last executing test programs:

4m2.076973548s ago: executing program 1 (id=869):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000006c0)=@newqdisc={0x14c, 0x24, 0x3fe3aa0262d8c783, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x11c, 0x2, [@TCA_CHOKE_STAB={0x104, 0x2, "18047d80edc79ded5baf17b8d4ef60c9b3b201ad412d10413208ddeec3ca63150ca2e8e880626d219622937291bf1a88f2a7e933b9de68b10c358ceb836b1269874d68178d5ca2a64891b8ac2b18bec75794ef929a921ba80fe335e76deda6606f266cad000e1e9f949c533252624fbdb25e28a005a01da7a07e844a72943d4959681afcb9a2b3b3c4b2b511416252a03ab78abf8be2fc6313a03763da61a574a9bc59b728aa3c02eedb176afb984194f31696e2b3357c5757fbf99bae1c8dde4cfedc5714471bdd688ce6ac6e3d2a149abd76a0fe9a448d792273206fc444294e3bae3fc553bc9bd6d0b67ea837b7a0b7f9ef00"}, @TCA_CHOKE_PARMS={0x14, 0x1, {0x9, 0x4, 0x4, 0x14, 0x12, 0x14, 0x6}}]}}]}, 0x14c}}, 0x0)

4m1.989085687s ago: executing program 1 (id=870):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000300), 0x80080, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0xd, "5660359c3245d1c42317afad7d48ed51000000000000000100", <r1=>0xffffffffffffffff})
r2 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000040), 0x141100, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r2, 0xc0285700, &(0x7f0000000140)={0x1000, "340b7832ceefd131b8e6498c25f58fad9987ffe93bbabd18cf501922de974a27", <r3=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r3, 0xc0303e03, &(0x7f00000001c0)={"3c24139ed44aec57f2e2ad238e7b448ed886923c31d4a043e3b614fd00", r1, <r4=>0xffffffffffffffff})
close_range(r0, r4, 0x0)

4m1.925190591s ago: executing program 1 (id=871):
r0 = syz_open_procfs(0x0, &(0x7f00000020c0)='net/softnet_stat\x00')
read$FUSE(r0, &(0x7f0000000040)={0x2020}, 0x229)

4m1.85021471s ago: executing program 1 (id=872):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x1000000, &(0x7f0000000180)={[{@delalloc}, {@noload}, {@acl}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x7a5, &(0x7f00000007c0)="$eJzs3ctrXNUfAPDvnSTNo/01+YGgdRURNFA6MTW2CgoVFyJYKOjaNkymoWaSKZlJaUIWLSK4EVRcCLrp2kfdufWx1f/ChbRUTYsVFxK580gmzUw7bTMzhXw+cDPn3HtnzvnOOefeM7mXmQD2rPH0TybiUER8lESM1tYnETFQSfVHnKjud3t9LZcuSWxsvPVHUtnn1vpaLhqek9pfyzwRET++H3E4s7Pc0srq/EyhkF+q5SfLC+cnSyurR84tzMzl5/KLx6amp48ef+H4sd2L9a9fVg9c//j1Z7858c97j1/98KckTsSB2rbGOHbLeIzX3pOB9C3c5rXdLqzHkl5XgAeSDs2+6iiPQzEafZVUC8PdrBkA0CkbAMAelJgDAMAeU/8/wK31tVx96e1/JLrrxqsRMVSNv359s7qlv3bNbqhyHXTkVrLtykgSEWO7UP54RHzx3TtfpUvU2sG1NKAbLl2OiDNj4zuP/8md9yw0ni7a8lyL9a9UXm2wkh6/Y9teO/9AL32fzn9eTMfdUG1NffxlNuc/0WT+M9hk7D6Ie4//zLVdKKaldP73csO9bVvzv82b1sb6arn/VeZ8A8nZc4V8emw7GBETMTCY5qcquzafuU3c/Pdmq/Ib539/fvLul2n56ePWHplr/YPbnzM7U5552LjrblyOeLK/WfzJZvsnLea/p9os442XPvh8x8p91Yc0/jTe+rIz/s7auBLxTNP232rL5K73J05WusNkvVM08e2vn420Kr+x/dMlLb/+WaAb0vYfaR7/wdouY0nj/Zql+y/j5yujP7Tadu/4m/f/fcnblXStG8XFmXJ5aSpiX/LmzvVHt55bz9f3T+OfeLr5+K8W27z/p58Jz7QZf//1379+8Pg7K41/9u79v9b+T0W1/Tc7QtuJq7fn+1qV3177T1dSE7U17Rz/2q3gw7x3AAAAAAAAAAAAAAAAAAAAAAAAANCuTEQciCST3UxnMtls9Te8H4uRTKFYKh8+W1xenI3Kb2WPxUCm/lWXow3fhzpV+z78an7r9evbn4+I/0fEp4PDlXw2VyzM9jJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGiwv8Xv/6d+G+x17QCAjhnqdQUAgK5z/geAvef+zv/DHasHANA9Pv8DwN7T9vn/TGfrAQB0j8//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNipkyfTZePv9bVcmp+9sLI8X7xwZDZfms8uLOeyueLS+excsThXyGdzxYWWL3Sp+lAoFs9Px+LyxclyvlSeLK2snl4oLi+WT59bmJnLn84PdC0yAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGhfaWV1fqZQyC9JbE/0bV8z3Ov6PGKJ/ngkqiHRsUTjUWK4dwcoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEfcfwEAAP//SqQqnw==")
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
chdir(&(0x7f0000000040)='./file0/../file0\x00')
mount_setattr(0xffffffffffffff9c, &(0x7f00000001c0)='.\x00', 0x800, &(0x7f0000001dc0)={0xb, 0x0, 0x100000}, 0x20)

4m1.77450978s ago: executing program 1 (id=873):
syz_usb_connect$hid(0x6, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x56a, 0xd1, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0}}]}}, 0x0)
syz_usb_connect(0x2, 0x3f, &(0x7f0000000080)=ANY=[@ANYBLOB="12010002f638d408f01002204db10100000109022d00010b06800809045f40030a00004009"], &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0})

4m1.558706763s ago: executing program 1 (id=875):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000580)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a000000180100002025642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000089cdc832850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r0, 0x18000000000002a0, 0x28, 0x0, &(0x7f0000000440)="b9ff033189442602000000f086dd6664203d1d283bbf6692e02b6ccc414bd26f8f226c5672c97b72", 0x0, 0x64, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)

4m1.366709786s ago: executing program 32 (id=875):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xd, &(0x7f0000000580)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000850000002a000000180100002025642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000089cdc832850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r0, 0x18000000000002a0, 0x28, 0x0, &(0x7f0000000440)="b9ff033189442602000000f086dd6664203d1d283bbf6692e02b6ccc414bd26f8f226c5672c97b72", 0x0, 0x64, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x50)

