last executing test programs:

1m21.938790414s ago: executing program 2 (id=877):
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000140))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
pipe(&(0x7f00000045c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
openat(0xffffffffffffff9c, 0x0, 0x2, 0x0)
vmsplice(r2, &(0x7f0000001440)=[{&(0x7f0000001a00)="ce", 0x1}], 0x1, 0x4)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000580), 0x0, 0x0)
ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000})
read$FUSE(r1, &(0x7f0000009780)={0x2020}, 0x2020)
r3 = syz_io_uring_complete(0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
statx(r3, &(0x7f00000021c0)='./file0/file0\x00', 0x6000, 0x100, 0x0)

1m21.779516864s ago: executing program 2 (id=880):
syz_usb_connect(0x2, 0x3f, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000d4ee0620cf10618012b70102030109022d00010000100009040600024f1ce8000905020200020200000905820233"], 0x0)

1m20.392713537s ago: executing program 2 (id=895):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000f00)={'bridge_slave_1\x00', &(0x7f0000000640)=@ethtool_perm_addr={0x4b, 0x1e, "4372071e845c1497c855383000000002000000372a72ee4d37968b000000"}})

1m20.338231643s ago: executing program 2 (id=896):
syz_mount_image$squashfs(&(0x7f00000006c0), &(0x7f0000000200)='./file0\x00', 0x2, &(0x7f0000000400)=ANY=[], 0x1, 0x1f8, &(0x7f0000000900)="$eJzslU1rE08cxz+zmSRN/zn0/D8VLLYXbbMF8ejNvgBfgCFda3HjQzegCQWjl148iG+i4KvwIOjdg4jgpR4U9FARhIqszM5vxgkJxMp6EPYL4ff8lNn5zfXsTtYEfhzv91iigKLNW6XQwKqyupOGpV+E5oIP2sod0T8V+l5oNhy9emTZ0Y1umiZ72XAOoxTM80lzLCPlmXTSM4o5z7mpXz6c1ChmOkfAb81TCvMtz/Mp06BmR5qOejyhac7ykVj+sLEGU6bF8mdfPsV3Yye1zNf25CfxsezG6vztcwev+d6ef0xvntjjnOlTk/BWeFOi6RMsnRmWnTA6VVSGrK/s8oOIz4Xw+ni/Z5irssWMbtv+3JUofIzwPPD5X8PYLEdyn0fDJSOsAuuD/u31bDg6t9vv7iQ7yc043ryw8eI/uaL5fdhNkw0VtGFWCG4vAeaetgJ7HXj3yz4mgApaM1gE1RC9C3HLee1MENiCKIgNc9i8z3z9puhq9LnCWRaAu2O1DDH231rBZNNcM6NtoaiJ0NFBn3BCxEJhON+7lW4foFAu7BDtc3SOqHshxgqmULJ50Y9/IHRF6JbQQ6FHQt3b5d4kXWT4JNLaGBrc6w4Ge8XjZTmvi70uXvKVI6nqXkPlOmlSoUKFChUqVKjwj+BnAAAA//85ykLy")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
listxattr(&(0x7f0000000040)='./file0\x00', 0x0, 0x0)

1m20.3379955s ago: executing program 2 (id=897):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)=ANY=[@ANYBLOB="640100001900010000000000040000001d0100001500040001000080fe02000031171e44b2b50e8f040000001e0106000000fd"], 0x164}}, 0x0)

1m20.028945088s ago: executing program 2 (id=901):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000980)={[{@nojournal_checksum}, {@nombcache}, {@barrier}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@usrquota}, {@noauto_da_alloc}, {@bh}, {@init_itable}]}, 0xff, 0x551, &(0x7f0000000cc0)="$eJzs3d9vU1UcAPDv7Tp+KyMhJPpgFnkQg3Rs8wcmPuCjUSKJvmOzXRaylpK1I2ySCA/y4oshJsZIYvwDfPeR+A/4V5AoCTFk0Qdfam53ywprt9EVNuznk9xyzj23nHt67vdwbs8lDWBojWcvhYhXIuLbJOJwR1kx8sLx1eNWHl6fybYkms3P/koiyfe1j0/yPw+2M8WI376OOFl4rMqx7KW+tDxfrlTShXznRKN6ZaK+tHzqUrU8l86ll6emp8+8Mz31/nvvDqytb57/54dP73505pvjK9//cv/I7STOxqG8rLMd23CjMzMe4/lnMhpnnzhwcgCV7SbJTp8AfRnJ43w0sjHgcIzkUQ/8/30VEU1gSCXiH4ZUex7Qvrcf0H3wC+PBh6s3QOvbX1z9biT2te6NDqwkj90ZJe0vMrYpq+PXP+/czrYY3PcQAJu6cTMiTheL68e/JB//+nd6C8c8WYfxD56fu9n8561u85/Co/lPdJn/HOwSu/3YPP4L9wdQTU/Z/O+DrvPffNFqLMZG8txLrexocvFSJc3Gtpcj4kSM7s3yG63nnFm51+xV1jn/y7as/vZcMD+P+8W9j79nttwob6/Vax7cjHi16/w3edT/SZf+zz6P81us41h657VeZZu3/9lq/hzxRtf+X1vRSjZen5xoXQ8T7ativb9vHfu9V/073f6s/w9s3P6xpHO9tv70dfy079+0V1m/1/+e5PNWek++71q50ViYjNiTfLJ+/9Tae9v59vFZ+08c33j863b974+IL7bY/ltHb/U8dFv9P4BF16z9s0/V/0+fuPfxlz/23/6s/99upU7ke7Yy/m31BLfz2QEAAAAAAMBuU4iIQ5EUSo/ShUKptPp8x9E4UKjU6o2TF2uvR6us9fxDob3SfbjjeYjJ/HnYdn7qifx0RByJiO9G9rfypZlaZXanGw8AAAAAAAAAAAAAAAAAAAC7xMEe//8/88fITp8d8Mz5yW8YXpvG/yB+6QnYlfz7D8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8wvMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAADNT5c+eyrbny8PpMlp+9urQ4X7t6ajatz5eqizOlmdrCldJcrTZXSUsztepmf1+lVrsyORWL1yYaab0xUV9avlCtLV5uXLhULc+lF9LR59IqAAAAAAAAAAAAAAAAAAAAeLHUl5bny5VKuiAh0VeiuDtOQ2LAiZ0emQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgzX8BAAD//7VBN58=")
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f00000008c0)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@orlov}, {@abort}, {@nombcache}, {@stripe={'stripe', 0x3d, 0x10}}]}, 0x64, 0x50a, &(0x7f0000000940)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0x1, 0x0, &(0x7f0000000000))

1m19.94163975s ago: executing program 32 (id=901):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000980)={[{@nojournal_checksum}, {@nombcache}, {@barrier}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@usrquota}, {@noauto_da_alloc}, {@bh}, {@init_itable}]}, 0xff, 0x551, &(0x7f0000000cc0)="$eJzs3d9vU1UcAPDv7Tp+KyMhJPpgFnkQg3Rs8wcmPuCjUSKJvmOzXRaylpK1I2ySCA/y4oshJsZIYvwDfPeR+A/4V5AoCTFk0Qdfam53ywprt9EVNuznk9xyzj23nHt67vdwbs8lDWBojWcvhYhXIuLbJOJwR1kx8sLx1eNWHl6fybYkms3P/koiyfe1j0/yPw+2M8WI376OOFl4rMqx7KW+tDxfrlTShXznRKN6ZaK+tHzqUrU8l86ll6emp8+8Mz31/nvvDqytb57/54dP73505pvjK9//cv/I7STOxqG8rLMd23CjMzMe4/lnMhpnnzhwcgCV7SbJTp8AfRnJ43w0sjHgcIzkUQ/8/30VEU1gSCXiH4ZUex7Qvrcf0H3wC+PBh6s3QOvbX1z9biT2te6NDqwkj90ZJe0vMrYpq+PXP+/czrYY3PcQAJu6cTMiTheL68e/JB//+nd6C8c8WYfxD56fu9n8561u85/Co/lPdJn/HOwSu/3YPP4L9wdQTU/Z/O+DrvPffNFqLMZG8txLrexocvFSJc3Gtpcj4kSM7s3yG63nnFm51+xV1jn/y7as/vZcMD+P+8W9j79nttwob6/Vax7cjHi16/w3edT/SZf+zz6P81us41h657VeZZu3/9lq/hzxRtf+X1vRSjZen5xoXQ8T7ativb9vHfu9V/073f6s/w9s3P6xpHO9tv70dfy079+0V1m/1/+e5PNWek++71q50ViYjNiTfLJ+/9Tae9v59vFZ+08c33j863b974+IL7bY/ltHb/U8dFv9P4BF16z9s0/V/0+fuPfxlz/23/6s/99upU7ke7Yy/m31BLfz2QEAAAAAAMBuU4iIQ5EUSo/ShUKptPp8x9E4UKjU6o2TF2uvR6us9fxDob3SfbjjeYjJ/HnYdn7qifx0RByJiO9G9rfypZlaZXanGw8AAAAAAAAAAAAAAAAAAAC7xMEe//8/88fITp8d8Mz5yW8YXpvG/yB+6QnYlfz7D8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8wvMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAADNT5c+eyrbny8PpMlp+9urQ4X7t6ajatz5eqizOlmdrCldJcrTZXSUsztepmf1+lVrsyORWL1yYaab0xUV9avlCtLV5uXLhULc+lF9LR59IqAAAAAAAAAAAAAAAAAAAAeLHUl5bny5VKuiAh0VeiuDtOQ2LAiZ0emQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgzX8BAAD//7VBN58=")
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f00000008c0)={[{@bsdgroups}, {@nodiscard}, {@noblock_validity}, {@grpjquota}, {@grpjquota}, {@orlov}, {@abort}, {@nombcache}, {@stripe={'stripe', 0x3d, 0x10}}]}, 0x64, 0x50a, &(0x7f0000000940)="$eJzs3VFrHFsdAPD/bHZr06Y3ueqDXvB6tZW0aHeTxrbBh1pB9Kmg1vcak00I2WRDdtM2oWiKH0AQUcEnffFF8AMIUvDFRxEK+qyoKKKtPvigncvuTtI03U227TabZn8/mMw5Z2b2f86GmZ0zc5gJYGC9FxHXI+JJmqYXImI0K89lU2y1psZ6jx/dm21MSaTpzX8mkWRl25+VZPPT2WYnI+JrX474ZvJ83NrG5tJMpVJey/Kl+vJqqbaxeXFxeWahvFBemZqavDJ9dfry9ERP2nkmIq598a8/+O7PvnTtV5+586dbfz//rUa1RrLlu9vxgvL7LWw1vdD8LnZvsPaSwY6ifLOFmeF2aww9V3L/NdcJAID2Guf4H4yIT0bEhRiNof1PZwEAAIA3UPr5kfhfEpG2d6JDOQAAAPAGyTXHwCa5YjYWYCRyuWKxNYb3w3EqV6nW6p+er66vzLXGyo5FITe/WClPZGOFx6KQNPKTzfTT/KU9+amIeDsivj863MwXZ6uVuX5f/AAAAIABcXpP//8/o63+PwAAAHDMjPW7AgAAAMBrp/8PAAAAx5/+PwAAABxrX7lxozGl2++/nru9sb5UvX1xrlxbKi6vzxZnq2urxYVqdaH5zL7lgz6vUq2ufjZW1u+W6uVavVTb2Ly1XF1fqd9afOYV2AAAAMAhevvjD/6QRMTW54abU8OJ7jbtcjXgqMrvpJJs3ma3/uNbrflfDqlSwKEY6ncFgL7J97sCQN8U+l0BoO+SA5Z3HLzz22z+id7WBwAA6L3xj3a+/5/bd8ut/RcDR56dGAaX+/8wuJr3/7sdyetkAY6VgjMAGHivfP//QGn6QhUCAAB6bqQ5JblidnlvJHK5YjHiTPO1AIVkfrFSnoiItyLi96OFDzTyk80tkwP7DAAAAAAAAAAAAAAAAAAAAAAAAABAS5omkQIAAADHWkTub8mvW8/yHx89N7L3+sCJ5L+jkb0i9M6Pb/7w7ky9vjbZKP/XTnn9R1n5pX5cwQAAAICB8EIv8N/up2/34wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACglx4/uje7PR1m3H98ISLG2sXPx8nm/GQUIuLUv5PI79ouiYihHsQfbvz5SLv4SaNaOyHbxR/uQfyt+/vGj7HsW2gX/3QP4sMge9A4/lxvt//l4r3mvP3+l494Jv+yOh//Yuf4N9Rh/z/TZYx3Hv6i1DH+/Yh38u2PP9vxkw7xz3YZ/xtf39zstCz9ScR429+f5JlYpfryaqm2sXlxcXlmobxQXpmamrwyfXX68vREaX6xUs7+to3xvY/98sl+7T/VIf7YAe0/12X7///w7qMPtZKFdvHPn20T/zc/zdZ4Pn4u++37VJZuLB/fTm+10ru9+/Pfvbtf++c6tP+g///5Ltt/4avf+XOXqwIAh6C2sbk0U6mU145totFLPwLVkDiCiW/39APTNE0b+9QrfE4SR+FraSb6fWQCAAB67elJf79rAgAAAAAAAAAAAAAAAAAAAIPrMB4ntjfm1k4q6cUjtAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeuL9AAAA//+GAdlV")
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f00000008c0)=ANY=[], 0x1, 0x0, &(0x7f0000000000))

51.498759934s ago: executing program 1 (id=1196):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_io_uring_setup(0x10d, &(0x7f0000000480)={0x0, 0x701c, 0x700, 0x1, 0x1ef}, &(0x7f0000000200)=<r4=>0x0, &(0x7f0000000280)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r6 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000000), 0x2)
r7 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x3)
ftruncate(r7, 0xffff)
fcntl$addseals(r7, 0x409, 0x7)
r8 = ioctl$UDMABUF_CREATE(r6, 0x40187542, &(0x7f0000000100)={r7, 0x0, 0x0, 0x1000})
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd=r8, 0x0, 0x0, 0x0, {0x414}, 0x1})
io_uring_enter(r3, 0x3f72, 0x74f1, 0xc00000000000000, 0x0, 0x39)

50.542405336s ago: executing program 1 (id=1200):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r4, 0x0)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000680)={0x10, 0x4, &(0x7f0000000380)=ANY=[@ANYBLOB="1802000000c400000000000000000000850000003e00000095"], &(0x7f00000000c0)='GPL\x00'}, 0x90)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=ANY=[@ANYBLOB="1200000004000000080000000b"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000540)=ANY=[@ANYRES32=r6, @ANYRES32=r5, @ANYBLOB='\a'], 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000100)={r6, &(0x7f0000000240), &(0x7f0000000140)=@tcp6=r4}, 0x20)
sendmmsg$inet6(r4, &(0x7f0000002440)=[{{0x0, 0x0, &(0x7f0000000980)=[{0x0}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x80)
mkdir(0x0, 0x0)
ioprio_set$pid(0x2, 0x0, 0x0)
mkdir(0x0, 0x0)
chdir(&(0x7f0000000440)='./bus\x00')
open(&(0x7f0000000580)='./file1\x00', 0x80242, 0x1df2a23c5997fa5f)

49.648027352s ago: executing program 1 (id=1209):
clock_adjtime(0x0, &(0x7f0000000700)={0x100000000006500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x240e})

49.581955128s ago: executing program 1 (id=1211):
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='mnt\x00', 0x4, &(0x7f0000000000), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY_ALL_USERS(0xffffffffffffffff, 0xc0406619, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f00000000c0)='./file0/../file0/../file0/../file0\x00', &(0x7f0000000080)='mnt\x00')

49.479969236s ago: executing program 1 (id=1213):
r0 = socket$tipc(0x1e, 0x5, 0x0)
connect$tipc(r0, 0x0, 0x0)

49.194014719s ago: executing program 1 (id=1216):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x0, 0x0)
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc0106442, &(0x7f0000000300))

49.035032689s ago: executing program 33 (id=1216):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x0, 0x0)
ioctl$DRM_IOCTL_GEM_OPEN(r0, 0xc0106442, &(0x7f0000000300))

1.174278777s ago: executing program 0 (id=1682):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000480)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r3, {0x0, 0x4}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0xffffffff, 0x1, 0x4, 0xffffffff, 0x10000}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x10}, 0x0)

1.089467102s ago: executing program 0 (id=1683):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
r1 = syz_io_uring_setup(0x3, &(0x7f0000000240)={0x0, 0x6109, 0x1, 0x0, 0x1a4}, &(0x7f0000000100)=<r2=>0x0, &(0x7f00000000c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0xc000000, &(0x7f0000000000)=[{&(0x7f0000001600)=""/4096, 0x1000}], 0x1, 0x12})
io_uring_enter(r1, 0x847ba, 0x0, 0xe, 0x0, 0x0)

1.084951968s ago: executing program 0 (id=1685):
syz_usb_connect(0x2, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x19, 0x9c, 0x4f, 0x20, 0x7c9, 0xe, 0x5d4f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xd6, 0x2, 0x2, 0xff, 0xff, 0x0, 0x0, [], [{{0x9, 0x5, 0x2, 0x2, 0x200, 0x2}}, {{0x9, 0x5, 0x82, 0x2, 0x10}}]}}]}}]}}, 0x0)

784.514068ms ago: executing program 3 (id=1690):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDGKBTYPE(r0, 0x4b33, &(0x7f0000000180))

720.524213ms ago: executing program 3 (id=1691):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=@newqdisc={0x40, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {0x0, 0x10}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_etf={{0x8}, {0x14, 0x2, @TCA_ETF_PARMS={0x10, 0x1, {0x7, 0xe14fe1afe8ab4915, 0x4}}}}]}, 0x40}, 0x1, 0x0, 0x0, 0x2}, 0x4000000)

720.300243ms ago: executing program 3 (id=1692):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000003e40)=@newtaction={0x80, 0x30, 0xffff, 0x0, 0x0, {}, [{0x6c, 0x1, [@m_ife={0x68, 0x1, 0x0, 0x0, {{0x8}, {0x40, 0x2, 0x0, 0x1, [@TCA_IFE_DMAC={0xa, 0x3, @local}, @TCA_IFE_TYPE={0x6, 0x5, 0x4}, @TCA_IFE_PARMS={0x1c, 0x1, {{0x1, 0x9, 0x4, 0x5, 0x1}, 0x1}}, @TCA_IFE_SMAC={0xa, 0x4, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x80}}, 0x0)

644.854132ms ago: executing program 3 (id=1693):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="580000001000010400000000ffdbdf2500000084", @ANYRES32=0x0, @ANYBLOB="83200000c6010500240012800b00010067656e65766500001400028005000c00000000000800010001000000140003"], 0x58}, 0x1, 0x0, 0x0, 0x40000}, 0x4000880)

