120f5320fdb8d8d56fa6ff2511e701bab399513cecb3e740e3761d02685a765f5267554d0f9243b51620197adc3b561b59c58f334307220db357c1121d7dbf593898b5d2c505f333445c084a6cbc6a7e5252724c83fcee85e304534780a01e7ecceb2ef53ffb6bc6cb9051b1400493ce55d62c01e972fff3cc7d0b68a2dd4d263c9191df1b629e323797f570083f122db3df6abb6fd6c4a351bb7500c7241e4392ac76e04259968e517a43e907cb0b0533d6750b9587a1a5d852639c6b789d333e848e3ad66cbf19c5ee5a641036cb7a858f822f657dec36cc134d6c1a629cfce1f1e24dbb73d09fba04f53b2c6309d71d92211a1f08535244eefcbb52e095626bcc78b950db1cb8facc3660fa705dceef155b00aef3291367ffcea06b5abe588bbdcea2637761308dc65509798b6a494dae4a75c1922c1234248dbfcabfaab3088a0dad09a135a45d75105314020f3ba8901dc39ee624a32e9f863ff55844974b44e57b30302cd0c349f3cc091befd5665f918c298ba89454fb811ce573e41f27490853a52abd6144e85d77de88c3f2e5506c8de40a3957e65936f3b294ce92610b63cec888cb16fe0e8a7af3dd142da96b57f602cc64ba69966724584c2872e5fc42348a324ff082a3ecfded82c3e5b7292d3726c4800176acab6a7a1479a0b5fea79f299e90ffdb1b3843e2349b8f8dc7881145b3796380474c2ceb57e27726c9e50b746a2b12a214fea9cfd6c668363fe6e402710665118928fedb2f4900322b0c7d2c348881ea52278dae765c14b51fd5e8f000602aa3978d83b76056410c2260931e35d841793c8a36b191f93c33c0e4e6367ef45a1cf5145d774861224afbb11a7b77bb94492ec49827f713f8309d80d22e17701046e04c5b277f7b423cbbada01e6d40beb56e755e583b8f3de4b67c4b5ac83771b805fa7af49de2fc8b9a223293d83e7eb4eea3a3af1d1221e5d458e7cab60eaf1b51550a1b125ce018d76096f16d922f4aba48a728ec1b7d4812fe2ca789261b6d8e0c8edb3ba9007649084899c4f6b7986c1cb4a98d412c801fb91675ee42e2bb511bff6700772d3c03a7cb6adb41cbddc33053f8f65c164e9bd47b931510046506b169216d0a04edc479bc51c28acc536ced3834a7a9ce8fb55b72fa186a559437bf41f04b733e05986c915bc19f1b2f99d3bae6c13873d32e3c809b71881c3075f8dd1746f36409ac7934c25236ee2752560fcdd5175037a6fc5f0da58a229418ce30f3e64f9eb6ff3fe4498f47fdd69ceac5e792c8c9f087316f334b7f75e3432d3f1d03ee97c8f16485ec906c94e6c9580f7d03d98a8da85ec118b77c6c1d3b2e99fbf4b45e66cb4f8817f786d1f90e1e5e250be8c240a9648a219a02e62acbd72d1b0c0b42c75065a35664ea6a03cb05ea179f2e8e50e3d7ed53d31cdc10cf5fce48781fa338e3ee819f410540f045cb0edd7b2d219993faaa97cf95aa6144e889a02069421291d05eade30693a751039fece452c22d1afba081d1c40178fed7684cae475fcc365484118a184670cd7aa2758bdb01058ea9b244d5241f627bc5be11c9395e3cb839b0eac7842a312e1fc8b4ddae2aa4ef907ca5c9b847785051323e16d5497c4424289496277475bba67da750fa05bd8be730e4aabaeb94641fa2263dd3d4eb511b4fa40b8cf8b16d7aded1163f2258add79b04e1eb888afa27d057de2523863fc2da38d44cc69ae2d455900eede5fce69d7e9f8707cdb2456a45dda14d257eee4982f86259b855a0293068aa4aeff9439bc06c8ed5a370fe46fa88fa9bb92872166ac69152d1cbb4720eec5b9a057890cbb838aef12091454fe721395b46f9fa29ec1829fedf65aaec1176bb9eb15511bd77e7d4fe7321b3e0dfda95e5c90c3663956477885d6d94b280f58edbc77e864dca73536cd4988bcde2a3edb91704ad59148d85a001e393cebdb56ee088fa1033cdc6fbcbea30e2974035bfe29cee1eace13e30950bb4658886dae7e565ffd7b71e41feecbcac35fd97c81a8fff9d2a1d43f183c6e984671e06645eb0a60228d1b6c12c28bc6eaa4b9125c57b48ced2e199ed3acf12dbe10af4a56f2f5dca829fd07fc3f7e0de6913c73be0ada3e43bcbe70de784de699d0b51d7a56a3eacaf5d7dcd77d73cfb82e04633574213e05dc98850d822bc6dc90dc3fd6184296287342e2243fe6f0cf94e6d02a1b900d0c718e2afbe7fea2fafa375f209fb9cef5d844b861a1029aa3dd7081e81fe6501bbb413dcd23e013f279ef87e082335ade324b7688054992ccc63fbf9153213ab6d07ed0b79945d19639aaa5dd10e53aafe57f1e323300246cb1d6ede1eb1f319ca6fe1b0cc8e733b34818425888110b6eabe2db302310d0a8bcdd5342146b29c535cc9a95a455c8926d77323a31b948d47dc611815a329654a252fd09dbcec5f3cd8bc7e465759eb8e72ff6fd4ef1f375e4e8762a58148622d14480b7bb9aca2eeab3367a7376c9c85e6ba1735e56a2fcc6baf92c8d21942883f318eab7a568fc7ff01885a7089aa7661b15d73799bc0b8f8ce6a3b61adb6949965a223850b6825616c036e099952e04fde7cf086b5e76d45b86ab78b322f9af580173f2e798a39df7cade0d365c9d46d3fb36970f8a99d7b20a1b275afff852126f21ac24ca8c34deb49ba511f4d9edb4f56941aaaa477253f9bfc9a25a2694bbbe3b917074dd4eb6f1be20395ac33dd932a7ccf0604d64257b5af3faf271c145c190a528e471a7f23a53b5f9ea1bd0cc36410e9c538e91dd01d162edde856087b60dcba2042e65b6ae7b81787bd3308db9eb025b6fd930a9eb74a30883b83cfa8be5270dd3ee3408db7f7b136adebb3ee30f0e0b8835a0ded325363e4a2991cafd4a73483954c0f5d3358b25780608fa48f3f527c7e617ec12eb017df33f5088676d8bc476da251e608394e3d8fc0883fd4d1804f8e07f5e12ffa4ee80365a88abf29936bf1b255539fef95f5cf3bebcd26817edb28e7b6adf4851dcfe8aa1aa097f67c51557326ccf9c46ee2780d491e87774324d4dcf26f2e472a5e199b0cdef01094ea72bd5ad5fe1be6c9d545df3dc5de550665d220718a2c0baed2833cfb1428e2d1c2b9ea1e29f4b07fd6c51492643d4000716cd1e8a4f9d58b6b04b805d8962495323fd62949b17348418201664c6f2f651f99d73f8d17bb5e52dba2e6f94fa33f816d74bb6a45bd6cbdbd07f530406227c8fd11f390e805bbc17bc0e81076a27c0be023b64777afec0a7a0c3f53f03bc2ca72ae2873d68217a1a6905f414c2cb1b9561dfd07850a026da5f5775a66f8f3a6bc29b48c8a81b06ba30994ba8e7e233e3a3a5d886767ea6de91fbfc0a594c2375d62e71c7209d87d0f6c7a79a0d80da328e93f08650ec745495c771410913d094e4190075b7225761172eb420c82ab493548f6de38e17d3e687a89ce77c67c58b875c48c8a4d1664cbc6f67df357e040444fcd515d92d5823fc3ef6485208b6f3eda8cd09ea3b004f7eb06ac268ae8c3bf571aa3f619222a47540f9af340c80c587f7226e3d715b18c3ee41f64777d3a0a09f32190ad67922f6ecc63c956a715c3c42a6aaaf5e588d119210083ceaa414820b62fef87a678cd3f24f8fa3cdb6629b041cd7555974313f56d1b0e117ea925dc95e18b5d3f4ba9812f1067022945c3f5d547370d45853c4db3c9ca4436d7e649e1ac3ec02f9c1e9139849b46027d4b276cb0eb4b09848999f466f528290e47ba9540ceca89390db3fcbacb1d566e22e917f01f4442bd4dd0d350d057ffdf5b3549ca559901e6ff5147bdc25c11b23f1678f02c20e4e2e6f339b262e2b82eae0b15b4227f1d514f99ec78fbcf80c8f6f243536f2d7a809de05ae5e1d676fe950ad3513f801bbe4d16737def4b5ec4b62f8562cd5432bd372645202edeb286662d7e8d0dadac5b91c903c2756bdc4f5a7c931f2c3f7feace2b83f5459a196000e2ed1e1b2accaa9d637d5e408340161331c4b0047bf2ab31d317bb1c8f6e1b3d52f9f240bd971a447942dd4b73301781656aad9ce9b01aed907b7eb3a78397b97e601b04a4cb028d327ef32cf20c34e8dad9c9b1f981ab5c06a2b0271852e2a1016ee460d8568391c9ece5a2b8f29cbc6f2d6cc2e66c30c96df548e67dd6ad8c1ff09dfa22b2e8b2c52a3948c4febb0910c2d34c0604a5ef930cd53be69a4bed9c9ee057178ece02a6b4df4624191590952888bdfafd2dbeca128d500872a8b236fba9623672c4dc15f56a761ee0c54026112fc464f72d3039587f009b94930dac0dbe444a939b38c0f5bce7aa366bfc2bb909db231178228846f71a56ab219e28cef1b102c1bfadbe8f0916d10a573b8cb38cc2cc2ec496a410a4e82847006d2ed4bac927a63a00416d0bfce59cc69aaf78ddc9566f23582999a655c8ad3b217486fb5a037ce089baf344d55bbd475be4e90b10e92c9c1bae3202c2d63355549f0ac95058724fea81ff9cec027e7b93e2cee43af81c6978fee5faf6216118785251b8ca023115b2f87d5d4b10c29aa3616628ab40a8ef36668ef57d7f9be505eabc01947ca222362818a71b3d63e5725a4d8a2c619b1867f70daa07703360d026d6f65247330be1ba84ddaaa7779591ca261beda4f4c094af65c5c276fe3bfb89f067c8c54af67e78f61bdc114ed4aa869c3adf282d7a8e7272579e9fd9e47611e0dc89f97561110e0141c69b1fa114e27b3d1e2c825ea008a370e08cd0a0610edef20cdd8a7cda0922fff046edfd2ff391a10ffce5dd6045619ce9af6b03f4193d858a76b201ed5beb0f11321707b7b593b23adaee4a0c0caf39dfeebcbd2948030435dc94ca00990c728502ec4686194f0f454304a422023c1b2c5b1ebbcd8cd50fa2d11361e3bbdc306e2739e27de300eda27b1c1ea62d773104cea77c18037c6bcc76423621b45abbe789b384bfdfb46efa1627ff29d9d840bf6e1f05e7e13fae6383e42ce153dcb062fa0cefd0fe9298ddbe77fd78d7036b5a815504b48267203da08ca685bfe8ae89c031074bbe5d3d6dcc6a3a8a8a4d3102765c3b714867f4516df62f214351b97bb8b5697a9f9a9dd78627342b239c524a3943d1d70f8cdd7391f05e7395731a8fc05210c6733ea256040bbbb53389229b84dafaaa3db1d5eca2971d9e550149461f1a672eae2319a99beed48934520666bc54b63085a744b5fc9a9b089b16c50ae945f74adcd4c5d064a12a6e103ef59bcc035a755ad31836eb7d04e5900d3800c822b96b466a9f6611f46b8a7d6131f91c625a5604de5bf01e5ca5d99a714c8dc1160260010f8d55f9125ee453b61c911bdf0824caa804c76d6512802875c5433de9b2e8b6c579a67fec5d2bc64ed3d1c313854221b75c9a0ed42af6f5354e7b1d1bf8661baa1261e68fc20d14b5652d25a536f208bff2b90fefa163a232696e655bcf95bed39355ec865e272fed582aae18858f5096ece40b9108efb00147f9c2ced59bfe2a79826851850ed95b35908dfb4d9ab7da0668a1fa8933ac4f6534e9598481477791fd1a1c269011ac9fe81f0491790e8aac121ffc00e38a7619a1855e6899abc2c670375a3ba4ac0cf652da89a70628cee1a35ae17b3490102e3c88ca324d06fce2151bc9de49472cf6e76ccb16d2a9cbf4161812e2c7758d73631024190fe9b71935de6968b289d3503b497f3f4b6306446ae9c312f8f1c63c1f7e62652173d9ed48cb128815bd44a12061f9b73fbdc6674ab9e0d01807f7bcfa0aa59168420e5ad8b72d7b576e273a1d229934fce2867689a41cb17767cf9defe1a96515a677ba08e10e187a3ce2f1d78e6b43b0d46c36163a1967b203df4f53379ee98422e973ab5c090adff21b5cc84fc78358021f681a0f0fd744f687e4f6c295470bf8f548d2d3dc841481dd51db9124cacde83bc9fef44a3e69e1cb28579d897f3013ac6133395328247fdcc152e5563678258936576196ced017c79bb6a4ea501a44cb25e5af1697afbdb3abb316837470ffdbe985ac3967334a90731602d3fac4f5c2758f04ec9c161a7cf330b7c7549fb62e6c15d07a7203c94edd3a8141c91b2029d6a90b14322337e6610822d9d7bff58c10d9c6cff71822f6456a421a65fdaa5d2c793f256a4e7a39f0d85d65fb95479eff79345c0615c9bbb4fb3324f9360b70dc709b0200042e8461b8cee9ce30beab3e276df48f41f001262fc14153f9764e13b50397442e00d7b11266bde10a3b7f83818086ff0015409679e4472d9e0215804fa9d21cebfa5cb5099cf88750cbeaaf58c2743f2746ea4cb73760ba88a07b91b68553716d563af5d7702219d0c600916dc54242d825c6d68320baf234a39f0b9ea9e6a4a72c4d5829b2f28508f54b33c7e0394a43fe23e7940d9b04bbe790d903a2d2c979e0ea79931b934d094fa2d5948c05cf278c341d788f2061ff617c9fa4700b1e1f0fbfa1b8c42848f2ea01cd318a8748c3336622ead25527ddbcd8a12ba3a5183f4419deb13558ed0ec99e73448c21ede0dbee9c01fc7675e54c60d4dee29c0f8fe81af6fe7b726f5d3c50dac634aefbf1ca6aa4df1b340a4109acf30939f6094c8591218729788111bfde98cd96d4b04b25bcd1bcb7f826241995573bae", 0x2000, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000680)={0x78, 0x0, 0x100000000, {0x6, 0xcbff, 0x0, {0x5, 0x6, 0x200000003, 0x6c, 0x7, 0x40000000000d, 0x3, 0xfffff2df, 0x101, 0x4000, 0xfffffffe, 0xee00, 0xffffffffffffffff, 0x4, 0x1}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
faccessat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x7)
mount$bind(0x0, &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)