3m50.635319724s ago: executing program 0 (id=989):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000a40)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff5653f, 0x70bd2d, 0x25dfdbfc, {0x0, 0x0, 0x0, r2, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x81}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x54, 0x2c, 0xd3f, 0x70bd25, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, {0xc, 0x4}, {0x0, 0x9}, {0xf, 0x9}}, [@filter_kind_options=@f_flower={{0xb}, {0x24, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8848}, @TCA_FLOWER_KEY_MPLS_OPTS={0x18, 0x63, 0x0, 0x1, @TCA_FLOWER_KEY_MPLS_OPTS_LSE={0xe, 0x1, 0x0, 0x1, [@TCA_FLOWER_KEY_MPLS_OPT_LSE_BOS={0x5}, @TCA_FLOWER_KEY_MPLS_OPT_LSE_DEPTH={0x5, 0x1, 0x3}]}}]}}]}, 0x54}, 0x1, 0x0, 0x0, 0x1}, 0x20040054)

3m50.566985355s ago: executing program 0 (id=992):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f000905", @ANYRES64], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000280)={0x2c, &(0x7f0000000040)=ANY=[@ANYBLOB="00000f00000009003d140f3c369197d09647190890"], 0x0, 0x0, 0x0, 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000100), 0x0, 0x0)
ioctl$HIDIOCSREPORT(r1, 0x4018480c, &(0x7f0000000080)={0x2, 0xffffffff, 0x10000})

3m48.767912954s ago: executing program 0 (id=1000):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x1f, 0xf, &(0x7f0000000200)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xac, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x40000000}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYRES8=r0, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r1}, 0xc)

3m48.635111382s ago: executing program 0 (id=1002):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
chroot(&(0x7f0000000100)='./file0\x00')
mount(0x0, &(0x7f0000000d40)='./file0\x00', &(0x7f0000000040)='sysfs\x00', 0x40, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2a05004, 0x0)
pivot_root(&(0x7f0000000400)='./file0/../file0\x00', &(0x7f0000000340)='./file0/../file0/../file0\x00')

3m48.634558762s ago: executing program 0 (id=1003):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @ipv4={'\x00', '\xff\xff', @empty}, 0xf}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x30, r4, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x30}}, 0x0)

3m48.229733555s ago: executing program 0 (id=1004):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x108)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0xfffffffffffffd7a, &(0x7f0000000580)=0x8000000002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f000001aa40)=""/102392, 0x18ff8)
getsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0)
openat$autofs(0xffffffffffffff9c, 0x0, 0x40002, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x20000040)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000007900), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000007940)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000007a40)={0x0, 0x0, &(0x7f0000007a00)={&(0x7f0000007980)={0x30, r3, 0x25d8e00ab7fe2e09, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SCAN_FREQUENCIES={0x14, 0x2c, 0x0, 0x1, [{0x8, 0x0, 0x1}, {0x8, 0x0, 0x1}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4010}, 0x890)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a3100000000090003007379"], 0x7c}, 0x1, 0x0, 0x0, 0x8080}, 0x20004450)
sendmsg$nl_generic(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000094c0)=ANY=[@ANYBLOB="8c45000043000701fefffffffcdbdf25017c000004004580744501"], 0x458c}, 0x1, 0x0, 0x0, 0xc004}, 0x2000d800)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[], [], 0x2c})

3m48.13795056s ago: executing program 33 (id=1004):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x108)
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0xfffffffffffffd7a, &(0x7f0000000580)=0x8000000002)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f000001aa40)=""/102392, 0x18ff8)
getsockopt$bt_BT_RCVMTU(0xffffffffffffffff, 0x112, 0xd, 0x0, 0x0)
openat$autofs(0xffffffffffffff9c, 0x0, 0x40002, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x20000040)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000007900), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000007940)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000007a40)={0x0, 0x0, &(0x7f0000007a00)={&(0x7f0000007980)={0x30, r3, 0x25d8e00ab7fe2e09, 0x70bd2c, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SCAN_FREQUENCIES={0x14, 0x2c, 0x0, 0x1, [{0x8, 0x0, 0x1}, {0x8, 0x0, 0x1}]}]}, 0x30}, 0x1, 0x0, 0x0, 0x4010}, 0x890)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a3100000000090003007379"], 0x7c}, 0x1, 0x0, 0x0, 0x8080}, 0x20004450)
sendmsg$nl_generic(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000094c0)=ANY=[@ANYBLOB="8c45000043000701fefffffffcdbdf25017c000004004580744501"], 0x458c}, 0x1, 0x0, 0x0, 0xc004}, 0x2000d800)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[], [], 0x2c})

2m48.390987633s ago: executing program 3 (id=1494):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd27, 0x0, {0x0, 0x0, 0xfe, r1}}, 0x24}, 0x1, 0x0, 0x0, 0x4000091}, 0x8040)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000280), 0xffffffffffffffff)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r6=>0x0})
sendmsg$ETHTOOL_MSG_TSINFO_GET(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000380)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r4, @ANYBLOB="01002dbd7000000000ef210000000c00018008000100", @ANYRES32=r6], 0x20}, 0x1, 0x0, 0x0, 0x1}, 0x0)

2m48.213268475s ago: executing program 3 (id=1495):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file1\x00', 0x804000, &(0x7f0000000f00)=ANY=[@ANYBLOB="6c617374626c6f636b3d30303030303030303030303030303030303030302c756d61736b3d30303030303030303030303030303030303030303030302c756e64656c6574652c6c6f6e6761642c73686f727461642c7569643d666f726765742c756e64656c6574652c696f636861727365743d757466382c73686f727461642c696f636861727365743d64656661756c742c7569643d666f726765742c6e6f7374726963742c73657373696f6e3d30303030303030303030303030303030303030302c706172746974696f6e3d30303030303030303030303030303030303030362c00b2e01f5c0b5c8fb2623d8f888e41dfceb3ecf959d23d90b071660660b17884bd109d37086024cf83fa"], 0x2, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir")
unlink(&(0x7f0000000280)='./file1\x00')
creat(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x141)
rename(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f00000002c0)='./file1\x00')

2m48.164743604s ago: executing program 3 (id=1496):
syz_usb_connect(0x0, 0x36, &(0x7f00000006c0)=ANY=[@ANYBLOB="12010000220edf104c05c10687c20102030109022400010000000009040000024f6996000905c6d6000000000009050202"], 0x0)

2m46.759436052s ago: executing program 3 (id=1504):
r0 = syz_open_dev$loop(&(0x7f0000000040), 0x10a, 0x18f480)
ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x200)

2m46.5713958s ago: executing program 3 (id=1505):
mkdir(&(0x7f0000000380)='./file1\x00', 0xa)
mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000180), 0x28800, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000640)='./file0/../file0\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x2101091, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r1, 0xc018937b, &(0x7f0000000140)={{0x1, 0x1, 0xb8, r0}, './file0\x00'})