644.322591ms ago: executing program 3 (id=1694):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x8, &(0x7f0000000240)={[{@nodiscard}, {@nocheckpoint_merge}, {@alloc_mode_def}, {@six_active_logs}, {@user_xattr}, {@fault_injection={'fault_injection', 0x3d, 0x5}}, {@discard}, {@noacl}, {@fsync_mode_posix}, {@alloc_mode_def}, {@noextent_cache}, {@two_active_logs}, {@fault_type={'fault_type', 0x3d, 0xfffffe}}]}, 0x1, 0x5505, &(0x7f0000000340)="$eJzs3EtvG1UUAODjpOmbEiEW7DpShZRItVWnD8GuQCseolVUYMEKHNux3NqeKHackBULlogF/wSBxIolv4EFa3aIBYgdEshzJ9DwkEBxYtJ8nzQ+c6+vz5xrVZXOTOQATqzF7OcfK3EpzkXEfERcjCjOK+VRuJ3CcxGRRcTcY0elnP994nREnI+IS5PkKWelfOvTq+MrN39446evvjlz6sJnX347u10Ds/Z8RPQ30vl2P8W8k+LDcr4x7haxf2NcxvRG/1E5zlPcbq8VGbYbe+saRbzeSevzja3hJK73Gs1J7HTXi/mNQbrgcNzZy1N84GFjsxi32mtF7A7zInZ2U107u+n/tt3hKOVplfk+KNLHaLQX03x7p532s/GoiM3BqJxPefNWe2cSx2UsLxfNvNcq6lg7yDf9//Zmd7C1k43bm8NuPshu1uov1Oq3qvXNvNUetW9UG/3WrRvZUqc3WVYdtRv925087/TatWbeX86WOs1mtV7Plu6017qNQVav167XrlVvLpdnV7NX77+T9VrZ0iS+3B1sjbq9Ybaeb2bpE8vZSu36i8vZlXr21r3VbPXB3bv3Vt9+786791+69/or5aK/lJUtrVxbWanWr1VX6ssnaP8flUVPcf9wIJVZFwBw/PzX/v+y/h+YgsPr/zcfRBx+/x/6/6k4Vv3vSe//D2H/cCD6fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAE+u7hc9fK04W0/hCOf9UOfVMOa5ExFxE/Po35uP0vpzzZZ6Ff1i/8Kcavq5EkWFyjTPlcT4ibpfHL08f9rcAAAAAT64vPrz8SerW08virAviKKWbNnMX359SvkpELCx+P6Vsc5OXZ6eUrPj3fSp2ppStuIF1dkrJ0i23U9PK9q/M7wtnHwuVFOaOtBwAAOBI7O8EjrYLAQAA4Ch9POsCmI1K7D3K3HsWXPzl/R8PBM/tGwEAAADHUGXWBQAAAACHruj//f4fAAAAPNnS7/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8xs793CYORHEAfjZ4Yf9p0Wrv28reoIwtYY97jCggTVBADqSFNEAN5JYSIojwOAQiDpE8tpXo+yRnMpb58QbBYWakAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoEv31Xpxe/X7um3Obt9OntEAAAAAl2yr9aL+Z5b6X5v735tbP5t+ERFlRFyau4/i01nmqMmpXp6/OX2+elXDXUSdcHiPSXN9iYg/zfX4o+tPAQAAAD6uzXI1T7P19Gc2dEH0KS3alN/+ZsorIqKaPWRKKw95vzKF1d/vcfzPlFYvYE0zhaUlt3GutDepf+7HVbvpSVOkprz4smOR2cYOAAD0aHTW9DsLAQAAoE//hi6AYRTxvJV53AqcpKbZ3vt81gMAAADeoWLoAgAAAIDO1fP/ns7/2zv/DwAAAIaRzv8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgS9tqvdgsV/O2Obt9O3lGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8MT+vKNACIRBGOxd35nM/Q8rDZqamlSB8PE3BgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDmd3/5PzE1ziRzr42l55Fk7dTYOjX2zo2jP4yvXwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF/vzkgIhEARRMGf876Tvf1hJ0DOIEAENjypq0QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfNHvfvk/MTXOJHOnjaXjkWTtqrF11dh70Dh6MN7+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFzv38xpHFQcA/M3MztZWxTXKHiKi4EEvdrutrb2JByV48E8QQrqtsVt/tDnYUsRcvEnOvYgeRQQl3vo/5JxALvGWwx4ieFZmdiY7+QGuv2Y2yecDb953h2He981CyHfeSwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDS6O1JnGSHzjiOi3Obew+Xsn7rUJ95vLY9n7UsjupM+mR4sfoh6jaXCAAAAGdHUtb3IYSddH0h6+NOXv+n5TVZzf/t0+O4rOcP1/1lX9b+Wfvl593n9wfqjMfJbnpzeTi4dDSV1v83y9n2zF9e0cqffP7uJcm/kPi91edGaf48o683Nt5p5+G5OrIFAP6Ji2VfBOXvQ1nfbzIxAM6MVqXwLuv/pNNsTgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1GK2GJ8s4CiHMtyZxZmvv4dJx/eO17fmyXXv0aC18Oblndos0hHBzeTi4VOtsZtu9+w9uLw6Hg7v1By+FEJoa/a1i+rc/mOLiEBp5PoL/KIiLL3tW8jkZQYM/lAAAOJXSomV1/U66vpCdi+ZC+OO7g/X/q5U4TFn/7354bbM6VrX+79c2w9nXW7nzae/e/QevL99ZvDW4Nfj4jcv9N/tXrl+9er2XvyvpeWMCAADAv9MuWrX+j+eOrv9fqMRhyvr/s2/6X1THStT/x5os+jWdCQAAwNn27Mu//xYdcz5qt8Pniysrd/vj4/7ny+NjA6n+beeKVq3/k7mmswIAAADqMFqNDqz/36jEYcr1/6e+f+HH6j2TEML5Yv3/4tInwxv1TWem1fHnxE3PEQAAgGadL1p1/T/N9//H+1se4hDCa6+M4+LfAE5V/yfvfvVDdazq/v8r9U1xJsXd8fPI+24IrW7TGQEAAHCaPVG0rNj/NV1f+OinC++37f8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqNufAQAA//9hGz6T")

569.483669ms ago: executing program 4 (id=1695):
syz_clone(0x4000000, 0x0, 0xfffffffffffffe10, 0x0, 0x0, 0x0)
capset(&(0x7f0000000080)={0x20080522}, &(0x7f0000000040)={0x0, 0x10ffff, 0xfffffffd})
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x64000080)

489.229993ms ago: executing program 4 (id=1696):
r0 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, 0x0, &(0x7f0000000180))
syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r1 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value, &(0x7f0000001080)=0x8)

428.300032ms ago: executing program 0 (id=1697):
r0 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi1\x00', 0x2180, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000300)={'rti800\x00', [0x2eff, 0x4, 0xd19b, 0xfffff044, 0x2, 0x9, 0x3, 0x3, 0xffe, 0xa, 0xc, 0x1001, 0x7f, 0x3, 0xffd, 0x6, 0x5, 0x40000009, 0x830, 0x30000, 0x9, 0x2, 0x800, 0xe2df, 0x2, 0x80d, 0x5, 0x9, 0x6, 0x5, 0x70f]})
ioctl$COMEDI_INSN(r0, 0x8028640c, &(0x7f0000000000)={0x4000000, 0x0, 0x0, 0x0, 0x4})

352.419442ms ago: executing program 4 (id=1698):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x38, 0x3e, 0x907, 0xfffffffe, 0xfffffffc, {0x1, 0x7c}, [@nested={0x4, 0x142}, @nested={0x1c, 0x1, 0x0, 0x1, [@nested={0x10, 0x4, 0x0, 0x1, [@typed={0xc, 0xf, 0x0, 0x0, @u64=0x90}]}, @typed={0x6, 0x20, 0x0, 0x0, @str='\xbd\n'}]}, @nested={0x4, 0x2}]}, 0x38}, 0x1, 0x0, 0x0, 0x4048011}, 0x400c800)

352.12352ms ago: executing program 0 (id=1699):
syz_emit_ethernet(0x86, &(0x7f0000000040)={@broadcast, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010102, @local}, @redirect={0x3, 0x1, 0x0, @broadcast=0x1000000, {0x17, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @private, @loopback, {[@timestamp_prespec={0x44, 0x44, 0xf, 0x3, 0xd, [{@empty, 0x101}, {@broadcast, 0x10000}, {@broadcast, 0x8000}, {@multicast1, 0xc}, {@rand_addr=0x64010100}, {@rand_addr=0x64010101, 0x400}, {@private=0xa010102}, {@multicast1, 0x3}]}, @timestamp_addr={0x44, 0x4}]}}}}}}}, 0x0)

351.929005ms ago: executing program 0 (id=1700):
listen(0xffffffffffffffff, 0x5)
ioctl$SNDRV_TIMER_IOCTL_SELECT(0xffffffffffffffff, 0x40345410, 0x0)
syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x340, 0x0, 0x0, 0x0, 0x10, 0x46d, 0xc227, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x1, 0xc, 0xd0, 0x5, [{{0x9, 0x4, 0x0, 0x2, 0x2, 0x3, 0x1, 0x1, 0x1, {0x9, 0x21, 0x6d, 0x8, 0x1, {0x22, 0x5bb}}, {{{0x9, 0x5, 0x81, 0x3, 0x20, 0xe, 0x5, 0x5}}}}}]}}]}}, &(0x7f0000000300)={0x0, 0x0, 0x18, &(0x7f0000000100)={0x5, 0xf, 0x18, 0x2, [@ext_cap={0x7, 0x10, 0x2, 0x2, 0x7, 0x5, 0xf}, @ssp_cap={0xc, 0x10, 0xa, 0x7, 0x0, 0x0, 0xf00f, 0xfff7}]}})

273.97719ms ago: executing program 4 (id=1701):
r0 = syz_io_uring_setup(0x4b5, &(0x7f0000010400)={0x0, 0x86e1, 0x1, 0x8, 0xfffffffe}, &(0x7f0000010080), &(0x7f0000000000))
mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0xc5)
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000340), 0x0, &(0x7f0000003880)=ANY=[@ANYBLOB='huge=always'])
chdir(&(0x7f0000000280)='./file0\x00')
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events.local\x00', 0x275a, 0x0)
ftruncate(r1, 0xde34)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x9, 0x12, r1, 0x0)
munmap(&(0x7f0000001000/0x4000)=nil, 0x4000)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0}, 0x20)

171.330618ms ago: executing program 4 (id=1702):
r0 = socket(0x2a, 0x2, 0x0)
getsockname$packet(r0, &(0x7f0000000200)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000001480)=0x14)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000380)=@newqdisc={0x38, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}, {0x0, 0xfff1}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000bc0)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, r1, {}, {}, {0x8, 0xffe0}}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}}, 0x2004c840)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r2, &(0x7f00000002c0), 0x40000000000009f, 0x0)

2.324171ms ago: executing program 4 (id=1703):
r0 = syz_mount_image$btrfs(&(0x7f0000000200), &(0x7f0000005600)='./file0\x00', 0x1, &(0x7f0000000000), 0x0, 0x559e, &(0x7f0000005680)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
ioctl$BTRFS_IOC_SCRUB(r0, 0xc400941b, &(0x7f0000000640)={0x0, 0x1, 0x800, 0x2d4f8634a634ca58})

0s ago: executing program 3 (id=1704):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000240)='./file0\x00', 0x48c2, &(0x7f0000000100)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c696e74722c6e6f61636c2c001967b9b8a6cdd636d75428f2c5e8054d01858eef552755576e749526b36860cf2511040d1ce5a743ffd83d29d1ba3a54a59d8c7aa249f08d3c8c6d04ac105d67934db6190d59f2323b55a5a4"], 0x1, 0x4431, &(0x7f00000088c0)="$eJzs3b9PHFceAPA3Az6Dz/ZhnwufdNKtdJbudHdC4OoSLAVjbAw2ceTELtKsF1jbJAtrwRKlcEE6S6kipYhSWImUjspCSu38CWlSOrWlpEgTKZIVop2dxcywGzaEhdj6fIod5v2G78zbN8Xw4lTt7vxyYX65UFosVGdvL58tvFetrCyUQ7xPWvZ/aP/6pzPduE5+rc0v92zktHLtwqU3b54N4au5b55ubGxshLre0NLwlp9//OH+7NZjU5yrU2+3dWt75e0Qwqlt46rrCSH0hRCiEML5NG0sPfaHEI6leTfvf3irsEejefSkfK74bPrB+siZqbWH6+1/9yiETyt/+9+dhe/+2TPy7X/2qHsAAAAAAAAAAAAAAAAAAF5wE9ev3XhjaDg8jkLvWrT9fd2J9Nju/diNPfOP7v+yAAAAAAAAAAAAAAAAAAAA8Af1/P3/QnSyxfv/4+lxtE39jde6P0a6Z/L1a+MXh4bT/d+jbfn/T5O+P98TTrTY9z2///v5XP3W+79v72e3muNr9jsQongwcx7Hg4MhfJ5u/H46OhJXqsu1/96urizO7dkwXljZ+Dd2789EJ93Qv8P4x2O59ru///9ft11N9fNbe3eJvdSy8e9pW+6LD6KO7v8LuXr7EX92Lxv/3iStf2uB0cYEUI//R707x38813634n88hFCI6mMtZGaA+hqmnt5uvUJWNv6HkrTM1Jn+Idvd/z/l4n8x1/5Bzf+r+S8iWsrG/09JWl+mxOHkM4l/vPP9fynX/kHEvz7+Vd//HcnGvxHr0JspkvwlO53/J3Ltt43/4d837htxOs7jUeYKWIsa6e3+Xx1Z2fj3bct//vwXd7T+u5yrv1/Pf81+m89/zen/31Hj+Y/WsvHvb1uu0/t/Mlev2/P/aLL+Y7ey8T+SpGXXzgPJZ6fxn8q13634J08lfc34P59Pfj7cSP/M+q8j2fj/uZEYby2xmnwm679o5/X/lVz7B7H+q49/Ne5ury+LbPyPti1Xj//XHXz/X83V6378Qxiy1t+1bPyPtS2X3P99O8d/Olev2/H/VzcbBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgBjKXHgRDFg5nzOB4cDOFCen46HIlmSnPFmUp19t3lEMbT9EI4Gd2pVGdKleL8YnWuXCxVKtXZEC6m+adCX7RcqdaKC6V7lzbb6o/ulktLtZlyqRZCmEjT/x6ONduama8tlO6FEC5v5v0lri7du1taLM7NL706NDQ0FCY3x3AiKr9fKy/WGr03ckOY2qw7EG0ZXJJ9ZXMsR6N3qitLi6VKkn51S51KdbZU2VJnOs37OJyIaksri7OlWrlYqd5p9neQRtPj+OT1t65fHd6WfytqHMf2d1gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/EaPR175JITQ2ziLQwijzR+iVuUfPSmfKz6bfrA+cmZq7eH603blAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgF3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwS8eoCQRRGIDfTIokXY6Rakm6tBsCISmyQfAEegwPo0fxEt7BwsLWQgTZRV13YRutvq95MD8z78E8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGCY71E1/n97j0jxtH+MWE5X6/P8t67zz+77D3eYkdv5+au+Tn+YrvKP+mhT5mO6284m0VEbi9aetPfpss9z71x9+9Y3X9P3JVIuIqKs89eUc1EMewsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgwA4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRR9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/AgAA////gRtE")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x2042, 0x58)
pwrite64(r1, &(0x7f0000000140)='2', 0x1, 0x8000c61)
pwrite64(r0, &(0x7f0000000140)='2', 0x1, 0x8080c61)

kernel console output (not intermixed with test programs):

Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  113.205938][ T7464] XFS (loop1): Ending clean mount
[  113.217195][ T7464] XFS (loop1): Quotacheck needed: Please wait.
[  113.231505][ T5852] syz-executor: attempt to access beyond end of device
[  113.231505][ T5852] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  113.240335][ T5852] CPU: 0 UID: 0 PID: 5852 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  113.240352][ T5852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  113.240357][ T5852] Call Trace:
[  113.240361][ T5852]  <TASK>
[  113.240365][ T5852]  dump_stack_lvl+0x189/0x250
[  113.240380][ T5852]  ? __pfx_dump_stack_lvl+0x10/0x10
[  113.240389][ T5852]  ? __pfx_queue_work_on+0x10/0x10
[  113.240397][ T5852]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  113.240408][ T5852]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  113.240423][ T5852]  f2fs_handle_critical_error+0x37c/0x540
[  113.240437][ T5852]  f2fs_write_end_io+0x886/0xb60
[  113.240451][ T5852]  __submit_merged_bio+0x27a/0x6a0
[  113.240463][ T5852]  __submit_merged_write_cond+0x255/0x530
[  113.240476][ T5852]  f2fs_write_data_pages+0x261d/0x3000
[  113.240495][ T5852]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  113.240507][ T5852]  ? is_bpf_text_address+0x26/0x2b0
[  113.240527][ T5852]  ? kernel_text_address+0xa5/0xe0
[  113.240544][ T5852]  ? __kernel_text_address+0xd/0x40
[  113.240553][ T5852]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  113.240567][ T5852]  ? stack_trace_save+0x9c/0xe0
[  113.240578][ T5852]  ? __lock_acquire+0xab9/0xd20
[  113.240595][ T5852]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  113.240602][ T5852]  do_writepages+0x32e/0x550
[  113.240617][ T5852]  ? do_raw_spin_unlock+0x4d/0x240
[  113.240627][ T5852]  filemap_fdatawrite+0x199/0x240
[  113.240638][ T5852]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  113.240681][ T5852]  ? do_raw_spin_unlock+0x4d/0x240
[  113.240697][ T5852]  f2fs_sync_dirty_inodes+0x31f/0x830
[  113.240719][ T5852]  f2fs_write_checkpoint+0x95a/0x1df0
[  113.240747][ T5852]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  113.240790][ T5852]  ? kill_f2fs_super+0x298/0x6c0
[  113.240805][ T5852]  kill_f2fs_super+0x2c3/0x6c0
[  113.240821][ T5852]  ? __pfx_kill_f2fs_super+0x10/0x10
[  113.240830][ T5852]  ? radix_tree_delete_item+0x2b6/0x400
[  113.240846][ T5852]  ? shrinker_free+0x2ce/0x3e0
[  113.240861][ T5852]  deactivate_locked_super+0xbc/0x130
[  113.240875][ T5852]  cleanup_mnt+0x425/0x4c0
[  113.240888][ T5852]  ? lockdep_hardirqs_on+0x9c/0x150
[  113.240901][ T5852]  task_work_run+0x1d4/0x260
[  113.240917][ T5852]  ? __pfx_task_work_run+0x10/0x10
[  113.240928][ T5852]  ? __x64_sys_umount+0x122/0x160
[  113.240946][ T5852]  ? exit_to_user_mode_loop+0x40/0x110
[  113.240963][ T5852]  exit_to_user_mode_loop+0xec/0x110
[  113.240979][ T5852]  do_syscall_64+0x2bd/0x3b0
[  113.240990][ T5852]  ? lockdep_hardirqs_on+0x9c/0x150
[  113.241000][ T5852]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.241011][ T5852]  ? exc_page_fault+0x9f/0xf0
[  113.241023][ T5852]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  113.241032][ T5852] RIP: 0033:0x7fea5418ff57
[  113.241043][ T5852] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  113.241052][ T5852] RSP: 002b:00007ffe9bec1db8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  113.241064][ T5852] RAX: 0000000000000000 RBX: 00007fea54211c2d RCX: 00007fea5418ff57
[  113.241069][ T5852] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe9bec1e70
[  113.241076][ T5852] RBP: 00007ffe9bec1e70 R08: 0000000000000000 R09: 0000000000000000
[  113.241082][ T5852] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe9bec2f00
[  113.241088][ T5852] R13: 00007fea54211c2d R14: 000000000001b9d0 R15: 00007ffe9bec2f40
[  113.241107][ T5852]  </TASK>
[  113.241112][ T5852] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  113.257154][ T7464] XFS (loop1): Quotacheck: Done.
[  113.427028][ T5845] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  113.652547][ T7478] loop2: detected capacity change from 0 to 4096
[  113.703695][ T7478] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  113.741385][ T7478] ntfs3(loop2): Failed to load $Extend (-22).
[  113.746334][ T7478] ntfs3(loop2): Failed to initialize $Extend.
[  113.797051][ T7490] netlink: 'syz.1.593': attribute type 12 has an invalid length.
[  113.799709][ T7490] netlink: 'syz.1.593': attribute type 29 has an invalid length.
[  113.808157][ T7490] netlink: 148 bytes leftover after parsing attributes in process `syz.1.593'.
[  113.812357][ T7490] netlink: 'syz.1.593': attribute type 2 has an invalid length.
[  113.815448][ T7490] netlink: 23 bytes leftover after parsing attributes in process `syz.1.593'.
[  115.422188][   T24] usb 2-1: new full-speed USB device number 15 using dummy_hcd
[  115.520270][ T7518] mmap: syz.0.605 (7518) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  115.718946][ T7517] IPv6: Can't replace route, no match found
[  115.740058][  T792] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  115.814573][   T24] usb 2-1: unable to get BOS descriptor or descriptor too short
[  115.819377][   T24] usb 2-1: not running at top speed; connect to a high speed hub
[  115.823895][   T24] usb 2-1: config 4 has an invalid interface number: 32 but max is 0
[  115.827408][   T24] usb 2-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  115.831671][   T24] usb 2-1: config 4 has no interface number 0
[  115.839840][   T24] usb 2-1: New USB device found, idVendor=17dc, idProduct=0202, bcdDevice=f1.50
[  115.843963][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.847544][   T24] usb 2-1: Product: syz
[  115.849459][   T24] usb 2-1: Manufacturer: syz
[  115.851609][   T24] usb 2-1: SerialNumber: syz
[  115.894487][  T792] usb 3-1: config 0 has an invalid interface number: 69 but max is 0
[  115.898082][  T792] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  115.904362][  T792] usb 3-1: config 0 has no interface number 0
[  115.907038][  T792] usb 3-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 255
[  115.911569][  T792] usb 3-1: config 0 interface 69 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  115.919282][  T792] usb 3-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca
[  115.924885][  T792] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.929189][  T792] usb 3-1: Product: syz
[  115.931041][  T792] usb 3-1: Manufacturer: syz
[  115.933571][  T792] usb 3-1: SerialNumber: syz
[  115.939449][  T792] usb 3-1: config 0 descriptor??
[  115.944093][ T7514] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  115.951030][  T792] cyberjack 3-1:0.69: Reiner SCT Cyberjack USB card reader converter detected
[  115.956341][  T792] cyberjack ttyUSB0: usb_submit_urb(read int) failed
[  115.960505][  T792] usb 3-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0
[  116.072452][   T24] uvcvideo 2-1:4.32: probe with driver uvcvideo failed with error -22
[  116.079712][   T24] usb 2-1: USB disconnect, device number 15
[  116.157869][ T5905] usb 3-1: USB disconnect, device number 12
[  116.165036][ T5905] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0
[  116.174084][ T5905] cyberjack 3-1:0.69: device disconnected
[  116.215998][ T7521] trusted_key: encrypted_key: keyword 'update' not allowed when called from .instantiate method
[  116.608014][ T7531] loop1: detected capacity change from 0 to 512
[  116.639477][ T7531] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  116.646115][ T7531] ext4 filesystem being mounted at /182/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  116.670014][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.927728][ T7551] netlink: 'syz.2.619': attribute type 1 has an invalid length.
[  116.930940][ T7551] netlink: 4 bytes leftover after parsing attributes in process `syz.2.619'.
[  117.055082][ T7547] loop1: detected capacity change from 0 to 32768
[  117.067215][ T7547] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.617 (7547)
[  117.078517][ T7547] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  117.084809][ T7547] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  117.253954][ T7547] BTRFS info (device loop1): rebuilding free space tree
[  117.270392][ T7547] BTRFS info (device loop1): enabling ssd optimizations
[  117.274874][ T7547] BTRFS info (device loop1): using spread ssd allocation scheme
[  117.278199][ T7547] BTRFS info (device loop1): turning on async discard
[  117.281165][ T7547] BTRFS info (device loop1): enabling free space tree
[  117.287875][ T7547] BTRFS info (device loop1): force clearing of disk cache
[  117.290932][ T7547] BTRFS info (device loop1): use lzo compression, level 1
[  117.295101][ T7547] BTRFS info (device loop1): max_inline set to 0
[  117.336699][   T33] audit: type=1800 audit(1758712263.504:11): pid=7547 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.617" name="file1" dev="loop1" ino=260 res=0 errno=0
[  117.416848][ T5845] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  117.983066][   T24] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  118.014356][ T7590] loop2: detected capacity change from 0 to 256
[  118.049323][ T7590] FAT-fs (loop2): Directory bread(block 64) failed
[  118.053366][ T7590] FAT-fs (loop2): Directory bread(block 65) failed
[  118.056142][ T7590] FAT-fs (loop2): Directory bread(block 66) failed
[  118.059061][ T7590] FAT-fs (loop2): Directory bread(block 67) failed
[  118.062804][ T7590] FAT-fs (loop2): Directory bread(block 68) failed
[  118.065648][ T7590] FAT-fs (loop2): Directory bread(block 69) failed
[  118.068569][ T7590] FAT-fs (loop2): Directory bread(block 70) failed
[  118.071639][ T7590] FAT-fs (loop2): Directory bread(block 71) failed
[  118.075674][ T7590] FAT-fs (loop2): Directory bread(block 72) failed
[  118.078599][ T7590] FAT-fs (loop2): Directory bread(block 73) failed
[  118.153035][   T24] usb 2-1: Using ep0 maxpacket: 8
[  118.166225][   T24] usb 2-1: New USB device found, idVendor=046d, idProduct=c294, bcdDevice= 0.00
[  118.176608][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.191738][ T7594] loop2: detected capacity change from 0 to 2048
[  118.195073][   T24] usb 2-1: config 0 descriptor??
[  118.269878][ T7596] syz.2.632 uses obsolete (PF_INET,SOCK_PACKET)
[  118.456610][ T7604] program syz.2.636 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  118.625733][   T24] logitech 0003:046D:C294.0006: unknown main item tag 0x0
[  118.628656][   T24] logitech 0003:046D:C294.0006: item fetching failed at offset 3/5
[  118.631772][   T24] logitech 0003:046D:C294.0006: parse failed
[  118.634567][   T24] logitech 0003:046D:C294.0006: probe with driver logitech failed with error -22
[  118.722326][   T10] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  118.828453][   T24] usb 2-1: USB disconnect, device number 16
[  118.872808][   T10] usb 3-1: Using ep0 maxpacket: 16
[  118.876776][   T10] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  118.881140][   T10] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFC, changing to 0x8C
[  118.886032][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8C has an invalid bInterval 0, changing to 7
[  118.890827][   T10] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  118.899175][   T10] usb 3-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=a4.8f
[  118.903314][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.906608][   T10] usb 3-1: Product: syz
[  118.908340][   T10] usb 3-1: Manufacturer: syz
[  118.910287][   T10] usb 3-1: SerialNumber: syz
[  118.914865][   T10] usb 3-1: config 0 descriptor??
[  118.962126][   T10] rc_core: IR keymap rc-xbox-dvd not found
[  118.964129][   T10] Registered IR keymap rc-empty
[  118.967792][   T10] rc rc0: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  118.974503][   T10] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input7
[  119.134785][   T24] usb 3-1: USB disconnect, device number 13
[  119.134894][    C0] xbox_remote 3-1:0.0: xbox_remote_irq_in: usb_submit_urb()=-19
[  119.506209][ T7619] loop0: detected capacity change from 0 to 1024
[  119.919549][ T7638] loop2: detected capacity change from 0 to 128
[  119.923161][ T7638] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  119.931304][ T7638] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  121.232034][   T24] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  121.395817][   T24] usb 3-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  121.399537][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  121.403139][   T24] usb 3-1: Product: syz
[  121.404837][   T24] usb 3-1: Manufacturer: syz
[  121.406580][   T24] usb 3-1: SerialNumber: syz
[  121.411056][   T24] usb 3-1: config 0 descriptor??
[  121.418139][   T24] ch341 3-1:0.0: ch341-uart converter detected
[  121.462510][ T5237] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  121.463325][ T5848] Bluetooth: hci3: command 0x1003 tx timeout
[  122.223313][   T24] usb 3-1: failed to send control message: -71
[  122.226030][   T24] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[  122.240131][   T24] usb 3-1: USB disconnect, device number 14
[  122.245764][   T24] ch341 3-1:0.0: device disconnected
[  122.676464][ T7689] loop1: detected capacity change from 0 to 512
[  122.680057][ T7689] EXT4-fs: Ignoring removed nobh option
[  122.719878][ T7689] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.676: corrupted inode contents
[  122.728249][ T7689] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #3: comm syz.1.676: mark_inode_dirty error
[  122.775219][ T7689] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #3: comm syz.1.676: corrupted inode contents
[  122.807191][ T7689] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #3: comm syz.1.676: mark_inode_dirty error
[  122.820813][ T7689] Quota error (device loop1): write_blk: dquota write failed
[  122.825200][ T7689] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  122.829892][ T7689] EXT4-fs error (device loop1): ext4_acquire_dquot:6937: comm syz.1.676: Failed to acquire dquot type 0
[  122.848373][ T7689] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.676: corrupted inode contents
[  122.857872][ T7689] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #16: comm syz.1.676: mark_inode_dirty error
[  122.863550][ T7689] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.676: corrupted inode contents
[  122.869313][ T7689] EXT4-fs error (device loop1): __ext4_ext_dirty:206: inode #16: comm syz.1.676: mark_inode_dirty error
[  122.877399][ T7689] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.676: corrupted inode contents
[  122.883744][ T7689] EXT4-fs error (device loop1) in ext4_orphan_del:305: Corrupt filesystem
[  122.887788][ T7689] EXT4-fs error (device loop1): ext4_do_update_inode:5653: inode #16: comm syz.1.676: corrupted inode contents
[  122.893778][ T7689] EXT4-fs error (device loop1): ext4_truncate:4666: inode #16: comm syz.1.676: mark_inode_dirty error
[  122.898994][ T7689] EXT4-fs error (device loop1) in ext4_process_orphan:347: Corrupt filesystem
[  122.909236][ T7689] EXT4-fs (loop1): 1 truncate cleaned up
[  122.913499][ T7689] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  122.919029][ T7689] ext4 filesystem being mounted at /209/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  122.953458][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  123.082137][   T24] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  123.252727][   T24] usb 3-1: Using ep0 maxpacket: 8
[  123.257257][   T24] usb 3-1: config 179 has an invalid interface number: 65 but max is 0
[  123.260896][   T24] usb 3-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config
[  123.265581][   T24] usb 3-1: config 179 has no interface number 0
[  123.268869][   T24] usb 3-1: config 179 interface 65 altsetting 12 endpoint 0xF has an invalid bInterval 0, changing to 7
[  123.273854][   T24] usb 3-1: config 179 interface 65 altsetting 12 has 1 endpoint descriptor, different from the interface descriptor's value: 23
[  123.279531][   T24] usb 3-1: config 179 interface 65 has no altsetting 0
[  123.282624][   T24] usb 3-1: New USB device found, idVendor=12ab, idProduct=0004, bcdDevice= 0.00
[  123.286809][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.312094][ T5874] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  123.472117][ T5874] usb 2-1: Using ep0 maxpacket: 8
[  123.475794][ T5874] usb 2-1: config 2 has an invalid interface number: 31 but max is 0
[  123.478537][ T5874] usb 2-1: config 2 has no interface number 0
[  123.480602][ T5874] usb 2-1: config 2 interface 31 has no altsetting 0
[  123.485026][ T5874] usb 2-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f
[  123.488049][ T5874] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.491221][ T5874] usb 2-1: Product: syz
[  123.493406][ T5874] usb 2-1: Manufacturer: syz
[  123.496015][ T5874] usb 2-1: SerialNumber: syz
[  123.513158][   T24] usb 3-1: USB disconnect, device number 15
[  123.713907][ T7710] input: syz1 as /devices/virtual/input/input8
[  123.723302][ T5874] ch9200 2-1:2.31: probe with driver ch9200 failed with error -71
[  123.749460][ T5874] usb 2-1: USB disconnect, device number 17
[  124.253008][ T7712] loop1: detected capacity change from 0 to 1
[  124.258241][ T7712] syz.1.685: attempt to access beyond end of device
[  124.258241][ T7712] loop1: rw=2048, sector=0, nr_sectors = 8 limit=1
[  124.265701][ T7712] SQUASHFS error: Failed to read block 0x0: -5
[  124.270002][ T7712] unable to read squashfs_super_block
[  124.889377][ T7727] loop2: detected capacity change from 0 to 32768
[  124.893125][ T7727] XFS: ikeep mount option is deprecated.
[  124.895493][ T7727] XFS: ikeep mount option is deprecated.
[  124.897769][ T7727] XFS: noikeep mount option is deprecated.
[  124.905138][ T7727] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  124.931531][ T7727] XFS (loop2): Ending clean mount
[  124.980457][ T5852] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  125.289793][   T33] audit: type=1107 audit(1758712271.454:12): pid=7738 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  125.406075][ T7745] netlink: 8 bytes leftover after parsing attributes in process `syz.2.697'.
[  125.454614][ T7747] loop2: detected capacity change from 0 to 1024
[  125.458204][ T7747] EXT4-fs: Ignoring removed nomblk_io_submit option
[  125.482397][ T7747] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  125.566792][ T5852] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.841657][ T7760] loop0: detected capacity change from 0 to 512
[  125.893070][ T7760] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  125.898353][ T7760] ext4 filesystem being mounted at /216/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  125.980078][ T5850] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  126.434301][ T7781] loop0: detected capacity change from 0 to 256
[  126.469640][ T7781] exFAT-fs (loop0): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d)
[  126.557544][ T7783] syz.1.712: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  126.603349][ T7783] CPU: 0 UID: 0 PID: 7783 Comm: syz.1.712 Not tainted syzkaller #0 PREEMPT(full) 
[  126.603372][ T7783] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  126.603381][ T7783] Call Trace:
[  126.603387][ T7783]  <TASK>
[  126.603394][ T7783]  dump_stack_lvl+0x189/0x250
[  126.603418][ T7783]  ? __pfx_dump_stack_lvl+0x10/0x10
[  126.603441][ T7783]  ? __pfx__printk+0x10/0x10
[  126.603460][ T7783]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  126.603478][ T7783]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  126.603494][ T7783]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  126.603511][ T7783]  warn_alloc+0x214/0x310
[  126.603535][ T7783]  ? stack_depot_save_flags+0x41b/0x860
[  126.603556][ T7783]  ? __pfx_warn_alloc+0x10/0x10
[  126.603577][ T7783]  ? kasan_save_track+0x4f/0x80
[  126.603594][ T7783]  ? xskq_create+0x56/0x170
[  126.603605][ T7783]  ? xsk_init_queue+0xb0/0x110
[  126.603615][ T7783]  ? xsk_setsockopt+0x4dc/0x8d0
[  126.603631][ T7783]  ? do_sock_setsockopt+0x17c/0x1b0
[  126.603643][ T7783]  ? __x64_sys_setsockopt+0x13f/0x1b0
[  126.603655][ T7783]  ? do_syscall_64+0xfa/0x3b0
[  126.603668][ T7783]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.603683][ T7783]  __vmalloc_node_range_noprof+0x125/0x12f0
[  126.603719][ T7783]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  126.603739][ T7783]  ? __kasan_kmalloc+0x93/0xb0
[  126.603757][ T7783]  vmalloc_user_noprof+0xad/0xf0
[  126.603774][ T7783]  ? xskq_create+0xbf/0x170
[  126.603786][ T7783]  xskq_create+0xbf/0x170
[  126.603802][ T7783]  xsk_init_queue+0xb0/0x110
[  126.603816][ T7783]  xsk_setsockopt+0x4dc/0x8d0
[  126.603833][ T7783]  ? __pfx_xsk_setsockopt+0x10/0x10
[  126.603851][ T7783]  ? __pfx_aa_sk_perm+0x10/0x10
[  126.603872][ T7783]  ? aa_sock_opt_perm+0xff/0x1b0
[  126.603887][ T7783]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  126.603900][ T7783]  ? __pfx_xsk_setsockopt+0x10/0x10
[  126.603917][ T7783]  do_sock_setsockopt+0x17c/0x1b0
[  126.603934][ T7783]  __x64_sys_setsockopt+0x13f/0x1b0
[  126.603952][ T7783]  do_syscall_64+0xfa/0x3b0
[  126.603965][ T7783]  ? lockdep_hardirqs_on+0x9c/0x150
[  126.603978][ T7783]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.603988][ T7783]  ? exc_page_fault+0x9f/0xf0
[  126.604002][ T7783]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  126.604013][ T7783] RIP: 0033:0x7ff712f8ec29
[  126.604055][ T7783] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  126.604067][ T7783] RSP: 002b:00007ff713dfa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  126.604081][ T7783] RAX: ffffffffffffffda RBX: 00007ff7131d5fa0 RCX: 00007ff712f8ec29
[  126.604093][ T7783] RDX: 0000000000000006 RSI: 000000000000011b RDI: 0000000000000003
[  126.604101][ T7783] RBP: 00007ff713011e41 R08: 0000000000000052 R09: 0000000000000000
[  126.604109][ T7783] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  126.604116][ T7783] R13: 00007ff7131d6038 R14: 00007ff7131d5fa0 R15: 00007ffddf81e648
[  126.604137][ T7783]  </TASK>
[  126.604142][ T7783] Mem-Info:
[  126.752647][ T7783] active_anon:8985 inactive_anon:0 isolated_anon:0
[  126.752647][ T7783]  active_file:11002 inactive_file:38645 isolated_file:0
[  126.752647][ T7783]  unevictable:1768 dirty:275 writeback:0
[  126.752647][ T7783]  slab_reclaimable:10008 slab_unreclaimable:52503
[  126.752647][ T7783]  mapped:21923 shmem:5319 pagetables:1000
[  126.752647][ T7783]  sec_pagetables:0 bounce:0
[  126.752647][ T7783]  kernel_misc_reclaimable:0
[  126.752647][ T7783]  free:285321 free_pcp:20567 free_cma:0
[  126.770646][ T7783] Node 0 active_anon:13216kB inactive_anon:0kB active_file:37388kB inactive_file:136940kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:37924kB dirty:1092kB writeback:0kB shmem:3488kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:6928kB pagetables:2132kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  126.785672][ T7783] Node 1 active_anon:22724kB inactive_anon:0kB active_file:6620kB inactive_file:17640kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:49768kB dirty:8kB writeback:0kB shmem:17788kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:4676kB pagetables:1868kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  126.799514][ T7783] Node 0 DMA free:15360kB boost:0kB min:640kB low:800kB high:960kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  126.811376][ T7783] lowmem_reserve[]: 0 811 811 811 811
[  126.814053][ T7783] Node 0 DMA32 free:252076kB boost:0kB min:33660kB low:42072kB high:50484kB reserved_highatomic:0KB free_highatomic:0KB active_anon:13216kB inactive_anon:0kB active_file:37388kB inactive_file:136940kB unevictable:3536kB writepending:1092kB present:1556484kB managed:830888kB mlocked:0kB bounce:0kB free_pcp:44984kB local_pcp:16052kB free_cma:0kB
[  126.951278][ T7783] lowmem_reserve[]: 0 0 0 0 0
[  126.965184][ T7783] Node 1 DMA32 free:458492kB boost:0kB min:19192kB low:23988kB high:28784kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:524152kB managed:458616kB mlocked:0kB bounce:0kB free_pcp:116kB local_pcp:0kB free_cma:0kB
[  127.001395][ T7783] lowmem_reserve[]: 0 0 854 854 854
[  127.017529][ T7783] Node 1 Normal free:415356kB boost:0kB min:36612kB low:45764kB high:54916kB reserved_highatomic:0KB free_highatomic:0KB active_anon:22724kB inactive_anon:0kB active_file:6620kB inactive_file:17640kB unevictable:3536kB writepending:8kB present:1048576kB managed:874952kB mlocked:0kB bounce:0kB free_pcp:36900kB local_pcp:15396kB free_cma:0kB
[  127.044523][ T7783] lowmem_reserve[]: 0 0 0 0 0
[  127.047513][ T7783] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  127.075659][ T7783] Node 0 DMA32: 1133*4kB (UME) 345*8kB (UM) 393*16kB (UME) 139*32kB (UME) 277*64kB (UME) 164*128kB (UM) 26*256kB (UME) 18*512kB (UME) 11*1024kB (UM) 6*2048kB (UM) 38*4096kB (UM) = 251820kB
[  127.106755][ T7783] Node 1 DMA32: 3*4kB (UM) 2*8kB (M) 2*16kB (M) 2*32kB (M) 2*64kB (M) 2*128kB (UM) 3*256kB (UM) 3*512kB (UM) 3*1024kB (UM) 3*2048kB (UM) 109*4096kB (M) = 458492kB
[  127.122544][ T7783] Node 1 Normal: 263*4kB (UME) 366*8kB (UME) 387*16kB (UE) 255*32kB (UME) 62*64kB (UME) 45*128kB (UME) 11*256kB (UM) 15*512kB (M) 6*1024kB (ME) 5*2048kB (M) 88*4096kB (UM) = 415388kB
[  127.151661][ T7783] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  127.156243][ T7783] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  127.160561][ T7783] 54952 total pagecache pages
[  127.180545][ T7783] 0 pages in swap cache
[  127.187204][ T7783] Free swap  = 124996kB
[  127.189637][ T7783] Total swap = 124996kB
[  127.196581][ T7783] 786301 pages RAM
[  127.198524][ T7783] 0 pages HighMem/MovableOnly
[  127.200837][ T7783] 241347 pages reserved
[  127.207292][ T7783] 0 pages cma reserved
[  128.418924][ T7805] netlink: 'syz.2.720': attribute type 3 has an invalid length.
[  128.423853][ T7805] netlink: 'syz.2.720': attribute type 1 has an invalid length.
[  128.427810][ T7805] netlink: 220 bytes leftover after parsing attributes in process `syz.2.720'.
[  128.466867][ T7807] openvswitch: netlink: ct_state flags 7fffffff unsupported
[  128.608672][ T7813] loop2: detected capacity change from 0 to 4096