1.059800893s ago: executing program 2 (id=952):
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000880)='pagemap\x00')
syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f0000005600)='./file0\x00', 0x200002, &(0x7f0000000040), 0x1, 0x559a, &(0x7f0000005680)="$eJzs3X2QVWUdB/Bzd1lYZGI3BMGBFShfQEIhpVRS7kBBuDJtkjU2GQtioaAwzBI1ii04WLgam1kz5QxCiwjDUmszGmXlygyQk9PWjIPIgjLThjG9SMXEFjU2e+99Lveey+5eyVxfPh9m99zn/s7znOeeOX/c72WfcyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIoujgjtr/rB1ZV75+06hFt199cPSq0RNWVDWdHHWg+rzdl/absWjovuntdw6b0bH6SPX65tsu6IyiRKpfItN/3vSPX/+FufPmlIcBaz+Z3lZWdnfIdNfD6Ub/vCe7+uX/zI+iqCw2QGlmu7s0p52IHyBaXjhgj8pmbVsycEGyduvmp+ouX7J1XOFLp0t5X0+gr2Suq45T11Iy9bsktke2nXPpJfIu0XT/+AX3prwIAOB1mVST2mTfjmbe4mbb9fF6rJ2MtRtj7fAOoTG3cSbS4/bvbp5j4vU+mmcyHRUGdDvPWD1z/rPtmnj/WDsWNV7HPPN3zUSa8u7muSxW76t5AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALyVvFa3Ys34z714sOyX549bvfLk4WvLL3zoq/8uWXrzS68dqlnzl7ah+6a33zlsRsfqI9Xrm2+7oDOKKlP9EunuiWknXr1kYvWcUeuf+N7ETc+OP16aGTds++XsHO0PD66siKIFOZWOMOzRwVFUk19INaPvFhZuTT2YHQoAAAC8k5yb+l2SbafjYFleO5FKk4nUvyAdFstmbVsycEGyduvmp+ouX7J13JmPV9PNeMnTjpdtV576SeQE4xB/4+OdqoddlxeM07P4iPE8P+X5l1+oGHHtT5+pOu+mlde/NPKax9tmfnP48UX7K+8YtGrc2CsK8n9lz/k/nDn5HwAAgP+F/B8fp2e95f/PzK+75Y5HvnJszD2HVw66+8H9G4eVH7nplsn7/jj8hosvvqz2xoL8PybvkAX5P8w45P+S6MzyPwAAALyV/b/zf7JgnJ71lv/bhzff/MB7Di2sbOt4evtlK/b0X3j1RUMOPHTR3In3XjdozPkNBfl/UnH5v1/utMOTz4UJL66IoknFn1QAAAAgT/h/91MfLYS8nv7kIJ7XW+dtGd3y6swvTxj78KH6P1Vtnvj5jUMe37lh5jd2PXf3/RPbzi7I/8ni8n/Zm/NyAQAAgCI0HTpnxNBPJ38e3X/01vnf/+yuR+9b+sWrLtnbOWvC2l9UP72jviD/1xSX/wf0zcsBAAAATuPE+GsW/mPnkd9e1/yJ+5qO/v5Lq0p/NaNp9/62hqZ/bh81e/XkgvxfW1z+Pyuzzax8SHfaE/4K4VsVUVTe9WBZurA3apyWLQAAAABvkJDT75ryfMm9A6edu2Xub06Me+KFPZ/aN3vxhnPWTGp69n2tiz9y4WMF+X9Zz/f/D3c6COv/8+7/V7D+P6eQvuvfVDcGAAAA4N2ocD1/uD1++psLuvv+/WLX///w6xv+mqiqf/ID8342q/P9zT/Z2zr1wZNVf5hz/OGW5MgnL32xIP/XF5f/S3O3b+T3/wEAAMAZeLt9/9+NBeP0rLf7/7c980j1o1d+6GtXza2buuN3H77iz68Mn9qwPXpl+UfbFx342K5fF+T/xuLyf9gOyn15reH83FMRRSO6HmTuJrgtTHdxrNBSllNIn/hYj7mhR6bQMiCnkLIs1uODFVE0tutBfazw3lBojBWODc4UNsYKbaGQuR6yhR/ECq3hSvvO4Mx044Ufh0JmgUVLWEExKLskItbj79316Cqctkd79uAAAADvKiE8Z7JsWX4zikfZlkRvO5zV2w4lve1Q2tsO/WI7xHfs7vmoNr8Qnv/Rt294ecBdD2yom7Jl04KqhrPX/euxyZNuX7Z2Z93SziF/W7euIP9vLC7/h1PRP73pbv1/FNb/Z77XMLv+vzYUKmOFllCoid8xoCYcIx12G8IxKmsyPY6NyBYAAADgHS18LlDax/MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7J373FW1nXiwL8zzIUZhplRMS+RISaKwTCMKYaZID/TnwQOq6WFJgSDjgxCXEzQTUTd1VzB2+ZtE0jdtIwoNbVUeGnekspLsKl5SfHSK41lS5Js133NnPM9nPOcOc5BQBn3/f5jzvecz/f6nMuc7/M85/sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/N2z85GVfeHmfj/xg3cKBi1eP+krfI4cMn3DMNTceu/jhb0/e777f//8+aw575sydR60955XRi245de+3QmjuKFeSKl5y6F/XNQwePabvotuvGbz0kYF/qUjXm46HXu1/StN3zoutru0dwh0lIZQlA4NrUoHy9P2aWF/fmhB2CJsCmRIt1akSyYbDA1UhLAmbApmq7qoKoSYrcOwT9624uD1xRVUIe4cQKpNtPFuZaqMqGRhQkQpUJwPTy1KBv76TkgncWZoKwBaLb4bMi355c26G+s7LFXj9lW+1jn2wksPrERP1hfO9MXIbdypLRfKB5i162vKqY5vIe3us9G7rBu+2vO18iact+4tU+hvKO5tClaF0csuUiXPaZsdHSkNDQ49CNW2j5/np9WdN2px0t3kdxg7Ub5XX4aoLe49d/OhRw2+tG35Dn0ELN25pNwtt3m2tMqRfc93meYxG+DzpBm+/vG9J/XzpCiHsf9v42798wcs3L7h87K4HPbHTsDc+u/vdLT+75YTxxx++fsVXf//jvPl//bvP/+PLOd6W5uSOrb5dm5qbx0dqYmJdbWpuDgAAAN1Gd9hr+srq/5722X3HDX185OrqW2+659SL7/v8tT9r3a/t4bE77fj8vvN+lDf/71fc8f94yL8me7QrQxjRkTi3LoRdOx5PBW6O3flqXQh7dqSacwMjE4GVIezWkRiYqSpRomcs0S8ReLU2HRiRCDwYA82JwI0xcEkicF4MLE8EJsXAykTgsBgIrbnj2K82PY6iA1UxMCG1EZfHsxD+XBtbS2yrZzJVAQAAbCXp2WF57t2scx22NEOcXi6v6ipDPAO7YIbKRA3JGWxmWlWwhrKuaijtqobMuOe/+/Dzai7pqua80zBKcjNcWXXLpT8aNumNu2e8tOG0Iz7x2quP1S/96afXXfPGU9Mr79/j8ofz5v+N7z7/r+ykIyV5x/9DGNfxN+YuTUfaMvEJzTkZAAAAgC3w1sADvvydsq/NfeH3jwz75K+vfez1lQ9/dO8zb1v7/Bk/+NZ3au4fnTf/H1Hc+f9xn0iPrMxhVdwNMbUuhMbcQKrag/MDqaPevdIBAAAA6A4yx+Mzx8Jb07epU7ST8+n8/M2bmT8e+B/Raf7131p2/Y6feGT2Q7W3zXhqw+NfWTl64bEz3xh05dmP7HvoQU+N/Gze/L+5uPP/q3NvU514MPbi8roQemYFHoq9bA906BcDLxyaG0iP/8G4AS6KVaVPTMhUdVEsMSEGGhOBJYVKPJYpsWtuIP1kZRo/NzOO1nSJrAAAAAC87+LugHhcPp7/v2LBXZf9x41/umzVgUtnnzz98de+V1H5zknL7zyxzwX39li008hJefP/CZt3/n/HPDjv9P62XiEMKQuhR/KHAauqUwsDxkBNSTpxT3Wqrh7JqhZUh3Bw+8CSVb2YXv+/LLnG4JNVqapiYNf+N60f0J64oSqEIdmBNeOXHtCemJMIZBr/YlUIH28fbbLxn/RMNV6ebPyqniHskRXIVDWpZwjtjVUkq7q/Mn0dg2RVyytD2CkrkKlqWGUIcwMA3VX8Xzo5+8FZc+dNndjW1jJzGybiTvyqMKW1raVh0vS2yZUF+jQ50eecdYzOyR9TsZe++V16jaLVx0ytKyad+aFgY3Zb6R35eWcOpu/HL0PlHeNsKs+5u39yyPvuld9EyPoqVWjIpdt4yNXZlWx6EvPqj/krQq/Qc86slpkNZ0ycPXvm0NTfYrM3pf7G40ypbTU0ua2qO+tbES+PgstlJbzXbTUgu5Ihs6fNGDJr7rzBrdMmntxycstpwz7VNKxp6P5NjUPaB5X+28VIB3RWc2Kk7ywtclhbcaS7l2VV8n58aEhISHS3xE2Xj39m0UcXV3538UmXPHH++WefcvrOt1057ft9p48fdOXnlkz9et78f8a7z//jp0784E+vz1Do+H99PMyfenzTYf4JMbCk2OP/9YWO5mdODOiXCMyPgfkO8wMAAPDhEHdHxr2Zcad07SvfOP1/Tjii9NA/HP2LpqGDdrnw1qkDbnx94+kf23vekmvLKvKv/ze/uN//b6X1/zNL1x9VaJn/gbFEY6H1/5PL/GfW/59faP3/5DL/mfX/l3wA6//PyQQSm+TP1v8HAAA+DN6/9f+7XN4/eYGAvAxdLu+fvEBAXoYul/Ev9gIBm73+/89/XrbDx47YrW/ZF56YuNedB/7mpGkP7vKjUVev+3RT/TfPWPPzZXnz/0uKm/9buB8AAAC2Hyfs+6UBC14a8vVzpj/ww8Ezdn7purOfH3HPL4/75MYxfddVr+v76bz5/5Li5v/v//p/odD5//0KBZoLLQxo/T8AAAC6qULr//3t42d987p+O24Y1O/M29+6emrJ8L2fO/XXbRc9NOrwj435xyWTrs2b/y8vbv4fT7sozckde/N2bWpNu5Bc025dbeYnAwAAANA9lIaGhvIi8+YsjDryvbf5dHop0HdLZ9vtE6vWnHvvdX8fcvP5C9Ydf3rtQUf+oeyQOydf99KCU/boX/Pc2rz5/8ri5v85v8tYdWHvsYsfPWr427fWDb+hz6CFGzcd/wcAAAC2nWL3SwAAAAAAAAAAAAAAAB+8Y1b95Kz/+uWY4+4cNu/qR3d+/OT//PqsM1on/aLtiHUHPLv0hk/tk/f7/zCuo1yh3//H6/7F3xf0yckdW+16/b/0/WNHL5vbsWThqtoQ9soOTF0wdYeQvjb/PtmBFScO3KU9sSBZ4u7nDnu5PXFSMnDk4B03tCc+kwhMiIsk7pYMxKsqbuidCMTlFZ9MBuL2WJ4MVKQDF/ZOjaMkua3+UJPaViXJbfV0TQh1WYHMtrqjJtVGSXKAVyQCmQF+LRmIAxybDpQme7WsV6pXMVATiy7uleoVAADbrfgtsDxMaW1raYxf4ePt7mW5t1HOkmXn5FdbUmTzv0svTbb6mKl1xaR7JL+LbrrWeHmobB/C0Lyvq9lZSjpGuXVq6WLT9Skw5K5WeystUC5pczddReERVaVG1DBpetvk8i4Hvn/XWZrKuswyNG+yk52ltGOTFlFLEX0pYkRFbpsiuhzvl4aGhh6JXMNjsD7k6OoVUezv9bPX+Sv0KsjOs3zUQQOOW/bcgRMWPXnQtKnhI5e9M2Li5FmHXPHiU0vnjxw0oUfe/L++uPl/Zfa4NqQvBjA/Xlnv4LoQJhQ5IgAAAPjwO+W05y674P5LX32hecDL04dcuuK3c6+aV1Z783mHP3336W+OX3jSlsYHDHtj6Kl3/ebcjU2jHrqy99X3X7PTkXU//H/Vvea+tWLQmy/cvVfe/L9fcfP/uAcrfSg4tbdjZbz+/7l1IXRcWr8+Fbg5DverdSHs2ZFqjiVSF9Q/KpZoTAVujjtMBsYSE5pzq+oZA8sTgVdr04GVicCDMZDeS3FTSO/KubQ2hAM6UuNyS8yIJeoTgaNjoF8i0BADjYlA7xgYkQi83jsdaE4EHo2B0Jq7rW7tnd5WAAAAmyM9zyrPvRuS87zlZV1lKOkqQ3VXGUq7ylDZVYZCo4j3fxwzlCdOXinJylSerLUqUUtehngx/M3uV16G8FhuzmTBvKbj+QeZ8w1KcjNccWbF9Dc/33/R8UPGrB/ftPhzc38a/uHtOW9d8OYvz6977pqNJXnz/8bi5v/Vubep1h+M8/9N1/9LBR6K3bs8njreLwZeODQ3kN4x8GCc7F6Uqao5XSI9ab8olhgRA/0SgRkxMCIRmDAuHViyS24gPdPONH5upvHWdImsAAAAALzv4g6CuJsmzv+fXTv+iWnjf3vQZX1nLzx/+VFffvrXx736i3t73v3d/osebitZuzpv/j+iuPl/bK9XdmPnxd6s7R3CHSWbepMJDK5JBeJ+jJr48/i+NSHskLWDI1OipTpVoiLRcHigKvUL9YpkVXdVpdYYiPePfeK+FRe3J66oCmHvrL0vmTaerUy1UZUMDKhIBaqTgellqUDc85MJ3FmaCsAWy+wVjC+o9KkuGfWdlyvw+vuwXBM0Oby8faCd5OvsN1fbSmXygfQ+1YzNe9ryqmObyHt7rPRu647vtnrvtuwvUulvKO9sClWG0sktUybOaZsdH8n+JWuebfQ8Z/9KtZj0Vngdzn/vve1aZbIDjYmPj8bOy3X+OiyJ1a26sPfYxY8eNfzWuuE39Bm0cGPR3Sgg/lB45rCr6rM377ZWGdKvuW73edLs86Q7/hvo52kLIYy7d+xFjYfcuHDSiP7X73xH7fDLvzT4lkMbnx1XM2eXw8e89sV5efP/5uLm/2WJ2w4b48acVRfCvlkbd1Xc/KPqUp+DWYHUp+RO+YHUIfeXagt+cgIAAMDWltndkdlf0Jq+TZ0Qnpwn5+dv3sz8cX/FiE7zF9vv/lecsnL0hAN/23f8XoccvM9Zdy04er+/Tbz+tT9Wj5z0wPd+tfr6vPn/hHef//dMdNPxf8f/2UYc/+/U9r4rumfygflbtCs6rzq2Ccf/O7W9v9sc/++U4/+O/3fG8f8uOP7fqe39acv7ljTDl64Qwr9f/vm/vX3Pbv02LC393pQH5vU//rLvL1r2k52f+efH/mn69H33/FXe/H9GcfN/6/91vmhfZv2/CYXW/5tRaP2/+db/AwAAtqkCC80l53l5q/flZUiu3peXocsFArtcYtD6f5u9/t+L/3Lpgr2mjv3GiWc9dnDvR+tHrRkz6O8nvbrnmuuevHLoIyf8/dt58//5xc3/48uhV3br3WX9v37jClR1SQzMsDAgAAAA26NCOwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4YJ31xynnjVjw+J+ap39l/fLx32nd8fGHprzefMQPRy87es0pu5xyb581hz1z5s6j1p7zyuhFt5y691shtHaUK0kVLzn0r+saBo8e03fR7dcMXvrIwL9UpustT99+NCd3bPXt2hCWZD1SExPratvvbAocO3rZ3LL2xKraEPbKDkxdMHWH9sSNtSHskx1YceLAXdoTC5Il7n7usJfbEyclA0cO3nFDe+Iz6UBJsrv/1jvV3ZJkdy/uHUJdViDT3VN751aVaeOIdKA02cZ3a1JtxEBNLHpVTaqNGGiLJVp7hjCkLIQeyaoeqUxV1SNZ1U8rU1X1SFZ1dmUIB4cQypJVPV+RqqosOfLHKlJVxcCu/W9aP6A9sbQihCHZgTXjlx7QnpiZCGQaP6YihI+3v2SSjd9anmq8PNn4v5aHsEcIoSJZ4s2yVImKZIkXy0LYKSuwaSOWhTA38OEQP30mZz84a+68qRPb2lpmbsNERbqtqjClta2lYdL0tsmViT4VUpKVfuec9z72360/a1L77epjptYVky5Llyvv6HJTec7d/bf33sd+VWdXsun5yKs/5q8IvULPObNaZjacMXH27JlDU3+Lzd6U+tsjHU1tq6HdZVsNyK5kyOxpM4bMmjtvcOu0iSe3nNxy2rBPNQ1rGrp/U+OQ9kGl/26NkS59/0e6e1lWJe/H+19CQqK7JUpzPt0at/fP8bwv+ps6Wh4qOz6g86YV2VlKOka5NQY98j2O+L18TelyREPzJg55WZq6zrJ/3mRiU5aqVJaOr3V5k8Psmko7Nmm8XxoaGnoU2g71uXezN+8bW7B5n05vumLTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwv+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwLAAAAAAgzN86jJ4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAD//+GI8JI=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x40180, 0x0)
ioctl$FS_IOC_RESVSP(r0, 0xc0189436, &(0x7f0000000240)={0x0, 0x0, 0x2, 0x8, 0x4})

629.938208ms ago: executing program 2 (id=954):
syz_emit_ethernet(0x2e, &(0x7f0000000040)={@multicast, @link_local, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0xe000, 0x0, 0x11, 0x0, @empty, @empty}, {0x4, 0x4e21, 0xc, 0x0, @gue={{0x1, 0x1, 0x2, 0xc, 0x100, @void}}}}}}}, 0x0)
syz_emit_ethernet(0x2a, &(0x7f00000000c0)={@link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}, @multicast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x4002, 0x0, 0x11, 0x0, @empty, @empty}, {0x4e24, 0x0, 0x8}}}}}, 0x0)

440.525434ms ago: executing program 2 (id=958):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'bridge0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000600)=@newlink={0x4c, 0x10, 0x401, 0xfffffffc, 0x80, {0x0, 0x0, 0x0, 0x0, 0x24413}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPVLAN_FLAGS={0x6, 0x2, 0x2}, @IFLA_IPVLAN_MODE={0x6, 0x1, 0x2}]}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x4c}, 0x1, 0x0, 0x0, 0x2004d808}, 0x0)

361.175488ms ago: executing program 0 (id=959):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000100)=ANY=[@ANYBLOB="1201000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905849d"], 0x0)

300.26572ms ago: executing program 2 (id=960):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)=ANY=[@ANYBLOB="ac0200002d00010027bd7000000000000400000098021a8093"], 0x2ac}, 0x1, 0x0, 0x0, 0x4042804}, 0x84)

300.001589ms ago: executing program 3 (id=961):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt(r0, 0x84, 0x81, &(0x7f00000002c0)="1a00000002000000", 0x8)
setsockopt(r0, 0x84, 0x81, &(0x7f0000000300)="1a00000002000000", 0x8)

236.267429ms ago: executing program 2 (id=962):
r0 = syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000480)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_TIMEOUT={0xb, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)={0x77359400}, 0x1, 0x8})
io_uring_enter(r0, 0x7aaa, 0xfffffffd, 0x0, 0x0, 0x0)

235.9396ms ago: executing program 3 (id=963):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000280)={'dt2817\x00', [0x4f27, 0x5, 0x2, 0x401, 0x1, 0xcc7, 0xfff, 0x5c952399, 0x5, 0x3ff, 0x7f, 0x1600, 0x1, 0x0, 0x9, 0x3, 0x4, 0x1, 0x3, 0x0, 0x80000089, 0xfffffffd, 0x6, 0x6, 0xffffeadb, 0x2, 0x1003c, 0x5, 0x4, 0x8000000, 0x6]})

189.354094ms ago: executing program 2 (id=964):
syz_open_dev$tty1(0xc, 0x4, 0x1)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c0000001000010700000000000000000a0000000600010017"], 0x1c}}, 0x0)

188.975401ms ago: executing program 3 (id=965):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_NEW(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000000)={0x1c, 0x0, 0x2, 0x201, 0x0, 0x0, {0xa}, [@CTA_EXPECT_MASK={0x4}, @CTA_EXPECT_TUPLE={0x4}]}, 0x1c}}, 0x0)

90.133041ms ago: executing program 3 (id=966):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nfc(&(0x7f0000000380), r0)
sendmsg$NFC_CMD_VENDOR(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000400)={0x24, r2, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}, @NFC_ATTR_VENDOR_ID={0x8, 0x1d, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x8000)

405.494µs ago: executing program 3 (id=967):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x3, 0x4, &(0x7f0000000640)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffef}, [@call={0x85, 0x0, 0x0, 0x4f}]}, &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00}, 0x94)

0s ago: executing program 3 (id=968):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sendmsg(r1, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x0, 0x10, 0x0, 0x0, 0x80000000b4c, 0x9, 0x7fff, 0xfffffffe, 0x400003}, 0x0)
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file3\x00', 0xcc0, &(0x7f00000001c0)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6865617274626561743d6e6f6e652c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c636f686572656e63793d62756666657265642c6572726f72733d636f6e74696e75652c757365725f78617474722c626172726965723d30303030303030303030303030303032363131352c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030362c696e74722c6a6f75726e616c5f6173796e635f636f6d6d69742c00535d4e036013ec9e6e7ecdee3849b40884b95e94f35cec9600cd19beb0"], 0x1, 0x442a, &(0x7f0000004480)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZM3cRObaNQQ6EmliZTSUmixptrGeNkusG3RhW1gMR56wFsTTyYejIdGE2+cGg5e65/gxWM9N9GDFxOTRszuzgIz7IaVsGDr53NgmOc3+5159pnD8MSJyp25pdzcUq6wkCvP3Fo6k/u4XFqeL4Z4nzTt/9D+9U97OnGdHPS190929fzFd2+cCeH72R+frK+vr4eq7tDU0Jbff/v13szWY0OcqVNtt3lre+WDEMLJbeOq6gohvP9dCFEI4VySNpoce0MIx0I978a9z27m9mg0Dx8Xz+afTt1fGz49ufpgrfXfHoXwVel/r92e//nFruGfXtmj7gEAAAAAAAAAAAAAAAAAeMaNX7t6/Z3BofAoCt2r0fb3dceTY6v3Y9f3zAud/2MBAAAAAAAAAAAAAAAAAADgb2rz/f9cdKLJ+/9jyXGkRf31tzo/Rjpn4u2rYxcGh5L936Nt+a8nSb+c6wr9TfZ9z+7/fi5Tv/n+79v72a3G+Br99oUoHkidx/HAQAjfJBu/n4qOxKXyUuXVW+Xlhdk9G8YzKx3/+u79qegkG/q3G//RTPud3///v9uupur5zb27xJ5r6fh3tSz37adRW/E/n6m3H/Fn99Lx766l9W4tMFKfAKrx/7x75/iPZdrvVPyPhxByUXWsudQMUF3DVNNbrVdIS8f/UC0tNXUmH2Sr+//3TPwvZNo/qPl/JftFRFPp+P+rltaTKrF5//fHO9//FzPtH0T8q+Nf8f3flnT8D9cTu1NFap9ku/P/eKb9TsX/epyM83iUugJWo3p6q/9XR1o6/j3b8jef/+K21n+XMvX36/mv0W/j+a8x/b8c1Z//aC4d/96W5dq9/ycy9To9/4/U1n/sVjr+R2pp6bVzX+1nu/GfzLTfqfjXViU9jfhvzid/HK6nf23915Z0/P9dT4y3llip/ayt/6Kd1/+XM+0fxPqvOv6VuLO9Pi/S8T/aslw1/j+08f1/JVOv8/EPYdBaf9fS8T/Wslzt/u/ZOf5TmXqdjv9LnWwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Bkwmhz7QhQPpM7jeGAghPPJ+alwJJouzOanS+WZj5ZCGEvSc+FEdLtUni6U8nML5dlivlAqlWdCuJDknww90VKpXMnPF+5e3GirN7pTLCxWpouFSghhPEn/fzjWaGt6rjJfuBtCuLSR95+4vHj3TmEhPzu3+Obg4OBgmNgYQ39U/KRSXKjUe6/nhjC5Ubcv2jK4WvbljbEcjT4sLy8uFEq19Ctb6pTKM4XSljpTSd4XoT+qLC4vzBQqxXypfLvR30EaSY5jE9feu3ZlaFv+zah+HN3fYQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFz0afuPLEEJ3/SwOIYw0fomalX/4uHg2/3Tq/trw6cnVB2tPWpUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+JMdOBAAAAAAAPJ/bYSqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoq7NIxSgNBFAbgN2Ohdh7DatntbFcU0cIVwRPoMTyMHsVLeIcUKdKmCIFkFsJmF7ZJqu9rHszPzHswDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHme3ruPt7qJSHG1uYz4+/pfHOYvpf7cj9+/OMOMnM7za/fwWDfl39NRfleOlm3epevV92eM1N7vYE+G+7TX97menGtq36bm6/veRMpVRLQlv005V9W8twAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgyw4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRR9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD///4CHxA=")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
fallocate(r2, 0x0, 0x0, 0x8ffff)
truncate(&(0x7f0000000040)='./file1\x00', 0x40006)

kernel console output (not intermixed with test programs):