2m46.418851265s ago: executing program 3 (id=1507):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r1, &(0x7f0000000300)={{0x6, @rose, 0x1}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default]}, 0x48)
socket$unix(0x1, 0x1, 0x0)
close(0x3)
r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
bind$netrom(r2, &(0x7f0000000b40)={{0x6, @rose, 0x1}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null]}, 0x48)
listen(r2, 0x6)
accept$netrom(r2, 0x0, 0x0)
writev(r0, &(0x7f00000005c0)=[{&(0x7f0000000080)='/', 0x1}], 0x1)

2m30.396398388s ago: executing program 34 (id=1507):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.events\x00', 0x275a, 0x0)
r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r1, &(0x7f0000000300)={{0x6, @rose, 0x1}, [@remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default]}, 0x48)
socket$unix(0x1, 0x1, 0x0)
close(0x3)
r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
bind$netrom(r2, &(0x7f0000000b40)={{0x6, @rose, 0x1}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null]}, 0x48)
listen(r2, 0x6)
accept$netrom(r2, 0x0, 0x0)
writev(r0, &(0x7f00000005c0)=[{&(0x7f0000000080)='/', 0x1}], 0x1)

2m25.392801865s ago: executing program 2 (id=1632):
ioctl$IOMMU_IOAS_MAP$PAGES(0xffffffffffffffff, 0x3b85, &(0x7f00000002c0)={0x28, 0x6, 0x0, 0x0, &(0x7f0000343000/0x3000)=nil, 0x3000, 0x10201})
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f0000000000), 0x10)
sendmsg$can_bcm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000005900)={0x5, 0x1, 0x0, {}, {0x0, 0x2710}, {}, 0x2, @can={{}, 0x7, 0x0, 0x0, 0x0, "f01881a1debdfbff"}}, 0x38}, 0x300, 0x0, 0x0, 0x8800}, 0x0)

2m25.392612502s ago: executing program 2 (id=1633):
syz_usb_connect(0x0, 0x1ae, &(0x7f0000000400)=ANY=[@ANYBLOB="12014101338b8c080a113011568b0102030109029c0101000010000904800702a7f0be000905060200020d0006e60fa61dcb0f3061d95fab6bf2839b42d9e3fa95f42f0c0fc8cb2372c8e64a170ca6fb768405dd7ffde5dd9dc9ca190cac7798105a7d275d9f5f58cb49217e396d5dee71b1ba86276b917e2648c736a87822377b3811d82c6ab4aabe7c345a4c8c54846aba693a4a4fedb18bcd03a9fbeb0a201ffd44d732cac550a0eb98cd9631bf907772d8c36bf684e79b6c607e9cf50451d9afafce16d88c72030074c85931c94eea1e77102e2c87d53745ab0d033c17276a7bb1c8c5013416c80009b592271a7d41368e29ea76b455c09692af0e64de8d6b8db05fb4eb4dbd4c2198a5ae58865a8a724292231461d572d8d95fcfeaec2125133a5044ec6f887ada9a5cfa5cb0c91c091c912ff269c6cc89ec5c095d853ec68822da4a073b7f2164edee7950bab4332d9475043613d33d56aa4d5eff750be9d3195ff93467a858629f2856c3de22c628f2773b3d6cd8a85eee03bbdbc4c3cbb91c7883781cad4b8a4630b55ad37a91c2be65fcfaad732df1078e3dd5fff83753d92ff50905820200"], 0x0)

2m24.046446453s ago: executing program 2 (id=1637):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f00000006c0)={[{@jqfmt_vfsv1}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xeb0}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@data_journal}, {@noload}, {@oldalloc}]}, 0x3, 0x440, &(0x7f0000000280)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dad2Z33Jmvd8ee2ckG0LdG05ckYk9E/B4Rw9VsfYHR6j83V5am/15Zmk6iXH7zr6RS7sbK0nReNH/f7jwzEFH4NIlDTepduHT53FSpNHsxy48vnn9vfOHS5Wfnzk+dnT07e2Hy1KkTxyeePzn5XFfiTOO6cfDD+cMHXn376uvTp6++8/O3SR5/QxxdMtru4OPlcper6629NelkoIcNoSPFajeNwUr/H45irJ284Xjlk542DthS5XK5fF/rw8tl4C6WRK9bAPRG/kOfzn/zbZuGHneE6y9WJ0Bp3DezrXpkIApZmcGG+W03jUbE6eV/vkq32Jr7EAAAdb5Pxz/PNBv/FaL2vtD/szWUkYi4JyL2RcTJiNgfEfdGVMreHxEPdFh/4yLJ+vFP4dqmAtugdPz3Qra2VT/+y0d/MVLMcnsr8Q8mZ+ZKs8eyz+RoDO5I8xNt6vjh5d8+b3WsdvyXbmn9+Vgwa8e1gR3175mZWpy6nZhrXf844uBAs/iT1ZWAJCIORMTBTdYx99Q3h1sdu3X8bXRhnan8dcQT1fO/HA3x55L265Pj/4vS7LHx/KpY75dfr7zRqv7bir8L0vO/q+n1vxr/SFK7XrvQyf/+5ZPp65U/Pms5p9ns9T+UvFW374OpxcWLExFDyWvVRtfun2woN7lWPo3/6JHm/X9frH0ShyIivYgfjIiHIuLhrO2PRMSjEXGkzafw00uPvbv5+LdWGv9MR+d/LTEUjXuaJ4rnfvyurtKRTuJPz/+JSupotmcj338baVenVzMAAAD8VxUiYk8khbHVdKEwNlb9G/79satQml9YfPrM/PsXZqrPCIzEYCG/0zVccz90IpvW5/nJhvzx7L7xF8WdlfzY9HxpptfBQ5/b3aL/p/4s9rp1wJbzvBb0L/0f+pf+D/1L/4f+1aT/7+xFO4Dt1+z3/6MetAPYfg3937If9BHzf+hfm+n/vjPg7tC2Lw9tXzuAbbWwM279kLyExLpEFO6IZkhsUaLX30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8W8AAAD//58P56I=")
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
r0 = open$dir(&(0x7f0000000200)='./bus\x00', 0x0, 0x0)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r0, 0x800c6613, &(0x7f0000000080)=@v1={0x0, @aes128, 0x3, @auto="c3cdf97213986088"})
ioctl$FS_IOC_GET_ENCRYPTION_POLICY_EX(r0, 0xc0096616, 0x0)