[  128.623269][ T7813] ntfs3(loop2): ino=0, mi_enum_attr
[  128.634208][ T7813] ntfs3(loop2): ino=0, mi_enum_attr
[  128.636102][ T7813] ntfs3(loop2): Failed to load $MFT (-22).
[  128.745808][ T7821] 9pnet: p9_errstr2errno: server reported unknown error @cDB0xffffffffffffffff
[  129.043463][ T7830] netlink: 40 bytes leftover after parsing attributes in process `syz.1.732'.
[  129.336081][ T7847] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  129.416870][ T7853] netlink: 'syz.2.742': attribute type 12 has an invalid length.
[  129.424407][ T7852] loop1: detected capacity change from 0 to 2048
[  129.448178][ T7852] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  129.467869][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.517934][ T7858] loop1: detected capacity change from 0 to 2048
[  129.525264][ T7858] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  129.701758][ T7864] loop1: detected capacity change from 0 to 4096
[  129.734059][ T7865] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  129.750068][   T33] audit: type=1800 audit(1758712275.914:13): pid=7864 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.747" name="file1" dev="loop1" ino=15 res=0 errno=0
[  130.376803][ T7879] loop2: detected capacity change from 0 to 8
[  130.566486][ T7877] loop1: detected capacity change from 0 to 32768
[  130.570339][ T7877] XFS (loop1): invalid logbufs value: 1 [not 2-8]
[  130.677992][ T7888] netlink: 'syz.1.758': attribute type 2 has an invalid length.
[  130.877916][ T7898] Bluetooth: MGMT ver 1.23
[  131.164523][ T7914] cgroup: Unknown subsys name '@﬽4*oңhoU'
[  131.812092][   T10] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  131.975018][   T10] usb 3-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  131.979711][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.995583][   T10] usb 3-1: config 0 descriptor??
[  132.012129][   T10] gspca_main: spca508-2.14.0 probing 8086:0110
[  132.238724][   T10] gspca_spca508: reg_read err -32
[  132.252227][   T10] gspca_spca508: reg_read err -32
[  132.263837][   T10] gspca_spca508: reg_read err -32
[  132.268975][   T10] gspca_spca508: reg_read err -32
[  132.349268][ T7927] netlink: 92 bytes leftover after parsing attributes in process `syz.0.777'.
[  132.481415][   T10] gspca_spca508: reg write: error -71
[  132.494608][   T10] spca508 3-1:0.0: probe with driver spca508 failed with error -71
[  132.515437][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  132.518300][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  132.534843][   T10] usb 3-1: USB disconnect, device number 16
[  132.598043][ T7931] loop0: detected capacity change from 0 to 512
[  132.636091][ T7933] loop1: detected capacity change from 0 to 16
[  132.650248][ T7933] erofs (device loop1): mounted with root inode @ nid 36.
[  132.671341][ T7931] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.679342][ T7931] ext4 filesystem being mounted at /232/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  132.716125][ T5850] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.825424][ T7942] input: syz1 as /devices/virtual/input/input10
[  132.991517][ T7953] netlink: 'syz.1.787': attribute type 83 has an invalid length.
[  133.201661][ T7965] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  133.220458][ T7968] netlink: 104 bytes leftover after parsing attributes in process `syz.1.794'.
[  133.270468][ T7974] loop0: detected capacity change from 0 to 128
[  133.286434][ T7974] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  133.310143][ T7974] ext4 filesystem being mounted at /239/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  133.403222][ T5850] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  133.623448][   T10] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  133.778522][   T10] usb 3-1: config 220 has an invalid interface number: 76 but max is 2
[  133.781726][   T10] usb 3-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  133.789666][   T10] usb 3-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  133.802082][   T10] usb 3-1: config 220 has no interface number 2
[  133.807667][   T10] usb 3-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  133.822003][   T10] usb 3-1: config 220 interface 0 has no altsetting 0
[  133.824511][   T10] usb 3-1: config 220 interface 76 has no altsetting 0
[  133.827547][   T10] usb 3-1: config 220 interface 1 has no altsetting 0
[  133.832809][   T10] usb 3-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  133.835997][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  133.843563][   T10] usb 3-1: Product: syz
[  133.845174][   T10] usb 3-1: Manufacturer: syz
[  133.846813][   T10] usb 3-1: SerialNumber: syz
[  134.087579][   T10] usb 3-1: Found UVC 7.01 device syz (8086:0b07)
[  134.089907][   T10] usb 3-1: No valid video chain found.
[  134.091773][   T10] usb 3-1: selecting invalid altsetting 0
[  134.107014][   T10] usb 3-1: selecting invalid altsetting 0
[  134.112319][   T10] usbtest 3-1:220.1: probe with driver usbtest failed with error -22
[  134.123091][   T10] usb 3-1: USB disconnect, device number 17
[  134.227287][ T8017] loop0: detected capacity change from 0 to 2048
[  134.245756][ T8019] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  134.259078][ T8017] NILFS (loop0): failed to count free inodes: err=-34
[  134.297877][ T5850] NILFS (loop0): DAT doesn't have a block to manage vblocknr = 8796093022222
[  134.301045][ T5850] NILFS error (device loop0): nilfs_bmap_truncate: broken bmap (inode number=16)
[  134.310078][ T5850] Remounting filesystem read-only
[  134.313481][ T5850] NILFS (loop0): error -5 truncating bmap (ino=16)
[  134.320232][ T5850] NILFS (loop0): disposed unprocessed dirty file(s) when detaching log writer
[  134.478748][ T8023] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  134.795518][ T8028] loop2: detected capacity change from 0 to 1024
[  134.798791][ T8028] EXT4-fs: Ignoring removed orlov option
[  134.827407][ T8028] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  134.831852][ T8028] ext4 filesystem being mounted at /297/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  134.848165][ T8028] EXT4-fs error (device loop2): ext4_map_blocks:814: inode #15: block 3: comm syz.2.808: lblock 3 mapped to illegal pblock 3 (length 1)
[  134.858453][ T8028] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 1 with error 117
[  134.864077][ T8028] EXT4-fs (loop2): This should not happen!! Data will be lost
[  134.864077][ T8028] 
[  134.869878][ T8028] EXT4-fs error (device loop2): ext4_map_blocks:778: inode #15: block 3: comm syz.2.808: lblock 3 mapped to illegal pblock 3 (length 1)
[  134.896965][ T5852] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  135.062367][ T5237] Bluetooth: hci1: command 0x0c1a tx timeout
[  135.064010][ T5893] Bluetooth: hci1: Opcode 0x0c1a failed: -110
[  135.072513][ T5893] Bluetooth: hci1: Error when powering off device on rfkill (-110)
[  135.137566][ T8036] netlink: 4 bytes leftover after parsing attributes in process `syz.2.810'.
[  135.535062][ T8039] loop2: detected capacity change from 0 to 1024
[  135.546205][ T8044] mmap: syz.0.812 (8044): VmData 45854720 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  135.551541][ T8039] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  135.563135][ T8039] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  135.567071][ T8039] jbd2_journal_init_inode: Cannot locate journal superblock
[  135.569732][ T8039] EXT4-fs (loop2): Could not load journal inode
[  135.774013][ T8050] netlink: 20 bytes leftover after parsing attributes in process `syz.0.814'.
[  135.872692][ T8058] veth0_to_bridge: entered promiscuous mode
[  135.876725][ T8057] veth0_to_bridge: left promiscuous mode
[  136.061412][ T8070] loop0: detected capacity change from 0 to 1024
[  136.643074][ T8095] loop1: detected capacity change from 0 to 1024
[  136.657481][ T8095] EXT4-fs: Ignoring removed bh option
[  136.670194][ T8095] EXT4-fs (loop1): invalid inodes per group: 204800
[  136.670194][ T8095] 
[  136.726804][ T8097] netlink: 8 bytes leftover after parsing attributes in process `syz.0.837'.
[  136.850246][ T8101] loop0: detected capacity change from 0 to 2048
[  136.866003][ T8101] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  136.877648][ T8101] NILFS (loop0): mounting unchecked fs
[  136.880212][ T8101] NILFS (loop0): recovery required for readonly filesystem
[  136.881260][ T5849] udevd[5849]: incorrect nilfs2 checksum on /dev/loop0
[  136.884465][ T8101] NILFS (loop0): write access will be enabled during recovery
[  136.908876][ T5849] udevd[5849]: incorrect nilfs2 checksum on /dev/loop0
[  136.910845][ T8101] NILFS (loop0): norecovery option specified, skipping roll-forward recovery
[  136.930556][ T8101] NILFS (loop0): couldn't remount because the filesystem is in an incomplete recovery state
[  136.938396][ T8101] netlink: 1608 bytes leftover after parsing attributes in process `syz.0.839'.
[  137.143667][ T5237] Bluetooth: hci2: command 0x0c1a tx timeout
[  137.143718][ T5893] Bluetooth: hci2: Opcode 0x0c1a failed: -110
[  137.170724][ T5893] Bluetooth: hci2: Error when powering off device on rfkill (-110)
[  137.376946][ T8115] loop1: detected capacity change from 0 to 1024
[  137.395546][ T8115] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  137.450419][ T8115] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.496774][ T8124] loop2: detected capacity change from 0 to 8
[  137.597712][ T8124] SQUASHFS error: xz decompression failed, data probably corrupt
[  137.600776][ T8124] SQUASHFS error: Failed to read block 0x108: -5
[  137.612447][ T8124] SQUASHFS error: Unable to read metadata cache entry [106]
[  137.632533][ T8124] SQUASHFS error: Unable to read inode 0x11f
[  138.574537][ T8138] loop2: detected capacity change from 0 to 4096
[  138.591467][ T8138] NILFS (loop2): mounting unchecked fs
[  138.596415][ T8138] NILFS (loop2): recovery required for readonly filesystem
[  138.603782][ T8138] NILFS (loop2): write access will be enabled during recovery
[  138.624032][ T8138] NILFS (loop2): invalid segment: Checksum error in segment payload
[  138.630927][ T8138] NILFS (loop2): trying rollback from an earlier position
[  138.649196][ T8138] NILFS (loop2): norecovery option specified, skipping roll-forward recovery
[  138.656818][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.674572][ T8138] NILFS (loop2): The specified checkpoint is not a snapshot (checkpoint number=2)
[  138.780408][ T8144] loop2: detected capacity change from 0 to 128
[  138.796493][ T8144] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  138.809235][ T8144] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  138.863679][ T8146] loop1: detected capacity change from 0 to 512
[  138.893193][ T8146] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  138.923522][ T8146] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  138.950228][ T8146] EXT4-fs (loop1): orphan cleanup on readonly fs
[  138.953509][ T8146] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.857: bad orphan inode 15
[  138.970201][ T8146] ext4_test_bit(bit=14, block=18) = 1
[  138.978230][ T8146] is_bad_inode(inode)=0
[  138.980922][ T8146] NEXT_ORPHAN(inode)=1023
[  138.982917][ T8146] max_ino=32
[  138.984962][ T8146] i_nlink=0
[  138.993366][ T8146] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2962: inode #15: comm syz.1.857: corrupted xattr block 19: ea_inode specified without ea_inode feature enabled
[  139.005912][ T8146] EXT4-fs warning (device loop1): ext4_evict_inode:274: xattr delete (err -117)
[  139.015911][ T8146] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  139.051595][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.181739][ T8161] loop1: detected capacity change from 0 to 2048
[  139.205048][ T8164] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  139.422803][ T8176] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=io+mem:owns=io+mem
[  139.539308][ T8180] loop1: detected capacity change from 0 to 4096
[  139.568043][ T8181] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  139.596674][   T33] audit: type=1800 audit(1758712285.764:14): pid=8180 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.872" name="file1" dev="loop1" ino=15 res=0 errno=0
[  139.605854][ T8180] NILFS error (device loop1): nilfs_readdir: zero-length directory entry
[  139.610380][ T8178] loop2: detected capacity change from 0 to 32768
[  139.632797][ T8180] Remounting filesystem read-only
[  139.646602][ T8178] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  139.697133][ T5852] ocfs2: Unmounting device (7,2) on (node local)
[  139.845701][ T8185] loop1: detected capacity change from 0 to 4096
[  139.880696][ T8187] loop2: detected capacity change from 0 to 512
[  139.884472][ T8187] EXT4-fs: Ignoring removed nomblk_io_submit option
[  139.887181][ T8187] EXT4-fs: Ignoring removed bh option
[  139.893313][ T8185] ntfs3(loop1): ino=b, mi_enum_attr
[  139.896093][ T8185] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  139.907090][ T8185] ntfs3(loop1): Failed to load $Extend (-22).
[  139.911443][ T8187] EXT4-fs error (device loop2): mb_free_blocks:2017: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  139.920831][ T8187] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #11: comm syz.2.874: corrupted inode contents
[  139.927104][ T8187] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #11: comm syz.2.874: mark_inode_dirty error
[  139.932475][ T8187] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.874: invalid indirect mapped block 1 (level 1)
[  139.938437][ T8187] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #11: comm syz.2.874: corrupted inode contents
[  139.939761][ T8185] ntfs3(loop1): Failed to initialize $Extend.
[  139.946666][ T8187] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  139.952515][ T8187] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #11: comm syz.2.874: corrupted inode contents
[  139.959983][ T8187] EXT4-fs error (device loop2): ext4_truncate:4666: inode #11: comm syz.2.874: mark_inode_dirty error
[  139.966091][ T8187] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  139.970303][ T8187] EXT4-fs (loop2): 1 truncate cleaned up
[  139.974433][ T8187] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.975592][ T8185] ntfs3(loop1): failed to convert "0000" to iso8859-7
[  139.989998][ T8187] EXT4-fs error (device loop2): ext4_readdir:264: inode #2: block 13: comm syz.2.874: path /326/file0: bad entry in directory: directory entry too close to block end - offset=76, inode=16, rec_len=940, size=1024 fake=0
[  139.997620][ T8185] ntfs3(loop1): failed to convert name for inode 1e.
[  140.005967][ T8185] ntfs3(loop1): ino=1f, mi_enum_attr
[  140.026495][ T5852] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.542422][   T10] usb 3-1: new full-speed USB device number 18 using dummy_hcd
[  140.625502][ T8211] evm: overlay not supported
[  140.802396][   T10] usb 3-1: config 0 has an invalid interface number: 6 but max is 0
[  140.806931][   T10] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  140.814240][   T10] usb 3-1: config 0 has no interface number 0
[  140.817522][   T10] usb 3-1: config 0 interface 6 altsetting 0 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  140.829785][   T10] usb 3-1: New USB device found, idVendor=10cf, idProduct=8061, bcdDevice=b7.12
[  140.834286][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.837944][   T10] usb 3-1: Product: syz
[  140.840939][   T10] usb 3-1: Manufacturer: syz
[  140.846378][   T10] usb 3-1: SerialNumber: syz
[  140.857084][   T10] usb 3-1: config 0 descriptor??
[  140.865608][ T8202] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  140.868589][ T8202] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  140.884049][   T10] comedi comedi5: driver 'vmk80xx' has successfully auto-configured 'K8061 (VM140)'.
[  141.112998][  T792] usb 3-1: USB disconnect, device number 18
[  141.681824][ T8245] loop2: detected capacity change from 0 to 8
[  141.701358][ T8241] loop1: detected capacity change from 0 to 4096
[  141.708005][ T5852] SQUASHFS error: Unable to read directory block [631:72]
[  141.717419][ T5852] SQUASHFS error: Unable to read inode 0xe3
[  141.720129][ T5852] SQUASHFS error: Unable to read inode 0xe3
[  141.728095][ T8241] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  141.746649][ T8241] fs-verity (loop1, inode 16): Unknown hash algorithm number: 0
[  141.767755][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.909960][ T8250] loop1: detected capacity change from 0 to 8192
[  141.965528][ T8250] Dev loop1: RDB in block 1 has bad checksum
[  142.258090][ T5848] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  142.266257][ T5848] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  142.270080][ T5848] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  142.274740][ T5848] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  142.278476][ T5848] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  142.297770][ T5237] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  142.305212][ T5237] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  142.309331][ T5237] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  142.315604][ T5237] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  142.319818][ T5237] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  142.511290][ T8256] chnl_net:caif_netlink_parms(): no params data found
[  142.594653][ T8256] bridge0: port 1(bridge_slave_0) entered blocking state
[  142.599655][ T8256] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.603604][ T8256] bridge_slave_0: entered allmulticast mode
[  142.607726][ T8256] bridge_slave_0: entered promiscuous mode
[  142.616091][ T8256] bridge0: port 2(bridge_slave_1) entered blocking state
[  142.619340][ T8256] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.623159][ T8256] bridge_slave_1: entered allmulticast mode
[  142.627390][ T8256] bridge_slave_1: entered promiscuous mode
[  142.664810][ T8256] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  142.671737][ T8256] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  142.707037][ T8256] team0: Port device team_slave_0 added
[  142.711763][ T8256] team0: Port device team_slave_1 added
[  142.763147][ T8256] batman_adv: batadv0: Adding interface: batadv_slave_0
[  142.766111][ T8256] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  142.777202][ T8256] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  142.783978][ T8256] batman_adv: batadv0: Adding interface: batadv_slave_1
[  142.788642][ T8256] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  142.801852][ T8256] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  142.852987][ T8256] hsr_slave_0: entered promiscuous mode
[  142.856308][ T8256] hsr_slave_1: entered promiscuous mode
[  142.859223][ T8256] debugfs: 'hsr0' already exists in 'hsr'
[  142.861802][ T8256] Cannot create hsr debugfs directory
[  142.919060][ T8265] netlink: 4 bytes leftover after parsing attributes in process `syz.1.903'.
[  143.122868][ T8273] loop1: detected capacity change from 0 to 1024
[  143.127477][ T8273] EXT4-fs: Ignoring removed nobh option
[  143.130025][ T8273] EXT4-fs: Ignoring removed bh option
[  143.157785][ T8273] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.237153][ T8256] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  143.254221][ T8256] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  143.261811][ T8256] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  143.272697][ T8256] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  143.421489][ T8283] loop6: detected capacity change from 0 to 2640
[  143.430897][ T8283] Buffer I/O error on dev loop6, logical block 0, async page read
[  143.434527][ T8283] Buffer I/O error on dev loop6, logical block 0, async page read
[  143.437444][ T8283] Buffer I/O error on dev loop6, logical block 0, async page read
[  143.440729][ T8283] Buffer I/O error on dev loop6, logical block 0, async page read
[  143.443790][ T8283] Buffer I/O error on dev loop6, logical block 0, async page read
[  143.447024][ T8283] Buffer I/O error on dev loop6, logical block 0, async page read
[  143.450115][ T8283] Buffer I/O error on dev loop6, logical block 0, async page read
[  143.453234][ T8283] Buffer I/O error on dev loop6, logical block 0, async page read
[  143.455811][ T8283] ldm_validate_partition_table(): Disk read failed.
[  143.458322][ T8283] Buffer I/O error on dev loop6, logical block 0, async page read
[  143.461440][ T8283] Buffer I/O error on dev loop6, logical block 0, async page read
[  143.465648][ T8283] Dev loop6: unable to read RDB block 0
[  143.469250][ T8283]  loop6: unable to read partition table
[  143.471620][ T8283] loop_reread_partitions: partition scan of loop6 (3) failed (rc=-5)
[  143.938494][ T8256] 8021q: adding VLAN 0 to HW filter on device bond0
[  143.967780][ T8256] 8021q: adding VLAN 0 to HW filter on device team0
[  143.977921][   T27] bridge0: port 1(bridge_slave_0) entered blocking state
[  143.980938][   T27] bridge0: port 1(bridge_slave_0) entered forwarding state
[  143.996779][   T27] bridge0: port 2(bridge_slave_1) entered blocking state
[  143.999756][   T27] bridge0: port 2(bridge_slave_1) entered forwarding state
[  144.034067][ T5845] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.227198][ T8256] 8021q: adding VLAN 0 to HW filter on device batadv0
[  144.269134][ T8256] veth0_vlan: entered promiscuous mode
[  144.276940][ T8256] veth1_vlan: entered promiscuous mode
[  144.298349][ T8256] veth0_macvtap: entered promiscuous mode
[  144.309281][ T8256] veth1_macvtap: entered promiscuous mode
[  144.320025][ T8256] batman_adv: batadv0: Interface activated: batadv_slave_0
[  144.332973][ T8256] batman_adv: batadv0: Interface activated: batadv_slave_1
[  144.343595][ T5237] Bluetooth: hci2: command tx timeout
[  144.347365][   T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  144.351720][   T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  144.360573][   T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  144.366793][ T5873] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  144.467239][  T944] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  144.470516][  T944] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  144.517329][   T40] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  144.520786][   T40] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  144.717104][ T8311] netlink: 'syz.3.917': attribute type 21 has an invalid length.
[  144.853250][ T8315] Bluetooth: MGMT ver 1.23
[  145.481639][ T8324] netlink: 8 bytes leftover after parsing attributes in process `syz.3.920'.
[  145.778178][ T8341] loop1: detected capacity change from 0 to 16
[  145.789936][ T8341] erofs (device loop1): mounted with root inode @ nid 36.
[  146.256111][ T8358] loop1: detected capacity change from 0 to 32768
[  146.339701][ T8358] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,recovery_pass_last=set_may_go_rw,read_only,reconstruct_alloc,no_data_io
[  146.339726][ T8358]   allowing incompatible features above 0.0: (unknown version)
[  146.339733][ T8358]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  146.357668][ T8358] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[  146.360861][ T8358] bcachefs (loop1): recovering from clean shutdown, journal seq 10
[  146.364128][ T8358] bcachefs (loop1): dropping and reconstructing all alloc info
[  146.387402][ T8358] bcachefs (loop1): accounting_read... done
[  146.390637][ T8358] bcachefs (loop1): alloc_read... done
[  146.393773][ T8358] bcachefs (loop1): snapshots_read... done
[  146.400687][ T8358] bcachefs (loop1): check_allocations...
[  146.406446][ T8358] bcachefs (loop1): btree ptr not marked in member info btree allocated bitmap
[  146.406488][ T8358]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 7589ab5e0c11cc7a written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing
[  146.422130][ T5237] Bluetooth: hci2: command tx timeout
[  146.425446][ T8358] bcachefs (loop1): btree ptr not marked in member info btree allocated bitmap
[  146.425462][ T8358]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 9aa2895aefce4bdf written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing
[  146.438703][ T8358] bcachefs (loop1): btree ptr not marked in member info btree allocated bitmap
[  146.438721][ T8358]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c0bef60d07ceb940 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing
[  146.450128][ T8358] bcachefs (loop1): btree ptr not marked in member info btree allocated bitmap
[  146.450146][ T8358]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq ebb8d5a9e3463bdb written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing
[  146.473712][ T8358]  done
[  146.476833][ T8358] bcachefs (loop1): going read-write
[  146.479586][ T8358] bcachefs (loop1): insufficient writeable journal devices available: have 0, need 1
[  146.479586][ T8358] rw journal devs:
[  146.516163][ T8358] bcachefs (loop1): Fixed errors, running fsck a second time to verify fs is clean
[  146.520923][ T8358] bcachefs (loop1): going read-only
[  146.527202][ T8358] bcachefs (loop1): finished waiting for writes to stop
[  146.533906][ T8358] bcachefs (loop1): flushing journal and stopping allocators, journal seq 10
[  146.538397][ T8358] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 10
[  146.543281][ T8358] bcachefs (loop1): unclean shutdown complete, journal seq 10
[  146.548477][ T8358] bcachefs (loop1): done going read-only, filesystem not clean
[  146.551668][ T8358] bcachefs (loop1): done starting filesystem
[  146.639747][ T5845] bcachefs (loop1): shutting down
[  146.681134][ T5845] bcachefs (loop1): shutdown complete
[  146.816530][ T8370] loop3: detected capacity change from 0 to 32768
[  147.820288][ T8380] loop1: detected capacity change from 0 to 1024
[  147.824573][ T8382] loop3: detected capacity change from 0 to 128
[  148.081126][ T8393] loop1: detected capacity change from 0 to 256
[  148.103586][   T33] audit: type=1800 audit(1758712294.274:15): pid=8393 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.949" name="file1" dev="loop1" ino=1048605 res=0 errno=0
[  148.135616][ T8393] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 196)