95][ T6101] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   72.952077][ T6101] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   73.078290][   T32] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   73.129361][ T6109] capability: warning: `syz.0.72' uses deprecated v2 capabilities in a way that may be insecure
[   73.149651][ T6109] program syz.0.72 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   73.359834][ T6121] netlink: 96 bytes leftover after parsing attributes in process `syz.0.76'.
[   73.419390][ T6123] netlink: 'syz.0.77': attribute type 5 has an invalid length.
[   73.425887][ T6123] netlink: 'syz.0.77': attribute type 5 has an invalid length.
[   73.787303][ T5901] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   73.946952][ T5901] usb 1-1: Using ep0 maxpacket: 32
[   73.973124][ T5901] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   73.982306][ T5901] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   73.986171][ T5901] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   73.992398][ T5901] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   74.006505][ T5901] usb 1-1: config 0 descriptor??
[   74.031332][ T5901] hub 1-1:0.0: USB hub found
[   74.225645][ T5901] hub 1-1:0.0: 1 port detected
[   74.229444][ T6135] loop1: detected capacity change from 0 to 256
[   74.406986][   T24] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   74.556689][   T24] usb 3-1: Using ep0 maxpacket: 16
[   74.572924][   T24] usb 3-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[   74.576671][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   74.579551][   T24] usb 3-1: Product: syz
[   74.581055][   T24] usb 3-1: Manufacturer: syz
[   74.582621][   T24] usb 3-1: SerialNumber: syz
[   74.590320][   T24] usb 3-1: config 0 descriptor??
[   74.602609][   T24] visor 3-1:0.0: Sony Clie 3.5 converter detected
[   74.879267][ T5901] hub 1-1:0.0: activate --> -90
[   75.011474][   T24] usb 3-1: clie_3_5_startup: get interface number bad return length: 0
[   75.015746][   T24] visor 3-1:0.0: probe with driver visor failed with error -5
[   75.210835][ T5901] usb 3-1: USB disconnect, device number 2
[   75.421412][ T5915] usb 1-1: USB disconnect, device number 2
[   75.486827][   T10] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   75.656797][   T10] usb 2-1: Using ep0 maxpacket: 8
[   75.664650][   T10] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   75.668868][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[   75.672890][   T10] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   75.677459][   T10] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[   75.681163][   T10] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   75.686282][   T10] usb 2-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[   75.689636][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   75.694495][   T10] usb 2-1: config 0 descriptor??
[   75.813541][ T6166] loop2: detected capacity change from 0 to 256
[   75.857161][ T6166] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x76936814, utbl_chksum : 0xe619d30d)
[   75.892211][ T6166] exFAT-fs (loop2): error, invalid access to FAT (entry 0xffffffff)
[   75.895623][ T6166] exFAT-fs (loop2): Filesystem has been set read-only
[   75.926027][   T10] usb 2-1: USB disconnect, device number 2
[   76.143978][ T6182] Bluetooth: MGMT ver 1.23
[   76.270031][ T6186] loop0: detected capacity change from 0 to 256
[   76.299655][ T6186] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[   77.150882][ T6216] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 4, id = 0
[   77.184445][ T6218] loop2: detected capacity change from 0 to 512
[   77.217090][ T6218] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.220931][ T6218] ext4 filesystem being mounted at /26/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   77.319280][ T5849] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.345058][ T6231] loop1: detected capacity change from 0 to 512
[   77.373976][ T6231] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[   77.383022][ T6231] EXT4-fs (loop1): 1 truncate cleaned up
[   77.385591][ T6231] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.394348][ T6231] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   77.468523][ T5847] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.519285][ T6241] loop0: detected capacity change from 0 to 256
[   77.561724][ T6241] FAT-fs (loop0): Directory bread(block 64) failed
[   77.563990][ T6241] FAT-fs (loop0): Directory bread(block 65) failed
[   77.566291][ T6241] FAT-fs (loop0): Directory bread(block 66) failed
[   77.572791][ T6241] FAT-fs (loop0): Directory bread(block 67) failed
[   77.574984][ T6241] FAT-fs (loop0): Directory bread(block 68) failed
[   77.582917][ T6241] FAT-fs (loop0): Directory bread(block 69) failed
[   77.585111][ T6241] FAT-fs (loop0): Directory bread(block 70) failed
[   77.593088][ T6241] FAT-fs (loop0): Directory bread(block 71) failed
[   77.596241][ T6241] FAT-fs (loop0): Directory bread(block 72) failed
[   77.600752][ T6241] FAT-fs (loop0): Directory bread(block 73) failed
[   77.613703][ T6248] binder: 6247:6248 ioctl 4018620d 0 returned -22
[   77.620649][ T6242] loop2: detected capacity change from 0 to 4096
[   77.624799][ T6241] FAT-fs (loop0): error, fat_free_clusters: deleting FAT entry beyond EOF
[   77.639584][ T6241] process 'syz.0.130' launched './file0' with NULL argv: empty string added
[   77.667261][ T6249] binder: 6247:6249 ioctl 40046205 0 returned -22
[   77.681730][ T4650] kworker/u9:6: attempt to access beyond end of device
[   77.681730][ T4650] loop0: rw=1, sector=1224, nr_sectors = 4 limit=256
[   77.736174][ T6252] netlink: 32 bytes leftover after parsing attributes in process `syz.2.136'.
[   78.196910][ T5856] Bluetooth: hci2: command 0x0401 tx timeout
[   78.199048][   T57] Bluetooth: hci2: Opcode 0x0401 failed: -110
[   78.212847][ T6259] loop0: detected capacity change from 0 to 32768
[   78.293747][ T6259] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   78.342280][ T6259] XFS (loop0): Ending clean mount
[   78.361725][ T6259] XFS (loop0): Quotacheck needed: Please wait.
[   78.399537][ T6259] XFS (loop0): Quotacheck: Done.
[   78.443154][   T33] audit: type=1800 audit(1757508866.343:2): pid=6259 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.139" name="file1" dev="loop0" ino=6150 res=0 errno=0
[   78.536023][ T5855] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   78.955178][ T6278] netlink: 'syz.2.144': attribute type 1 has an invalid length.
[   78.985938][ T6280] loop0: detected capacity change from 0 to 4096
[   79.010586][   T10] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   79.022856][ T6283] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   79.169509][   T10] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   79.177123][   T10] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 15
[   79.188754][   T10] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   79.198112][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   79.201017][   T10] usb 2-1: SerialNumber: syz
[   79.219712][   T10] cdc_ether 2-1:1.0: skipping garbage
[   79.223017][   T10] usb 2-1: bad CDC descriptors
[   79.234601][   T57] Bluetooth: hci2: ISO packet too small
[   79.441135][ T5915] usb 2-1: USB disconnect, device number 3
[   80.008551][ T6298] loop2: detected capacity change from 0 to 131072
[   80.015465][ T6298] F2FS-fs (loop2): Wrong CP boundary, start(512) end(1536) blocks(0)
[   80.019076][ T6298] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[   80.027193][ T6298] F2FS-fs (loop2): invalid crc value
[   80.098637][ T6298] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   80.109812][ T6298] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[   80.112835][ T6298] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[   80.557464][  T794] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   80.706893][  T794] usb 1-1: Using ep0 maxpacket: 8
[   80.718672][  T794] usb 1-1: unable to get BOS descriptor or descriptor too short
[   80.722063][  T794] usb 1-1: config 8 has an invalid interface number: 154 but max is 0
[   80.724603][  T794] usb 1-1: config 8 has no interface number 0
[   80.727447][  T794] usb 1-1: config 8 interface 154 has no altsetting 0
[   80.733561][  T794] usb 1-1: New USB device found, idVendor=055f, idProduct=a800, bcdDevice=4f.f6
[   80.742370][  T794] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   80.744970][  T794] usb 1-1: Product: syz
[   80.746229][  T794] usb 1-1: Manufacturer: syz
[   80.758230][  T794] usb 1-1: SerialNumber: syz
[   80.984296][  T794] mdc800 1-1:8.154: probe fails -> wrong Interface
[   81.013416][  T794] usb 1-1: USB disconnect, device number 3
[   81.181278][ T6346] loop2: detected capacity change from 0 to 512
[   81.198773][ T6346] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   81.220750][ T6346] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #17: comm syz.2.173: iget: bad i_size value: -6917529027641081756
[   81.225835][ T6346] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.173: couldn't read orphan inode 17 (err -117)
[   81.231312][ T6346] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.274711][ T5849] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.300221][   T10] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   81.476792][   T10] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   81.482769][   T10] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   81.496180][   T10] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 62976, setting to 1024
[   81.515260][   T10] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[   81.519622][   T10] usb 2-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   81.541058][   T10] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   81.544161][   T10] usb 2-1: New USB device strings: Mfr=1, Product=130, SerialNumber=3
[   81.547330][   T10] usb 2-1: Product: syz
[   81.548783][   T10] usb 2-1: Manufacturer: syz
[   81.550588][   T10] usb 2-1: SerialNumber: syz
[   81.567964][   T10] cdc_mbim 2-1:1.0: skipping garbage
[   81.656717][ T5901] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   81.775617][ T6342] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   81.806737][ T5901] usb 3-1: Using ep0 maxpacket: 32
[   81.835050][ T5901] usb 3-1: config 0 has an invalid interface number: 184 but max is 0
[   81.847694][ T5901] usb 3-1: config 0 has no interface number 0
[   81.862804][ T5901] usb 3-1: config 0 interface 184 has no altsetting 0
[   81.879204][ T5901] usb 3-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[   81.891005][ T5901] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   81.897435][ T5901] usb 3-1: Product: syz
[   81.899473][ T5901] usb 3-1: Manufacturer: syz
[   81.901540][ T5901] usb 3-1: SerialNumber: syz
[   81.925669][ T5901] usb 3-1: config 0 descriptor??
[   81.952961][ T5901] smsc75xx v1.0.0
[   81.954493][ T5901] smsc75xx 3-1:0.184 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[   81.979639][ T5901] smsc75xx 3-1:0.184: probe with driver smsc75xx failed with error -22
[   82.371402][ T5915] usb 3-1: USB disconnect, device number 3
[   82.389259][ T6342] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   82.619190][   T10] cdc_mbim 2-1:1.0: bind() failure
[   82.633591][   T10] cdc_ncm 2-1:1.1: probe with driver cdc_ncm failed with error -71
[   82.645462][   T10] cdc_mbim 2-1:1.1: probe with driver cdc_mbim failed with error -71
[   82.659350][   T10] usbtest 2-1:1.1: probe with driver usbtest failed with error -71
[   82.667864][   T10] usb 2-1: USB disconnect, device number 4
[   82.913264][ T6373] netlink: 4 bytes leftover after parsing attributes in process `syz.2.184'.
[   83.041937][ T6380] loop2: detected capacity change from 0 to 4096
[   83.046909][ T6380] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[   83.068444][ T6380] ntfs3(loop2): ino=19, mi_enum_attr
[   83.070579][ T6380] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[   83.231368][ T6382] vlan2: entered promiscuous mode
[   83.233476][ T6382] macvlan1: entered promiscuous mode
[   83.393490][ T6392] loop1: detected capacity change from 0 to 4096
[   83.422876][ T6392] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.471830][ T6392] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[   83.513425][ T5847] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.687193][ T6408] loop1: detected capacity change from 0 to 8192
[   83.756735][ T6411] mmap: syz.2.201 (6411): VmData 175878144 exceed data ulimit 5. Update limits or use boot option ignore_rlimit_data.
[   83.914899][ T6418] loop2: detected capacity change from 0 to 2048
[   83.940442][ T6418] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   83.970910][ T6418] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[   84.083408][ T5849] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.764180][ T6435] loop1: detected capacity change from 0 to 32768
[   84.792781][ T6435] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[   84.830124][ T6435] (syz.1.209,6435,1):ocfs2_mknod:505 ERROR: status = -2
[   84.834059][ T6435] (syz.1.209,6435,1):ocfs2_create:678 ERROR: status = -2
[   84.872208][ T5847] (syz-executor,5847,0):ocfs2_inode_is_valid_to_delete:928 ERROR: Skipping delete of root inode.
[   84.889645][ T5847] ocfs2: Unmounting device (7,1) on (node local)
[   85.237664][ T6452] loop0: detected capacity change from 0 to 32768
[   85.377014][   T52] usb 3-1: new full-speed USB device number 4 using dummy_hcd
[   85.390158][ T6466] loop1: detected capacity change from 0 to 128
[   85.412483][ T6466] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[   85.418066][ T6466] hpfs: filesystem error: improperly stopped
[   85.420556][ T6466] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[   85.423445][ T6466] hpfs: You really don't want any checks? You are crazy...
[   85.427366][ T6466] hpfs: hpfs_map_sector(): read error
[   85.429495][ T6466] hpfs: code page support is disabled
[   85.433123][ T6466] hpfs: hpfs_map_4sectors(): unaligned read
[   85.435516][ T6466] hpfs: hpfs_map_4sectors(): unaligned read
[   85.438675][ T6466] hpfs: filesystem error: unable to find root dir
[   85.529725][   T52] usb 3-1: config 5 has an invalid interface number: 123 but max is 0
[   85.532878][   T52] usb 3-1: config 5 has no interface number 0
[   85.535325][   T52] usb 3-1: config 5 interface 123 altsetting 7 has an endpoint descriptor with address 0xEB, changing to 0x8B
[   85.539888][   T52] usb 3-1: config 5 interface 123 altsetting 7 endpoint 0x89 has invalid maxpacket 8981, setting to 64
[   85.544045][   T52] usb 3-1: config 5 interface 123 has no altsetting 0
[   85.550486][   T52] usb 3-1: New USB device found, idVendor=3923, idProduct=718a, bcdDevice=d8.d7
[   85.553912][   T52] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   85.561703][   T52] usb 3-1: Product: syz
[   85.563446][   T52] usb 3-1: Manufacturer: syz
[   85.565213][   T52] usb 3-1: SerialNumber: syz
[   85.572842][ T6456] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   85.727400][ T5915] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   85.812153][   T52] ni6501 3-1:5.123: driver 'ni6501' failed to auto-configure device.
[   85.842353][   T52] usb 3-1: USB disconnect, device number 4
[   85.879960][ T5915] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[   85.892720][ T5915] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   85.908795][ T5915] usb 2-1: config 0 descriptor??
[   85.920424][ T5915] cp210x 2-1:0.0: cp210x converter detected
[   86.120907][ T6478] loop0: detected capacity change from 0 to 32768
[   86.136086][ T6478] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[   86.169123][ T5855] ocfs2: Unmounting device (7,0) on (node local)
[   86.337549][ T5915] usb 2-1: cp210x converter now attached to ttyUSB0
[   86.371254][ T6484] loop0: detected capacity change from 0 to 1024
[   86.444440][ T6484] hfsplus: bad catalog entry type
[   86.532435][ T5915] usb 2-1: USB disconnect, device number 5
[   86.555501][ T5915] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[   86.574407][ T5915] cp210x 2-1:0.0: device disconnected
[   86.827329][ T6500] loop0: detected capacity change from 0 to 32768
[   86.833102][ T6500] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.239 (6500)
[   86.848850][   T96] cfg80211: failed to load regulatory.db
[   86.883930][ T6500] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   86.893277][ T6500] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[   86.898761][ T5915] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   86.968134][ T6500] BTRFS info (device loop0): enabling free space tree
[   86.998439][ T5855] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   87.082469][ T5915] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[   87.085702][ T5915] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0
[   87.105778][ T5915] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[   87.111625][ T5915] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[   87.131004][ T5915] usb 3-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=b5.39
[   87.133994][ T5915] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   87.145225][ T5915] usb 3-1: Product: syz
[   87.148849][ T5915] usb 3-1: Manufacturer: syz
[   87.150687][ T5915] usb 3-1: SerialNumber: syz
[   87.155761][ T5915] usb 3-1: config 0 descriptor??
[   87.172983][ T5915] usb 3-1: NFC: Unable to get FW version
[   87.175383][ T5915] pn533_usb 3-1:0.0: probe with driver pn533_usb failed with error -90
[   87.312849][ T6524] netlink: 8 bytes leftover after parsing attributes in process `syz.1.242'.
[   87.632108][  T794] usb 3-1: USB disconnect, device number 5
[   87.916808][   T24] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[   88.087767][   T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   88.114906][   T24] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[   88.120043][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   88.123270][   T24] usb 2-1: Product: syz
[   88.124996][   T24] usb 2-1: Manufacturer: syz
[   88.135391][   T24] usb 2-1: SerialNumber: syz
[   88.142330][   T24] usb 2-1: config 0 descriptor??
[   88.155538][   T24] yurex 2-1:0.0: Could not find endpoints
[   88.373126][   T96] usb 2-1: USB disconnect, device number 6
[   88.599289][ T6546] loop0: detected capacity change from 0 to 64
[   88.608052][ T6546] BFS-fs: bfs_fill_super(): loop0 is unclean, continuing
[   89.883294][ T5915] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   90.048851][ T5915] usb 3-1: Using ep0 maxpacket: 8
[   90.053805][ T5915] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   90.058578][ T5915] usb 3-1: New USB device found, idVendor=2833, idProduct=0201, bcdDevice=2a.d5
[   90.063142][ T5915] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   90.074911][ T5915] usb 3-1: config 0 descriptor??
[   90.088970][ T5915] uvcvideo 3-1:0.0: probe with driver uvcvideo failed with error -22
[   90.134679][ T6591] trusted_key: encrypted_key: keyword '5pdate' not recognized
[   90.296262][ T5915] usb 3-1: USB disconnect, device number 6
[   90.612073][ T6619] loop1: detected capacity change from 0 to 128
[   90.628596][ T6619] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   90.646078][ T6619] ext4 filesystem being mounted at /99/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   90.684078][ T5847] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   90.781274][ T6627] loop0: detected capacity change from 0 to 2048
[   90.798692][ T6627] EXT4-fs warning (device loop0): ext4_multi_mount_protect:318: fsck is running on the filesystem
[   90.802939][ T6627] EXT4-fs warning (device loop0): ext4_multi_mount_protect:318: MMP failure info: last update time: 1669132791, last update node: dvyukov-desk.muc.corp.google.com, last update device: loop4
[   90.892849][ T6631] loop2: detected capacity change from 0 to 256
[   92.243443][ T6682] netlink: 20 bytes leftover after parsing attributes in process `syz.0.313'.
[   92.258846][ T6685] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   92.279035][ T6684] gfs2: gfs2 mount does not exist
[   92.690480][ T6697] overlayfs: overlapping lowerdir path
[   93.656518][ T6703] syz.2.320 uses obsolete (PF_INET,SOCK_PACKET)
[   93.676404][ T6706] vlan2: entered allmulticast mode
[   93.682979][ T6706] hsr0: entered allmulticast mode
[   93.688998][ T6706] hsr_slave_0: entered allmulticast mode
[   93.691204][ T6706] hsr_slave_1: entered allmulticast mode
[   93.753036][ T6709] loop1: detected capacity change from 0 to 2048
[   93.787578][ T6709] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[   93.882834][ T5847] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[   93.940272][ T6719] netlink: 8 bytes leftover after parsing attributes in process `syz.1.326'.
[   94.289669][ T6735] loop1: detected capacity change from 0 to 8
[   94.379339][ T6726] loop2: detected capacity change from 0 to 32768
[   94.392353][ T6726] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.330 (6726)
[   94.429541][ T6726] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   94.437724][ T6726] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[   94.532307][ T6726] BTRFS info (device loop2): enabling ssd optimizations
[   94.544726][ T6726] BTRFS info (device loop2): enabling free space tree
[   94.658979][ T6759] loop1: detected capacity change from 0 to 1024
[   94.696053][ T5849] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   94.722391][ T6759] hfsplus: inconsistency in B*Tree (9,1,255,1,0)
[   94.731626][ T6759] hfsplus: inconsistency in B*Tree (9,1,255,1,0)
[   94.754867][   T32] hfsplus: b-tree write err: -5, ino 4
[   94.861639][ T6765] program syz.1.342 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   95.427718][ T6770] loop1: detected capacity change from 0 to 40427
[   95.436172][ T6770] F2FS-fs (loop1): invalid crc value
[   95.439566][ T6757] loop0: detected capacity change from 0 to 131072
[   95.445667][ T6757] F2FS-fs (loop0): Wrong CP boundary, start(512) end(1536) blocks(0)
[   95.448947][ T6757] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   95.488604][ T6757] F2FS-fs (loop0): invalid crc value
[   95.573657][ T6757] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   95.582232][ T6757] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   95.585539][ T6757] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[   95.619929][ T6770] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   95.625545][ T6770] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[   95.850334][ T5847] syz-executor: attempt to access beyond end of device
[   95.850334][ T5847] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   95.875342][ T5847] CPU: 1 UID: 0 PID: 5847 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[   95.875364][ T5847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   95.875372][ T5847] Call Trace:
[   95.875378][ T5847]  <TASK>
[   95.875385][ T5847]  dump_stack_lvl+0x189/0x250
[   95.875408][ T5847]  ? __pfx_dump_stack_lvl+0x10/0x10
[   95.875424][ T5847]  ? __pfx_queue_work_on+0x10/0x10
[   95.875443][ T5847]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   95.875462][ T5847]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   95.875489][ T5847]  f2fs_handle_critical_error+0x37c/0x540
[   95.875512][ T5847]  f2fs_write_end_io+0x886/0xb60
[   95.875545][ T5847]  __submit_merged_bio+0x27a/0x6a0
[   95.875567][ T5847]  __submit_merged_write_cond+0x255/0x530
[   95.875587][ T5847]  f2fs_write_data_pages+0x261d/0x3000
[   95.875627][ T5847]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   95.875669][ T5847]  ? __mod_zone_page_state+0xd7/0x140
[   95.875694][ T5847]  ? folios_put_refs+0x58b/0x670
[   95.875717][ T5847]  ? __pfx_folios_put_refs+0x10/0x10
[   95.875728][ T5847]  ? rcu_is_watching+0x15/0xb0
[   95.875754][ T5847]  ? __lock_acquire+0xab9/0xd20
[   95.875785][ T5847]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   95.875804][ T5847]  do_writepages+0x32e/0x550
[   95.875830][ T5847]  ? do_raw_spin_unlock+0x4d/0x240
[   95.875878][ T5847]  filemap_fdatawrite+0x199/0x240
[   95.875897][ T5847]  ? __pfx_filemap_fdatawrite+0x10/0x10
[   95.875952][ T5847]  ? do_raw_spin_unlock+0x4d/0x240
[   95.875969][ T5847]  f2fs_sync_dirty_inodes+0x31f/0x830
[   95.876001][ T5847]  f2fs_write_checkpoint+0x93e/0x2440
[   95.876020][ T5847]  ? __lock_acquire+0xab9/0xd20
[   95.876058][ T5847]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[   95.876121][ T5847]  kill_f2fs_super+0x2cc/0x6d0
[   95.876145][ T5847]  ? __pfx_kill_f2fs_super+0x10/0x10
[   95.876179][ T5847]  ? shrinker_free+0x2ce/0x3e0
[   95.876195][ T5847]  deactivate_locked_super+0xbc/0x130
[   95.876212][ T5847]  cleanup_mnt+0x425/0x4c0
[   95.876225][ T5847]  ? lockdep_hardirqs_on+0x9c/0x150
[   95.876248][ T5847]  task_work_run+0x1d4/0x260
[   95.876272][ T5847]  ? __pfx_task_work_run+0x10/0x10
[   95.876286][ T5847]  ? __x64_sys_umount+0x122/0x160
[   95.876305][ T5847]  ? exit_to_user_mode_loop+0x40/0x130
[   95.876325][ T5847]  exit_to_user_mode_loop+0xec/0x130
[   95.876342][ T5847]  do_syscall_64+0x2bd/0xfa0
[   95.876352][ T5847]  ? lockdep_hardirqs_on+0x9c/0x150
[   95.876370][ T5847]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.876383][ T5847]  ? exc_page_fault+0xab/0x100
[   95.876403][ T5847]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.876416][ T5847] RIP: 0033:0x7f4a2638fed7
[   95.876442][ T5847] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[   95.876453][ T5847] RSP: 002b:00007ffd6baab5d8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   95.876468][ T5847] RAX: 0000000000000000 RBX: 00007f4a26411c05 RCX: 00007f4a2638fed7
[   95.876476][ T5847] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd6baab690
[   95.876484][ T5847] RBP: 00007ffd6baab690 R08: 0000000000000000 R09: 0000000000000000
[   95.876492][ T5847] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd6baac720
[   95.876500][ T5847] R13: 00007f4a26411c05 R14: 0000000000017564 R15: 00007ffd6baac760
[   95.876522][ T5847]  </TASK>
[   95.876528][ T5847] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[   96.031583][ T6787] loop2: detected capacity change from 0 to 2048
[   96.058127][ T6787] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[   96.089570][ T5849] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.720532][ T6805] netlink: 'syz.0.345': attribute type 1 has an invalid length.
[   96.766697][ T5915] usb 3-1: new full-speed USB device number 7 using dummy_hcd
[   96.899216][ T6806] loop1: detected capacity change from 0 to 32768