2m23.939730228s ago: executing program 2 (id=1638):
syz_mount_image$jfs(&(0x7f0000000240), &(0x7f0000000040)='./file1\x00', 0x1810016, &(0x7f0000000300)={[{@iocharset={'iocharset', 0x3d, 'koi8-u'}}, {@discard_size={'discard', 0x3d, 0x4}}, {@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@errors_continue}, {@discard_size={'discard', 0x3d, 0x8}}, {@errors_remount}, {@errors_continue}, {@noquota}, {@quota}, {@errors_continue}, {@nointegrity}]}, 0x24, 0x628f, &(0x7f00000065c0)="$eJzs3c1vHGcdB/Df7JtfStuoh6pECLlteCmleS0hUKDtAQ5cOKBcUSLXrSJSQElAaRURV75w4I8AIXFEiCMn/oAeuHLjDyCSgwTqAXXQ2M/jjKe7XjuJd3Yzn4/kzPzmmfE+k++Od9cz4ycAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgPjhD358roiIK79KC05EfC76Eb2Ilapei4iVtRP1bV6IneZ4PiKGSxHV9jv/PBvxekR8/EzE9v0769Xi84fsx/f//I8//OSpH/39T8Mz//3Lrf4bk9a7ffu3//nr3YffXwAAAOiisizLIn3MPxkRg/TZHgB48uXX/zLJy9VzV2/OWX/UarVavYB1XTne3XoREZv1bar3DE7HA8CC2YxP2u4CLZJ/pw0i4qm2OwHMtaLtDnAstu/fWS9SvkX99WBttz1fC7Iv/81i7/6OSdNpmteYzOr5tRX9eG5Cf1Zm1Id5kvPvNfO/sts+Susdd/6zMin/0e6tT52T8+838294cvLvjc2/q3L+gyPl35c/AAAAAADMsfz7/xMtn/9devRdOZSDzv+uzagPAAAAAAAAAPC4HXX8v0Fj/L89xv8DAACAuVV9Vq/87pkHyyb9LbZq+eUi4unG+kDHpJtlVtvuBwAAAAAAAAAAAAB0yWD3Gt7LRcQwIp5eXS3Lsvqqa9ZH9ajbL7qu7z90Wds/5AEAYNfHzzTu5S8iliPicvpbf8PV1dWyXF5ZLVfLlaX8fna0tFyu1D7X5mm1bGl0iDfEg1FZfbPl2nZ10z4vT2tvfr/qsUZl/xAdm40WAweAiNh9Ndqe9Ir0P69Xi6ksn42W3+SwIA44/llQjn8Oo+3nKQAAAHD8yrIsi/TnvE+mc/69tjsFAMxEfv1vnhdQq9VqtVr95NV15Xh360VEbNa3qd4zGI4fABbMZnzSdhdokfw7bRARL7TdCWCuFW13gGOxff/OepHyLeqvB2l893wtyL78N4ud7fL246bTNK8xmdXzayv68dyE/jw/oz7Mk5x/r5n/ld32UVrv0fMv9/2asK1rjCblX+3niRb607acf7+Zf8NxH/+zshW9sfl3Vc5/cKT8+/IHAAAAAIA5ln//f2Kuzv+OHnZ3pjro/O/a2C2Ory8AAAAAAAAA8Lhs37+znu97zef/vzBmPfd/Pply/oX8Oynn32vk/9XGev3a/L23H+T/7/t31v9461+fz9PD5r+UZ4r0zCrSM6JIj1QM0vRR9u6ztob9UfVIw6LXH6Rrfsrhu3EtrsdGnN23bi/9fzxoP7evverpcKe97O+2n9/XPthrz9tf2Nc+TFcXlSu5/XSsx8/jeryz0161LU3Z/+Up7eWU9px/3/HfSdtpOnjw9WxVr6blRWNaufdR7zPHfX067nHeuvbF35w91j05nK3o7+1bXbV/L7XQn53/k6dG8cubGzdO375669aNc5Em+5aejzR5zPLxP0xfez//X95tzz/368frvY9GR85/XmzFYGL+L9fmq/19ZcZ9a0POf5S+cv7vpPbxx/8i5z/5+H+1hf4AAAAAAAAAAAAAAADAQcqy3LlF9K2IuJju/2nr3kwAYLby63+Z5OWzqvszfjy1esHrYs76M9P603K++qNWL2JdV473Zr2IiL/Vt6neM/x63DcDAObZpxHxz7Y7QWvk32H57/1V01NtdwaYqZsffPjTq9evb9y42XZPAAAAAAAAAICHlcf/XKuN/3yqLMu7jfX2jf/6dqw96vifgzyzN8DohIGq+0ffp4Ns9Ub9Xm248Rdj0vjfw725g8b/Hkx5vOGU9tGU9qUp7ctT2sfe6FGT83+xNt75qYg42Rh+vQvjvzbHvO+CnP9Ltedzlf9XGuvV8y9/v8j59/blf+bW+784c/ODD1+79v7V9zbe2/jZhXPnzl64ePHSpUtn3r12fePs7r8t9vh45fzz2NeuA+2WnH/OXP7dkvP/Uqrl3y05/y+nWv7dkvPP7/fk3y05//zZR/7dkvN/JdXy75ac/9dSLf9uyfm/murp+U/7jSaLJOf/9VQ7/rsl5/9aquXfLTn/06mWf7fk/M+k+pD5rxx3v5iNnH8+w+X475acf76yQf7dkvM/n2r5d0vO/0Kq5d8tOf/XUy3/bsn5fyPV8u+WnP/FVMu/W3L+30y1/Lsl538p1fLvlpz/t1It/27J+X871fLvlpz/G6mWf7fk/L+Tavl3S87/u6mWf7fk/L+Xavl3S87/zVTLv1se/P1/M2bMmMkzbf9kAgAAAAAAAAAAAACaZnE5cdv7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyfHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh7+5i5DrLO4Cf/fTaIYmBkDqpgY1jQkg22bWd+IM2xYTPhq8SCIV+YLvetVlwbOO1S6CRbBookTAqqmgbLtoCQm1uKnLBBa0A5QK1QmoF7QXtBQKhchFVAQWkSrQCtppz3vfdmdnZmV3vePfMOb+fZD/eM2fmvHPmPWfn2fV/DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzW55zdwnhrIsa/zJ/9qeZc9r/Hvr5PZ82Ss3e4QAAADAev0i//u569OCw6u4U9M6//ySb315cXFxMXv3yJ+PfWZxMd0wmWVjW7Isvy166gfvGWpeJ3gsmxgabvp6uMfmR3rcPtrj9rEet4/3uH1Lj9snety+bAcss7X4eUz+YLvzf24vdml2QzaW37a7w70eG9oyPBx/lpMbyu+zOHYim89OZXPZTMv6xbpD+fpfvaWxrTdmcVvDTdva2ZghP3n0eBzDUNjHu1u2tfSY0Y9enU3+9CePHv/b88/e1Kn23A0tj1eM8/ZdjXF+LCwpxjqUbUn7JI5zuGmcOzu8JiMt4xzK79f4d/s4n1vlOEeWhrmh2l/ziWw4//e38/002vxjvbSfdoZlP7s1y7JLS8NuX2fZtrLhbFvLkuGl12eimJGNx2hMpRdko2uap7esYp426uzu1nnafkzE1/+WcL/RFcbQ/DL96KPjTa/7zxevZJ5GjWe90