[  148.139448][ T8393] FAT-fs (loop1): Filesystem has been set read-only
[  148.193427][ T8397] loop1: detected capacity change from 0 to 256
[  148.224833][ T8397] FAT-fs (loop1): Directory bread(block 64) failed
[  148.228687][ T8397] FAT-fs (loop1): Directory bread(block 65) failed
[  148.233743][ T8397] FAT-fs (loop1): Directory bread(block 66) failed
[  148.237484][ T8397] FAT-fs (loop1): Directory bread(block 67) failed
[  148.241271][ T8397] FAT-fs (loop1): Directory bread(block 68) failed
[  148.244625][ T8397] FAT-fs (loop1): Directory bread(block 69) failed
[  148.247599][ T8397] FAT-fs (loop1): Directory bread(block 70) failed
[  148.250178][ T8397] FAT-fs (loop1): Directory bread(block 71) failed
[  148.256563][ T8397] FAT-fs (loop1): Directory bread(block 72) failed
[  148.259526][ T8397] FAT-fs (loop1): Directory bread(block 73) failed
[  148.512578][ T5237] Bluetooth: hci2: command tx timeout
[  149.405003][ T8407] loop0: detected capacity change from 0 to 4096
[  149.433135][ T8407] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  149.575270][ T8407] ntfs3(loop0): ino=19, mi_enum_attr
[  149.586601][ T8407] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  149.961991][   T33] audit: type=1326 audit(1758712296.124:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8423 comm="syz.0.963" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f722572ae09 code=0x7ffc0000
[  149.988517][   T33] audit: type=1326 audit(1758712296.134:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8423 comm="syz.0.963" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f722572ae09 code=0x7ffc0000
[  150.001028][   T33] audit: type=1326 audit(1758712296.134:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8423 comm="syz.0.963" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f722572ae09 code=0x7ffc0000
[  150.014840][   T33] audit: type=1326 audit(1758712296.134:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8423 comm="syz.0.963" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f722572ae09 code=0x7ffc0000
[  150.026209][   T33] audit: type=1326 audit(1758712296.134:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8423 comm="syz.0.963" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f722572ae09 code=0x7ffc0000
[  150.035358][   T33] audit: type=1326 audit(1758712296.144:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8423 comm="syz.0.963" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f722572ae09 code=0x7ffc0000
[  150.037642][ T8432] mac80211_hwsim hwsim8 wlan0: entered promiscuous mode
[  150.046247][   T33] audit: type=1326 audit(1758712296.144:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8423 comm="syz.0.963" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f722572ae09 code=0x7ffc0000
[  150.056014][   T33] audit: type=1326 audit(1758712296.144:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8423 comm="syz.0.963" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f722572ae09 code=0x7ffc0000
[  150.066375][   T33] audit: type=1326 audit(1758712296.144:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8423 comm="syz.0.963" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f722572ae09 code=0x7ffc0000
[  150.092434][  T792] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  150.228993][ T8436] mkiss: ax0: crc mode is auto.
[  150.249241][  T792] usb 2-1: config 0 has an invalid interface number: 71 but max is 0
[  150.253425][  T792] usb 2-1: config 0 has no interface number 0
[  150.259468][  T792] usb 2-1: config 0 interface 71 altsetting 0 has an endpoint descriptor with address 0xFC, changing to 0x8C
[  150.271044][  T792] usb 2-1: config 0 interface 71 altsetting 0 bulk endpoint 0x8C has invalid maxpacket 1024
[  150.276095][  T792] usb 2-1: config 0 interface 71 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  150.281840][  T792] usb 2-1: config 0 interface 71 altsetting 0 bulk endpoint 0x9 has invalid maxpacket 0
[  150.294983][  T792] usb 2-1: New USB device found, idVendor=0bfd, idProduct=0012, bcdDevice=cc.c0
[  150.298895][  T792] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.302877][  T792] usb 2-1: Product: syz
[  150.304644][  T792] usb 2-1: Manufacturer: syz
[  150.306599][  T792] usb 2-1: SerialNumber: syz
[  150.311052][  T792] usb 2-1: config 0 descriptor??
[  150.322929][ T8426] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  150.327664][  T792] kvaser_usb 2-1:0.71: error -EMSGSIZE: Cannot get software info
[  150.331041][  T792] kvaser_usb 2-1:0.71: probe with driver kvaser_usb failed with error -90
[  150.399599][ T8443] loop0: detected capacity change from 0 to 4096
[  150.404079][ T8443] EXT4-fs: Ignoring removed mblk_io_submit option
[  150.426295][ T8443] EXT4-fs (loop0): Test dummy encryption mode enabled
[  150.453603][ T8443] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0083]
[  150.456510][ T8443] System zones: 0-5
[  150.481198][ T8443] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  150.582871][ T5237] Bluetooth: hci2: command tx timeout
[  150.603769][ T5893] usb 2-1: USB disconnect, device number 18
[  151.084931][ T5850] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.170106][ T8463] netlink: 16 bytes leftover after parsing attributes in process `syz.0.977'.
[  151.339047][ T8474] loop0: detected capacity change from 0 to 1024
[  151.342197][ T8472] loop3: detected capacity change from 0 to 1024
[  151.433347][   T36] hfsplus: b-tree write err: -5, ino 8
[  151.469256][ T8476] hugetlbfs: Bad value '' for mount option 'size'
[  151.469256][ T8476] 
[  151.522859][ T8478] vim2m vim2m.0: Fourcc format (0x47524247) invalid.
[  151.579968][ T8465] loop1: detected capacity change from 0 to 32768
[  151.638494][ T8486] netlink: 8 bytes leftover after parsing attributes in process `syz.3.989'.
[  151.735227][ T8465] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  151.735240][ T8465]   allowing incompatible features above 0.0: (unknown version)
[  151.735245][ T8465]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  151.761259][ T8496] netlink: 36 bytes leftover after parsing attributes in process `syz.0.991'.
[  151.768683][ T8498] loop3: detected capacity change from 0 to 1024
[  151.770674][ T8498] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  151.775997][ T8498] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040e11d, mo2=0002]
[  151.776687][ T8498] System zones: 0-1, 2-3, 4-36, 98-101, 102-102
[  151.778456][ T8498] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  151.788759][ T8465] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[  151.810364][ T8465] bcachefs (loop1): initializing new filesystem
[  151.837519][ T8256] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.840245][ T8465] bcachefs (loop1): going read-write
[  151.906494][ T8465] bcachefs (loop1): marking superblocks
[  151.910780][ T8508] loop3: detected capacity change from 0 to 256
[  151.914463][ T8508] exfat: Deprecated parameter 'utf8'
[  151.920042][ T8508] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[  151.951772][ T8465] bcachefs (loop1): initializing freespace
[  151.962410][ T8465] bcachefs (loop1): done initializing freespace
[  151.974346][ T8510] loop0: detected capacity change from 0 to 64
[  151.994920][ T8465] bcachefs (loop1): reading snapshots table
[  151.997420][ T8465] bcachefs (loop1): reading snapshots done
[  152.081020][ T8465] bcachefs (loop1): done starting filesystem
[  152.096443][ T8516] loop3: detected capacity change from 0 to 64
[  152.288208][ T8465] syz.1.981 (8465) used greatest stack depth: 16600 bytes left
[  152.306589][ T5845] bcachefs (loop1): shutting down
[  152.312894][ T5845] bcachefs (loop1): going read-only
[  152.322617][ T5845] bcachefs (loop1): finished waiting for writes to stop
[  152.334781][ T5845] bcachefs (loop1): flushing journal and stopping allocators, journal seq 3
[  152.428038][ T8521] loop3: detected capacity change from 0 to 32768
[  152.436038][ T5845] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 4
[  152.462880][ T5845] bcachefs (loop1): clean shutdown complete, journal seq 5
[  152.481103][ T5845] bcachefs (loop1): marking filesystem clean
[  152.526138][ T5845] bcachefs (loop1): shutdown complete
[  152.852145][  T793] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  153.004339][  T793] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  153.008305][  T793] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  153.011673][  T793] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  153.016555][  T793] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  153.020059][  T793] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  153.025294][  T793] usb 4-1: config 0 descriptor??
[  153.535142][  T793] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  153.892089][ T5893] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  154.022118][ T5893] usb 2-1: device descriptor read/64, error -71
[  154.272292][ T5893] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  154.306884][  T792] usb 4-1: USB disconnect, device number 2
[  154.411967][ T5893] usb 2-1: device descriptor read/64, error -71
[  154.522632][ T5893] usb usb2-port1: attempt power cycle
[  154.862378][ T5893] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  154.883523][ T5893] usb 2-1: device descriptor read/8, error -71
[  154.990782][ T8545] loop3: detected capacity change from 0 to 128
[  154.994723][ T8545] EXT4-fs: Ignoring removed nobh option
[  155.005355][ T8545] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  155.010576][ T8545] ext4 filesystem being mounted at /45/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  155.027039][ T8545] syz.3.1009 (pid 8545) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  155.057780][ T8256] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  155.121999][ T5893] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  155.144852][ T5893] usb 2-1: device descriptor read/8, error -71
[  155.190828][ T8553] loop3: detected capacity change from 0 to 512
[  155.203203][ T8553] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  155.218593][ T8553] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  155.225261][ T8553] ext4 filesystem being mounted at /48/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  155.240645][ T8553] EXT4-fs: Cannot change quota options when quota turned on
[  155.259669][ T5893] usb usb2-port1: unable to enumerate USB device
[  155.260661][ T8256] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.328365][ T8559] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1014'.
[  155.334432][ T8559] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1014'.
[  155.553388][ T8575] loop3: detected capacity change from 0 to 512
[  155.567489][ T8575] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.1021: casefold flag without casefold feature
[  155.578380][ T8575] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1021: couldn't read orphan inode 15 (err -117)
[  155.584322][ T8575] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  155.654761][ T8256] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.733782][ T8586] loop0: detected capacity change from 0 to 512
[  155.737348][ T8586] EXT4-fs: Ignoring removed mblk_io_submit option
[  155.741213][ T8586] EXT4-fs (loop0): orphan cleanup on readonly fs
[  155.744522][ T8586] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -13
[  155.748647][ T8586] EXT4-fs error (device loop0): ext4_clear_blocks:876: inode #13: comm syz.0.1027: attempt to clear invalid blocks 2 len 1
[  155.756644][ T8586] EXT4-fs (loop0): Remounting filesystem read-only
[  155.759563][ T8586] EXT4-fs (loop0): 1 truncate cleaned up
[  155.766901][ T8586] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  155.785237][ T8586] EXT4-fs (loop0): Quota file not on filesystem root. Journaled quota will not work
[  155.825302][ T5850] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  155.867546][ T8590] loop3: detected capacity change from 0 to 1764
[  155.907915][ T8590] iso9660: Corrupted directory entry in block 1 of inode 1920
[  156.143951][ T8598] loop3: detected capacity change from 0 to 32768
[  156.161643][ T8598] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  156.189652][ T8598] XFS (loop3): Ending clean mount
[  156.235714][ T8256] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  157.194044][ T8614] loop1: detected capacity change from 0 to 40427
[  157.202128][ T8614] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  157.212339][ T8614] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  157.285306][ T8614] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  157.297502][ T8614] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  157.301020][ T8614] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  157.815367][ T8623] loop3: detected capacity change from 0 to 16
[  157.822995][ T8623] erofs (device loop3): mounted with root inode @ nid 36.
[  157.835632][ T8623] erofs (device loop3): bogus lookback distance 1388 @ lcn 42 of nid 36
[  157.839755][ T8623] syz.3.1039: attempt to access beyond end of device
[  157.839755][ T8623] loop3: rw=0, sector=3670024, nr_sectors = 8 limit=16
[  157.851156][ T8623] erofs (device loop3): read error -5 @ 43 of nid 36
[  157.878983][ T8625] Unsupported ieee802154 address type: 0
[  157.913730][ T8626] erofs (device loop3): bogus lookback distance 1388 @ lcn 42 of nid 36
[  157.924495][ T8626] syz.3.1039: attempt to access beyond end of device
[  157.924495][ T8626] loop3: rw=0, sector=3670024, nr_sectors = 8 limit=16
[  157.929506][ T8626] erofs (device loop3): read error -5 @ 43 of nid 36
[  157.949394][ T8628] netlink: 68 bytes leftover after parsing attributes in process `syz.1.1040'.
[  158.136360][ T8634] netlink: 4544 bytes leftover after parsing attributes in process `syz.1.1042'.
[  158.424190][ T8640] loop1: detected capacity change from 0 to 32768
[  158.439377][ T8640] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1045 (8640)
[  158.466171][ T8640] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  158.469630][ T8640] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  158.611042][ T8640] BTRFS info (device loop1): enabling ssd optimizations
[  158.624965][ T8640] BTRFS info (device loop1): disabling tree log
[  158.627349][ T8640] BTRFS info (device loop1): turning on async discard
[  158.635115][ T8640] BTRFS info (device loop1): force clearing of disk cache
[  158.638081][ T8640] BTRFS info (device loop1): doing ref verification
[  158.651632][ T8640] BTRFS info (device loop1): force zlib compression, level 3
[  158.678885][ T8640] BTRFS error (device loop1 state M): cannot disable free-space-tree
[  158.729604][ T5845] BTRFS info (device loop1 state M): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  158.766903][ T8623] syz.3.1039 (8623): drop_caches: 2
[  159.106378][ T8662] loop0: detected capacity change from 0 to 32768
[  159.174097][ T8662] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  159.236338][ T8670] geneve2: entered promiscuous mode
[  159.275272][ T5850] (syz-executor,5850,1):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 72
[  159.295763][ T5850] ocfs2: Unmounting device (7,0) on (node local)
[  159.348632][ T8672] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  159.362247][ T8672] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  159.498766][ T8664] loop1: detected capacity change from 0 to 32768
[  159.503202][ T8664] XFS: noikeep mount option is deprecated.
[  159.517583][ T8664] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  159.539893][ T8664] XFS (loop1): Ending clean mount
[  159.567914][ T8664] XFS (loop1): Quotacheck needed: Please wait.
[  159.619842][ T8664] XFS (loop1): Quotacheck: Done.
[  159.659486][ T8689] loop0: detected capacity change from 0 to 2048
[  159.675232][ T8689] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  159.694883][ T5845] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  159.722018][ T5893] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  159.902542][ T5893] usb 4-1: Using ep0 maxpacket: 32
[  159.911751][ T5893] usb 4-1: config 7 has an invalid interface number: 41 but max is 0
[  159.916566][ T5893] usb 4-1: config 7 has no interface number 0
[  159.919477][ T5893] usb 4-1: config 7 interface 41 has no altsetting 0
[  159.934112][ T5893] usb 4-1: New USB device found, idVendor=0499, idProduct=5005, bcdDevice=e6.1d
[  159.942509][ T5893] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.945978][ T5893] usb 4-1: Product: syz
[  159.947843][ T5893] usb 4-1: Manufacturer: syz
[  159.971613][ T5893] usb 4-1: SerialNumber: syz
[  160.252955][ T8705] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1060'.
[  160.256691][ T8705] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1060'.
[  160.260408][ T8705] netlink: 108 bytes leftover after parsing attributes in process `syz.1.1060'.
[  160.319213][ T5893] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  160.339283][ T5893] snd-usb-audio 4-1:7.41: probe with driver snd-usb-audio failed with error -2
[  160.348138][ T5893] usb 4-1: USB disconnect, device number 3
[  160.355391][ T5849] udevd[5849]: setting mode of /dev/bus/usb/004/003 to 020664 failed: No such file or directory
[  160.365759][ T5849] udevd[5849]: setting owner of /dev/bus/usb/004/003 to uid=0, gid=0 failed: No such file or directory
[  160.385376][ T5849] udevd[5849]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:7.41/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  160.515592][ T8707] loop1: detected capacity change from 0 to 32768
[  160.549990][ T8707] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  160.584532][ T5850] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.758437][ T5845] ocfs2: Unmounting device (7,1) on (node local)
[  161.036104][ T8734] binder: 8733:8734 ioctl c0306201 200000000080 returned -14
[  161.122336][ T5893] usb 4-1: new full-speed USB device number 4 using dummy_hcd
[  161.276332][ T8750] overlayfs: failed to resolve './file0': -2
[  161.287361][ T5893] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  161.291798][ T5893] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[  161.299582][ T5893] usb 4-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  161.308094][ T5893] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.314110][ T5893] usb 4-1: config 0 descriptor??
[  161.326926][ T5893] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  161.331417][ T5893] dvb-usb: bulk message failed: -22 (3/0)
[  161.345289][ T5893] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  161.349865][ T5893] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  161.357862][ T5893] usb 4-1: media controller created
[  161.366315][ T5893] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  161.392976][ T5893] dvb-usb: bulk message failed: -22 (6/0)
[  161.395828][ T5893] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  161.401653][ T5893] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.3/usb4/4-1/input/input12
[  161.415351][ T5893] dvb-usb: schedule remote query interval to 150 msecs.
[  161.418275][ T5893] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  161.452069][  T792] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  161.524444][ T5893] usb 4-1: USB disconnect, device number 4
[  161.557415][ T5893] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  161.603394][  T792] usb 2-1: Using ep0 maxpacket: 8
[  161.607560][  T792] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  161.612435][  T792] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  161.616325][  T792] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.622981][  T792] usb 2-1: config 0 descriptor??
[  161.844536][  T792] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  162.114319][ T8769] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  162.258941][  T792] usb 2-1: USB disconnect, device number 23
[  162.590565][ T8783] comedi comedi0: s526: a I/O base address must be specified
[  162.828915][ T8795] loop3: detected capacity change from 0 to 128
[  164.202089][  T792] usb 4-1: new full-speed USB device number 5 using dummy_hcd
[  164.356295][  T792] usb 4-1: config 9 has an invalid interface number: 252 but max is 0
[  164.359209][  T792] usb 4-1: config 9 has no interface number 0
[  164.361417][  T792] usb 4-1: config 9 interface 252 has no altsetting 0
[  164.366062][  T792] usb 4-1: New USB device found, idVendor=05ac, idProduct=0238, bcdDevice=dd.7c
[  164.369626][  T792] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.374504][  T792] usb 4-1: Product: syz
[  164.375983][  T792] usb 4-1: Manufacturer: syz
[  164.377722][  T792] usb 4-1: SerialNumber: syz
[  164.593901][  T792] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:9.252/input/input13
[  164.611294][ T5281] bcm5974 4-1:9.252: could not read from device
[  164.620559][ T5281] bcm5974 4-1:9.252: could not read from device
[  164.628740][  T792] usb 4-1: USB disconnect, device number 5
[  164.798789][ T8862] netlink: 212296 bytes leftover after parsing attributes in process `syz.1.1124'.
[  165.503825][ T8870] loop1: detected capacity change from 0 to 32768
[  165.512449][ T8870] XFS: noikeep mount option is deprecated.
[  165.545016][ T8870] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  165.575230][ T8886] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1132'.
[  165.596850][ T8870] XFS (loop1): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  165.615910][ T8870] XFS (loop1): Starting recovery (logdev: internal)
[  165.630441][ T8870] XFS (loop1): Ending recovery (logdev: internal)
[  165.684887][ T5845] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  165.978522][ T8894] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode broadcast(3)
[  166.044161][ T8890] loop3: detected capacity change from 0 to 32768
[  166.053773][ T8890] bcachefs (/dev/loop3): error validating superblock: Invalid superblock section replicas: no devices in entry sb: 33/0 []
[  166.053773][ T8890] replicas (size 24):
[  166.053773][ T8890] btree: 0/1 [2] sb: 33/0 [] (unknown data_type 144): 56/184 [0 0 0 0 0 0 108 1 0 0 6 0 0 0 0 0 0 0 0 0 0 0 10 0 0 0 0 0 0 0 1 0 1 0 5 0 0 0 8 0 0 0 0 0 0 0 1 0 2 0 5 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 5 0 0 0 0 0 0 0 0 0 0 0 1 0 0 1 5 0 0 0 0 0 0 0 0 0 0 0 1 0 0 2 5 0 0 0 0 0 0 0 0 0 0 0 1 0 0 3 5 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 6 0 0 0 0 11 0 0 0 0 0 0 3 1 1 0 0 0 0 0 2 0 0 0 6 0 0 0 0 0 0 0 0 0 0 0 2 1 1 0 0 0 0 0 2 0 0 0 6 0 0 0 16 0]
[  166.053773][ T8890] 
[  166.102763][ T8890] bcachefs: bch2_fs_get_tree() error: invalid_replicas_entry
[  166.190905][ T8903] input: syz1 as /devices/virtual/input/input14
[  166.193809][ T8903] input: failed to attach handler leds to device input14, error: -6
[  166.488089][ T8915] capability: warning: `syz.3.1145' uses 32-bit capabilities (legacy support in use)
[  166.644611][ T8923] binder: 8921:8923 ioctl c0306201 2000000003c0 returned -14
[  166.858022][ T8922] loop1: detected capacity change from 0 to 32768
[  166.881353][ T8922] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1149 (8922)
[  166.896016][ T8922] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  166.900325][ T8922] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  166.923100][ T8922] BTRFS info (device loop1): enabling ssd optimizations
[  166.925368][ T8922] BTRFS info (device loop1): enabling free space tree
[  166.960732][ T5845] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  167.157227][ T8954] loop1: detected capacity change from 0 to 32768
[  167.226032][ T8954] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  167.247868][ T8954] XFS (loop1): Ending clean mount
[  167.276636][ T8954] XFS (loop1): Quotacheck needed: Please wait.
[  167.314368][ T8954] XFS (loop1): Quotacheck: Done.
[  167.366968][ T5845] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  169.061940][   T33] kauditd_printk_skb: 179 callbacks suppressed
[  169.061955][   T33] audit: type=1326 audit(1758712315.224:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.3.1175" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8a38d2ae09 code=0x7ffc0000
[  169.066770][ T9009] loop1: detected capacity change from 0 to 512
[  169.078434][   T33] audit: type=1326 audit(1758712315.224:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.3.1175" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a38d8ec29 code=0x7ffc0000
[  169.089414][   T33] audit: type=1326 audit(1758712315.224:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.3.1175" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8a38d2ae09 code=0x7ffc0000
[  169.098895][ T9009] EXT4-fs error (device loop1): ext4_get_journal_inode:5800: comm syz.1.1178: inode #16777216: comm syz.1.1178: iget: illegal inode #
[  169.110176][ T9009] EXT4-fs (loop1): Remounting filesystem read-only
[  169.114450][   T33] audit: type=1326 audit(1758712315.224:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.3.1175" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a38d8ec29 code=0x7ffc0000
[  169.123135][ T9009] EXT4-fs (loop1): no journal found
[  169.123148][ T9009] EXT4-fs (loop1): can't get journal size
[  169.133846][ T9009] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  169.137496][   T33] audit: type=1326 audit(1758712315.244:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.3.1175" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8a38d2ae09 code=0x7ffc0000
[  169.137875][ T9009] EXT4-fs (loop1): failed to initialize system zone (-22)
[  169.147645][   T33] audit: type=1326 audit(1758712315.244:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.3.1175" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8a38d2ae09 code=0x7ffc0000
[  169.149821][ T9009] EXT4-fs (loop1): mount failed
[  169.169063][   T33] audit: type=1326 audit(1758712315.244:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.3.1175" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a38d8ec29 code=0x7ffc0000
[  169.179739][   T33] audit: type=1326 audit(1758712315.244:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.3.1175" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a38d8ec29 code=0x7ffc0000
[  169.197733][   T33] audit: type=1326 audit(1758712315.244:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.3.1175" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8a38d8ec29 code=0x7ffc0000