[   96.941541][ T6806] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   96.951491][ T5915] usb 3-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid maxpacket 512, setting to 64
[   96.966025][ T5915] usb 3-1: config 0 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   96.966397][ T6806] XFS (loop1): Ending clean mount
[   96.971349][ T5915] usb 3-1: config 0 interface 0 has no altsetting 0
[   96.986803][ T5915] usb 3-1: New USB device found, idVendor=04e7, idProduct=0030, bcdDevice= 0.00
[   96.990405][ T5915] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   96.995413][ T6808] loop0: detected capacity change from 0 to 32768
[   96.996076][ T5915] usb 3-1: config 0 descriptor??
[   97.002961][ T6798] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   97.035959][ T6808] ocfs2: Slot 0 on device (7,0) was already allocated to this node!
[   97.045394][ T6808] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[   97.100126][ T5855] ocfs2: Unmounting device (7,0) on (node local)
[   97.128330][ T5847] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   97.435222][ T5915] elo 0003:04E7:0030.0001: unknown main item tag 0x0
[   97.441391][ T5915] elo 0003:04E7:0030.0001: item fetching failed at offset 3/5
[   97.444909][ T5915] elo 0003:04E7:0030.0001: parse failed
[   97.452789][ T5915] elo 0003:04E7:0030.0001: probe with driver elo failed with error -22
[   97.574864][ T6828] loop1: detected capacity change from 0 to 1024
[   97.578102][ T6828] EXT4-fs: Ignoring removed bh option
[   97.591183][ T6828] EXT4-fs (loop1): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   97.625037][ T6828] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.902920][   T52] usb 3-1: USB disconnect, device number 7
[   98.440750][ T5847] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.613718][ T6837] loop0: detected capacity change from 0 to 32768
[   98.651162][ T6837] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   98.680840][ T6837] XFS (loop0): Ending clean mount
[   98.727925][ T5855] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   99.029102][ T6843] loop1: detected capacity change from 0 to 32768
[   99.145353][ T6843] lmLogOpen: exit(-6)
[   99.153017][ T6843] jfs_mount_rw failed, return code = -6
[   99.719352][ T6890] loop0: detected capacity change from 0 to 512
[   99.724120][ T6890] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   99.754185][ T6890] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[   99.763833][ T6890] System zones: 0-2, 18-18, 34-34
[   99.795900][ T6890] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   99.801042][ T6890] ext4 filesystem being mounted at /137/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   99.866069][ T5855] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.266690][  T794] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  101.437121][  T794] usb 1-1: Using ep0 maxpacket: 8
[  101.446057][  T794] usb 1-1: unable to get BOS descriptor or descriptor too short
[  101.458253][  T794] usb 1-1: config 9 has an invalid interface number: 240 but max is 0
[  101.465647][  T794] usb 1-1: config 9 has no interface number 0
[  101.474930][  T794] usb 1-1: config 9 interface 240 has no altsetting 0
[  101.486026][  T794] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a4, bcdDevice=74.94
[  101.490645][  T794] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  101.493887][  T794] usb 1-1: Product: syz
[  101.495762][  T794] usb 1-1: Manufacturer: syz
[  101.500103][  T794] usb 1-1: SerialNumber: syz
[  101.568996][ T6927] loop2: detected capacity change from 0 to 32768
[  101.583392][ T6927] journal_load_superblock: Cannot read journal superblock
[  101.589863][ T6927] (syz.2.397,6927,0):ocfs2_journal_init:973 ERROR: Linux journal layer error
[  101.593643][ T6927] (syz.2.397,6927,0):ocfs2_check_volume:2345 ERROR: Could not initialize journal!
[  101.597555][ T6927] (syz.2.397,6927,0):ocfs2_check_volume:2430 ERROR: status = -5
[  101.600643][ T6927] (syz.2.397,6927,0):ocfs2_mount_volume:1764 ERROR: status = -5
[  101.614999][ T6927] (syz.2.397,6927,0):ocfs2_fill_super:1177 ERROR: status = -5
[  101.730524][  T794] usbtest 1-1:9.240: couldn't get endpoints, -22
[  101.741235][  T794] usbtest 1-1:9.240: probe with driver usbtest failed with error -22
[  101.754473][  T794] usb 1-1: USB disconnect, device number 4
[  102.365125][ T6942] loop0: detected capacity change from 0 to 512
[  102.375109][ T6942] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  102.420128][ T6942] EXT4-fs (loop0): 1 orphan inode deleted
[  102.422754][ T6942] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  102.432055][ T6942] ext4 filesystem being mounted at /141/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  102.450205][ T1091] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  102.455790][ T1091] EXT4-fs error (device loop0): ext4_release_dquot:6979: comm kworker/u10:5: Failed to release dquot type 1
[  102.465885][ T5855] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.598218][ T6958] loop0: detected capacity change from 0 to 1024
[  102.616770][   T33] audit: type=1800 audit(1757508890.513:3): pid=6958 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.409" name="file1" dev="loop0" ino=26 res=0 errno=0
[  102.663815][   T33] audit: type=1326 audit(1757508890.553:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6960 comm="syz.1.411" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f4a2638eba9 code=0x0
[  104.470188][ T6981] loop2: detected capacity change from 0 to 7
[  104.487396][ T6981] Dev loop2: unable to read RDB block 7
[  104.492814][ T6981]  loop2: unable to read partition table
[  104.495340][ T6981] loop2: partition table beyond EOD, truncated
[  104.510374][ T6981] loop_reread_partitions: partition scan of loop2 (被x ) failed (rc=-5)
[  104.620780][ T6988] loop0: detected capacity change from 0 to 256
[  104.676857][ T5915] usb 3-1: new full-speed USB device number 8 using dummy_hcd
[  104.802399][ T6996] loop1: detected capacity change from 0 to 2048
[  104.822209][ T6996] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  104.854439][ T5915] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0
[  104.859391][ T5915] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xB3, changing to 0x83
[  104.865131][ T5915] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[  104.876666][ T5915] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  104.891442][ T5915] usb 3-1: New USB device found, idVendor=077d, idProduct=627a, bcdDevice= 0.10
[  104.895130][ T5915] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  104.904284][ T5915] usb 3-1: Product: syz
[  104.906727][ T5915] usb 3-1: Manufacturer: syz
[  104.908731][ T5915] usb 3-1: SerialNumber: syz
[  104.916222][ T5915] usb 3-1: config 0 descriptor??
[  104.925694][ T5915] radioshark2 3-1:0.0: Invalid radioSHARK2 device
[  104.938936][ T5915] radioshark2 3-1:0.0: probe with driver radioshark2 failed with error -22
[  105.024409][ T7005] netlink: 'syz.1.428': attribute type 10 has an invalid length.
[  105.062457][ T7005] team0: Port device netdevsim0 added
[  105.145903][ T5915] usb 3-1: USB disconnect, device number 8
[  105.319039][ T7022] netlink: 4 bytes leftover after parsing attributes in process `syz.0.436'.
[  105.406081][ T7026] 8021q: adding VLAN 0 to HW filter on device batadv1
[  105.410737][ T7026] team0: Port device batadv1 added
[  105.619852][ T7039] netlink: 'syz.0.443': attribute type 10 has an invalid length.
[  105.625072][ T7039] batman_adv: batadv0: Adding interface: wlan0
[  105.628848][ T7039] batman_adv: batadv0: The MTU of interface wlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  105.638911][ T7039] batman_adv: batadv0: Interface activated: wlan0
[  105.764497][ T7046] loop0: detected capacity change from 0 to 1024
[  105.780087][ T7046] EXT4-fs: Ignoring removed nobh option
[  105.788440][ T7046] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  105.825773][ T7046] EXT4-fs error (device loop0): ext4_ext_check_inode:523: inode #11: comm syz.0.448: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  105.840712][ T7046] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.448: couldn't read orphan inode 11 (err -117)
[  105.840768][ T7048] ip6erspan0: entered promiscuous mode
[  105.850894][ T7046] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  105.935820][ T7046] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.448: Invalid block bitmap block 0 in block_group 0
[  105.945777][ T7046] Quota error (device loop0): write_blk: dquota write failed
[  105.977980][ T7046] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  105.981601][ T7046] EXT4-fs error (device loop0): ext4_acquire_dquot:6943: comm syz.0.448: Failed to acquire dquot type 0
[  106.008506][ T7051] EXT4-fs error (device loop0): ext4_read_block_bitmap_nowait:483: comm syz.0.448: Invalid block bitmap block 0 in block_group 0
[  106.082521][ T5855] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.276735][ T7054] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  107.415286][ T7090] loop2: detected capacity change from 0 to 1024
[  107.447716][ T7054] usb 1-1: Using ep0 maxpacket: 32
[  107.467407][ T7054] usb 1-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  107.471181][ T7054] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.497483][ T7054] usb 1-1: config 0 descriptor??
[  107.541486][ T7098] netlink: 104 bytes leftover after parsing attributes in process `syz.1.470'.
[  107.663146][ T7101] netlink: 40 bytes leftover after parsing attributes in process `syz.1.471'.
[  107.668602][ T7101] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  107.671952][ T7101] IPv6: NLM_F_CREATE should be set when creating new route
[  107.674864][ T7101] IPv6: NLM_F_CREATE should be set when creating new route
[  107.713735][ T7054] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  107.730465][ T7054] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  107.747449][ T7054] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  107.749946][ T7054] usb 1-1: media controller created
[  107.786422][ T7054] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  107.919721][ T7102] loop2: detected capacity change from 0 to 32768
[  107.920963][ T7054] az6027: usb out operation failed. (-71)
[  107.937141][ T7054] az6027: usb out operation failed. (-71)
[  107.938970][ T7102] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.472 (7102)
[  107.939472][ T7054] stb0899_attach: Driver disabled by Kconfig
[  107.964374][ T7054] az6027: no front-end attached
[  107.964374][ T7054] 
[  107.972151][ T7054] az6027: usb out operation failed. (-71)
[  107.974816][ T7054] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  107.975275][ T7102] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  107.982398][ T7054] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input4
[  107.993018][ T7102] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  108.037460][ T7054] dvb-usb: schedule remote query interval to 400 msecs.
[  108.040375][ T7054] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  108.097785][ T7054] usb 1-1: USB disconnect, device number 5
[  108.120385][ T4650] BTRFS warning (device loop2): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  108.147788][ T7102] BTRFS error (device loop2): failed to load root extent
[  108.150344][ T7102] BTRFS warning (device loop2): try to load backup roots slot 1
[  108.154554][   T54] BTRFS warning (device loop2): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  108.166048][ T7102] BTRFS warning (device loop2): couldn't read tree root
[  108.173888][ T7102] BTRFS warning (device loop2): try to load backup roots slot 2
[  108.179114][   T54] BTRFS error (device loop2): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  108.183267][ T7102] BTRFS warning (device loop2): couldn't read tree root
[  108.186100][ T7102] BTRFS warning (device loop2): try to load backup roots slot 3
[  108.209405][ T7102] BTRFS info (device loop2): checking UUID tree
[  108.214296][ T7102] BTRFS info (device loop2): setting nodatasum
[  108.222054][ T7102] BTRFS info (device loop2): setting nodatacow
[  108.234515][ T7102] BTRFS info (device loop2): enabling ssd optimizations
[  108.243625][ T7102] BTRFS info (device loop2): turning on flush-on-commit
[  108.267299][ T7102] BTRFS info (device loop2): enabling free space tree
[  108.272303][ T7054] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  108.274213][ T7102] BTRFS info (device loop2): enabling auto defrag
[  108.282887][ T7102] BTRFS info (device loop2): trying to use backup root at mount time
[  108.286358][ T7102] BTRFS info (device loop2): max_inline set to 0
[  108.428298][ T5849] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  108.956056][ T7156] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  108.963763][ T7156] overlayfs: failed to set xattr on upper
[  108.966481][ T7156] overlayfs: ...falling back to redirect_dir=nofollow.
[  108.977154][ T7156] overlayfs: ...falling back to index=off.
[  108.980921][ T7156] overlayfs: ...falling back to uuid=null.
[  108.988653][ T7156] overlayfs: ...falling back to xino=off.
[  108.991164][ T7156] overlayfs: conflicting lowerdir path
[  109.002695][   T33] audit: type=1326 audit(1757508896.903:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7159 comm="syz.0.491" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc59618eba9 code=0x0
[  109.082361][ T7164] loop2: detected capacity change from 0 to 1024
[  109.121911][ T7164] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  109.562558][ T7187] loop1: detected capacity change from 0 to 2048
[  109.570965][ T7187] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  109.686781][ T5888] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  109.827799][ T7192] loop1: detected capacity change from 0 to 32768
[  109.835881][ T7192] bcachefs (/dev/loop1): error validating superblock: Invalid superblock: optional field extends past end of superblock (type 1)
[  109.841421][ T7192] bcachefs: bch2_fs_get_tree() error: invalid_sb_field_size
[  109.877422][ T5888] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  109.891620][ T5888] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  109.909495][ T5888] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  109.913583][ T5888] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  109.925454][ T5888] usb 3-1: SerialNumber: syz
[  110.064332][ T7200] loop1: detected capacity change from 0 to 128
[  110.077499][ T7200] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  110.082433][ T7200] hpfs: filesystem error: improperly stopped
[  110.096449][ T7200] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  110.100750][ T7200] hpfs: You really don't want any checks? You are crazy...
[  110.109785][ T7200] hpfs: hpfs_map_sector(): read error
[  110.112112][ T7200] hpfs: code page support is disabled
[  110.114975][ T7200] hpfs: hpfs_map_4sectors(): unaligned read
[  110.122409][ T7200] hpfs: hpfs_map_4sectors(): unaligned read
[  110.124931][ T7200] hpfs: filesystem error: unable to find root dir
[  110.150954][ T5888] usb 3-1: 0:2 : does not exist
[  110.213863][ T5888] usb 3-1: USB disconnect, device number 9
[  110.370033][ T7203] loop0: detected capacity change from 0 to 32768
[  110.375467][ T7203] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.511 (7203)
[  110.389146][ T7203] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  110.394347][ T7203] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  110.483414][ T7203] BTRFS info (device loop0): rebuilding free space tree
[  110.491594][ T7203] BTRFS info (device loop0): setting nodatasum
[  110.494722][ T7203] BTRFS info (device loop0): enabling ssd optimizations
[  110.497144][ T7203] BTRFS info (device loop0): enabling free space tree
[  110.499874][ T7203] BTRFS info (device loop0): force clearing of disk cache
[  110.502890][ T7203] BTRFS info (device loop0): enabling auto defrag
[  110.505601][ T7203] BTRFS info (device loop0): force zlib compression, level 3
[  110.670206][ T7230] loop1: detected capacity change from 0 to 512
[  111.334388][ T5855] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  111.874846][ T7236] loop2: detected capacity change from 0 to 32768
[  111.964158][ T7236] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  112.079690][ T7236] XFS (loop2): Ending clean mount
[  112.108561][ T7236] XFS (loop2): Quotacheck needed: Please wait.
[  112.197876][ T7236] XFS (loop2): Quotacheck: Done.
[  112.365875][ T5849] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  112.553450][ T7238] loop0: detected capacity change from 0 to 32768
[  112.592027][ T7238] find_entry called with index >= next_index
[  112.959507][ T7264] loop1: detected capacity change from 0 to 32768
[  112.969576][ T7264] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.529 (7264)
[  112.978500][ T7264] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  112.981683][ T7264] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  113.005653][ T7264] BTRFS info (device loop1): rebuilding free space tree
[  113.015886][ T7264] BTRFS info (device loop1): checking UUID tree
[  113.019573][ T7264] BTRFS info (device loop1): enabling ssd optimizations
[  113.022277][ T7264] BTRFS info (device loop1): turning on async discard
[  113.024369][ T7264] BTRFS info (device loop1): enabling free space tree
[  113.027131][ T7264] BTRFS info (device loop1): force clearing of disk cache
[  113.029678][ T7264] BTRFS info (device loop1): force zlib compression, level 3
[  113.114079][ T5847] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  113.916762][ T5915] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  114.035363][ T7302] loop2: detected capacity change from 0 to 40427
[  114.040097][ T7302] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  114.043343][ T7302] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  114.046867][ T5902] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  114.077758][ T5915] usb 2-1: Using ep0 maxpacket: 8
[  114.089786][ T5915] usb 2-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  114.095285][ T5915] usb 2-1: config 0 interface 0 altsetting 0 has an invalid endpoint descriptor of length 2, skipping
[  114.102744][ T5915] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  114.111984][ T5915] usb 2-1: New USB device found, idVendor=04e8, idProduct=ff30, bcdDevice=a6.d1
[  114.115678][ T5915] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  114.120823][ T7302] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  114.122011][ T5915] usb 2-1: Product: syz
[  114.125923][ T7302] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  114.126070][ T5915] usb 2-1: Manufacturer: syz
[  114.130041][ T7302] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  114.132380][ T5915] usb 2-1: SerialNumber: syz
[  114.143110][ T5915] usb 2-1: config 0 descriptor??
[  114.154445][ T5915] imon_raw 2-1:0.0: IR endpoint missing
[  114.198374][ T5902] usb 1-1: Using ep0 maxpacket: 32
[  114.204023][ T5902] usb 1-1: config 0 interface 0 altsetting 7 endpoint 0x81 has invalid wMaxPacketSize 0
[  114.212465][ T5902] usb 1-1: config 0 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 10
[  114.219998][ T5902] usb 1-1: config 0 interface 0 has no altsetting 0
[  114.222601][ T5902] usb 1-1: New USB device found, idVendor=20bc, idProduct=5500, bcdDevice= 0.00
[  114.226412][ T5902] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.232844][ T5902] usb 1-1: config 0 descriptor??
[  114.354082][ T5915] usb 2-1: USB disconnect, device number 7
[  114.728272][ T5902] betop 0003:20BC:5500.0002: unbalanced collection at end of report description
[  114.732700][ T5902] betop 0003:20BC:5500.0002: parse failed
[  114.735258][ T5902] betop 0003:20BC:5500.0002: probe with driver betop failed with error -22
[  114.865568][ T7313] tmpfs: Unknown parameter 'quot'
[  115.054864][ T5902] usb 1-1: USB disconnect, device number 6
[  115.684320][ T7323] loop1: detected capacity change from 0 to 32768
[  115.784940][ T7338] loop2: detected capacity change from 0 to 1764
[  115.811232][ T7338] loop2: detected capacity change from 0 to 128
[  115.815875][ T7338] omfs: Bad value for 'dmask'
[  115.820838][ T7338] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  115.831493][ T7338] CIFS mount error: No usable UNC path provided in device string!
[  115.831493][ T7338] 
[  115.835715][ T7338] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  116.221133][ T7353] loop1: detected capacity change from 0 to 4096
[  116.238826][ T7353] EXT4-fs (loop1): Test dummy encryption mode enabled
[  116.244014][ T7353] EXT4-fs (loop1): unsupported descriptor size 255
[  116.807572][ T7364] TCP: tcp_parse_options: Illegal window scaling value 254 > 14 received
[  117.129103][ T7372] loop2: detected capacity change from 0 to 4096
[  117.248214][ T7374] input: syz0 as /devices/virtual/input/input5
[  117.631074][ T7370] loop0: detected capacity change from 0 to 131072
[  117.635452][ T7370] F2FS-fs (loop0): Wrong CP boundary, start(512) end(1536) blocks(0)
[  117.639198][ T7370] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  117.647778][ T7370] F2FS-fs (loop0): invalid crc value
[  117.717751][ T7370] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  117.723616][ T7370] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  117.726534][ T7370] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  118.579421][ T7414] loop2: detected capacity change from 0 to 4096
[  118.616007][ T7423] mmap: syz.1.588 (7423) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  118.631994][ T7425] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  118.894782][ T7434] loop1: detected capacity change from 0 to 2048
[  118.913291][ T7434] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found!
[  118.926390][ T7434] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  118.972110][ T7439] loop2: detected capacity change from 0 to 22
[  118.974865][ T7439] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  118.983683][ T7439] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  119.088645][ T7444] evm: overlay not supported
[  119.121642][ T7447] nfs: Deprecated parameter 'nointr'
[  119.307024][ T5888] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  119.322111][ T7456] Driver unsupported XDP return value 0 on prog  (id 56) dev N/A, expect packet loss!
[  119.360272][ T7457] loop1: detected capacity change from 0 to 4096
[  119.364506][ T7457] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  119.413254][ T7457] ntfs3(loop1): ino=19, mi_enum_attr
[  119.415628][ T7457] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  119.461225][ T5888] usb 3-1: New USB device found, idVendor=0644, idProduct=800f, bcdDevice=c5.77
[  119.465328][ T5888] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  119.471271][ T5888] usb 3-1: Product: syz
[  119.473260][ T5888] usb 3-1: Manufacturer: syz
[  119.475247][ T5888] usb 3-1: SerialNumber: syz
[  119.491334][ T5888] usb 3-1: config 0 descriptor??
[  119.498363][ T5888] usb 3-1: disable ehci-hcd to run US-144
[  119.701420][ T5888] usb 3-1: USB disconnect, device number 10
[  119.849254][ T7482] loop1: detected capacity change from 0 to 256
[  119.892482][ T7482] FAT-fs (loop1): Directory bread(block 64) failed
[  119.894491][ T7482] FAT-fs (loop1): Directory bread(block 65) failed
[  119.899895][ T7482] FAT-fs (loop1): Directory bread(block 66) failed
[  119.902659][ T7482] FAT-fs (loop1): Directory bread(block 67) failed
[  119.905259][ T7482] FAT-fs (loop1): Directory bread(block 68) failed
[  119.908253][ T7482] FAT-fs (loop1): Directory bread(block 69) failed
[  119.912516][ T7482] FAT-fs (loop1): Directory bread(block 70) failed
[  119.926412][ T7482] FAT-fs (loop1): Directory bread(block 71) failed
[  119.934944][ T7482] FAT-fs (loop1): Directory bread(block 72) failed
[  119.938072][ T7482] FAT-fs (loop1): Directory bread(block 73) failed
[  119.964441][ T7484] nbd: must specify a size in bytes for the device
[  120.109393][ T7491] loop0: detected capacity change from 0 to 1024
[  120.112383][ T7491] EXT4-fs: Ignoring removed nomblk_io_submit option
[  120.162456][ T7491] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  120.611598][ T7514] loop1: detected capacity change from 0 to 8
[  120.625516][ T5855] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.689561][ T7516] loop1: detected capacity change from 0 to 1024
[  120.696324][ T7516] hfsplus: Filesystem is marked locked, mounting read-only.
[  120.710150][ T7516] hfsplus: filesystem is marked locked, leaving read-only.
[  120.748314][   T96] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  120.759108][ T7518] netlink: 36 bytes leftover after parsing attributes in process `syz.0.627'.
[  120.862044][ T7520] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  120.925610][ T7524] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  120.932288][ T7524] batman_adv: batadv0: Removing interface: batadv_slave_0
[  120.935921][ T7524] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  120.945499][ T7522] block nbd0: NBD_DISCONNECT
[  120.945821][ T7524] batman_adv: batadv0: Removing interface: batadv_slave_1
[  120.950192][ T7522] block nbd0: Send disconnect failed -22
[  120.955231][ T7522] block nbd0: Send disconnect failed -22
[  120.956223][   T96] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  120.960993][ T7521] block nbd0: Disconnected due to user request.
[  120.963459][ T7521] block nbd0: shutting down sockets
[  120.970035][   T96] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  120.972708][   T96] usb 3-1: Product: syz
[  120.974113][   T96] usb 3-1: Manufacturer: syz
[  120.975677][   T96] usb 3-1: SerialNumber: syz
[  121.211933][   T96] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000098. ret = -EPROTO
[  121.223806][   T96] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): lan78xx_setup_irq_domain() failed : -71
[  121.235305][   T96] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  121.246541][   T96] lan78xx 3-1:1.0: probe with driver lan78xx failed with error -71
[  121.262532][   T96] usb 3-1: USB disconnect, device number 11
[  121.469688][ T7533] loop1: detected capacity change from 0 to 32768
[  121.475672][ T7540] netlink: 'syz.0.640': attribute type 11 has an invalid length.
[  121.484749][ T7533] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  121.919385][   T96] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  122.078772][   T96] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  122.082810][   T96] usb 1-1: New USB device found, idVendor=046a, idProduct=0023, bcdDevice= 0.00