rHSPgf7fayUZQ7GefHt/Ek/3nEO7g7P/9HbVp6DHedOhzmYnnfTHNzVaw4Oj4/kY04vwlB+n6U5uKdl/ZF8S0N5fea27nNw+vzDZ6cXPvyRu+YfPnZy7uTc6X179szs27//4MGD0yfmT83NFH9f4d4uv23ZcDoGdoV9F4+Bl7et2zxVFz8/vuz8e6XH4USX43B727r9Pg5H25/c0MYckMvndHFsvLOx0ycuD2crHGP563PH+o/D9LybjsPRpuOw4/eUDsfh6CqOw8Y6Z+9Y3XuW0aY/ncaw8veC9c3B7U1zsP39SPsc7Pf7kbLMwYkwL757x8rfC3aG8T4+tdb3IyPL5mB6uuHc01iS3u9PHMxLp3l5c+OGa8azCwtz5+5+5Nj58+f2ZKFsiBc2zZX2+bqt6Tlly+br8Jrn6+H5lzx+c4fl28O+mrir8dfEiq9VY5177u7+WuXf3Trvz5ale7NQ+myj92en7+aN/TmeZZ/9xkcf/Nqjn33Nivuz0W9+bHr978VTX9p0/h1b4fwb+/5fFttLD/XYyNhocfyOpL0z1nI+bn2pRvNz11C+7eemV3c+Hgt/Nvp8fEOX8/GOtnX7fT4ea39y8Xw81OunHevT/npOhHlyaqb7+bixzo69a52To13Px7eGOhT2/ytCp5D6oqa5s9K8TdsaHR0Lz2s0bqF1nu5rWX8s9GaNbT25N7wpTKNc3Ty9/dZi/ZGm+0UbNU8n29bt9zxNP/taaZ4O9frp25Vpfz0nwry4YV/3edpY5+l71n/u3Br/2XTuHO81B8dGxhtjHkuTMD/fZ4tb4xy8OzuenclOZbP5reP5fBrKtzV17+rOlePhz0afK3d0mYO3t63b7zmYvo+tNPeGRpc/+T5ofz0nwrx44t7uc7CxzmsP9Pe96+1hSVqn6b1r+8/XVvqZ181tu+lqzZXRMM5vHOj+s9nGOqcOrrXP7L6f7gxLrumwn9qP35WOqdlsY/bTjjDOZw+uvJ8a42ms85lDq5xPh7Msu/jB+/Of94bfr1y88J0vt/zepdPvdC5+8P4fX3vin9YyfgAG3y+Lsq34Xtf0m6nV/P4fAAAAGAix7x8ONdH/AwAAQGXEvj/+r/BE/w8AAACVEfv+0VCTKvT/f9x7lR2vfXb+lxezlMxfDOLtaTc8UKwXM64z4evJxSWN5fd/ce5//vHi6oY3nGXZzx/4o47r73ggjqswGcb51Otaly/z5btWte2jD11M223Or38uPH58PqudBp0iuDNZln31+k/l25l8z+W8Pv3A0bw+eOnxxxrrPHeo+Dre/5kXFuv/VQj/Hj5xrOX+z4T98MNQZ97UeX/E+33p8it2HnjX0vbi/YZ2XZc/7SfeWzxu/JycTz9WrB/380rj/9onn/xSY/1HXtZ5/BeHO4//yfC4Xwz1f19crN/8GjS+jvf7eBh/3F68391f+HrH8T/1iWL9s68v1jsaatz+7eHr3a9/dr55fz0ydKzleWVvKNaL25/5zp/mt8fHi4/fPv6JI5db9kf7/Hj634vHmW5bPy6P24n+oW37jcdpnp9x+0/+ydGW/dxr+089+MyLG4/bvv0729Y7+8E78u0vPV7rJzb99cc/1XF7cTyH//5sy/M5/PZwHIftP/HeMB/D7f/3VPF47Z+ucPTtreefuP7ntl9seT7RG39abP+pV53M65aJrduued611116aWPfZdm3txSP12v7J//mTMv4P39jsT/i7TGj3779lcTtn/vQ1OkzCxfmZ9NeffT6/LNz3lyMJ473+nBubf/6yJnz75s7NzkzOZNlk9X9CL0r9oVQf1yUS93XXlx2Br3jofB63vyXX9122799Mi7/j3cWyy+/qfi+9fKw3qfD8u3h9Vvb9pd74pYb8+N76OkwwsXlnxe8Hjt3//fBXp/vmwvPv/19QZzvZ1/0vnw/NG7Lv2/E43qd4//ebPE4Xwn7dTF8MvOuG5e217x+/GyEy+8ojvd1779wmouv69+F1/stPyweP44rPt/vhfcxX9/Rer6L8+MrF4fbHz//FI9L4XySXSpuj2vF/X35uRs7Di9+Dkl26ab86z9Lj3PTmp7mShY+vDB9av70hUemz88tnJ9e+PBHjjx85sLp80fyz/I88v5e9186P23Lz0+zc/vvyfKz1ZmiXGWbPf6zDx2fPTBz2+zciWMXTpx/6OzcuZPHFxaOz80u3HbsxIm5D/W6//zsfXv2Htp3YO/UyfnZ+w4eOrTv0NT86TONYRSD6mH/zAemTp87kt9l4b57Du259957ZqYePjM7d9+BmZmpC73un39vmmrc+w+nzs2dOnZ+/uG5qYX5j8zdt+fQ/v17e34a4MNnTyxMTp+7cHr6wsLcueniuUyezxc3vvf1uj/VtPD94v1su6Hig/iyt925P30+a8MXP7riQxWrtH2A6LPhs2i++fyzB1fzdez7x0JNqtD/AwAAALnY94+Hmuj/AQAAoDJi378l1ET/DwAAAJUR+/6JUNN/CahJ/1+5/P+Oi6vavvy//H/z/pL/r1n+/x1ly/8X5wv5//5Yb/6+Dvn/Va0o/y//L/8v/y//Tx+ULf8f+/6tWeb3/wAAAFBRse/fFmqi/wcAAIDKiH3/NaEm+n8AAACojNj3Py/UpCb9v/y//L/8v/y//H/n7cv/Dyb5/+5Klv+faF8g/7/5+f+sXvn/S/0c/ybk/7c2fyH/TxmVLf8f+/5rQ01q0v8DAABAHcS+/7pQE/0/AAAAVEbs+68PNdH/AwAAQGXEvn97qElN+n/5/3Xl/1PmanDz/8WW5f/l/+X/5f+rQv6/u5Ll/5eR/9/8/L/r/w9U/r+F/D9lVLb8f+z7nx9qUpP+HwAAAOog9v0vCDXR/wMAAED5jF7Z3WLf/8JQk2X9/xVuAAAAANh0se+/IWsLgtfk9//y/67/X9rr/4/J/8v/F8qf/x/J5P/LQ/6/O/n/HvqR/78k/y//L/8v/09Utvx/3vdnE9mLQk1q0v8DAABAHcS+/8ZQE/0/AAAAVEbs+38l1ET/DwAAAJUR+/4doSY16f/l/yuT//9Z80tXify/6//L/wflz/+7/n+ZyP93J//fg+v/y//L/8v/01cLHTulzcv/x77/plCTmvT/AAAAUAex77851ET/DwAAAJUR+/5fDTXR/wMAAEBlxL5/Z6hJTfp/+f+S5/9jcrSO1/+X/5f/D8qc/5+Q/y8d+f/u5P97kP+X/5f/l/+nrxa+X7yfbbdZ+f/Y97841KQm/T8AAADUQez7XxJqov8HAACAyoh9/0tDTfT/AAAAUBmx758MNalJ/7+W/P/QJfn/lVzl6/+Pr+L6/y3k/zcl/z8q/1+oU/4/k/8vHfn/7uT/e5D/l/+X/5f/p6/Klv+Pff8toSY16f8BAACgDmLfvyvURP8PAAAAlRH7/ltDTfT/AAAAUBmx798dalKT/t/1/wci/5/J/w9E/t/1/wP5/87k/zeG/H938v89yP/L/8v/y//TV2XL/8e+/2WhJjXp/wEAAKAOYt9/W6iJ/h8AAAAqI/b9Lw810f8DAABAZcS+//ZQk5r0//L/8v/y//L/8v+dt7/h+f9L8v/9IP/fnfx/D/L/8v/y//L/9FXZ8v+x739