[  169.221983][   T33] audit: type=1326 audit(1758712315.244:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9000 comm="syz.3.1175" exe="/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f8a38d2ae09 code=0x7ffc0000
[  170.342774][ T9047] loop1: detected capacity change from 0 to 1024
[  170.366469][ T9047] hfsplus: Unknown parameter '017777777777777777777770x0000000000000000'
[  170.394853][ T9047] loop1: detected capacity change from 0 to 512
[  170.423145][ T9047] EXT4-fs (loop1): blocks per group (95) and clusters per group (32768) inconsistent
[  170.448945][ T9046] loop3: detected capacity change from 0 to 32768
[  170.491394][ T9046] jfs_strtoUCS: char2uni returned -22.
[  170.498384][ T9046] charset = cp949, char = 0xd4
[  171.690324][ T9073] netlink: 'syz.3.1204': attribute type 1 has an invalid length.
[  171.992166][ T5893] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  172.152011][ T5893] usb 4-1: Using ep0 maxpacket: 16
[  172.155995][ T5893] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  172.159686][ T5893] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  172.163106][ T5893] usb 4-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00
[  172.166335][ T5893] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  172.170874][ T5893] usb 4-1: config 0 descriptor??
[  172.418422][ T9085] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  172.451555][ T9087] loop1: detected capacity change from 0 to 128
[  172.474448][ T9087] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  172.502458][ T9087] ext4 filesystem being mounted at /386/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  172.558251][ T5845] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  172.631766][ T5893] hid (null): usage index exceeded
[  172.849890][ T5893] usb 4-1: string descriptor 0 read error: -71
[  172.892386][   T13] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  172.906864][ T5893] usb 4-1: Max retries (5) exceeded reading string descriptor 200
[  172.914511][ T5893] letsketch 0003:6161:4D15.0008: probe with driver letsketch failed with error -32
[  172.926285][ T5893] usb 4-1: USB disconnect, device number 6
[  172.992562][   T13] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.071439][   T13] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.159319][   T13] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  173.251408][ T5848] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  173.262693][ T5848] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  173.271586][ T5848] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  173.280994][ T5848] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  173.285630][ T5848] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  173.380681][   T13] bridge_slave_1: left allmulticast mode
[  173.382944][   T13] bridge_slave_1: left promiscuous mode
[  173.387370][   T13] bridge0: port 2(bridge_slave_1) entered disabled state
[  173.434575][   T13] bridge_slave_0: left allmulticast mode
[  173.438915][   T13] bridge_slave_0: left promiscuous mode
[  173.441087][   T13] bridge0: port 1(bridge_slave_0) entered disabled state
[  173.732257][ T5544] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  173.918092][ T5544] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  173.927853][ T5544] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  173.944106][ T5544] usb 4-1: New USB device found, idVendor=04b4, idProduct=0001, bcdDevice= 0.00
[  173.947724][ T5544] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.991154][ T5544] usb 4-1: config 0 descriptor??
[  174.199874][   T13] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  174.210731][   T13] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  174.216571][   T13] bond0 (unregistering): Released all slaves
[  174.315688][   T13] tipc: Left network mode
[  174.450389][ T5544] cypress 0003:04B4:0001.0009: unknown main item tag 0x0
[  174.452815][ T5544] cypress 0003:04B4:0001.0009: unknown main item tag 0x0
[  174.457395][ T5544] cypress 0003:04B4:0001.0009: unknown main item tag 0x0
[  174.467355][ T5544] cypress 0003:04B4:0001.0009: unknown main item tag 0x0
[  174.469812][ T5544] cypress 0003:04B4:0001.0009: unknown main item tag 0x0
[  174.477989][ T5544] cypress 0003:04B4:0001.0009: unknown main item tag 0x0
[  174.480532][ T5544] cypress 0003:04B4:0001.0009: unknown main item tag 0x0
[  174.490593][ T5544] cypress 0003:04B4:0001.0009: hidraw0: USB HID v0.00 Device [HID 04b4:0001] on usb-dummy_hcd.3-1/input0
[  174.627256][ T9098] chnl_net:caif_netlink_parms(): no params data found
[  174.668219][ T5544] usb 4-1: USB disconnect, device number 7
[  174.833459][   T13] hsr_slave_0: left promiscuous mode
[  174.837013][   T13] hsr_slave_1: left promiscuous mode
[  174.844236][   T13] batman_adv: batadv0: Removing interface: batadv_slave_0
[  174.848642][   T13] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  174.856283][   T13] batman_adv: batadv0: Removing interface: batadv_slave_1
[  174.882379][   T13] veth1_macvtap: left promiscuous mode
[  174.886142][   T13] veth0_macvtap: left promiscuous mode
[  174.888762][   T13] veth1_vlan: left promiscuous mode
[  174.894135][   T13] veth0_vlan: left promiscuous mode
[  175.300109][ T9151] vivid-001: disconnect
[  175.311342][ T9150] vivid-001: reconnect
[  175.445453][   T13] team0 (unregistering): Port device team_slave_1 removed
[  175.507515][   T13] team0 (unregistering): Port device team_slave_0 removed
[  175.558299][ T5848] Bluetooth: hci0: command tx timeout
[  176.092302][ T9098] bridge0: port 1(bridge_slave_0) entered blocking state
[  176.095071][ T9098] bridge0: port 1(bridge_slave_0) entered disabled state
[  176.098043][ T9098] bridge_slave_0: entered allmulticast mode
[  176.102329][ T9098] bridge_slave_0: entered promiscuous mode
[  176.141154][ T9098] bridge0: port 2(bridge_slave_1) entered blocking state
[  176.144875][ T9098] bridge0: port 2(bridge_slave_1) entered disabled state
[  176.148026][ T9098] bridge_slave_1: entered allmulticast mode
[  176.165776][ T9098] bridge_slave_1: entered promiscuous mode
[  176.323577][ T9098] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  176.341044][ T9098] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  176.425291][ T9098] team0: Port device team_slave_0 added
[  176.448817][ T9098] team0: Port device team_slave_1 added
[  176.636489][ T9098] batman_adv: batadv0: Adding interface: batadv_slave_0
[  176.651186][ T9098] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  176.669469][ T9098] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  176.703295][ T9098] batman_adv: batadv0: Adding interface: batadv_slave_1
[  176.714752][ T9098] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  176.746827][ T9098] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  177.111393][ T9098] hsr_slave_0: entered promiscuous mode
[  177.117482][ T9098] hsr_slave_1: entered promiscuous mode
[  177.792550][ T9098] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  177.810715][ T5848] Bluetooth: hci0: command tx timeout
[  177.824702][ T9098] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  177.845506][ T9098] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  177.882038][ T9098] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  177.957747][ T9190] uprobe: syz.3.1244:9190 failed to unregister, leaking uprobe
[  177.968813][ T9190] uprobe: syz.3.1244:9190 failed to unregister, leaking uprobe
[  178.108799][ T9098] 8021q: adding VLAN 0 to HW filter on device bond0
[  178.135642][ T9098] 8021q: adding VLAN 0 to HW filter on device team0
[  178.162180][   T40] bridge0: port 1(bridge_slave_0) entered blocking state
[  178.165340][   T40] bridge0: port 1(bridge_slave_0) entered forwarding state
[  178.195907][   T64] bridge0: port 2(bridge_slave_1) entered blocking state
[  178.198975][   T64] bridge0: port 2(bridge_slave_1) entered forwarding state
[  178.462579][ T9098] 8021q: adding VLAN 0 to HW filter on device batadv0
[  178.578658][ T9202] loop3: detected capacity change from 0 to 32768
[  178.597394][ T9202] 
[  178.597394][ T9202]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  178.597394][ T9202] 
[  178.619184][ T9202] ERROR: (device loop3): diWrite: ixpxd invalid
[  178.619184][ T9202] 
[  178.630701][ T9202] ERROR: (device loop3): txCommit: 
[  178.630701][ T9202] 
[  178.652068][ T9202] ERROR: (device loop3): diWrite: ixpxd invalid
[  178.652068][ T9202] 
[  178.662755][ T9202] ERROR: (device loop3): txCommit: 
[  178.662755][ T9202] 
[  178.702103][ T8256] 
[  178.702103][ T8256]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  178.702103][ T8256] 
[  178.707047][ T9098] veth0_vlan: entered promiscuous mode
[  178.708472][ T8256] 
[  178.708472][ T8256]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  178.708472][ T8256] 
[  178.714029][ T9098] veth1_vlan: entered promiscuous mode
[  178.736776][ T9098] veth0_macvtap: entered promiscuous mode
[  178.762058][ T9098] veth1_macvtap: entered promiscuous mode
[  178.777500][ T9098] batman_adv: batadv0: Interface activated: batadv_slave_0
[  178.793195][ T9098] batman_adv: batadv0: Interface activated: batadv_slave_1
[  178.821258][ T5723] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  178.825122][ T5723] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  178.838208][   T13] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  178.844363][   T13] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  178.925687][   T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.928941][   T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  178.964667][   T64] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  178.969287][   T64] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  179.035248][ T9228] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  179.035248][ T9228] The task syz.3.1250 (9228) triggered the difference, watch for misbehavior.
[  179.426446][ T9232] loop4: detected capacity change from 0 to 32768
[  179.849365][ T9232] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  179.849572][ T9232]   allowing incompatible features above 0.0: (unknown version)
[  179.849579][ T9232]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  179.874720][ T9232] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  179.883909][ T9232] bcachefs (loop4): initializing new filesystem
[  179.897827][ T9232] bcachefs (loop4): going read-write
[  179.907761][ T9232] bcachefs (loop4): marking superblocks
[  179.945816][ T9232] bcachefs (loop4): initializing freespace
[  179.955717][ T9232] bcachefs (loop4): done initializing freespace
[  179.967783][ T9232] bcachefs (loop4): reading snapshots table
[  179.973695][ T9232] bcachefs (loop4): reading snapshots done
[  179.995327][ T9232] bcachefs (loop4): done starting filesystem
[  180.051932][ T5848] Bluetooth: hci0: command tx timeout
[  180.081705][ T9098] bcachefs (loop4): shutting down
[  180.084603][ T9098] bcachefs (loop4): going read-only
[  180.087132][ T9098] bcachefs (loop4): finished waiting for writes to stop
[  180.092985][ T9098] bcachefs (loop4): flushing journal and stopping allocators, journal seq 2
[  180.131154][ T9098] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 3
[  180.136440][ T9098] bcachefs (loop4): clean shutdown complete, journal seq 4
[  180.142905][ T9098] bcachefs (loop4): marking filesystem clean
[  180.167204][ T9098] bcachefs (loop4): shutdown complete
[  180.356232][ T9265] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1262'.
[  180.417891][ T9266] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1262'.
[  181.119735][ T9275] loop3: detected capacity change from 0 to 512
[  181.124784][ T9275] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  181.137505][ T9275] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  181.141910][ T9275] ext4 filesystem being mounted at /121/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  181.158694][ T9275] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  181.377727][ T9290] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1269'.
[  181.393512][ T9290] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  181.397166][ T9290] macsec1: entered allmulticast mode
[  181.399815][ T9290] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[  181.980979][ T8256] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.304426][ T5848] Bluetooth: hci0: command tx timeout
[  183.004337][ T9322] veth0: entered promiscuous mode
[  183.007886][ T9321] veth0: left promiscuous mode
[  183.081247][ T9326] nftables ruleset with unbound chain
[  183.506907][ T5874] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  183.669530][ T5874] usb 4-1: Using ep0 maxpacket: 32
[  183.672949][ T5874] usb 4-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[  183.676205][ T5874] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  183.682874][ T5874] usb 4-1: config 0 descriptor??
[  183.697304][ T5874] as10x_usb: device has been detected
[  183.699980][ T5874] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[  183.714248][ T5874] usb 4-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[  183.731398][ T5874] as10x_usb: error during firmware upload part1
[  183.734140][ T5874] Registered device nBox DVB-T Dongle
[  183.923482][ T5874] usb 4-1: USB disconnect, device number 8
[  183.946435][ T5874] Unregistered device nBox DVB-T Dongle
[  183.947932][ T5874] as10x_usb: device has been disconnected
[  184.189326][ T9349] raw_sendmsg: syz.0.1294 forgot to set AF_INET. Fix it!
[  184.289562][ T9355] gtp0: entered promiscuous mode
[  184.291309][ T9355] gtp0: entered allmulticast mode
[  184.665041][ T9376] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1305'.
[  184.673597][ T9376] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1305'.
[  185.035971][ T5544] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  185.197308][ T5544] usb 4-1: Using ep0 maxpacket: 8
[  185.201204][ T5544] usb 4-1: config 0 has no interfaces?
[  185.205721][ T5544] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  185.210994][ T5544] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  185.216662][ T5544] usb 4-1: Product: syz
[  185.221973][ T5544] usb 4-1: Manufacturer: syz
[  185.223976][ T5544] usb 4-1: SerialNumber: syz
[  185.231865][ T5544] usb 4-1: config 0 descriptor??
[  185.293444][ T9408] loop4: detected capacity change from 0 to 32768
[  185.314742][ T9408] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  185.358633][ T9408] XFS (loop4): Ending clean mount
[  185.365776][ T9408] XFS (loop4): Quotacheck needed: Please wait.
[  185.409809][ T9408] XFS (loop4): Quotacheck: Done.
[  185.459514][ T9098] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  185.472158][ T5544] usb 4-1: USB disconnect, device number 9
[  186.210601][ T9437] Illegal XDP return value 4294967262 on prog  (id 97) dev N/A, expect packet loss!
[  186.311270][ T9446] sctp: [Deprecated]: syz.0.1330 (pid 9446) Use of struct sctp_assoc_value in delayed_ack socket option.
[  186.311270][ T9446] Use struct sctp_sack_info instead
[  186.551498][   T10] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  186.713806][   T10] usb 4-1: Using ep0 maxpacket: 16
[  186.718429][   T10] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00
[  186.721862][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=20
[  186.727061][   T10] usb 4-1: SerialNumber: syz
[  186.735665][   T10] usb 4-1: config 0 descriptor??
[  186.741286][   T10] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[  186.745786][   T10] usb 4-1: Detected FT232A
[  186.753470][   T10] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  186.962488][   T24] usb 4-1: USB disconnect, device number 10
[  186.970728][   T24] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  186.977044][   T24] ftdi_sio 4-1:0.0: device disconnected
[  188.989921][   T24] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  189.292662][   T24] usb 4-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65
[  189.298969][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  189.332680][   T24] usb 4-1: Product: syz
[  189.338023][   T24] usb 4-1: Manufacturer: syz
[  189.340040][   T24] usb 4-1: SerialNumber: syz
[  189.388634][   T24] usb 4-1: config 0 descriptor??
[  189.641634][   T24] usb 4-1: ignoring: probably an ADSL modem
[  189.702021][ T9477] netlink: 'syz.0.1341': attribute type 4 has an invalid length.
[  190.079774][   T24] cxacru 4-1:0.0: usbatm_usb_probe: bind failed: -19!
[  190.299674][   T24] usb 4-1: USB disconnect, device number 11
[  190.331207][   T12] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.461527][   T12] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.496192][ T9496] loop4: detected capacity change from 0 to 256
[  190.615010][   T12] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  190.696690][   T12] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  191.015418][   T12] bridge_slave_1: left allmulticast mode
[  191.017907][   T12] bridge_slave_1: left promiscuous mode
[  191.023623][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  191.047682][   T12] bridge_slave_0: left allmulticast mode
[  191.050169][   T12] bridge_slave_0: left promiscuous mode
[  191.055009][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  191.419231][ T9527] netlink: 64 bytes leftover after parsing attributes in process `syz.4.1355'.
[  191.788037][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  191.792789][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  191.797603][   T12] bond0 (unregistering): Released all slaves
[  191.891295][   T13] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  191.896532][   T13] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  191.902955][   T13] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  191.957257][   T13] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  192.140590][   T12] hsr_slave_0: left promiscuous mode
[  192.160207][   T12] hsr_slave_1: left promiscuous mode
[  192.166362][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  192.183879][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  192.198628][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  192.201673][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  192.244361][   T12] veth1_macvtap: left promiscuous mode
[  192.246711][   T12] veth0_macvtap: left promiscuous mode
[  192.258565][   T12] veth1_vlan: left promiscuous mode
[  192.263580][   T12] veth0_vlan: left promiscuous mode
[  192.859585][ T9560] loop3: detected capacity change from 0 to 1024
[  193.060788][ T9557] loop4: detected capacity change from 0 to 2048
[  193.469244][ T5893] IPVS: starting estimator thread 0...
[  193.487125][ T9557] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  193.608592][ T9563] IPVS: using max 84 ests per chain, 201600 per kthread
[  193.767185][   T28] hfsplus: b-tree write err: -5, ino 4
[  195.090492][   T24] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  195.132500][ T5237] Bluetooth: hci2: command 0x0405 tx timeout
[  195.251801][   T24] usb 4-1: Using ep0 maxpacket: 8
[  195.257635][   T24] usb 4-1: config 162 has an invalid interface number: 166 but max is 0
[  195.261131][   T24] usb 4-1: config 162 has an invalid descriptor of length 0, skipping remainder of the config
[  195.266299][   T24] usb 4-1: config 162 has no interface number 0
[  195.269058][   T24] usb 4-1: config 162 interface 166 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  195.274896][   T24] usb 4-1: config 162 interface 166 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  195.280584][   T24] usb 4-1: config 162 interface 166 has no altsetting 0
[  195.321106][   T24] usb 4-1: New USB device found, idVendor=05ac, idProduct=921d, bcdDevice=d3.ea
[  195.324919][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  195.336132][   T24] usb 4-1: Product: syz
[  195.342643][   T24] usb 4-1: Manufacturer: syz
[  195.344830][   T24] usb 4-1: SerialNumber: syz
[  195.447896][ T9567] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1369'.
[  195.606965][   T24] appledisplay 4-1:162.166: Could not find int-in endpoint
[  195.623334][   T24] usbhid 4-1:162.166: couldn't find an input interrupt endpoint
[  195.660844][   T24] usb 4-1: USB disconnect, device number 12
[  195.745431][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  195.748186][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  195.872498][   T33] kauditd_printk_skb: 10 callbacks suppressed
[  195.872519][   T33] audit: type=1326 audit(1758712340.222:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9589 comm="syz.0.1376" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f722578ec29 code=0x7ffc0000
[  195.885080][   T33] audit: type=1326 audit(1758712340.222:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9589 comm="syz.0.1376" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f722578ec29 code=0x7ffc0000
[  195.896537][   T33] audit: type=1326 audit(1758712340.222:226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9589 comm="syz.0.1376" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f722578ec29 code=0x7ffc0000
[  195.905718][   T33] audit: type=1326 audit(1758712340.222:227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9589 comm="syz.0.1376" exe="/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f722578ec29 code=0x7ffc0000
[  195.918467][   T33] audit: type=1326 audit(1758712340.222:228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9589 comm="syz.0.1376" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f722578ec29 code=0x7ffc0000
[  195.930304][   T33] audit: type=1326 audit(1758712340.222:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9589 comm="syz.0.1376" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f722578ec29 code=0x7ffc0000
[  195.960314][   T33] audit: type=1326 audit(1758712340.222:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9589 comm="syz.0.1376" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f722578ec29 code=0x7ffc0000
[  195.978918][   T33] audit: type=1326 audit(1758712340.222:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9589 comm="syz.0.1376" exe="/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f722578ec29 code=0x7ffc0000
[  196.001392][   T33] audit: type=1326 audit(1758712340.222:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9589 comm="syz.0.1376" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f722578ec29 code=0x7ffc0000
[  196.017708][   T33] audit: type=1326 audit(1758712340.222:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9589 comm="syz.0.1376" exe="/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f722578ec29 code=0x7ffc0000
[  196.063640][ T9599] overlayfs: failed to clone upperpath
[  196.142756][ T9609] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1383'.
[  196.255490][ T9617] netlink: 'syz.0.1386': attribute type 1 has an invalid length.
[  196.395088][ T9625] netlink: 'syz.0.1389': attribute type 1 has an invalid length.
[  196.404730][ T9625] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1389'.
[  196.740065][ T9641] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1393'.
[  198.408108][ T9678] loop3: detected capacity change from 0 to 32768
[  198.422226][ T9678] (syz.3.1408,9678,1):ocfs2_verify_heartbeat:818 ERROR: Cannot heartbeat on a locally mounted device.
[  198.439809][ T9678] (syz.3.1408,9678,1):ocfs2_fill_super:1177 ERROR: status = -22
[  198.466136][ T9690] loop4: detected capacity change from 0 to 2048
[  198.476386][ T9693] loop3: detected capacity change from 0 to 512
[  198.486907][ T9693] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  198.492955][ T9693] EXT4-fs (loop3): orphan cleanup on readonly fs
[  198.495837][ T9693] EXT4-fs error (device loop3): __ext4_iget:5464: inode #11: block 8: comm syz.3.1414: invalid block
[  198.503047][ T9693] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.1414: couldn't read orphan inode 11 (err -117)
[  198.508187][ T9693] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  198.529892][ T9690] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  198.567989][ T8256] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.634154][ T9690] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  198.643805][ T9690] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1578 with error 28
[  198.648611][ T9690] EXT4-fs (loop4): This should not happen!! Data will be lost
[  198.648611][ T9690] 
[  198.652670][ T9690] EXT4-fs (loop4): Total free blocks count 0
[  198.659458][ T9690] EXT4-fs (loop4): Free/Dirty block details
[  198.662302][ T9690] EXT4-fs (loop4): free_blocks=2415919104
[  198.665923][ T9690] EXT4-fs (loop4): dirty_blocks=1584
[  198.667662][ T9690] EXT4-fs (loop4): Block reservation details
[  198.669991][ T9690] EXT4-fs (loop4): i_reserved_data_blocks=99
[  198.779875][   T36] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 64 with error 28
[  198.915038][  T792] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  199.077799][  T792] usb 4-1: config index 0 descriptor too short (expected 23569, got 27)
[  199.081560][  T792] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  199.088693][  T792] usb 4-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  199.092639][  T792] usb 4-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  199.096032][  T792] usb 4-1: Manufacturer: syz
[  199.104910][  T792] usb 4-1: config 0 descriptor??
[  199.163831][  T792] rc_core: IR keymap rc-hauppauge not found
[  199.166417][  T792] Registered IR keymap rc-empty
[  199.169716][  T792] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  199.177985][  T792] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input15
[  199.567255][    C0] igorplugusb 4-1:0.0: receive overflow, at least 13 lost
[  199.862675][   T24] usb 4-1: USB disconnect, device number 13
[  201.652593][ T9755] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1438'.
[  201.668125][ T9755] 8021q: adding VLAN 0 to HW filter on device bond1
[  201.684789][ T9755] 8021q: adding VLAN 0 to HW filter on device batadv1
[  201.691025][ T9755] bond1: (slave batadv1): Enslaving as an active interface with an up link
[  201.698971][ T9755] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1438'.