[  122.086118][   T96] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.103169][   T96] usb 1-1: config 0 descriptor??
[  122.143431][ T5847] ocfs2: Unmounting device (7,1) on (node local)
[  122.248435][ T7551] Invalid logical block size (268435456)
[  122.503078][ T7564] loop1: detected capacity change from 0 to 2048
[  122.531192][ T7564] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  122.537740][   T96] cherry 0003:046A:0023.0003: unbalanced delimiter at end of report description
[  122.543303][   T96] cherry 0003:046A:0023.0003: probe with driver cherry failed with error -22
[  122.585605][ T7564] UDF-fs: error (device loop1): udf_fiiter_advance_blk: extent after position 232 not allocated in directory (ino 1376)
[  122.654243][ T7570] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  122.668940][ T7570] team0: Device ipvlan2 is already an upper device of the team interface
[  122.749489][ T5888] usb 1-1: USB disconnect, device number 7
[  123.002113][ T7572] loop1: detected capacity change from 0 to 40427
[  123.005709][ T7572] F2FS-fs (loop1): build fault injection rate: 771
[  123.017786][ T7572] F2FS-fs (loop1): invalid crc value
[  123.082628][ T7572] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  123.091525][ T7572] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  123.098862][ T7578] loop2: detected capacity change from 0 to 32768
[  123.105227][ T7578] (syz.2.656,7578,0):ocfs2_verify_volume:2306 ERROR: bad block number on superblock: found 138608642, should be 2
[  123.110506][ T7578] (syz.2.656,7578,0):ocfs2_verify_volume:2329 ERROR: status = -22
[  123.113679][ T7578] (syz.2.656,7578,0):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  123.130425][ T7578] (syz.2.656,7578,0):ocfs2_fill_super:1177 ERROR: status = -22
[  123.195528][ T5847] F2FS-fs (loop1): access invalid blkaddr:2816
[  123.210522][ T5847] CPU: 1 UID: 0 PID: 5847 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  123.210562][ T5847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  123.210571][ T5847] Call Trace:
[  123.210577][ T5847]  <TASK>
[  123.210583][ T5847]  dump_stack_lvl+0x189/0x250
[  123.210621][ T5847]  ? __pfx_dump_stack_lvl+0x10/0x10
[  123.210637][ T5847]  ? __pfx_f2fs_get_dnode_of_data+0x10/0x10
[  123.210665][ T5847]  __f2fs_is_valid_blkaddr+0xe52/0x14f0
[  123.210689][ T5847]  f2fs_map_blocks+0xd84/0x4130
[  123.210714][ T5847]  ? __page_table_check_zero+0x350/0x530
[  123.210751][ T5847]  ? __pfx_f2fs_map_blocks+0x10/0x10
[  123.210770][ T5847]  ? xa_load+0x60/0x210
[  123.210792][ T5847]  ? xa_load+0x1ea/0x210
[  123.210812][ T5847]  f2fs_mpage_readpages+0xc1b/0x1ba0
[  123.210843][ T5847]  ? __pfx_f2fs_mpage_readpages+0x10/0x10
[  123.210857][ T5847]  ? __folio_batch_add_and_move+0x192/0xc60
[  123.210882][ T5847]  ? f2fs_readahead+0x177/0x330
[  123.210901][ T5847]  read_pages+0x17a/0x580
[  123.210924][ T5847]  ? __pfx_read_pages+0x10/0x10
[  123.210945][ T5847]  ? filemap_add_folio+0x35f/0x540
[  123.210975][ T5847]  page_cache_ra_unbounded+0x6b0/0x7b0
[  123.211009][ T5847]  f2fs_readdir+0x49b/0xa60
[  123.211043][ T5847]  ? __pfx_f2fs_readdir+0x10/0x10
[  123.211071][ T5847]  ? down_read_killable+0x1d1/0x350
[  123.211089][ T5847]  iterate_dir+0x399/0x570
[  123.211109][ T5847]  __se_sys_getdents64+0xe4/0x260
[  123.211126][ T5847]  ? __pfx___se_sys_getdents64+0x10/0x10
[  123.211139][ T5847]  ? __pfx_filldir64+0x10/0x10
[  123.211153][ T5847]  ? do_user_addr_fault+0xc8a/0x1390
[  123.211172][ T5847]  ? do_syscall_64+0xbe/0xfa0
[  123.211186][ T5847]  do_syscall_64+0xfa/0xfa0
[  123.211196][ T5847]  ? lockdep_hardirqs_on+0x9c/0x150
[  123.211213][ T5847]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.211225][ T5847]  ? exc_page_fault+0xab/0x100
[  123.211241][ T5847]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.211252][ T5847] RIP: 0033:0x7f4a263c1513
[  123.211266][ T5847] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 82 3e f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  123.211276][ T5847] RSP: 002b:00007ffd6baaa4a8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  123.211291][ T5847] RAX: ffffffffffffffda RBX: 000055556a692600 RCX: 00007f4a263c1513
[  123.211330][ T5847] RDX: 0000000000008000 RSI: 000055556a692600 RDI: 0000000000000005
[  123.211338][ T5847] RBP: 000055556a6925d4 R08: 0000000000000000 R09: 0000000000000000
[  123.211345][ T5847] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  123.211353][ T5847] R13: 0000000000000010 R14: 000055556a6925d0 R15: 00007ffd6baac760
[  123.211377][ T5847]  </TASK>
[  123.331064][ T5847] F2FS-fs (loop1): access invalid blkaddr:2816
[  123.333649][ T5847] CPU: 0 UID: 0 PID: 5847 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  123.333664][ T5847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  123.333669][ T5847] Call Trace:
[  123.333674][ T5847]  <TASK>
[  123.333679][ T5847]  dump_stack_lvl+0x189/0x250
[  123.333695][ T5847]  ? __pfx_dump_stack_lvl+0x10/0x10
[  123.333704][ T5847]  ? __pfx_f2fs_get_dnode_of_data+0x10/0x10
[  123.333712][ T5847]  ? __f2fs_is_valid_blkaddr+0xe5f/0x14f0
[  123.333730][ T5847]  __f2fs_is_valid_blkaddr+0xe52/0x14f0
[  123.333744][ T5847]  f2fs_map_blocks+0xd84/0x4130
[  123.333760][ T5847]  ? __page_table_check_zero+0x350/0x530
[  123.333782][ T5847]  ? __pfx_f2fs_map_blocks+0x10/0x10
[  123.333793][ T5847]  ? xa_load+0x60/0x210
[  123.333807][ T5847]  ? xa_load+0x1ea/0x210
[  123.333817][ T5847]  f2fs_mpage_readpages+0xc1b/0x1ba0
[  123.333835][ T5847]  ? __pfx_f2fs_mpage_readpages+0x10/0x10
[  123.333845][ T5847]  ? __folio_batch_add_and_move+0x192/0xc60
[  123.333861][ T5847]  ? f2fs_readahead+0x177/0x330
[  123.333872][ T5847]  read_pages+0x17a/0x580
[  123.333886][ T5847]  ? __pfx_read_pages+0x10/0x10
[  123.333903][ T5847]  ? filemap_add_folio+0x35f/0x540
[  123.333932][ T5847]  page_cache_ra_unbounded+0x6b0/0x7b0
[  123.333959][ T5847]  f2fs_readdir+0x49b/0xa60
[  123.333990][ T5847]  ? __pfx_f2fs_readdir+0x10/0x10
[  123.334021][ T5847]  ? down_read_killable+0x1d1/0x350
[  123.334041][ T5847]  iterate_dir+0x399/0x570
[  123.334059][ T5847]  __se_sys_getdents64+0xe4/0x260
[  123.334078][ T5847]  ? __pfx___se_sys_getdents64+0x10/0x10
[  123.334091][ T5847]  ? __pfx_filldir64+0x10/0x10
[  123.334106][ T5847]  ? do_user_addr_fault+0xc8a/0x1390
[  123.334127][ T5847]  ? do_syscall_64+0xbe/0xfa0
[  123.334139][ T5847]  do_syscall_64+0xfa/0xfa0
[  123.334148][ T5847]  ? lockdep_hardirqs_on+0x9c/0x150
[  123.334165][ T5847]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.334177][ T5847]  ? exc_page_fault+0xab/0x100
[  123.334194][ T5847]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  123.334206][ T5847] RIP: 0033:0x7f4a263c1513
[  123.334220][ T5847] Code: c1 66 0f 1f 44 00 00 48 83 c4 08 48 89 ef 5b 5d e9 82 3e f8 ff 66 90 b8 ff ff ff 7f 48 39 c2 48 0f 47 d0 b8 d9 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 05 c3 0f 1f 40 00 48 c7 c2 a8 ff ff ff f7 d8
[  123.334230][ T5847] RSP: 002b:00007ffd6baaa4a8 EFLAGS: 00000293 ORIG_RAX: 00000000000000d9
[  123.334243][ T5847] RAX: ffffffffffffffda RBX: 000055556a692600 RCX: 00007f4a263c1513
[  123.334251][ T5847] RDX: 0000000000008000 RSI: 000055556a692600 RDI: 0000000000000005
[  123.334258][ T5847] RBP: 000055556a6925d4 R08: 0000000000000000 R09: 0000000000000000
[  123.334266][ T5847] R10: 0000000000001000 R11: 0000000000000293 R12: ffffffffffffffa8
[  123.334274][ T5847] R13: 0000000000000010 R14: 000055556a6925d0 R15: 00007ffd6baac760
[  123.334326][ T5847]  </TASK>
[  123.334717][ T5847] syz-executor: attempt to access beyond end of device
[  123.334717][ T5847] loop1: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  123.508409][   T54] kworker/u9:2: attempt to access beyond end of device
[  123.508409][   T54] loop1: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  123.516445][   T54] CPU: 0 UID: 0 PID: 54 Comm: kworker/u9:2 Not tainted syzkaller #0 PREEMPT(full) 
[  123.516458][   T54] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  123.516464][   T54] Workqueue: writeback wb_workfn (flush-7:1)
[  123.516479][   T54] Call Trace:
[  123.516482][   T54]  <TASK>
[  123.516487][   T54]  dump_stack_lvl+0x189/0x250
[  123.516500][   T54]  ? __pfx_dump_stack_lvl+0x10/0x10
[  123.516509][   T54]  ? __pfx_queue_work_on+0x10/0x10
[  123.516520][   T54]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  123.516531][   T54]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  123.516546][   T54]  f2fs_handle_critical_error+0x37c/0x540
[  123.516580][   T54]  f2fs_write_end_io+0x886/0xb60
[  123.516606][   T54]  __submit_merged_bio+0x27a/0x6a0
[  123.516624][   T54]  __submit_merged_write_cond+0x255/0x530
[  123.516641][   T54]  f2fs_write_data_pages+0x261d/0x3000
[  123.516680][   T54]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  123.516697][   T54]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  123.516719][   T54]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  123.516735][   T54]  ? trace_f2fs_writepages+0x7f/0x200
[  123.516745][   T54]  ? f2fs_write_node_pages+0x478/0x6e0
[  123.516756][   T54]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  123.516772][   T54]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  123.516783][   T54]  do_writepages+0x32e/0x550
[  123.516795][   T54]  ? reacquire_held_locks+0x127/0x1d0
[  123.516806][   T54]  ? writeback_sb_inodes+0x384/0x1010
[  123.516819][   T54]  __writeback_single_inode+0x145/0xff0
[  123.516828][   T54]  ? do_raw_spin_unlock+0x4d/0x240
[  123.516838][   T54]  writeback_sb_inodes+0x6c7/0x1010
[  123.516859][   T54]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  123.516886][   T54]  ? rcu_is_watching+0x15/0xb0
[  123.516901][   T54]  wb_writeback+0x43b/0xaf0
[  123.516916][   T54]  ? queue_io+0x371/0x590
[  123.516925][   T54]  ? __pfx_wb_writeback+0x10/0x10
[  123.516938][   T54]  ? _raw_spin_unlock_irq+0x23/0x50
[  123.516950][   T54]  wb_workfn+0x409/0xef0
[  123.516965][   T54]  ? __pfx_wb_workfn+0x10/0x10
[  123.516974][   T54]  ? __lock_acquire+0xab9/0xd20
[  123.516988][   T54]  ? process_scheduled_works+0x9ef/0x17b0
[  123.517002][   T54]  ? _raw_spin_unlock_irq+0x23/0x50
[  123.517011][   T54]  ? process_scheduled_works+0x9ef/0x17b0
[  123.517021][   T54]  ? process_scheduled_works+0x9ef/0x17b0
[  123.517032][   T54]  process_scheduled_works+0xae1/0x17b0
[  123.517055][   T54]  ? __pfx_process_scheduled_works+0x10/0x10
[  123.517073][   T54]  worker_thread+0x8a0/0xda0
[  123.517096][   T54]  kthread+0x711/0x8a0
[  123.517105][   T54]  ? __pfx_worker_thread+0x10/0x10
[  123.517115][   T54]  ? __pfx_kthread+0x10/0x10
[  123.517124][   T54]  ? _raw_spin_unlock_irq+0x23/0x50
[  123.517133][   T54]  ? lockdep_hardirqs_on+0x9c/0x150
[  123.517144][   T54]  ? __pfx_kthread+0x10/0x10
[  123.517152][   T54]  ret_from_fork+0x47f/0x820
[  123.517164][   T54]  ? __pfx_ret_from_fork+0x10/0x10
[  123.517177][   T54]  ? __switch_to_asm+0x39/0x70
[  123.517186][   T54]  ? __switch_to_asm+0x33/0x70
[  123.517194][   T54]  ? __pfx_kthread+0x10/0x10
[  123.517202][   T54]  ret_from_fork_asm+0x1a/0x30
[  123.517220][   T54]  </TASK>
[  123.626333][    C0] vkms_vblank_simulate: vblank timer overrun
[  123.640167][   T54] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  123.643076][   T54] CPU: 0 UID: 0 PID: 54 Comm: kworker/u9:2 Not tainted syzkaller #0 PREEMPT(full) 
[  123.643096][   T54] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  123.643105][   T54] Workqueue: writeback wb_workfn (flush-7:1)
[  123.643126][   T54] Call Trace:
[  123.643132][   T54]  <TASK>
[  123.643138][   T54]  dump_stack_lvl+0x189/0x250
[  123.643160][   T54]  ? __pfx_dump_stack_lvl+0x10/0x10
[  123.643175][   T54]  ? __pfx_queue_work_on+0x10/0x10
[  123.643193][   T54]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  123.643212][   T54]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  123.643241][   T54]  f2fs_handle_critical_error+0x37c/0x540
[  123.643295][   T54]  f2fs_write_end_io+0x886/0xb60
[  123.643332][   T54]  __submit_merged_bio+0x27a/0x6a0
[  123.643355][   T54]  __submit_merged_write_cond+0x255/0x530
[  123.643379][   T54]  f2fs_write_data_pages+0x261d/0x3000
[  123.643429][   T54]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  123.643461][   T54]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  123.643506][   T54]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  123.643536][   T54]  ? trace_f2fs_writepages+0x7f/0x200
[  123.643554][   T54]  ? f2fs_write_node_pages+0x478/0x6e0
[  123.643576][   T54]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  123.643606][   T54]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  123.643625][   T54]  do_writepages+0x32e/0x550
[  123.643647][   T54]  ? reacquire_held_locks+0x127/0x1d0
[  123.643675][   T54]  ? writeback_sb_inodes+0x384/0x1010
[  123.643699][   T54]  __writeback_single_inode+0x145/0xff0
[  123.643714][   T54]  ? do_raw_spin_unlock+0x4d/0x240
[  123.643733][   T54]  writeback_sb_inodes+0x6c7/0x1010
[  123.643773][   T54]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  123.643826][   T54]  ? rcu_is_watching+0x15/0xb0
[  123.643854][   T54]  wb_writeback+0x43b/0xaf0
[  123.643875][   T54]  ? queue_io+0x371/0x590
[  123.643893][   T54]  ? __pfx_wb_writeback+0x10/0x10
[  123.643915][   T54]  ? _raw_spin_unlock_irq+0x23/0x50
[  123.643938][   T54]  wb_workfn+0x409/0xef0
[  123.643965][   T54]  ? __pfx_wb_workfn+0x10/0x10
[  123.643983][   T54]  ? __lock_acquire+0xab9/0xd20
[  123.644027][   T54]  ? process_scheduled_works+0x9ef/0x17b0
[  123.644053][   T54]  ? _raw_spin_unlock_irq+0x23/0x50
[  123.644069][   T54]  ? process_scheduled_works+0x9ef/0x17b0
[  123.644086][   T54]  ? process_scheduled_works+0x9ef/0x17b0
[  123.644106][   T54]  process_scheduled_works+0xae1/0x17b0
[  123.644154][   T54]  ? __pfx_process_scheduled_works+0x10/0x10
[  123.644189][   T54]  worker_thread+0x8a0/0xda0
[  123.644232][   T54]  kthread+0x711/0x8a0
[  123.644250][   T54]  ? __pfx_worker_thread+0x10/0x10
[  123.644292][   T54]  ? __pfx_kthread+0x10/0x10
[  123.644309][   T54]  ? _raw_spin_unlock_irq+0x23/0x50
[  123.644326][   T54]  ? lockdep_hardirqs_on+0x9c/0x150
[  123.644342][   T54]  ? __pfx_kthread+0x10/0x10
[  123.644356][   T54]  ret_from_fork+0x47f/0x820
[  123.644378][   T54]  ? __pfx_ret_from_fork+0x10/0x10
[  123.644404][   T54]  ? __switch_to_asm+0x39/0x70
[  123.644419][   T54]  ? __switch_to_asm+0x33/0x70
[  123.644434][   T54]  ? __pfx_kthread+0x10/0x10
[  123.644450][   T54]  ret_from_fork_asm+0x1a/0x30
[  123.644483][   T54]  </TASK>
[  123.645213][   T54] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  123.690247][ T7583] loop0: detected capacity change from 0 to 32768
[  123.811002][ T7583] ocfs2: Mounting device (7,0) on (node local, slot 0) with writeback data mode.
[  123.888753][ T5855] ocfs2: Unmounting device (7,0) on (node local)
[  123.990870][ T5881] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.010366][ T5881] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  124.133728][ T5881] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.138273][ T5881] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  124.210187][ T5881] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.213527][ T5881] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  124.252024][ T7597] loop0: detected capacity change from 0 to 256
[  124.317800][ T5915] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  124.322721][ T5881] team0: Port device netdevsim0 removed
[  124.328540][ T5881] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  124.336904][ T5881] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20000 - 0
[  124.472391][ T5856] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  124.478058][ T5915] usb 3-1: Using ep0 maxpacket: 8
[  124.482516][ T5915] usb 3-1: config 0 has an invalid interface number: 229 but max is 0
[  124.485265][ T5915] usb 3-1: config 0 has no interface number 0
[  124.489334][ T5856] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  124.493246][ T5856] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  124.496030][ T5856] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  124.499100][ T5856] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  124.524879][ T5915] usb 3-1: New USB device found, idVendor=0830, idProduct=0003, bcdDevice=9a.68
[  124.540094][ T5915] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.543420][ T5915] usb 3-1: Product: syz
[  124.544948][ T5915] usb 3-1: Manufacturer: syz
[  124.554867][ T5915] usb 3-1: SerialNumber: syz
[  124.568835][ T5915] usb 3-1: config 0 descriptor??
[  124.574043][ T5915] usb 3-1: active config #0 != 1 ??
[  124.600459][ T7604] loop0: detected capacity change from 0 to 4096
[  124.625452][ T7605] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  124.645432][ T5881] bridge_slave_1: left allmulticast mode
[  124.649210][ T5881] bridge_slave_1: left promiscuous mode
[  124.654213][ T5881] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.672592][ T5881] bridge_slave_0: left allmulticast mode
[  124.678693][ T5881] bridge_slave_0: left promiscuous mode
[  124.682821][   T33] audit: type=1800 audit(1757509168.586:6): pid=7604 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.667" name="file1" dev="loop0" ino=15 res=0 errno=0
[  124.683086][ T5881] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.781433][    T9] usb 3-1: USB disconnect, device number 12
[  125.421686][ T5881] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  125.434221][ T5881] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  125.445599][ T5881] bond0 (unregistering): Released all slaves
[  125.505587][ T7600] lo speed is unknown, defaulting to 1000
[  125.560926][ T5881] IPVS: stopping master sync thread 6216 ...
[  125.657021][    T9] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  125.817204][    T9] usb 3-1: Using ep0 maxpacket: 16
[  125.829982][    T9] usb 3-1: config 0 has an invalid interface number: 24 but max is 0
[  125.833271][    T9] usb 3-1: config 0 has no interface number 0
[  125.838811][    T9] usb 3-1: config 0 interface 24 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  125.846885][    T9] usb 3-1: config 0 interface 24 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  125.850791][    T9] usb 3-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00
[  125.870724][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.889526][    T9] usb 3-1: config 0 descriptor??
[  125.979571][ T5881] hsr_slave_0: left promiscuous mode
[  125.984584][ T5881] hsr_slave_1: left promiscuous mode
[  126.019726][ T5881] veth1_macvtap: left promiscuous mode
[  126.022385][ T5881] veth0_macvtap: left promiscuous mode
[  126.029245][ T5881] veth1_vlan: left promiscuous mode
[  126.031517][ T5881] veth0_vlan: left promiscuous mode
[  126.175557][ T5881] team0 (unregistering): Port device batadv1 removed
[  126.322568][    T9] hid (null): unknown global tag 0x39
[  126.324796][    T9] hid (null): report_id 0 is invalid
[  126.522856][    T9] usb 3-1: USB disconnect, device number 13
[  126.535887][   T57] Bluetooth: hci0: command tx timeout
[  126.643416][ T5881] team0 (unregistering): Port device team_slave_1 removed
[  126.681433][ T5881] team0 (unregistering): Port device team_slave_0 removed
[  127.103579][ T7600] chnl_net:caif_netlink_parms(): no params data found
[  127.323518][ T7600] bridge0: port 1(bridge_slave_0) entered blocking state
[  127.326128][ T7600] bridge0: port 1(bridge_slave_0) entered disabled state
[  127.336468][ T7600] bridge_slave_0: entered allmulticast mode
[  127.347460][ T7600] bridge_slave_0: entered promiscuous mode
[  127.359129][ T7600] bridge0: port 2(bridge_slave_1) entered blocking state
[  127.361725][ T7600] bridge0: port 2(bridge_slave_1) entered disabled state
[  127.363962][ T7600] bridge_slave_1: entered allmulticast mode
[  127.370392][ T7600] bridge_slave_1: entered promiscuous mode
[  127.434742][ T7600] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  127.452726][ T7600] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  127.528239][   T96] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  127.573331][ T7600] team0: Port device team_slave_0 added
[  127.585072][ T7600] team0: Port device team_slave_1 added
[  127.622301][ T7600] batman_adv: batadv0: Adding interface: batadv_slave_0
[  127.626707][ T7600] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  127.636130][ T7600] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  127.642120][ T7600] batman_adv: batadv0: Adding interface: batadv_slave_1
[  127.644500][ T7600] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  127.667204][ T7600] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  127.677194][   T96] usb 3-1: Using ep0 maxpacket: 32
[  127.680986][   T96] usb 3-1: config 2 has an invalid interface number: 45 but max is 0
[  127.686381][   T96] usb 3-1: config 2 has no interface number 0
[  127.693681][   T96] usb 3-1: config 2 interface 45 altsetting 0 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  127.699642][   T96] usb 3-1: config 2 interface 45 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  127.716434][   T96] usb 3-1: New USB device found, idVendor=0d46, idProduct=0078, bcdDevice=82.92
[  127.726641][   T96] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.729351][   T96] usb 3-1: Product: syz
[  127.735017][   T96] usb 3-1: Manufacturer: syz
[  127.738790][   T96] usb 3-1: SerialNumber: syz
[  127.750459][   T96] kobil_sct 3-1:2.45: KOBIL USB smart card terminal converter detected
[  127.782708][ T7600] hsr_slave_0: entered promiscuous mode
[  127.786503][ T7600] hsr_slave_1: entered promiscuous mode
[  127.790016][ T7600] debugfs: 'hsr0' already exists in 'hsr'
[  127.792182][ T7600] Cannot create hsr debugfs directory
[  127.845563][ T7663] random: crng reseeded on system resumption
[  127.881399][ T7663] loop0: detected capacity change from 0 to 2048
[  128.186168][   T96] usb 3-1: KOBIL USB smart card terminal converter now attached to ttyUSB0
[  128.223261][ T7665] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  128.278694][ T7663] NILFS error (device loop0): nilfs_lookup: deleted inode referenced: 12
[  128.307811][ T7663] Remounting filesystem read-only
[  128.559515][ T7600] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  128.583045][ T7600] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  128.596767][   T57] Bluetooth: hci0: command tx timeout
[  128.612382][ T7600] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  128.651784][ T7600] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  128.710162][   T96] usb 3-1: USB disconnect, device number 14
[  128.728494][   T96] kobil ttyUSB0: KOBIL USB smart card terminal converter now disconnected from ttyUSB0
[  128.732635][   T96] kobil_sct 3-1:2.45: device disconnected
[  128.755214][ T5855] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer
[  128.876373][ T7600] 8021q: adding VLAN 0 to HW filter on device bond0
[  128.889371][ T7600] 8021q: adding VLAN 0 to HW filter on device team0
[  128.945638][ T7600] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  128.954570][ T7600] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  128.973216][ T7685] loop0: detected capacity change from 0 to 256
[  129.014130][ T4650] bridge0: port 1(bridge_slave_0) entered blocking state
[  129.016500][ T4650] bridge0: port 1(bridge_slave_0) entered forwarding state
[  129.041364][ T4650] bridge0: port 2(bridge_slave_1) entered blocking state
[  129.044411][ T4650] bridge0: port 2(bridge_slave_1) entered forwarding state
[  129.395327][ T7685] FAT-fs (loop0): Directory bread(block 64) failed
[  129.408659][ T7685] FAT-fs (loop0): Directory bread(block 65) failed
[  129.410953][ T7685] FAT-fs (loop0): Directory bread(block 66) failed
[  129.413295][ T7685] FAT-fs (loop0): Directory bread(block 67) failed
[  129.415999][ T7685] FAT-fs (loop0): Directory bread(block 68) failed
[  129.423394][ T7685] FAT-fs (loop0): Directory bread(block 69) failed
[  129.437201][ T7685] FAT-fs (loop0): Directory bread(block 70) failed
[  129.446848][ T7685] FAT-fs (loop0): Directory bread(block 71) failed
[  129.457765][ T7685] FAT-fs (loop0): Directory bread(block 72) failed
[  129.459843][ T7685] FAT-fs (loop0): Directory bread(block 73) failed
[  129.489901][ T7600] 8021q: adding VLAN 0 to HW filter on device batadv0
[  129.540831][ T7600] veth0_vlan: entered promiscuous mode
[  129.547616][ T7600] veth1_vlan: entered promiscuous mode
[  129.574502][ T7600] veth0_macvtap: entered promiscuous mode
[  129.580420][ T7600] veth1_macvtap: entered promiscuous mode
[  129.593578][ T7600] batman_adv: batadv0: Interface activated: batadv_slave_0
[  129.601851][ T7600] batman_adv: batadv0: Interface activated: batadv_slave_1
[  129.612071][ T5716] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  129.615544][ T5716] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  129.619747][ T5716] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  129.625509][ T5716] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  129.894164][ T4650] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.903859][ T4650] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.961951][ T1202] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.964854][ T1202] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.973064][ T7707] loop2: detected capacity change from 0 to 2048
[  130.006213][ T7708] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  130.039173][ T7707] NILFS (loop2): vblocknr = 12 has abnormal lifetime: start cno (= 150994946) > current cno (= 3)
[  130.043044][ T7707] NILFS error (device loop2): nilfs_bmap_truncate: broken bmap (inode number=16)
[  130.060754][ T7707] Remounting filesystem read-only
[  130.062611][ T7707] NILFS (loop2): error -5 truncating bmap (ino=16)
[  130.111513][ T5849] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer
[  130.216163][ T7717] netlink: 36 bytes leftover after parsing attributes in process `syz.2.696'.
[  130.679703][   T57] Bluetooth: hci0: command tx timeout
[  130.956705][ T7754] cgroup: No subsys list or none specified
[  131.781888][ T7763] loop2: detected capacity change from 0 to 32768
[  131.789986][ T7763] xfs: Unknown parameter 'ikeep'
[  131.868395][   T10] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  132.047633][   T10] usb 4-1: Using ep0 maxpacket: 8
[  132.052922][   T10] usb 4-1: config 0 interface 0 has no altsetting 0
[  132.059790][   T10] usb 4-1: New USB device found, idVendor=0e41, idProduct=4142, bcdDevice=d4.6e
[  132.063273][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.071692][   T10] usb 4-1: Product: syz