FqElN+n8AAACog9j33xFqov8HAACAyoh9/52hJvp/AAAAqIzY90+FmtSk/5f/l/+vZv7/P+X/u2xf/r+k+X/X/+8L+f/u5P97kP+X/+9H/n8sLJD/l/9n0/P/8f1a/Dr2/XeFmtSk/wcAAIA6iH3/3aEm+n8AAACojNj3T4ea6P8BAACgMmLfPxNqUpP+X/5f/r+a+X/X/++2/XXl/1+69Ljy/wX5/3KR/+9O/r+Hfub/t8j/1zb/v67r/4/J/1Mpm53/b/869v17Qk1q0v8DAABAHcS+f2+oif4fAAAAKiP2/ftCTfT/AAAAUBmx778n1KQm/b/8v/y//L/8v+v/d96+/P9gkv/vrv/5//gU5f9d/1/+vz/5f9f/p1rKlv+Pff+9oSY16f8BAACgDmLfvz/URP8PAAAAlRH7/gOhJvp/AAAAqIzY9x8MNalJ/y//L/8v/y//L//fefvy/4NJ/r871//vQf5f/n+A8/+NuSX/T9mULf8f+/5DoSY16f8BAACgDmLf/8pQE/0/AAAAVEbs+38t1ET/DwAAAJUR+/5fDzWpSf8v/y//L/8v/7/J+f+xXvn/cfl/+f81kP/vTv6/B/l/+f8Bzv+vcP3/a8PN8v9sirLl/2Pff1+oSU36fwAAAKiD2Pf/RqiJ/h8AAAAqI/b9rwo10f8DAABAZcS+/3CoSU36f/n/Dcr/x4Xy//L/8v+u/y//f1XJ/3cn/9+D/L/8f/Xy//2+/n/7t+lE/p9Oypb/j33/q0NNatL/AwAAQB3Evv/+UBP9PwAAAFRG7PtfE2qi/wcAAIDKiH3/a0NNatL/y/+7/v/m5//HWsYu/790P/n/gvy//P9ayP93J//fg/y//L/8v+v/01dly//Hvv91oSY16f8BAACgDmLf//pQE/0/AAAAVEbs+98QaqL/BwAAgMqIff8bQ01q0v/L/8v/b37+3/X/5f8L8v/y//0g/9+d/H8P8v/y//L/8v/0Vdny/7Hv/81Qk5r0/wAAAFAHse9/INRE/w8AAACVEfv+N4Wa6P8BAACgMmLf/+ZQk5r0//L/8v/y//L/8v+dty//P5jk/7sbsPz/L64Ly+X/C/L/5R7/WvP/o21fX5X8/w9Wyv8vbmm/v/w/V0PZ8v+x739LqElN+n8AAACog9j3vzXURP8PAAAAlRH7/reFmuj/AQAAoDJi3/9boSY16f/l/xvjWEovy//L/+cL5P/l/+X/B5b8f3cDlv93/f828v/lHr/r/8v/s1zZ8v+x7397qElN+n8AAACog9j3Pxhqov8HAACAyoh9/ztCTfT/AAAAUBmx739nqElN+n/5f9f/l/+X/5f/77x9+f/BJP/fnfx/D/L/8v9ly///l/w/g61s+f/Y9z8UalKT/h8AAADqIPb97wo10f8DAABAZcS+/7dDTfT/AAAAUBmx7393qElN+n/5/0HJ/0/K/68x/z8elsn/y//L/9eL/H938v89yP/L/5ct/+/6/wy4suX/Y9//nlCT1ff/E6teEwAAALia2n+dlMS+/3dCTWry+38AAACog9j3/26oif4fAAAAKiP2/b8XalKT/l/+f1Dy/67/n7n+v/x/2/OR/5f/72Tj8v/xzLOm/P+WXtuX/5f/l/8f3PHL/8v/s1zZ8v+x7//9UJOa9P8AAABQB7Hvf2+oif4fAAAABkKn/5PdLvb9R0JN9P8AAABQGbHvPxpqUpP+X/5f/l/+v6T5/7/Y9S/f/dZbj+6R/5f/l/9fkw29/n/j4Hf9f/l/+f9E/l/+X/6fdmXL/8e+/1ioyVLj92YX+AcAAIDBFvv+Pwg1qcnv/wEAAKAOYt9/PNRE/w8AAACVEfv+2VCTmvT/8v+bmP8fzbJM/l/+v4LX/4/7Y5Dy/1NbBij/H0+68v8dbWj+/11LOXH5/7Xm/8c7Lm3P/w/J/7eQ/1/z+L+ZZdmGjf/iv8r/y//Trmz5/9j3z4Wa1KT/BwAAgDoIff/wiaIu3aD/BwAAgMqIff/JUBP9PwAAAFRG7PvfF2pSk/5f/t/1/+X/5f9d/7/z9kub/3f9/67k/7srT/6/M9f/l/8f5PG7/r/8P8uVLf8f+/75UJOa9P8AAABQB7Hvf3+oif4fAAAAKiP2/R8INdH/AwAA/8/efTxZXpd7HD8NTc1MUbfq7u7iLu7du3LNQlYu9A9wwYaFlqEUVMyJwRwx54CWihgwgCImzAlMKGJExSxiwoSojMX08zzTPf3r3+meOd3nd77f12vhIy3jaS0EPoxvvkAzcvc/PG7pZP/r//X/Tfb/h/T/Y5+v/9f/t0z/P07/P4f+X/+v/9f/s1BT6/9z9z8ibulk/wMAAEAPcvdfELfY/wAAANCM3P0Xxi32PwAAADQjd/8j45ZO9r/+X//fZP9/39sfevd99P87fb7+X//fMv3/OP3/HPp//b/+X//PQk2t/8/d/6i4pZP9DwAAAD3I3f/ouMX+BwAAgGbk7r8obrH/AQAAoBm5+x8Tt3Sy/0/q/9dmffb/mfHq/1vq/73/v+Pn6//1/y072P7/knt+z6f/1//r/4P+X/+v/+dkU+v/c/c/Nm7pZP8DAABAD3L3Py5usf8BAACgGbn7Hx+32P8AAADQjNz9T4hbOtn/3v/3/r/+X/+v/x/+fP3/avL+/7ie+v+Lbjr7gjuu+d9r9/L5+n/9v/5f/89iTa3/z93/xLilk/0PAAAAPcjd/6S4xf4HAACAZuTuf3LcYv8DAADACjoy+NXc/U+JWzrZ//p//b/+P/r/w/p//b/+vwX6/3E99f+n8vn6f/2//l//z2JNrf/P3f/UuKWT/Q8AAAA9yN3/tLjF/gcAAIDpGvo/Yo/I3X9x3GL/AwAAQDNy9x+NWzrZ//r//e///63/X43+3/v/+n/9fxP0/+P0/3Po//X/+n/9Pws1tf4/d/8lcUsn+x8AAAB6kLv/6XGL/Q8AAADNyN3/jLjF/gcAAIBm5O5/ZtzSyf7X/3v/X/+v/z/4/n/jd7b6/xP/rer/F0f/P07/P4f+/3T7+bP0//p//T+b7bH/v2vkd9sL6f9z9z8rbulk/wMAAEAPcvc/O26x/wEAAKAZufufE7fY/wAAANCM3P3PjVs62f/6f/2//l//f8r9//bf9I7z/v8w/f/B0P+Pm0z/v7Y++GX9/8r3/97/1//r/9liau//5+5/XtzSyf4HAACAHuTuf37cMrL/9/wX8wEAAIClyt3/grjFz/8DAADAysvqLHf/C+OWTva//l//r//X/x/8+/+r3/9fu+n70/9Pi/5/3GT6/x3o//X/q/z96//1/2w3tf4/d/+L4pZO9j8AAAD0IHf/pXGL/Q8AAADNyN3/4rjF/gcAAIBm5O5/SdzSyf4f7v9P/OuT7v9PjoRn+v+k/2+7/89/R/3/aP9/rvf/+6T/H6f/n0P/r//X/+/U/x+Z9+P1/wyZWv+fu/+lcUsn+x8AAAB6kLv/ZXGL/Q8AAADNyN3/8rjF/gcAAIBm5O5/RdzSyf73/r/+X/+/ev2/9/83LPP9/9mB9//r+v9dWm7/v3Z3/hFU/39q37/+X/+/yt9/k/3/WbOt7/+P/F0A9P8MmVr/n7v/lXFLJ/sfAAAAepC7/1Vxi/0PAAAAq2Hz/3dg6K242ax2/6vjFvsfAAAAmpG7/zVxSzv7f/StTv2//l//r//X/w9//oMvW59Np//3/v9uef9/nP5/Dv3/fvTz6431/5ft9OOn0P9fvH/v/9973o/X/zNkS/9/3YmvL6v/z93/2rilnf0PAAAA3cvd/7q4xf4HAACAZuTuf33cYv8DAABAM3L3vyFu6WT/73v/P/J3H9D/6//1//r/aff/U3r/X/+/W/r/cfr/OfT/3v/3/r/+n9O36U8Zt/T/myyr/8/d/8a4pZP9DwAAAD3I3f+muMX+BwAAgGbk7r8sbrH/AQAAoBm5+98ct3Sy/73/r//X/+v/9f/Dn6//X02n1d+fof8v+n/9v/5f/6//ZwGm1v9v3f397X8AAADowVuO/+Ph+Ov19j8AAAC0KHf/W+MW+x8AAACakbv/bXFLJ/tf/7+//X9+Xf+v/5/p//X/+v8D0e37/2tDfyTabof+/4aHHL3/1q/o//X/+n/9v/6fXfrvkX9tEv3/sRN/dpm7/+1xSyf7HwAAAHqQu//yuMX+BwAAgGbk7n9H3GL/AwAAQDNy918Rt+xx/481D1Om//f+v/5f/6//H/58/f9q6rb/3yXv/8+h/9f/6//1/yzUJPr/Tb+cu/+dcYuf/wcAAIBm5O5/V9xi/wMAAEAzcve/O26x/wEAAKAZufvfE7d0sv/1//p//b/+X/8//Pn6/9Wk/x+n/59jlfr/K06j/18f/vKy+/nTtezvX/+v/2e7qfX/ufuvjFs62f8AAADQg9z9741b7H8AAABoRu7+98Ut9j8AAAA0I3f/++OWTva//l//r//X/+v/hz9f/7+a9P/j9P+z2eyqkW9gqP8/dmia/b/3/yf3/ev/9f9sN7X+P3f/B+KWTvY/AAAA9CB3/1Vxi/0PAAAAzcjdf3XcYv8DAABAM3L3fzBu6WT/6//1//p//b/+f/jz9f+rSf8/Tv8/xyq9/6//n9z3r//X/7Pd1Pr/3P0fils62f8AAADQg9z918Qt9j8AAAA0I3f/h+MW+x8AAACakbv/2rilk/2v/9f/6//1/wP9//H/qev/9f+raP/6/5n+X/+v/59D/6//1/9zsqn1/7n7PxK3dLL/AQAAoAe5+z8at9j/AAAA0Izc/R+LW+x/AAAAaEbu/o/HLZ3sf/2//l//r//3/v/w5+v/V5P3/8fp/+fQ/+v/9f/6fxZquP+/eGn9f+7+T8Qtnex/AAAA6EHu/uviFvsfAAAAmpG7/5Nxi/0PAAAAzcjd/6m4pZP9r//X/2/t/2cz/b/+X/+/YaD/v/nOy/+rfnkB/f/hmf5/4fT/4/T/c+j/2+z/z5g11P8f2fHH6/+Zoqm9/5+7/9NxSyf7HwAAAHqQu/8zcYv9DwAAAM3I3f/ZuMX+BwAAgGbk7v9c3NLJ/tf/6/8X/P7/becPfB/6/w36/5Xv/73/vwL0/+P0/3Po/9vs/73/r/9naabW/+fu/3zc0sn+BwAAgB7k7v9C3GL/AwAAQDNy938xbrH/AQAAoBm5+78Ut3Sy//X/+v8F9//e/9f/6/93oP8/GPr/cfr/OfT/zfX/+Wf3+n/9P8sxtf4/d/+X45ZO9j8AAAD0IHf/9XGL/Q8AAADNyN1/Q9xi/wMAAEAzcvd/JW7pZP/r//X/+v/V7P8Pb+n/z5zp/0/8+vr/vk2l/z/nnPvdqP/X/+v/l9//e/9f/89yTa3/z93/1bilk/0PAAAAPcjd/7W4xf4HAACAZuTu/3rcYv8DAABAM3L3fyNu6WT/b+//z5ptFKobhvr/aNT0/5vo/7d+//r/4d8+vP+v/9f/77+p9P/e/z+171//r/9f5e9/T/3//2//8fp/WjS1/j93/41xSyf7HwAAAHqQu/+bcYv9DwAAAM3I3f+tuMX+BwAAgGbk7r8pbulk/3v/X/+v/9f/6/+HP1//v5r0/+P0/3Po//X/3v+/8IFn6v9ZnKn1/7n7vx23dLL/AQAAoAe5+2+OW+x/AAAAaEbu/u/ELfY/AAAANCN3/3fjlk72v/5f/6//1//r/4c/X/+/mvT/4/T/5eT/aBv66f8PD31x2f386Vr2999M/+/9fxZoav1/7v7vxS2d7H8AAADoQe7+78ct9j8AAAA0I3f/D+IW+x8AAACakbv/h3FLJ/tf/6//b7//P1//f9Ln6//1/y3T/+cf0Yfp/+fop/8ftOx+ftW/f/2//p/tptb/5+6/JW7pZP8DAABAD3L3/yhusf8BAACgGbn7fxy32P8AAADQjNz9P4lbOtn/+v+++v+1WY/9v/f/9f/6/57o/8fp/+fQ/+v/9f/6fxZqav1/7v5b19a73P8AAACwqh5wr4fdsttf99bj/3h49tO45dzZsV3+NDYAAAAwcffs/rX12exnx3/Jz/8DAABAi3L3/zxu6WT/6//76v/7fP9f/6//1//3RP8/Tv8/h/5f/6//1/+zUFPr/3P3/yJu2TT81vf8nxIAAACYktz9v4xbOvn5fwAAAOhB7v5fxS3b9r+/HSAAAACsqtz9v45bOvn5f/3/xPv/2T71//Hr6f836P/1/0Ofr/9fTfr/cafZ/x9b0//r/0fo//X/+n9ONrX+P3f/b+KWTvY/AAAANGrLX1HI3X9b3GL/AwAAQDNy9/82brH/AQAAoBm5+2+PWzrZ//r/A+//M1Xfx/f/j9Q/8/5/5/3/pYcHP1//r/9vmf5/nPf/59D/t9L/H9L/6/+Zhqn1/7n7fxe3dLL/AQAAoAe5+38ft9j/AAAA0Izc/X+IW+x/AAAAaEbu/j/GLZ3sf/3/xN//P6X+fxfv/+v/++j/d/j8dvr//zn76PXnPejqK/X/nHCQ/X/+tnDA/f+hvf57bqb/n0P/30r/7/1//T8Tsfj+f33LF/fa/+fu/1Pc0sn+BwAAgB7k7r8jbrH/AQAAoBm5+/8ct9j/AAAA0Izc/X+JWzrZ//p//f9U+v/873oJ/f/RU+7/j8xms6X0/9kU997/e/9f/7+d9//H6f/n0P/r//X/+n8WavH9/9Yv7rX/z93/17ilk/0PAAAAPcjd/7e4Jff/2p7/0j0AAAAwMbn7/x63+Pl/AAAAaEbu/jvjlk72v/5f/z+V/j95///Ej2vr/f/zKk7ts///v/pn+v/9pf8fp/+fQ/+v/9f/6/9ZqKn1/7n7/xG3dLL/AQAAoAe5+++KW+x/AAAAaEbu/n/GLfY/AAAANCN3/7/ilk72v/6/1f4/i3j9v/5/Kv2/9/+9/38w9P/j9P9z6P/1//p//T8LNbX+P3f/fwIAAP//krZdRQ==")
syz_mount_image$fuse(0x0, &(0x7f00000003c0)='./bus\x00', 0x20000, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x200000, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
mount$overlay(0x0, &(0x7f0000001340)='./file0\x00', &(0x7f00000000c0), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