[  201.948340][ T9755] bond1 (unregistering): (slave batadv1): Releasing backup interface
[  201.955317][ T9755] bond1 (unregistering): Released all slaves
[  202.064955][ T9771] netlink: 'syz.0.1445': attribute type 23 has an invalid length.
[  202.316634][ T9783] tipc: Enabled bearer <eth:macvlan0>, priority 10
[  203.532216][   T24] tipc: Node number set to 4294246401
[  203.676925][ T9814] loop4: detected capacity change from 0 to 128
[  203.691731][ T9814] ubifs: Unknown parameter 'dont_appraise'
[  204.493900][ T9824] loop4: detected capacity change from 0 to 4096
[  204.519501][ T9824] NILFS (loop4): invalid segment: Checksum error in segment payload
[  204.523874][ T9824] NILFS (loop4): trying rollback from an earlier position
[  204.548655][ T9824] NILFS (loop4): recovery complete
[  204.551793][ T9829] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  204.850674][ T9853] netlink: 'syz.0.1480': attribute type 29 has an invalid length.
[  204.964078][ T9862] loop3: detected capacity change from 0 to 256
[  205.124558][ T9872] loop3: detected capacity change from 0 to 512
[  205.141688][ T9872] EXT4-fs (loop3): ea_inode feature is not supported for Hurd
[  205.242455][ T9866] loop4: detected capacity change from 0 to 32768
[  205.277304][ T9866] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  205.296874][ T9866] XFS (loop4): Ending clean mount
[  205.302712][ T9866] XFS (loop4): Quotacheck needed: Please wait.
[  205.334859][ T9866] XFS (loop4): Quotacheck: Done.
[  205.388780][ T9098] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  205.830477][ T9907] loop3: detected capacity change from 0 to 128
[  207.226000][ T9941] loop4: detected capacity change from 0 to 32768
[  207.248512][ T9941] JBD2: Ignoring recovery information on journal
[  207.276688][ T9947] netlink: 'syz.3.1517': attribute type 11 has an invalid length.
[  207.288853][ T9947] netlink: 224 bytes leftover after parsing attributes in process `syz.3.1517'.
[  207.328561][ T9941] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  207.411270][ T9098] ocfs2: Unmounting device (7,4) on (node local)
[  208.113564][ T9944] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  208.764484][ T9974] usb usb8: usbfs: process 9974 (syz.3.1527) did not claim interface 0 before use
[  209.861660][T10017] loop3: detected capacity change from 0 to 164
[  209.875713][T10017] Unable to read rock-ridge attributes
[  209.905739][T10017] Unable to read rock-ridge attributes
[  209.916628][T10017] syz.3.1540: attempt to access beyond end of device
[  209.916628][T10017] loop3: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  209.937924][T10017] syz.3.1540: attempt to access beyond end of device
[  209.937924][T10017] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164
[  209.945586][   T33] kauditd_printk_skb: 6 callbacks suppressed
[  209.945596][   T33] audit: type=1800 audit(1758712353.217:240): pid=10017 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1540" name="file0" dev="loop3" ino=1862 res=0 errno=0
[  210.077595][T10033] loop3: detected capacity change from 0 to 512
[  210.147580][T10033] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.1545: bad orphan inode 11862016
[  210.154231][T10033] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  210.158651][T10033] ext4 filesystem being mounted at /178/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  210.249923][ T8256] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  210.352245][T10054] vivid-001: disconnect
[  210.356550][T10053] vivid-001: reconnect
[  210.402178][T10060] loop3: detected capacity change from 0 to 512
[  210.405173][T10060] EXT4-fs: Ignoring removed bh option
[  210.406993][T10060] EXT4-fs: Ignoring removed mblk_io_submit option
[  210.412025][T10060] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[  210.416323][T10060] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  210.422494][T10060] EXT4-fs (loop3): orphan cleanup on readonly fs
[  210.425084][T10060] Quota error (device loop3): v2_read_file_info: Block with free entry 252928 out of range (1, 6).
[  210.432234][T10060] EXT4-fs warning (device loop3): ext4_enable_quotas:7172: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  210.440272][T10060] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  210.444106][T10060] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:483: comm syz.3.1557: Invalid block bitmap block 0 in block_group 0
[  210.453778][T10060] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  210.457543][T10060] EXT4-fs (loop3): 1 orphan inode deleted
[  210.461105][T10060] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  210.488759][ T8256] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  210.720961][T10074] loop3: detected capacity change from 0 to 256
[  211.113635][T10085] loop4: detected capacity change from 0 to 2048
[  211.135630][T10086] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  211.479239][   T33] audit: type=1800 audit(1758712354.630:241): pid=10085 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1568" name="file2" dev="loop4" ino=16 res=0 errno=0
[  211.501294][T10085] NILFS (loop4): vblocknr = 12 has abnormal lifetime: start cno (= 150994946) > current cno (= 4)
[  211.506570][T10085] NILFS error (device loop4): nilfs_bmap_propagate: broken bmap (inode number=16)
[  211.519184][T10085] Remounting filesystem read-only
[  211.539568][ T9098] NILFS (loop4): disposed unprocessed dirty file(s) when stopping log writer
[  211.814778][T10095] loop4: detected capacity change from 0 to 32768
[  211.818172][T10095] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1572 (10095)
[  211.881553][T10095] BTRFS info (device loop4): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  211.885198][T10095] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  211.966845][T10104] loop3: detected capacity change from 0 to 4096
[  211.979900][T10095] BTRFS info (device loop4): enabling ssd optimizations
[  211.984434][T10104] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  211.988270][T10095] BTRFS info (device loop4): enabling free space tree
[  212.051364][T10104] ntfs3(loop3): ino=19, mi_enum_attr
[  212.053629][T10104] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  212.069289][T10104] ntfs3(loop3): failed to convert "c46c" to maccenteuro
[  212.072636][T10104] ntfs3(loop3): ino=20, mi_enum_attr
[  212.105745][ T9098] BTRFS info (device loop4): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  212.300264][T10122] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  214.038730][   T24] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  214.080053][   T33] audit: type=1800 audit(1758712357.029:242): pid=10180 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1598" name="file1" dev="tmpfs" ino=3127 res=0 errno=0
[  214.164638][T10184] openvswitch: netlink: Multiple metadata blocks provided
[  214.203772][   T24] usb 4-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  214.207728][   T24] usb 4-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  214.212780][   T24] usb 4-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  214.216277][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  214.222125][T10174] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  214.230089][   T24] usb 4-1: Quirk or no altset; falling back to MIDI 1.0
[  214.358913][T10194] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[  216.781075][   T24] usb 4-1: USB disconnect, device number 14
[  216.905507][T10231] tc_dump_action: action bad kind
[  216.938721][T10235] netlink: 92 bytes leftover after parsing attributes in process `syz.3.1621'.
[  217.033600][T10239] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1622'.
[  217.271062][T10243] loop3: detected capacity change from 0 to 32768
[  217.323309][T10243] XFS (loop3): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  217.371600][T10253] loop4: detected capacity change from 0 to 32768
[  217.377438][T10253] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1630 (10253)
[  217.435291][T10253] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  217.441876][T10253] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  217.448394][T10243] XFS (loop3): Ending clean mount
[  217.527642][ T8256] XFS (loop3): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  217.794705][T10253] BTRFS info (device loop4): enabling ssd optimizations
[  217.800363][T10253] BTRFS info (device loop4): enabling free space tree
[  217.913120][ T9098] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  218.188594][T10291] loop3: detected capacity change from 0 to 32768
[  218.993653][T10330] loop3: detected capacity change from 0 to 1024
[  219.018984][   T33] audit: type=1800 audit(1758712361.589:243): pid=10330 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1654" name="file1" dev="loop3" ino=26 res=0 errno=0
[  220.693604][T10445] loop3: detected capacity change from 0 to 4096
[  220.697166][T10445] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512).
[  220.877226][ T5848] Bluetooth: hci2: command 0x0405 tx timeout
[  221.012600][T10465] wireguard: wg2: Could not create IPv4 socket
[  221.052619][T10467] loop3: detected capacity change from 0 to 512
[  221.058466][T10467] EXT4-fs (loop3): Test dummy encryption mode enabled
[  221.061311][T10467] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  221.074166][T10467] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.1687: bad orphan inode 131083
[  221.082917][T10467] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  221.135178][T10467] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))"
[  221.154987][ T8256] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.755434][T10486] loop3: detected capacity change from 0 to 40427
[  221.783223][T10486] F2FS-fs (loop3): Fix alignment : done, start(4096) end(16896) block(12288)
[  221.799049][T10486] F2FS-fs (loop3): build fault injection rate: 5
[  221.801704][T10486] F2FS-fs (loop3): build fault injection type: 0x3bfe8c
[  221.827820][    C0] F2FS-fs (loop3): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  221.832481][T10486] F2FS-fs (loop3): invalid crc value
[  221.834681][T10486] F2FS-fs (loop3): Failed to get valid F2FS checkpoint
[  222.244641][T10507] loop3: detected capacity change from 0 to 32768
[  222.261442][T10507] ocfs2: Slot 0 on device (7,3) was already allocated to this node!
[  222.299123][T10507] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  222.324533][T10507] 
[  222.325658][T10507] ======================================================
[  222.328441][T10507] WARNING: possible circular locking dependency detected
[  222.331331][T10507] syzkaller #0 Not tainted
[  222.333381][T10507] ------------------------------------------------------
[  222.337163][T10507] syz.3.1704/10507 is trying to acquire lock:
[  222.339621][T10507] ffff888119a99840 (&ocfs2_sysfile_lock_key[GLOBAL_BITMAP_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  222.345039][T10507] 
[  222.345039][T10507] but task is already holding lock:
[  222.348195][T10507] ffff8880396631e0 (&ocfs2_file_ip_alloc_sem_key){++++}-{4:4}, at: ocfs2_write_begin+0x198/0x310
[  222.352442][T10507] 
[  222.352442][T10507] which lock already depends on the new lock.
[  222.352442][T10507] 
[  222.356603][T10507] 
[  222.356603][T10507] the existing dependency chain (in reverse order) is:
[  222.360215][T10507] 
[  222.360215][T10507] -> #5 (&ocfs2_file_ip_alloc_sem_key){++++}-{4:4}:
[  222.363893][T10507]        lock_acquire+0x120/0x360
[  222.365950][T10507]        down_write+0x96/0x1f0
[  222.367607][T10507]        ocfs2_try_remove_refcount_tree+0xb6/0x320
[  222.369720][T10507]        ocfs2_xattr_set+0x595/0x11f0
[  222.371939][T10507]        ocfs2_set_acl+0x701/0x7b0
[  222.373682][T10507]        ocfs2_iop_set_acl+0x1aa/0x2a0
[  222.375781][T10507]        vfs_set_acl+0x887/0xb00
[  222.377435][T10507]        filename_setxattr+0x2e0/0x600
[  222.379259][T10507]        path_setxattrat+0x364/0x3a0
[  222.381275][T10507]        __x64_sys_setxattr+0xbc/0xe0
[  222.383037][T10507]        do_syscall_64+0xfa/0x3b0
[  222.384657][T10507]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.386670][T10507] 
[  222.386670][T10507] -> #4 (&oi->ip_xattr_sem){++++}-{4:4}:
[  222.389415][T10507]        lock_acquire+0x120/0x360
[  222.391149][T10507]        down_read+0x46/0x2e0
[  222.392611][T10507]        ocfs2_init_acl+0x2f9/0x720
[  222.394493][T10507]        ocfs2_mknod+0x1321/0x2050
[  222.396229][T10507]        ocfs2_create+0x1a5/0x440
[  222.398279][T10507]        path_openat+0x14f4/0x3830
[  222.400058][T10507]        do_filp_open+0x1fa/0x410
[  222.401583][T10507]        do_sys_openat2+0x121/0x1c0
[  222.403254][T10507]        __x64_sys_openat+0x138/0x170
[  222.404853][T10507]        do_syscall_64+0xfa/0x3b0
[  222.406891][T10507]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.409532][T10507] 
[  222.409532][T10507] -> #3 (jbd2_handle){++++}-{0:0}:
[  222.412501][T10507]        lock_acquire+0x120/0x360
[  222.414559][T10507]        start_this_handle+0x1fa7/0x21c0
[  222.417029][T10507]        jbd2__journal_start+0x2c1/0x5b0
[  222.419137][T10507]        jbd2_journal_start+0x2a/0x40
[  222.421105][T10507]        ocfs2_start_trans+0x376/0x6d0
[  222.423260][T10507]        ocfs2_reserve_local_alloc_bits+0xb04/0x24e0
[  222.425500][T10507]        ocfs2_reserve_clusters_with_limit+0x1be/0xba0
[  222.427593][T10507]        ocfs2_mknod+0xe32/0x2050
[  222.429560][T10507]        ocfs2_mkdir+0x191/0x440
[  222.431483][T10507]        vfs_mkdir+0x306/0x510
[  222.433427][T10507]        do_mkdirat+0x247/0x590
[  222.435355][T10507]        __x64_sys_mkdirat+0x87/0xa0
[  222.437486][T10507]        do_syscall_64+0xfa/0x3b0
[  222.439557][T10507]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.442339][T10507] 
[  222.442339][T10507] -> #2 (&journal->j_trans_barrier){.+.+}-{4:4}:
[  222.445811][T10507]        lock_acquire+0x120/0x360
[  222.447912][T10507]        down_read+0x46/0x2e0
[  222.449877][T10507]        ocfs2_start_trans+0x36a/0x6d0
[  222.451756][T10507]        ocfs2_reserve_local_alloc_bits+0xb04/0x24e0
[  222.453851][T10507]        ocfs2_reserve_clusters_with_limit+0x1be/0xba0
[  222.455911][T10507]        ocfs2_mknod+0xe32/0x2050
[  222.458030][T10507]        ocfs2_mkdir+0x191/0x440
[  222.459655][T10507]        vfs_mkdir+0x306/0x510
[  222.461143][T10507]        do_mkdirat+0x247/0x590
[  222.462945][T10507]        __x64_sys_mkdirat+0x87/0xa0
[  222.464750][T10507]        do_syscall_64+0xfa/0x3b0
[  222.466456][T10507]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.468611][T10507] 
[  222.468611][T10507] -> #1 (sb_internal#5){.+.+}-{0:0}:
[  222.471581][T10507]        lock_acquire+0x120/0x360
[  222.473769][T10507]        ocfs2_start_trans+0x26b/0x6d0
[  222.475908][T10507]        ocfs2_reserve_local_alloc_bits+0xb04/0x24e0
[  222.478172][T10507]        ocfs2_reserve_clusters_with_limit+0x1be/0xba0
[  222.480472][T10507]        ocfs2_mknod+0xe32/0x2050
[  222.482547][T10507]        ocfs2_mkdir+0x191/0x440
[  222.484547][T10507]        vfs_mkdir+0x306/0x510
[  222.486525][T10507]        do_mkdirat+0x247/0x590
[  222.488539][T10507]        __x64_sys_mkdirat+0x87/0xa0
[  222.490745][T10507]        do_syscall_64+0xfa/0x3b0
[  222.492941][T10507]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.495484][T10507] 
[  222.495484][T10507] -> #0 (&ocfs2_sysfile_lock_key[GLOBAL_BITMAP_SYSTEM_INODE]){+.+.}-{4:4}:
[  222.499364][T10507]        validate_chain+0xb9b/0x2140
[  222.501230][T10507]        __lock_acquire+0xab9/0xd20
[  222.503358][T10507]        lock_acquire+0x120/0x360
[  222.505345][T10507]        down_write+0x96/0x1f0
[  222.507311][T10507]        ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  222.509343][T10507]        ocfs2_reserve_clusters_with_limit+0x2fb/0xba0
[  222.511611][T10507]        ocfs2_lock_allocators+0x2fa/0x5c0
[  222.513779][T10507]        ocfs2_extend_allocation+0x39b/0x17a0
[  222.516331][T10507]        ocfs2_extend_no_holes+0x20e/0x4a0
[  222.518586][T10507]        ocfs2_expand_nonsparse_inode+0x160/0x450
[  222.520648][T10507]        ocfs2_write_begin_nolock+0x1a81/0x4340
[  222.522904][T10507]        ocfs2_write_begin+0x1bb/0x310
[  222.525202][T10507]        generic_perform_write+0x2c5/0x900
[  222.527338][T10507]        ocfs2_file_write_iter+0x157a/0x1d10
[  222.529486][T10507]        vfs_write+0x5c9/0xb30
[  222.531228][T10507]        __x64_sys_pwrite64+0x193/0x220
[  222.533227][T10507]        do_syscall_64+0xfa/0x3b0
[  222.534911][T10507]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.536901][T10507] 
[  222.536901][T10507] other info that might help us debug this:
[  222.536901][T10507] 
[  222.540461][T10507] Chain exists of:
[  222.540461][T10507]   &ocfs2_sysfile_lock_key[GLOBAL_BITMAP_SYSTEM_INODE] --> &oi->ip_xattr_sem --> &ocfs2_file_ip_alloc_sem_key
[  222.540461][T10507] 
[  222.546465][T10507]  Possible unsafe locking scenario:
[  222.546465][T10507] 
[  222.548722][T10507]        CPU0                    CPU1
[  222.550476][T10507]        ----                    ----
[  222.552323][T10507]   lock(&ocfs2_file_ip_alloc_sem_key);
[  222.554206][T10507]                                lock(&oi->ip_xattr_sem);
[  222.556469][T10507]                                lock(&ocfs2_file_ip_alloc_sem_key);
[  222.559260][T10507]   lock(&ocfs2_sysfile_lock_key[GLOBAL_BITMAP_SYSTEM_INODE]);
[  222.561509][T10507] 
[  222.561509][T10507]  *** DEADLOCK ***
[  222.561509][T10507] 
[  222.564096][T10507] 3 locks held by syz.3.1704/10507:
[  222.565809][T10507]  #0: ffff8880224a8428 (sb_writers#24){.+.+}-{0:0}, at: vfs_write+0x211/0xb30
[  222.568680][T10507]  #1: ffff888039663540 (&sb->s_type->i_mutex_key#40){+.+.}-{4:4}, at: ocfs2_file_write_iter+0x429/0x1d10
[  222.572327][T10507]  #2: ffff8880396631e0 (&ocfs2_file_ip_alloc_sem_key){++++}-{4:4}, at: ocfs2_write_begin+0x198/0x310
[  222.575870][T10507] 
[  222.575870][T10507] stack backtrace:
[  222.578322][T10507] CPU: 0 UID: 0 PID: 10507 Comm: syz.3.1704 Not tainted syzkaller #0 PREEMPT(full) 
[  222.578339][T10507] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  222.578346][T10507] Call Trace:
[  222.578354][T10507]  <TASK>
[  222.578360][T10507]  dump_stack_lvl+0x189/0x250
[  222.578380][T10507]  ? __pfx_dump_stack_lvl+0x10/0x10
[  222.578390][T10507]  ? __pfx__printk+0x10/0x10
[  222.578401][T10507]  ? print_lock_name+0xde/0x100
[  222.578412][T10507]  print_circular_bug+0x2ee/0x310
[  222.578421][T10507]  check_noncircular+0x134/0x160
[  222.578430][T10507]  validate_chain+0xb9b/0x2140
[  222.578442][T10507]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  222.578457][T10507]  ? look_up_lock_class+0x74/0x170
[  222.578469][T10507]  ? register_lock_class+0x51/0x320
[  222.578488][T10507]  __lock_acquire+0xab9/0xd20
[  222.578504][T10507]  ? ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  222.578514][T10507]  lock_acquire+0x120/0x360
[  222.578524][T10507]  ? ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  222.578533][T10507]  ? __kasan_check_byte+0x12/0x40
[  222.578543][T10507]  ? unwind_next_frame+0xa5/0x2390
[  222.578552][T10507]  down_write+0x96/0x1f0
[  222.578561][T10507]  ? ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  222.578569][T10507]  ? __pfx_down_write+0x10/0x10
[  222.578578][T10507]  ? lock_release+0x4b/0x3e0
[  222.578590][T10507]  ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  222.578601][T10507]  ? is_bpf_text_address+0x26/0x2b0
[  222.578616][T10507]  ? kernel_text_address+0xa5/0xe0
[  222.578631][T10507]  ? __kernel_text_address+0xd/0x40
[  222.578645][T10507]  ? unwind_get_return_address+0x4d/0x90
[  222.578657][T10507]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  222.578671][T10507]  ? arch_stack_walk+0xfc/0x150
[  222.578685][T10507]  ? stack_trace_save+0x9c/0xe0
[  222.578697][T10507]  ? __pfx_ocfs2_reserve_suballoc_bits+0x10/0x10
[  222.578710][T10507]  ? check_path+0x21/0x40
[  222.578720][T10507]  ? check_noncircular+0xe0/0x160
[  222.578730][T10507]  ? lockdep_unlock+0x89/0x120
[  222.578744][T10507]  ? validate_chain+0x897/0x2140
[  222.578755][T10507]  ? ocfs2_file_write_iter+0x157a/0x1d10
[  222.578770][T10507]  ? __lock_acquire+0xab9/0xd20
[  222.578790][T10507]  ? do_raw_spin_unlock+0x4d/0x240
[  222.578803][T10507]  ? _raw_spin_unlock+0x28/0x50
[  222.578813][T10507]  ? ocfs2_alloc_should_use_local+0x152/0x310
[  222.578822][T10507]  ? ocfs2_reserve_clusters_with_limit+0x16b/0xba0
[  222.578831][T10507]  ocfs2_reserve_clusters_with_limit+0x2fb/0xba0
[  222.578840][T10507]  ? __pfx_ocfs2_reserve_clusters_with_limit+0x10/0x10
[  222.578848][T10507]  ? rcu_is_watching+0x15/0xb0
[  222.578855][T10507]  ? ocfs2_num_free_extents+0x347/0x620
[  222.578863][T10507]  ? __pfx_ocfs2_num_free_extents+0x10/0x10
[  222.578871][T10507]  ? __pfx_ocfs2_read_blocks+0x10/0x10
[  222.578883][T10507]  ? check_path+0x21/0x40
[  222.578891][T10507]  ? check_noncircular+0xe0/0x160
[  222.578901][T10507]  ocfs2_lock_allocators+0x2fa/0x5c0
[  222.578955][T10507]  ? __pfx_ocfs2_lock_allocators+0x10/0x10
[  222.578972][T10507]  ? ocfs2_read_inode_block+0x11d/0x190
[  222.578984][T10507]  ? __pfx_ocfs2_read_inode_block+0x10/0x10
[  222.579002][T10507]  ocfs2_extend_allocation+0x39b/0x17a0
[  222.579012][T10507]  ? __lock_acquire+0xab9/0xd20
[  222.579029][T10507]  ? do_raw_spin_lock+0x121/0x290
[  222.579042][T10507]  ? __pfx_ocfs2_extend_allocation+0x10/0x10
[  222.579052][T10507]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  222.579065][T10507]  ? lockdep_hardirqs_on+0x9c/0x150
[  222.579072][T10507]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  222.579083][T10507]  ? __pfx_ocfs2_journal_access_di+0x10/0x10
[  222.579092][T10507]  ? kasan_save_track+0x4f/0x80
[  222.579100][T10507]  ? kasan_save_track+0x3e/0x80
[  222.579107][T10507]  ? __kasan_kmalloc+0x93/0xb0
[  222.579115][T10507]  ? __kmalloc_cache_noprof+0x230/0x3d0
[  222.579123][T10507]  ? ocfs2_write_begin_nolock+0x3a0/0x4340
[  222.579130][T10507]  ? ocfs2_write_begin+0x1bb/0x310
[  222.579137][T10507]  ? generic_perform_write+0x2c5/0x900
[  222.579144][T10507]  ? ocfs2_file_write_iter+0x157a/0x1d10
[  222.579150][T10507]  ? vfs_write+0x5c9/0xb30
[  222.579158][T10507]  ? __x64_sys_pwrite64+0x193/0x220
[  222.579166][T10507]  ? do_syscall_64+0xfa/0x3b0
[  222.579176][T10507]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.579188][T10507]  ocfs2_extend_no_holes+0x20e/0x4a0
[  222.579199][T10507]  ? __pfx_ocfs2_extend_no_holes+0x10/0x10
[  222.579212][T10507]  ocfs2_expand_nonsparse_inode+0x160/0x450
[  222.579226][T10507]  ? __pfx_ocfs2_expand_nonsparse_inode+0x10/0x10
[  222.579238][T10507]  ? __kasan_kmalloc+0x93/0xb0
[  222.579252][T10507]  ocfs2_write_begin_nolock+0x1a81/0x4340
[  222.579268][T10507]  ? rcu_is_watching+0x15/0xb0
[  222.579284][T10507]  ? __pfx_ocfs2_write_begin_nolock+0x10/0x10
[  222.579294][T10507]  ? __bfs+0x154/0x2a0
[  222.579303][T10507]  ? __pfx_hlock_conflict+0x10/0x10
[  222.579314][T10507]  ? check_path+0x21/0x40
[  222.579324][T10507]  ? check_noncircular+0xe0/0x160
[  222.579345][T10507]  ? lockdep_unlock+0x89/0x120
[  222.579359][T10507]  ? validate_chain+0x897/0x2140
[  222.579376][T10507]  ? __lock_acquire+0xab9/0xd20
[  222.579394][T10507]  ? ocfs2_write_begin+0x198/0x310
[  222.579410][T10507]  ? down_write+0x162/0x1f0
[  222.579422][T10507]  ? __pfx_down_write+0x10/0x10
[  222.579435][T10507]  ? __lock_acquire+0xab9/0xd20
[  222.579446][T10507]  ocfs2_write_begin+0x1bb/0x310
[  222.579454][T10507]  ? __pfx_ocfs2_write_begin+0x10/0x10
[  222.579463][T10507]  generic_perform_write+0x2c5/0x900
[  222.579474][T10507]  ? __pfx_generic_perform_write+0x10/0x10
[  222.579485][T10507]  ? file_update_time+0x416/0x490
[  222.579495][T10507]  ? __generic_file_write_iter+0xf9/0x230
[  222.579505][T10507]  ? ocfs2_file_write_iter+0x1551/0x1d10
[  222.579516][T10507]  ocfs2_file_write_iter+0x157a/0x1d10
[  222.579526][T10507]  ? aa_file_perm+0x13a/0x1550
[  222.579542][T10507]  ? __pfx_ocfs2_file_write_iter+0x10/0x10
[  222.579552][T10507]  ? __pfx_aa_file_perm+0x10/0x10
[  222.579563][T10507]  ? __lock_acquire+0xab9/0xd20
[  222.579578][T10507]  ? rcu_read_lock_any_held+0xb3/0x120
[  222.579590][T10507]  ? __pfx_rcu_read_lock_any_held+0x10/0x10
[  222.579605][T10507]  vfs_write+0x5c9/0xb30
[  222.579622][T10507]  ? __pfx_ocfs2_file_write_iter+0x10/0x10
[  222.579634][T10507]  ? __pfx_vfs_write+0x10/0x10
[  222.579644][T10507]  ? __fget_files+0x2a/0x420
[  222.579652][T10507]  __x64_sys_pwrite64+0x193/0x220
[  222.579663][T10507]  ? __pfx___x64_sys_pwrite64+0x10/0x10
[  222.579672][T10507]  ? rcu_is_watching+0x15/0xb0
[  222.579679][T10507]  ? do_syscall_64+0xbe/0x3b0
[  222.579690][T10507]  do_syscall_64+0xfa/0x3b0
[  222.579700][T10507]  ? lockdep_hardirqs_on+0x9c/0x150
[  222.579710][T10507]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.579720][T10507]  ? exc_page_fault+0x9f/0xf0
[  222.579730][T10507]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  222.579742][T10507] RIP: 0033:0x7f8a38d8ec29
[  222.579754][T10507] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  222.579761][T10507] RSP: 002b:00007f8a39cc7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000012
[  222.579769][T10507] RAX: ffffffffffffffda RBX: 00007f8a38fd5fa0 RCX: 00007f8a38d8ec29
[  222.579774][T10507] RDX: 0000000000000001 RSI: 0000200000000140 RDI: 0000000000000005
[  222.579779][T10507] RBP: 00007f8a38e11e41 R08: 0000000000000000 R09: 0000000000000000
[  222.579783][T10507] R10: 0000000008000c61 R11: 0000000000000246 R12: 0000000000000000
[  222.579787][T10507] R13: 00007f8a38fd6038 R14: 00007f8a38fd5fa0 R15: 00007fff79f52828
[  222.579794][T10507]  </TASK>
[  222.877755][T10505] loop4: detected capacity change from 0 to 32768
[  222.891131][T10505] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1703 (10505)
[  222.906151][T10505] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  222.910309][T10505] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  222.955673][ T8256] ocfs2: Unmounting device (7,3) on (node local)
[  223.083014][T10505] BTRFS info (device loop4): enabling ssd optimizations
[  223.087084][T10505] BTRFS info (device loop4): enabling free space tree
[  223.108139][ T9098] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d