[  132.075767][   T10] usb 4-1: Manufacturer: syz
[  132.081288][   T10] usb 4-1: SerialNumber: syz
[  132.090200][   T10] usb 4-1: config 0 descriptor??
[  132.121087][   T10] snd_usb_toneport 4-1:0.0: Line 6 TonePort UX2 found
[  132.373648][   T10] snd_usb_toneport 4-1:0.0: Line 6 TonePort UX2 now disconnected
[  132.398717][   T10] snd_usb_toneport 4-1:0.0: probe with driver snd_usb_toneport failed with error -22
[  132.513612][ T7781] netlink: 24 bytes leftover after parsing attributes in process `syz.2.716'.
[  132.579110][ T7054] usb 4-1: USB disconnect, device number 2
[  132.757504][   T57] Bluetooth: hci0: command tx timeout
[  132.934672][ T1362] ieee802154 phy0 wpan0: encryption failed: -22
[  132.944085][ T1362] ieee802154 phy1 wpan1: encryption failed: -22
[  133.347613][ T7838] loop2: detected capacity change from 0 to 40427
[  133.432855][ T7838] F2FS-fs (loop2): invalid crc value
[  133.488682][ T7838] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  133.493830][ T7838] F2FS-fs (loop2): Start checkpoint disabled!
[  133.503285][ T7838] F2FS-fs (loop2): f2fs_disable_checkpoint() finish, err:0
[  133.511549][ T7838] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  133.599024][   T33] audit: type=1800 audit(1757509177.496:7): pid=7851 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.717" name="bus" dev="loop2" ino=10 res=0 errno=0
[  133.663677][ T7851] syz.2.717: attempt to access beyond end of device
[  133.663677][ T7851] loop2: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  133.698413][ T7851] syz.2.717: attempt to access beyond end of device
[  133.698413][ T7851] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  133.714959][ T7855] pimreg: entered allmulticast mode
[  133.721595][ T7851] syz.2.717: attempt to access beyond end of device
[  133.721595][ T7851] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  133.822247][ T7851] syz.2.717: attempt to access beyond end of device
[  133.822247][ T7851] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  133.849478][ T7851] syz.2.717: attempt to access beyond end of device
[  133.849478][ T7851] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  133.924264][ T7851] syz.2.717: attempt to access beyond end of device
[  133.924264][ T7851] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  133.956035][ T7851] syz.2.717: attempt to access beyond end of device
[  133.956035][ T7851] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  134.011971][ T7851] syz.2.717: attempt to access beyond end of device
[  134.011971][ T7851] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  134.049474][ T7851] syz.2.717: attempt to access beyond end of device
[  134.049474][ T7851] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  134.075922][ T7858] loop0: detected capacity change from 0 to 16384
[  134.108441][ T7851] syz.2.717: attempt to access beyond end of device
[  134.108441][ T7851] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  134.342139][ T7858] bcachefs (loop0): starting version 1.13: inode_has_child_snapshots opts=metadata_checksum=none,data_checksum=crc64,erasure_code,fix_errors=ask,nochanges,norecovery,recovery_pass_last=reconstruct_snapshots,read_only,reconstruct_alloc,version_upgrade=none,nocow
[  134.342165][ T7858]   features: new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  134.410848][ T7871] loop3: detected capacity change from 0 to 1024
[  134.439910][ T7858] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  134.453894][ T7858] bcachefs (loop0): recovering from clean shutdown, journal seq 18
[  134.476239][ T7858] bcachefs (loop0): dropping and reconstructing all alloc info
[  134.605661][ T7858] bcachefs (loop0): accounting_read... done
[  134.657781][ T7858] bcachefs (loop0): alloc_read... done
[  134.661310][ T7858] bcachefs (loop0): snapshots_read... done
[  134.665666][ T7858] bcachefs (loop0): done starting filesystem
[  134.960918][ T5855] bcachefs (loop0): shutting down
[  135.053093][ T5855] bcachefs (loop0): shutdown complete
[  135.116485][ T4215] CPU: 0 UID: 0 PID: 4215 Comm: kworker/u9:5 Not tainted syzkaller #0 PREEMPT(full) 
[  135.116503][ T4215] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  135.116509][ T4215] Workqueue: writeback wb_workfn (flush-7:2)
[  135.116526][ T4215] Call Trace:
[  135.116530][ T4215]  <TASK>
[  135.116535][ T4215]  dump_stack_lvl+0x189/0x250
[  135.116574][ T4215]  ? __pfx_dump_stack_lvl+0x10/0x10
[  135.116586][ T4215]  ? __pfx_queue_work_on+0x10/0x10
[  135.116599][ T4215]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  135.116612][ T4215]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  135.116629][ T4215]  f2fs_handle_critical_error+0x37c/0x540
[  135.116652][ T4215]  f2fs_write_end_io+0x886/0xb60
[  135.116674][ T4215]  __submit_merged_bio+0x27a/0x6a0
[  135.116688][ T4215]  __submit_merged_write_cond+0x255/0x530
[  135.116702][ T4215]  f2fs_write_data_pages+0x261d/0x3000
[  135.116731][ T4215]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  135.116750][ T4215]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  135.116775][ T4215]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  135.116793][ T4215]  ? trace_f2fs_writepages+0x7f/0x200
[  135.116805][ T4215]  ? f2fs_write_node_pages+0x478/0x6e0
[  135.116818][ T4215]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  135.116836][ T4215]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  135.116848][ T4215]  do_writepages+0x32e/0x550
[  135.116862][ T4215]  ? reacquire_held_locks+0x127/0x1d0
[  135.116876][ T4215]  ? writeback_sb_inodes+0x384/0x1010
[  135.116891][ T4215]  __writeback_single_inode+0x145/0xff0
[  135.116920][ T4215]  ? do_raw_spin_unlock+0x4d/0x240
[  135.116935][ T4215]  writeback_sb_inodes+0x6c7/0x1010
[  135.116967][ T4215]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  135.117012][ T4215]  ? rcu_is_watching+0x15/0xb0
[  135.117033][ T4215]  wb_writeback+0x43b/0xaf0
[  135.117055][ T4215]  ? queue_io+0x371/0x590
[  135.117071][ T4215]  ? __pfx_wb_writeback+0x10/0x10
[  135.117091][ T4215]  ? _raw_spin_unlock_irq+0x23/0x50
[  135.117112][ T4215]  wb_workfn+0x409/0xef0
[  135.117135][ T4215]  ? __pfx_wb_workfn+0x10/0x10
[  135.117148][ T4215]  ? __lock_acquire+0xab9/0xd20
[  135.117171][ T4215]  ? process_scheduled_works+0x9ef/0x17b0
[  135.117216][ T4215]  ? _raw_spin_unlock_irq+0x23/0x50
[  135.117233][ T4215]  ? process_scheduled_works+0x9ef/0x17b0
[  135.117249][ T4215]  ? process_scheduled_works+0x9ef/0x17b0
[  135.117266][ T4215]  process_scheduled_works+0xae1/0x17b0
[  135.117305][ T4215]  ? __pfx_process_scheduled_works+0x10/0x10
[  135.117337][ T4215]  worker_thread+0x8a0/0xda0
[  135.117357][ T4215]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  135.117381][ T4215]  ? __kthread_parkme+0x7b/0x200
[  135.117401][ T4215]  kthread+0x711/0x8a0
[  135.117418][ T4215]  ? __pfx_worker_thread+0x10/0x10
[  135.117436][ T4215]  ? __pfx_kthread+0x10/0x10
[  135.117452][ T4215]  ? _raw_spin_unlock_irq+0x23/0x50
[  135.117468][ T4215]  ? lockdep_hardirqs_on+0x9c/0x150
[  135.117484][ T4215]  ? __pfx_kthread+0x10/0x10
[  135.117498][ T4215]  ret_from_fork+0x47f/0x820
[  135.117517][ T4215]  ? __pfx_ret_from_fork+0x10/0x10
[  135.117539][ T4215]  ? __switch_to_asm+0x39/0x70
[  135.117554][ T4215]  ? __switch_to_asm+0x33/0x70
[  135.117569][ T4215]  ? __pfx_kthread+0x10/0x10
[  135.117584][ T4215]  ret_from_fork_asm+0x1a/0x30
[  135.117613][ T4215]  </TASK>
[  135.276097][ T4215] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  135.280088][ T4215] CPU: 0 UID: 0 PID: 4215 Comm: kworker/u9:5 Not tainted syzkaller #0 PREEMPT(full) 
[  135.280108][ T4215] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  135.280116][ T4215] Workqueue: writeback wb_workfn (flush-7:2)
[  135.280136][ T4215] Call Trace:
[  135.280141][ T4215]  <TASK>
[  135.280148][ T4215]  dump_stack_lvl+0x189/0x250
[  135.280169][ T4215]  ? __pfx_dump_stack_lvl+0x10/0x10
[  135.280222][ T4215]  ? __pfx_queue_work_on+0x10/0x10
[  135.280240][ T4215]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  135.280259][ T4215]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  135.280286][ T4215]  f2fs_handle_critical_error+0x37c/0x540
[  135.280312][ T4215]  f2fs_write_end_io+0x886/0xb60
[  135.280347][ T4215]  __submit_merged_bio+0x27a/0x6a0
[  135.280369][ T4215]  __submit_merged_write_cond+0x255/0x530
[  135.280393][ T4215]  f2fs_write_data_pages+0x261d/0x3000
[  135.280442][ T4215]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  135.280473][ T4215]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  135.280515][ T4215]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  135.280545][ T4215]  ? trace_f2fs_writepages+0x7f/0x200
[  135.280563][ T4215]  ? f2fs_write_node_pages+0x478/0x6e0
[  135.280585][ T4215]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  135.280644][ T4215]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  135.280666][ T4215]  do_writepages+0x32e/0x550
[  135.280689][ T4215]  ? reacquire_held_locks+0x127/0x1d0
[  135.280709][ T4215]  ? writeback_sb_inodes+0x384/0x1010
[  135.280734][ T4215]  __writeback_single_inode+0x145/0xff0
[  135.280750][ T4215]  ? do_raw_spin_unlock+0x4d/0x240
[  135.280769][ T4215]  writeback_sb_inodes+0x6c7/0x1010
[  135.280808][ T4215]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  135.280858][ T4215]  ? rcu_is_watching+0x15/0xb0
[  135.280885][ T4215]  wb_writeback+0x43b/0xaf0
[  135.280910][ T4215]  ? queue_io+0x371/0x590
[  135.280928][ T4215]  ? __pfx_wb_writeback+0x10/0x10
[  135.280950][ T4215]  ? _raw_spin_unlock_irq+0x23/0x50
[  135.280973][ T4215]  wb_workfn+0x409/0xef0
[  135.281003][ T4215]  ? __pfx_wb_workfn+0x10/0x10
[  135.281020][ T4215]  ? __lock_acquire+0xab9/0xd20
[  135.281048][ T4215]  ? process_scheduled_works+0x9ef/0x17b0
[  135.281073][ T4215]  ? _raw_spin_unlock_irq+0x23/0x50
[  135.281089][ T4215]  ? process_scheduled_works+0x9ef/0x17b0
[  135.281106][ T4215]  ? process_scheduled_works+0x9ef/0x17b0
[  135.281124][ T4215]  process_scheduled_works+0xae1/0x17b0
[  135.281169][ T4215]  ? __pfx_process_scheduled_works+0x10/0x10
[  135.281235][ T4215]  worker_thread+0x8a0/0xda0
[  135.281255][ T4215]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  135.281279][ T4215]  ? __kthread_parkme+0x7b/0x200
[  135.281297][ T4215]  kthread+0x711/0x8a0
[  135.281315][ T4215]  ? __pfx_worker_thread+0x10/0x10
[  135.281331][ T4215]  ? __pfx_kthread+0x10/0x10
[  135.281345][ T4215]  ? _raw_spin_unlock_irq+0x23/0x50
[  135.281360][ T4215]  ? lockdep_hardirqs_on+0x9c/0x150
[  135.281376][ T4215]  ? __pfx_kthread+0x10/0x10
[  135.281391][ T4215]  ret_from_fork+0x47f/0x820
[  135.281412][ T4215]  ? __pfx_ret_from_fork+0x10/0x10
[  135.281451][ T4215]  ? __switch_to_asm+0x39/0x70
[  135.281467][ T4215]  ? __switch_to_asm+0x33/0x70
[  135.281481][ T4215]  ? __pfx_kthread+0x10/0x10
[  135.281497][ T4215]  ret_from_fork_asm+0x1a/0x30
[  135.281532][ T4215]  </TASK>
[  135.282648][ T4215] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  135.718251][   T33] audit: type=1326 audit(1757509179.616:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7874 comm="syz.3.731" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7a878eba9 code=0x7fc00000
[  135.733438][   T33] audit: type=1326 audit(1757509179.616:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7874 comm="syz.3.731" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc7a878eba9 code=0x7fc00000
[  136.515910][ T7901] netlink: 24 bytes leftover after parsing attributes in process `syz.0.740'.
[  136.519423][ T7901] netlink: 56 bytes leftover after parsing attributes in process `syz.0.740'.
[  136.522395][ T7901] netlink: 'syz.0.740': attribute type 10 has an invalid length.
[  136.785156][ T7913] loop3: detected capacity change from 0 to 512
[  136.827000][ T7913] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.835303][ T7913] ext4 filesystem being mounted at /20/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  137.061586][ T7600] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.181519][ T7922] lo speed is unknown, defaulting to 1000
[  137.668629][ T7938] Zero length message leads to an empty skb
[  137.875590][ T7941] netlink: 182 bytes leftover after parsing attributes in process `syz.2.754'.
[  138.159203][ T7946] loop3: detected capacity change from 0 to 8
[  138.168016][ T7946] squashfs image failed sanity check
[  138.359162][ T7957] tipc: Started in network mode
[  138.361846][ T7957] tipc: Node identity 3299c0002c4c, cluster identity 4711
[  138.365297][ T7957] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  138.435271][ T7957] syzkaller0: entered promiscuous mode
[  138.438333][ T7957] syzkaller0: entered allmulticast mode
[  138.441379][ T7957] tipc: Resetting bearer <eth:syzkaller0>
[  138.479645][ T7955] tipc: Resetting bearer <eth:syzkaller0>
[  139.251586][   T57] Bluetooth: hci1: command tx timeout
[  139.465387][   T24] tipc: Node number set to 517324800
[  140.304181][ T7955] tipc: Disabling bearer <eth:syzkaller0>
[  140.325068][ T7966] geneve2: entered promiscuous mode
[  141.177725][ T8013] netlink: 12 bytes leftover after parsing attributes in process `syz.0.781'.
[  141.186075][ T8013] xfrm1: entered promiscuous mode
[  141.195290][ T8013] xfrm1: entered allmulticast mode
[  141.353473][ T8003] loop3: detected capacity change from 0 to 32768
[  141.358190][ T8003] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.777 (8003)
[  141.371537][ T8003] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  141.378568][ T8003] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  141.427062][   T24] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  141.454373][ T8003] BTRFS info (device loop3): enabling ssd optimizations
[  141.460738][ T8003] BTRFS info (device loop3): enabling free space tree
[  141.538650][ T7600] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  141.589334][   T24] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  141.593289][   T24] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  141.624265][   T24] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  141.645011][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  141.649698][   T24] usb 3-1: SerialNumber: syz
[  141.874820][   T24] usb 3-1: 0:2 : does not exist
[  141.914079][   T24] usb 3-1: USB disconnect, device number 15
[  141.970128][ T5848] udevd[5848]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  141.973597][ T8059] loop3: detected capacity change from 0 to 256
[  142.007883][   T33] audit: type=1800 audit(1757509185.906:10): pid=8059 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.790" name="file1" dev="loop3" ino=1048627 res=0 errno=0
[  142.434265][   T24] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  142.596778][   T24] usb 4-1: Using ep0 maxpacket: 8
[  142.610990][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  142.620112][   T24] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  142.626118][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.632881][   T24] usb 4-1: config 0 descriptor??
[  142.770595][ T8071] loop0: detected capacity change from 0 to 32768
[  142.795738][ T8071] read_mapping_page failed!
[  142.797885][ T8071] jfs_create: dtInsert returned -EIO
[  142.801734][ T8071] ERROR: (device loop0): jfs_create: 
[  142.801734][ T8071] 
[  142.806509][ T8071] ERROR: (device loop0): remounting filesystem as read-only
[  142.845631][   T24] iowarrior 4-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  142.887511][ T7054] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  143.056855][ T7054] usb 3-1: Using ep0 maxpacket: 8
[  143.063905][ T7054] usb 3-1: config 5 has an invalid interface number: 52 but max is 1
[  143.069085][ T7054] usb 3-1: config 5 has an invalid interface number: 4 but max is 1
[  143.072349][ T7054] usb 3-1: config 5 has an invalid descriptor of length 0, skipping remainder of the config
[  143.076351][ T7054] usb 3-1: config 5 has no interface number 0
[  143.080074][ T7054] usb 3-1: config 5 has no interface number 1
[  143.082515][ T7054] usb 3-1: config 5 interface 52 altsetting 10 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  143.088959][ T7054] usb 3-1: config 5 interface 4 altsetting 9 endpoint 0x5 has invalid wMaxPacketSize 0
[  143.092693][ T7054] usb 3-1: config 5 interface 4 altsetting 9 has 1 endpoint descriptor, different from the interface descriptor's value: 7
[  143.098844][ T7054] usb 3-1: config 5 interface 52 has no altsetting 0
[  143.101593][ T7054] usb 3-1: config 5 interface 4 has no altsetting 0
[  143.110865][ T7054] usb 3-1: New USB device found, idVendor=04b4, idProduct=0002, bcdDevice=e2.5c
[  143.114647][ T7054] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.118733][ T7054] usb 3-1: Product: syz
[  143.120602][ T7054] usb 3-1: Manufacturer: syz
[  143.122566][ T7054] usb 3-1: SerialNumber: syz
[  143.207190][    T9] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  143.259173][   T24] usb 4-1: USB disconnect, device number 3
[  143.338774][ T7054] cytherm 3-1:5.52: Cypress thermometer device now attached
[  143.344871][ T7054] cytherm 3-1:5.4: Cypress thermometer device now attached
[  143.350914][ T7054] usb 3-1: USB disconnect, device number 16
[  143.353921][ T7054] cytherm 3-1:5.52: Cypress thermometer now disconnected
[  143.356718][    T9] usb 1-1: Using ep0 maxpacket: 32
[  143.359056][    T9] usb 1-1: config 0 has an invalid interface number: 85 but max is 0
[  143.365643][ T7054] cytherm 3-1:5.4: Cypress thermometer now disconnected
[  143.365950][    T9] usb 1-1: config 0 has no interface number 0
[  143.374555][    T9] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x8 has invalid maxpacket 512, setting to 64
[  143.379786][    T9] usb 1-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  143.384037][    T9] usb 1-1: config 0 interface 85 has no altsetting 0
[  143.391601][    T9] usb 1-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  143.395199][    T9] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.398938][    T9] usb 1-1: Product: syz
[  143.400768][    T9] usb 1-1: Manufacturer: syz
[  143.402639][    T9] usb 1-1: SerialNumber: syz
[  143.407912][    T9] usb 1-1: config 0 descriptor??
[  143.621599][    T9] appletouch 1-1:0.85: Failed to read mode from device.
[  143.624858][    T9] appletouch 1-1:0.85: probe with driver appletouch failed with error -5
[  143.638872][    T9] usb 1-1: USB disconnect, device number 8
[  143.829661][ T8079] loop3: detected capacity change from 0 to 2048
[  143.848185][ T8079] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  143.854432][ T8079] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  144.054322][ T8087] loop2: detected capacity change from 0 to 512
[  144.099244][ T8087] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.116141][ T8087] ext4 filesystem being mounted at /228/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  144.144066][ T8087] Quota error (device loop2): find_block_dqentry: Quota for id 0 referenced but not present
[  144.176854][ T8087] Quota error (device loop2): qtree_read_dquot: Can't read quota structure for id 0
[  144.179981][ T8087] EXT4-fs error (device loop2): ext4_acquire_dquot:6943: comm syz.2.803: Failed to acquire dquot type 0
[  144.202217][ T8087] EXT4-fs (loop2): Remounting filesystem read-only
[  144.253329][ T5849] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.385017][ T8104] loop3: detected capacity change from 0 to 2048
[  144.430947][ T8104] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  144.490249][ T7054] usb 1-1: new low-speed USB device number 9 using dummy_hcd
[  144.659507][ T7054] usb 1-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  144.663137][ T7054] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.681102][ T7054] usb 1-1: config 0 descriptor??
[  144.691337][ T8110] loop3: detected capacity change from 0 to 32768
[  144.711150][ T8110] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.813 (8110)
[  144.742538][ T8110] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  144.754634][ T8110] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  144.814726][ T8110] BTRFS info (device loop3): enabling ssd optimizations
[  144.820465][ T8110] BTRFS info (device loop3): enabling free space tree
[  144.824276][ T8108] loop2: detected capacity change from 0 to 32768
[  144.852204][ T8108] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  144.898760][ T8108] (syz.2.812,8108,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=0, inode=3298534883393, rec_len=0, name_len=1
[  144.900599][ T7054] asix 1-1:0.0 (unnamed net_device) (uninitialized): invalid hw address, using random
[  144.914896][ T7600] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  144.926326][ T8108] (syz.2.812,8108,0):ocfs2_prepare_dir_for_insert:4302 ERROR: status = -2
[  144.939927][ T8108] (syz.2.812,8108,0):ocfs2_mknod:301 ERROR: status = -2
[  144.942666][ T8108] (syz.2.812,8108,0):ocfs2_mknod:505 ERROR: status = -2
[  144.945260][ T8108] (syz.2.812,8108,0):ocfs2_create:678 ERROR: status = -2
[  145.062233][ T5849] ocfs2: Unmounting device (7,2) on (node local)
[  145.138874][ T7054] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  145.142595][ T7054] asix 1-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[  145.170034][ T7054] asix 1-1:0.0: probe with driver asix failed with error -71
[  145.199854][ T7054] usb 1-1: USB disconnect, device number 9
[  145.323021][ T8135] loop2: detected capacity change from 0 to 1024
[  145.335001][ T8135] hfsplus: failed to load attributes file
[  145.520467][ T8143] I/O error, dev loop3, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  145.702991][ T8147] capability: warning: `syz.0.821' uses 32-bit capabilities (legacy support in use)
[  145.817112][ T5915] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[  145.822322][ T8139] loop2: detected capacity change from 0 to 40427
[  145.826337][ T8139] F2FS-fs (loop2): Invalid Fs Meta Ino: node(1) meta(33026) root(3)
[  145.836951][ T8139] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  145.845011][ T8139] F2FS-fs (loop2): build fault injection rate: 19
[  145.848645][ T8139] F2FS-fs (loop2): build fault injection type: 0x3bfe8c
[  145.855975][ T8139] F2FS-fs (loop2): invalid crc value
[  145.868724][ T8139] F2FS-fs (loop2): Mismatch valid blocks 2 vs. 4
[  145.879045][ T8139] F2FS-fs (loop2): Failed to initialize F2FS segment manager (-117)
[  146.001567][ T5915] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  146.026255][ T5915] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  146.033102][ T5915] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  146.037672][ T5915] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.044530][ T5915] usb 4-1: Product: syz
[  146.046257][ T5915] usb 4-1: Manufacturer: syz
[  146.052866][ T5915] usb 4-1: SerialNumber: syz
[  146.269797][ T5915] usb 4-1: 0:2 : does not exist
[  146.276039][ T5915] usb 4-1: 5:0: failed to get current value for ch 0 (-22)
[  146.293724][ T5915] usb 4-1: USB disconnect, device number 4
[  146.357828][ T5861] udevd[5861]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  146.421019][ T8168] xt_l2tp: missing protocol rule (udp|l2tpip)
[  147.066707][ T7054] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  147.326831][ T7054] usb 3-1: Using ep0 maxpacket: 16
[  147.341788][ T7054] usb 3-1: config 8 has an invalid interface number: 57 but max is 0
[  147.344640][ T7054] usb 3-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[  147.397691][ T7054] usb 3-1: config 8 has no interface number 0
[  147.401303][ T7054] usb 3-1: config 8 interface 57 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  147.421814][ T7054] usb 3-1: config 8 interface 57 has no altsetting 0
[  147.506278][ T7054] usb 3-1: New USB device found, idVendor=39c6, idProduct=8f68, bcdDevice=dd.44
[  148.045930][ T7054] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.226384][ T7054] usb 3-1: Product: syz
[  148.227822][ T7054] usb 3-1: Manufacturer: syz
[  148.229529][ T7054] usb 3-1: SerialNumber: syz
[  148.547668][ T7054] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  148.550367][ T7054] usb 3-1: MIDIStreaming interface descriptor not found
[  148.572245][ T7054] usb 3-1: USB disconnect, device number 17
[  148.626451][ T5858] udevd[5858]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:8.57/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  149.153844][ T8234] binder: 8233:8234 ioctl c0306201 200000000180 returned -14
[  149.259964][ T8240] loop2: detected capacity change from 0 to 64
[  149.556965][ T5856] Bluetooth: hci0: command 0x0405 tx timeout
[  150.345121][ T8273] loop3: detected capacity change from 0 to 256
[  150.350739][ T8273] exfat: Deprecated parameter 'utf8'
[  150.369487][ T8273] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[  150.751185][ T8277] loop3: detected capacity change from 0 to 32768
[  150.759504][ T8277] (syz.3.872,8277,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #66: rec_len % 4 != 0 - offset=108, inode=18446744073709486150, rec_len=65535, name_len=9
[  150.771295][ T8277] (syz.3.872,8277,0):ocfs2_init_global_system_inodes:465 ERROR: status = -22
[  150.781274][ T8277] (syz.3.872,8277,0):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 3, possibly corrupt fs?
[  150.781304][ T8277] (syz.3.872,8277,0):ocfs2_init_global_system_inodes:476 ERROR: status = -22
[  150.819487][ T8277] (syz.3.872,8277,0):ocfs2_initialize_super:2196 ERROR: status = -22
[  150.822575][ T8277] (syz.3.872,8277,0):ocfs2_fill_super:1177 ERROR: status = -22
[  151.219229][ T8294] netlink: 724 bytes leftover after parsing attributes in process `syz.3.874'.
[  151.222581][ T8294] netlink: 724 bytes leftover after parsing attributes in process `syz.3.874'.
[  151.610960][ T8315] loop0: detected capacity change from 0 to 16
[  151.614205][ T8315] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  151.735937][ T8324] Freezing with imperfect legacy cgroup freezer. See cgroup.freeze of cgroup v2
[  151.906995][ T5888] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  151.961036][ T8339] loop3: detected capacity change from 0 to 256
[  151.972881][ T8339] FAT-fs (loop3): Directory bread(block 64) failed
[  151.975416][ T8339] FAT-fs (loop3): Directory bread(block 65) failed
[  151.981671][ T8339] FAT-fs (loop3): Directory bread(block 66) failed
[  151.984914][ T8339] FAT-fs (loop3): Directory bread(block 67) failed
[  151.988336][ T8339] FAT-fs (loop3): Directory bread(block 68) failed
[  151.991364][ T8339] FAT-fs (loop3): Directory bread(block 69) failed
[  151.994138][ T8339] FAT-fs (loop3): Directory bread(block 70) failed
[  151.999691][ T8339] FAT-fs (loop3): Directory bread(block 71) failed
[  152.002144][ T8339] FAT-fs (loop3): Directory bread(block 72) failed
[  152.004696][ T8339] FAT-fs (loop3): Directory bread(block 73) failed
[  152.066811][ T5888] usb 3-1: Using ep0 maxpacket: 8
[  152.077812][ T5888] usb 3-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb
[  152.082381][ T5888] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  152.096413][ T5888] usb 3-1: Product: syz
[  152.098659][ T5888] usb 3-1: Manufacturer: syz
[  152.102599][ T5888] usb 3-1: SerialNumber: syz
[  152.186874][ T5915] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  152.320857][ T5888] mxuport 3-1:254.0: mxuport_send_ctrl_data_urb - usb_control_msg failed (-71)
[  152.324796][ T8351] loop3: detected capacity change from 0 to 1024
[  152.336772][ T5888] mxuport 3-1:254.0: mxuport_send_ctrl_data_urb - usb_control_msg failed (-71)
[  152.338830][ T5915] usb 1-1: Using ep0 maxpacket: 16
[  152.340260][ T5888] mxuport 3-1:254.0: probe with driver mxuport failed with error -71
[  152.353965][ T5915] usb 1-1: config 0 has an invalid interface number: 107 but max is 0
[  152.361711][ T5888] usb 3-1: USB disconnect, device number 18
[  152.373837][ T5915] usb 1-1: config 0 has no interface number 0
[  152.386339][ T5915] usb 1-1: config 0 interface 107 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 255
[  152.401492][ T5915] usb 1-1: New USB device found, idVendor=06cd, idProduct=0131, bcdDevice=16.60
[  152.405065][ T5915] usb 1-1: New USB device strings: Mfr=175, Product=2, SerialNumber=3
[  152.416996][ T5915] usb 1-1: Product: syz
[  152.418876][ T5915] usb 1-1: Manufacturer: syz
[  152.420759][ T5915] usb 1-1: SerialNumber: syz
[  152.433224][ T5915] usb 1-1: config 0 descriptor??
[  152.440341][ T8337] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  152.492238][ T8353] loop3: detected capacity change from 0 to 1024
[  152.662088][ T5915] keyspan 1-1:0.107: Keyspan 4 port adapter converter detected
[  152.665917][ T5915] keyspan 1-1:0.107: found no endpoint descriptor for endpoint 81
[  152.678396][ T5915] keyspan 1-1:0.107: found no endpoint descriptor for endpoint 1
[  152.688610][ T5915] usb 1-1: Keyspan 4 port adapter converter now attached to ttyUSB0
[  152.698384][ T5915] keyspan 1-1:0.107: found no endpoint descriptor for endpoint 2
[  152.703011][ T5915] usb 1-1: Keyspan 4 port adapter converter now attached to ttyUSB1
[  152.709236][ T5915] keyspan 1-1:0.107: found no endpoint descriptor for endpoint 4
[  152.714046][ T5915] usb 1-1: Keyspan 4 port adapter converter now attached to ttyUSB2
[  152.728164][ T5915] keyspan 1-1:0.107: found no endpoint descriptor for endpoint 6
[  152.735137][ T5915] usb 1-1: Keyspan 4 port adapter converter now attached to ttyUSB3
[  152.745505][ T5915] usb 1-1: USB disconnect, device number 10
[  152.756250][ T5915] keyspan_4 ttyUSB0: Keyspan 4 port adapter converter now disconnected from ttyUSB0
[  152.763792][ T5915] keyspan_4 ttyUSB1: Keyspan 4 port adapter converter now disconnected from ttyUSB1
[  152.780148][ T5915] keyspan_4 ttyUSB2: Keyspan 4 port adapter converter now disconnected from ttyUSB2
[  152.789136][ T5915] keyspan_4 ttyUSB3: Keyspan 4 port adapter converter now disconnected from ttyUSB3
[  152.793730][ T5915] keyspan 1-1:0.107: device disconnected
[  152.894185][   T33] audit: type=1326 audit(1757509196.796:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8361 comm="syz.2.902" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9c0538eba9 code=0x0
[  153.000190][ T8363] netlink: 64 bytes leftover after parsing attributes in process `syz.2.902'.
[  153.199335][ T8371] netlink: 32 bytes leftover after parsing attributes in process `syz.3.906'.
[  153.203637][ T8371] netlink: 32 bytes leftover after parsing attributes in process `syz.3.906'.
[  153.787737][   T96] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  153.917721][ T5915] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  153.941200][   T96] usb 1-1: New USB device found, idVendor=0c45, idProduct=60a8, bcdDevice=b5.55
[  153.945076][   T96] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  153.950301][   T96] usb 1-1: Product: syz
[  153.951939][   T96] usb 1-1: Manufacturer: syz
[  153.953704][   T96] usb 1-1: SerialNumber: syz
[  153.958381][   T96] usb 1-1: config 0 descriptor??
[  153.967933][   T96] gspca_main: sonixb-2.14.0 probing 0c45:60a8
[  154.086718][ T5915] usb 4-1: Using ep0 maxpacket: 16
[  154.091025][ T5915] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 192, changing to 11
[  154.095196][ T5915] usb 4-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[  154.098589][ T5915] usb 4-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18
[  154.104216][ T5915] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  154.115469][ T5915] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  154.118715][ T5915] usb 4-1: SerialNumber: syz
[  154.125872][ T8386] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  154.332851][ T5915] cdc_ether 4-1:1.0: probe with driver cdc_ether failed with error -71
[  154.349542][ T5915] usb 4-1: USB disconnect, device number 5
[  154.369713][   T96] sonixb 1-1:0.0: Error writing register 01: -71
[  154.375820][   T96] sonixb 1-1:0.0: probe with driver sonixb failed with error -71
[  154.393455][   T96] usb 1-1: USB disconnect, device number 11
[  154.836868][   T96] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  154.876744][   T33] audit: type=1326 audit(1757509198.776:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8415 comm="syz.3.928" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7a878eba9 code=0x7ffc0000
[  154.900241][   T33] audit: type=1326 audit(1757509198.786:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8415 comm="syz.3.928" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7a878eba9 code=0x7ffc0000
[  154.918221][   T33] audit: type=1326 audit(1757509198.786:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8415 comm="syz.3.928" exe="/syz-executor" sig=0 arch=c000003e syscall=286 compat=0 ip=0x7fc7a878eba9 code=0x7ffc0000
[  154.926457][   T33] audit: type=1326 audit(1757509198.786:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8415 comm="syz.3.928" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7a878eba9 code=0x7ffc0000
[  154.967535][   T33] audit: type=1326 audit(1757509198.786:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8415 comm="syz.3.928" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc7a878eba9 code=0x7ffc0000
[  154.975165][ T8420] loop0: detected capacity change from 0 to 2048
[  154.975196][ T8419] loop3: detected capacity change from 0 to 1024
[  155.001847][   T96] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  155.012573][   T96] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  155.016031][ T8421] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  155.027304][   T96] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.034537][   T96] usb 3-1: config 0 descriptor??
[  155.054069][ T8420] bio_check_eod: 182 callbacks suppressed
[  155.054093][ T8420] syz.0.929: attempt to access beyond end of device
[  155.054093][ T8420] loop0: rw=0, sector=281474976710722, nr_sectors = 2 limit=2048
[  155.063241][ T8420] NILFS (loop0): I/O error reading b-tree node block (ino=16, blocknr=15)
[  155.067690][ T7829] hfsplus: b-tree write err: -5, ino 4
[  155.071326][ T8420] syz.0.929: attempt to access beyond end of device
[  155.071326][ T8420] loop0: rw=0, sector=281474976710722, nr_sectors = 2 limit=2048
[  155.084822][ T8420] NILFS (loop0): I/O error reading b-tree node block (ino=16, blocknr=15)
[  155.088472][ T8420] NILFS (loop0): error -5 truncating bmap (ino=16)
[  155.216229][ T8427] netlink: 16 bytes leftover after parsing attributes in process `syz.0.932'.
[  155.250187][ T8427] loop0: detected capacity change from 0 to 256
[  155.288109][ T8427] FAT-fs (loop0): Directory bread(block 64) failed
[  155.290781][ T8427] FAT-fs (loop0): Directory bread(block 65) failed
[  155.293834][ T8427] FAT-fs (loop0): Directory bread(block 66) failed
[  155.301188][ T8427] FAT-fs (loop0): Directory bread(block 67) failed
[  155.314558][ T8427] FAT-fs (loop0): Directory bread(block 68) failed
[  155.320283][ T8427] FAT-fs (loop0): Directory bread(block 69) failed
[  155.322930][ T8427] FAT-fs (loop0): Directory bread(block 70) failed
[  155.328060][ T8427] FAT-fs (loop0): Directory bread(block 71) failed
[  155.331235][ T8427] FAT-fs (loop0): Directory bread(block 72) failed
[  155.333818][ T8427] FAT-fs (loop0): Directory bread(block 73) failed
[  155.449971][   T96] ath6kl: Unsupported hardware version: 0x0
[  155.453703][   T96] ath6kl: Failed to init ath6kl core: -22
[  155.466356][   T96] ath6kl_usb 3-1:0.0: probe with driver ath6kl_usb failed with error -22
[  155.496103][ T8432] loop0: detected capacity change from 0 to 4096
[  155.562254][ T8436] netlink: 12 bytes leftover after parsing attributes in process `syz.3.937'.
[  155.592096][ T8432] ntfs3(loop0): ino=1f, mi_enum_attr
[  155.594412][ T8432] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  155.603103][ T8432] ntfs3(loop0): ino=1f, mi_enum_attr
[  155.619833][ T8432] ntfs3(loop0): ino=9, attr_set_size
[  155.672038][ T5888] usb 3-1: USB disconnect, device number 19
[  156.384730][ T8454] loop0: detected capacity change from 0 to 512
[  157.023332][ T8467] loop3: detected capacity change from 0 to 2048
[  157.046055][ T8467] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.072181][   T33] audit: type=1800 audit(1757509200.976:17): pid=8467 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.951" name="bus" dev="loop3" ino=18 res=0 errno=0
[  157.282981][ T8472] loop2: detected capacity change from 0 to 32768
[  157.287961][ T8472] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.952 (8472)
[  157.302222][ T8472] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  157.305501][ T8472] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  157.419035][ T7600] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.449941][ T8472] BTRFS info (device loop2): enabling ssd optimizations
[  157.452470][ T8472] BTRFS info (device loop2): enabling free space tree
[  157.485743][ T5849] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  157.734889][ T8499] loop3: detected capacity change from 0 to 1024
[  157.760681][ T8499] hfsplus: bad catalog entry type
[  157.808575][   T54] hfsplus: b-tree write err: -5, ino 4
[  157.832259][ T8505] netlink: 512 bytes leftover after parsing attributes in process `syz.2.960'.
[  158.036664][ T7054] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  158.276737][ T7054] usb 1-1: Using ep0 maxpacket: 16
[  158.281243][ T7054] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 0, changing to 7
[  158.286886][ T7054] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  158.290198][ T7054] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.292771][ T7054] usb 1-1: Product: syz
[  158.294073][ T7054] usb 1-1: Manufacturer: syz
[  158.295460][ T7054] usb 1-1: SerialNumber: syz
[  158.309775][ T7054] usb 1-1: config 0 descriptor??
[  158.691685][ T8526] loop3: detected capacity change from 0 to 32768
[  158.795430][ T8526] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  158.795837][   T96] usb 1-1: USB disconnect, device number 12
[  158.909690][ T8526] 
[  158.910816][ T8526] ======================================================
[  158.913216][ T8526] WARNING: possible circular locking dependency detected
[  158.915634][ T8526] syzkaller #0 Not tainted
[  158.917471][ T8526] ------------------------------------------------------
[  158.920776][ T8526] syz.3.968/8526 is trying to acquire lock:
[  158.922656][ T8526] ffff8880398e6610 (sb_internal#2){.+.+}-{0:0}, at: ocfs2_setattr+0x969/0x1b40
[  158.925610][ T8526] 
[  158.925610][ T8526] but task is already holding lock:
[  158.928257][ T8526] ffff88811a8231e0 (&ocfs2_file_ip_alloc_sem_key){++++}-{4:4}, at: ocfs2_setattr+0x95a/0x1b40
[  158.932329][ T8526] 
[  158.932329][ T8526] which lock already depends on the new lock.
[  158.932329][ T8526] 
[  158.936275][ T8526] 
[  158.936275][ T8526] the existing dependency chain (in reverse order) is:
[  158.939909][ T8526] 
[  158.939909][ T8526] -> #4 (&ocfs2_file_ip_alloc_sem_key){++++}-{4:4}:
[  158.943044][ T8526]        lock_acquire+0x120/0x360
[  158.944804][ T8526]        down_write+0x96/0x1f0
[  158.946535][ T8526]        ocfs2_try_remove_refcount_tree+0xb6/0x320
[  158.948746][ T8526]        ocfs2_xattr_set+0x595/0x11f0
[  158.950521][ T8526]        ocfs2_set_acl+0x701/0x7b0
[  158.952125][ T8526]        ocfs2_iop_set_acl+0x1aa/0x2a0
[  158.953870][ T8526]        vfs_set_acl+0x887/0xb00
[  158.955513][ T8526]        filename_setxattr+0x2e0/0x600
[  158.957310][ T8526]        path_setxattrat+0x364/0x3a0
[  158.959109][ T8526]        __x64_sys_setxattr+0xbc/0xe0
[  158.961066][ T8526]        do_syscall_64+0xfa/0xfa0
[  158.962742][ T8526]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.964819][ T8526] 
[  158.964819][ T8526] -> #3 (&oi->ip_xattr_sem){++++}-{4:4}:
[  158.967187][ T8526]        lock_acquire+0x120/0x360
[  158.969020][ T8526]        down_read+0x46/0x2e0
[  158.970885][ T8526]        ocfs2_init_acl+0x2f9/0x720
[  158.972783][ T8526]        ocfs2_mknod+0x1321/0x2050
[  158.974770][ T8526]        ocfs2_create+0x1a5/0x440
[  158.976874][ T8526]        path_openat+0x14f4/0x3830
[  158.978620][ T8526]        do_filp_open+0x1fa/0x410
[  158.980166][ T8526]        do_sys_openat2+0x121/0x1c0
[  158.981780][ T8526]        __x64_sys_openat+0x138/0x170
[  158.983358][ T8526]        do_syscall_64+0xfa/0xfa0
[  158.985244][ T8526]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  158.987648][ T8526] 
[  158.987648][ T8526] -> #2 (jbd2_handle){++++}-{0:0}:
[  158.990697][ T8526]        lock_acquire+0x120/0x360
[  158.992359][ T8526]        start_this_handle+0x1fa7/0x21c0
[  158.994568][ T8526]        jbd2__journal_start+0x2c1/0x5b0
[  158.996692][ T8526]        jbd2_journal_start+0x2a/0x40
[  158.998838][ T8526]        ocfs2_start_trans+0x376/0x6d0
[  159.001090][ T8526]        ocfs2_shutdown_local_alloc+0x200/0xa10
[  159.003679][ T8526]        ocfs2_dismount_volume+0x201/0x8d0
[  159.006080][ T8526]        generic_shutdown_super+0x135/0x2c0
[  159.008539][ T8526]        kill_block_super+0x44/0x90
[  159.010765][ T8526]        deactivate_locked_super+0xbc/0x130
[  159.013145][ T8526]        cleanup_mnt+0x425/0x4c0
[  159.015239][ T8526]        task_work_run+0x1d4/0x260
[  159.017447][ T8526]        exit_to_user_mode_loop+0xec/0x130
[  159.019827][ T8526]        do_syscall_64+0x2bd/0xfa0
[  159.021870][ T8526]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.024350][ T8526] 
[  159.024350][ T8526] -> #1 (&journal->j_trans_barrier){.+.+}-{4:4}:
[  159.027871][ T8526]        lock_acquire+0x120/0x360
[  159.030047][ T8526]        down_read+0x46/0x2e0
[  159.032012][ T8526]        ocfs2_start_trans+0x36a/0x6d0
[  159.033911][ T8526]        ocfs2_shutdown_local_alloc+0x200/0xa10
[  159.036037][ T8526]        ocfs2_dismount_volume+0x201/0x8d0
[  159.038085][ T8526]        generic_shutdown_super+0x135/0x2c0
[  159.040484][ T8526]        kill_block_super+0x44/0x90
[  159.042635][ T8526]        deactivate_locked_super+0xbc/0x130
[  159.045036][ T8526]        cleanup_mnt+0x425/0x4c0
[  159.046637][ T8526]        task_work_run+0x1d4/0x260
[  159.048571][ T8526]        exit_to_user_mode_loop+0xec/0x130
[  159.050860][ T8526]        do_syscall_64+0x2bd/0xfa0
[  159.052906][ T8526]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.055528][ T8526] 
[  159.055528][ T8526] -> #0 (sb_internal#2){.+.+}-{0:0}:
[  159.058328][ T8526]        validate_chain+0xb9b/0x2140
[  159.060296][ T8526]        __lock_acquire+0xab9/0xd20
[  159.062298][ T8526]        lock_acquire+0x120/0x360
[  159.064206][ T8526]        ocfs2_start_trans+0x26b/0x6d0
[  159.066341][ T8526]        ocfs2_setattr+0x969/0x1b40
[  159.067994][ T8526]        notify_change+0xc1a/0xf40
[  159.069654][ T8526]        do_truncate+0x1a4/0x220
[  159.071571][ T8526]        vfs_truncate+0x493/0x520
[  159.073501][ T8526]        do_sys_truncate+0xdb/0x190
[  159.075512][ T8526]        __x64_sys_truncate+0x5b/0x70
[  159.077645][ T8526]        do_syscall_64+0xfa/0xfa0
[  159.079747][ T8526]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.082349][ T8526] 
[  159.082349][ T8526] other info that might help us debug this:
[  159.082349][ T8526] 
[  159.086322][ T8526] Chain exists of:
[  159.086322][ T8526]   sb_internal#2 --> &oi->ip_xattr_sem --> &ocfs2_file_ip_alloc_sem_key
[  159.086322][ T8526] 
[  159.091981][ T8526]  Possible unsafe locking scenario:
[  159.091981][ T8526] 
[  159.094575][ T8526]        CPU0                    CPU1
[  159.096252][ T8526]        ----                    ----
[  159.098278][ T8526]   lock(&ocfs2_file_ip_alloc_sem_key);
[  159.100430][ T8526]                                lock(&oi->ip_xattr_sem);
[  159.103143][ T8526]                                lock(&ocfs2_file_ip_alloc_sem_key);
[  159.106287][ T8526]   rlock(sb_internal#2);
[  159.107642][ T8526] 
[  159.107642][ T8526]  *** DEADLOCK ***
[  159.107642][ T8526] 
[  159.110187][ T8526] 3 locks held by syz.3.968/8526:
[  159.111971][ T8526]  #0: ffff8880398e6420 (sb_writers#24){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  159.114988][ T8526]  #1: ffff88811a823540 (&sb->s_type->i_mutex_key#46){+.+.}-{4:4}, at: do_truncate+0x171/0x220
[  159.118986][ T8526]  #2: ffff88811a8231e0 (&ocfs2_file_ip_alloc_sem_key){++++}-{4:4}, at: ocfs2_setattr+0x95a/0x1b40
[  159.122568][ T8526] 
[  159.122568][ T8526] stack backtrace:
[  159.124449][ T8526] CPU: 1 UID: 0 PID: 8526 Comm: syz.3.968 Not tainted syzkaller #0 PREEMPT(full) 
[  159.124461][ T8526] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  159.124468][ T8526] Call Trace:
[  159.124475][ T8526]  <TASK>
[  159.124480][ T8526]  dump_stack_lvl+0x189/0x250
[  159.124494][ T8526]  ? __pfx_dump_stack_lvl+0x10/0x10
[  159.124504][ T8526]  ? __pfx__printk+0x10/0x10
[  159.124515][ T8526]  ? print_lock_name+0xde/0x100
[  159.124527][ T8526]  print_circular_bug+0x2ee/0x310
[  159.124536][ T8526]  check_noncircular+0x134/0x160
[  159.124550][ T8526]  validate_chain+0xb9b/0x2140
[  159.124566][ T8526]  __lock_acquire+0xab9/0xd20
[  159.124577][ T8526]  ? ocfs2_setattr+0x969/0x1b40
[  159.124588][ T8526]  lock_acquire+0x120/0x360
[  159.124597][ T8526]  ? ocfs2_setattr+0x969/0x1b40
[  159.124608][ T8526]  ? do_raw_spin_unlock+0x4d/0x240
[  159.124617][ T8526]  ocfs2_start_trans+0x26b/0x6d0
[  159.124625][ T8526]  ? ocfs2_setattr+0x969/0x1b40
[  159.124637][ T8526]  ? __pfx_ocfs2_start_trans+0x10/0x10
[  159.124646][ T8526]  ? setattr_prepare+0x1e7/0xac0
[  159.124655][ T8526]  ? inode_newsize_ok+0x182/0x1c0
[  159.124664][ T8526]  ocfs2_setattr+0x969/0x1b40
[  159.124678][ T8526]  ? __pfx_ocfs2_setattr+0x10/0x10
[  159.124688][ T8526]  ? ktime_get_coarse_real_ts64_mg+0x52/0x1e0
[  159.124698][ T8526]  ? seqcount_lockdep_reader_access+0x175/0x1c0
[  159.124709][ T8526]  ? ktime_get_coarse_real_ts64_mg+0x1be/0x1e0
[  159.124719][ T8526]  ? current_time+0x222/0x370
[  159.124725][ T8526]  ? evm_inode_setattr+0x1b6/0x7d0
[  159.124734][ T8526]  ? __pfx_current_time+0x10/0x10
[  159.124742][ T8526]  ? try_break_deleg+0x79/0x130
[  159.124749][ T8526]  ? __pfx_ocfs2_setattr+0x10/0x10
[  159.124760][ T8526]  notify_change+0xc1a/0xf40
[  159.124770][ T8526]  do_truncate+0x1a4/0x220
[  159.124779][ T8526]  ? __pfx_do_truncate+0x10/0x10
[  159.124788][ T8526]  ? apparmor_path_truncate+0x238/0x2d0
[  159.124800][ T8526]  vfs_truncate+0x493/0x520
[  159.124810][ T8526]  ? __pfx_vfs_truncate+0x10/0x10
[  159.124820][ T8526]  do_sys_truncate+0xdb/0x190
[  159.124829][ T8526]  ? __pfx_do_sys_truncate+0x10/0x10
[  159.124838][ T8526]  ? __se_sys_chdir+0x1b9/0x280
[  159.124849][ T8526]  __x64_sys_truncate+0x5b/0x70
[  159.124858][ T8526]  do_syscall_64+0xfa/0xfa0
[  159.124866][ T8526]  ? lockdep_hardirqs_on+0x9c/0x150
[  159.124877][ T8526]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.124885][ T8526]  ? exc_page_fault+0xab/0x100
[  159.124898][ T8526]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  159.124906][ T8526] RIP: 0033:0x7fc7a878eba9
[  159.124916][ T8526] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  159.124923][ T8526] RSP: 002b:00007fc7a6589038 EFLAGS: 00000246 ORIG_RAX: 000000000000004c
[  159.124933][ T8526] RAX: ffffffffffffffda RBX: 00007fc7a89d6270 RCX: 00007fc7a878eba9
[  159.124939][ T8526] RDX: 0000000000000000 RSI: 0000000000040006 RDI: 0000200000000040
[  159.124945][ T8526] RBP: 00007fc7a8811e19 R08: 0000000000000000 R09: 0000000000000000
[  159.124986][ T8526] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  159.124992][ T8526] R13: 00007fc7a89d6308 R14: 00007fc7a89d6270 R15: 00007ffcb8a6a5d8
[  159.125002][ T8526]  </TASK>
[  159.234033][    C1] vkms_vblank_simulate: vblank timer overrun
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  159.509015][ T8502] syz_tun (unregistering): left promiscuous mode
[  159.526386][ T5716] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.582790][ T5716] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.701491][ T5716] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.792100][ T5716] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  159.802832][ T8524] ocfs2: Unmounting device (7,3) on (node local)
[  159.888613][ T5716] bridge_slave_1: left allmulticast mode
[  159.891122][ T5716] bridge_slave_1: left promiscuous mode
[  159.893796][ T5716] bridge0: port 2(bridge_slave_1) entered disabled state
[  159.900583][ T5716] bridge_slave_0: left allmulticast mode
[  159.902760][ T5716] bridge_slave_0: left promiscuous mode
[  159.905113][ T5716] bridge0: port 1(bridge_slave_0) entered disabled state
[  160.023911][ T5716] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  160.030387][ T5716] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  160.035014][ T5716] bond0 (unregistering): Released all slaves
[  160.114937][ T5716] tipc: Left network mode
[  160.225654][ T5716] hsr_slave_0: left promiscuous mode
[  160.228942][ T5716] hsr_slave_1: left promiscuous mode
[  160.231435][ T5716] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  160.234280][ T5716] batman_adv: batadv0: Removing interface: batadv_slave_0
[  160.238376][ T5716] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  160.241442][ T5716] batman_adv: batadv0: Removing interface: batadv_slave_1
[  160.248088][ T5716] veth1_macvtap: left promiscuous mode
[  160.250354][ T5716] veth0_macvtap: left promiscuous mode
[  160.252625][ T5716] veth1_vlan: left promiscuous mode
[  160.254677][ T5716] veth0_vlan: left promiscuous mode
[  160.431256][ T5716] team0 (unregistering): Port device team_slave_1 removed
[  160.459786][ T5716] team0 (unregistering): Port device team_slave_0 removed
[  160.598263][ T5915] lo speed is unknown, defaulting to 1000
[  160.602350][ T5915] infiniband syz1: ib_query_port failed (-19)
[  160.843718][ T5716] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.881176][ T5716] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  160.962605][ T5716] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  161.001812][ T5716] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  161.073613][ T5716] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  161.130299][ T5716] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  161.179754][ T5716] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  161.223549][ T5716] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  161.304867][ T5716] bridge_slave_1: left allmulticast mode
[  161.307164][ T5716] bridge_slave_1: left promiscuous mode
[  161.309145][ T5716] bridge0: port 2(bridge_slave_1) entered disabled state
[  161.314170][ T5716] bridge_slave_0: left allmulticast mode
[  161.316040][ T5716] bridge_slave_0: left promiscuous mode
[  161.322071][ T5716] bridge0: port 1(bridge_slave_0) entered disabled state
[  161.329950][ T5716] bridge_slave_1: left allmulticast mode
[  161.332107][ T5716] bridge_slave_1: left promiscuous mode
[  161.334555][ T5716] bridge0: port 2(bridge_slave_1) entered disabled state
[  161.339628][ T5716] bridge_slave_0: left allmulticast mode
[  161.341550][ T5716] bridge_slave_0: left promiscuous mode
[  161.343863][ T5716] bridge0: port 1(bridge_slave_0) entered disabled state
[  161.463390][ T5716] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  161.468057][ T5716] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  161.472032][ T5716] bond0 (unregistering): Released all slaves
[  161.485158][ T5716] ip6gretap0 (unregistering): left promiscuous mode
[  161.563573][ T5716] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  161.568774][ T5716] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  161.572912][ T5716] bond0 (unregistering): Released all slaves
[  161.830516][ T5716] batman_adv: batadv0: Interface deactivated: wlan0
[  161.841202][ T5716] batman_adv: batadv0: Removing interface: wlan0
[  161.904228][ T5716] hsr_slave_0: left promiscuous mode
[  161.910978][ T5716] hsr_slave_1: left promiscuous mode
[  161.913633][ T5716] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  161.917406][ T5716] batman_adv: batadv0: Removing interface: batadv_slave_0
[  161.920527][ T5716] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  161.923311][ T5716] batman_adv: batadv0: Removing interface: batadv_slave_1
[  161.930752][ T5716] hsr_slave_0: left promiscuous mode
[  161.933278][ T5716] hsr_slave_1: left promiscuous mode
[  161.935723][ T5716] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  161.939487][ T5716] batman_adv: batadv0: Removing interface: batadv_slave_0
[  161.942492][ T5716] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  161.944968][ T5716] batman_adv: batadv0: Removing interface: batadv_slave_1
[  161.952857][ T5716] veth1_macvtap: left promiscuous mode
[  161.955076][ T5716] veth0_macvtap: left promiscuous mode
[  161.958192][ T5716] veth1_vlan: left promiscuous mode
[  161.960127][ T5716] veth0_vlan: left promiscuous mode
[  161.963020][ T5716] veth1_macvtap: left promiscuous mode
[  161.964982][ T5716] veth0_macvtap: left promiscuous mode
[  161.968168][ T5716] veth1_vlan: left promiscuous mode
[  161.970299][ T5716] veth0_vlan: left promiscuous mode
[  162.030748][ T5716] pimreg (unregistering): left allmulticast mode
[  162.127802][ T5716] team0 (unregistering): Port device team_slave_1 removed
[  162.153830][ T5716] team0 (unregistering): Port device team_slave_0 removed
[  162.374475][ T5716] team0 (unregistering): Port device team_slave_1 removed
[  162.405181][ T5716] team0 (unregistering): Port device team_slave_0 removed