VM DIAGNOSIS:
11:12:48  Registers:
info registers vcpu 0

CPU#0
RAX=000000000000002d RBX=000000000000002d RCX=0000000000000000 RDX=00000000000003f8
RSI=00000000000011f0 RDI=00000000000011f1 RBP=00000000000003f8 RSP=ffffc90006d25ad0
R8 =ffff888107990237 R9 =1ffff11020f32046 R10=dffffc0000000000 R11=ffffffff854fad60
R12=dffffc0000000000 R13=ffffffff99b028dc R14=ffffffff99df7460 R15=0000000000000000
RIP=ffffffff854faddc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f8a39cc76c0 ffffffff 00c00000
GS =0000 ffff8880b8613000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffcd8b85aa4 CR3=0000000023f06000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000ff0000000000 0000000000000000 XMM01=7973003273666724 6567616d695f746e
XMM02=0000010000000000 0000000000000000 XMM03=75663d79636e6572 65686f632c6c6c75
XMM04=692c736b636f6c66 6c61636f6c2c6c6c XMM05=0000000000000000 00007f8a39cc66e0
XMM06=00007f8a39cc66e0 00007f8a39cc6560 XMM07=00007f8a39cc65a0 00007f8a39cc6580
XMM08=0000000000000000 0000001b7d1475bf XMM09=0000000000000000 00007f8a38e12fed
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=ffffffff904178f3 RCX=ffffffff8fc0cf88 RDX=ffffffff904178ee
RSI=ffffffff904178f2 RDI=ffffffff8be33f20 RBP=dffffc0000000000 RSP=ffffc90006cf6038
R8 =0000000000000005 R9 =0000000000000000 R10=ffffc90006cf6158 R11=ffffffff81ac3b00
R12=ffffc90006cf6380 R13=ffffc90006cf6158 R14=ffffc90006cf6108 R15=1ffffffff2082f1e
RIP=ffffffff8172cb73 RFL=00000a06 [-O---P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f66a7ec76c0 ffffffff 00c00000
GS =0000 ffff8881a3c13000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000000110c30a06d CR3=000000011412c000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 00000000000001a4 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 0000000000000000 XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