VM DIAGNOSIS:
12:55:46  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000084ee4 RBX=ffff88804b032f98 RCX=535c6afcfe64e700 RDX=0000000000000000
RSI=ffffffff8c035de0 RDI=ffffffff8c035da0 RBP=ffffffff8964012a RSP=ffffc900029b74a0
R8 =0000000000000001 R9 =0000000000000000 R10=dffffc0000000000 R11=fffffbfff1f87907
R12=0000000000000000 R13=ffff88803a6f2318 R14=ffffffff8dde4dd0 R15=dffffc0000000000
RIP=ffffffff81a64977 RFL=00000082 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f9c035f66c0 ffffffff 00c00000
GS =0000 ffff8880b83f1000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00002000003e4030 CR3=000000010b07e000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=0000000000000000 00007fc596212e53
XMM06=0000000000000000 00007fc596212e4d XMM07=0000000000000000 00007fc596212e61
XMM08=0000000000000000 00007fc596212ee7 XMM09=0000000000000000 00007fc596212fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000000002d RBX=000000000000002d RCX=0000000000000000 RDX=00000000000003f8
RSI=00000000000016e1 RDI=00000000000016e2 RBP=00000000000003f8 RSP=ffffc90002976ed0
R8 =ffff888106c30237 R9 =1ffff11020d86046 R10=dffffc0000000000 R11=ffffffff8552a850
R12=dffffc0000000000 R13=ffffffff99d2491c R14=ffffffff9a037060 R15=0000000000000000
RIP=ffffffff8552a8cc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fc7a65896c0 ffffffff 00c00000
GS =0000 ffff8881a39f1000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000020000039a030 CR3=000000002975e000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ffffffffffffffff ffffff0000000000 XMM01=0101010101010101 0101010000000000
XMM02=695f746e756f6d5f 7a79730032736667 XMM03=ffffffffffffffff ffffffffffffffff
XMM04=1360034e5d53002c 74696d6d6f635f63 XMM05=5cf3945eb98408b4 4938eecd7e6e9eec
XMM06=0000000000000000 00b0be19cd0096ec XMM07=0000000000000000 0000000000000000
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007fc7a8812fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