2m23.382859144s ago: executing program 2 (id=1644):
syz_mount_image$btrfs(&(0x7f0000000200), &(0x7f0000005600)='./file0\x00', 0x800, &(0x7f0000000240), 0x0, 0x559e, &(0x7f0000005680)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x4, 0x80)
open_by_handle_at(r0, &(0x7f0000000080)=@FILEID_BTRFS_WITH_PARENT={0x28, 0x4e, {0x7fff, 0x1, 0xf, 0xd0, 0x7, 0xc}}, 0x80200)

2m23.010170475s ago: executing program 2 (id=1646):
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000400)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="1c"], 0x20)

2m22.908266512s ago: executing program 35 (id=1646):
bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000400)=ANY=[@ANYRES32, @ANYRES32, @ANYBLOB="1c"], 0x20)

3.927250109s ago: executing program 6 (id=3052):
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r0, 0x4001af84, 0x0)

3.852000796s ago: executing program 6 (id=3054):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000180)={'dummy0\x00', &(0x7f0000000000)=@ethtool_perm_addr={0x4b, 0x23, "43720705000000004786b89e6fb2be5c3f000000a69e0825471829a0395ebb7bf7b555"}})

3.796833702s ago: executing program 6 (id=3055):
syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x48e01)
r0 = syz_io_uring_setup(0x70ca, &(0x7f0000000080)={0x0, 0x0, 0x11100, 0x3, 0x17d}, &(0x7f0000000100)=<r1=>0x0, &(0x7f00000003c0)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x3, 0x0, &(0x7f0000000440)=[{&(0x7f0000000140)="8d", 0x1}], 0x1, 0x0, 0x1})
io_uring_enter(r0, 0x4d10, 0x2, 0x2, 0x0, 0x0)

3.742833128s ago: executing program 6 (id=3058):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x448, &(0x7f0000000080)=ANY=[@ANYBLOB="18b0f1"])

2.783330771s ago: executing program 5 (id=3072):
r0 = syz_open_dev$loop(&(0x7f0000000040), 0xffffffffffff9c94, 0x6901)
ioctl$LOOP_SET_CAPACITY(r0, 0x4c07)

2.719624134s ago: executing program 5 (id=3073):
r0 = getpgrp(0x0)
r1 = syz_pidfd_open(r0, 0x0)
process_madvise(r1, &(0x7f0000003b80)=[{0x0}, {&(0x7f0000000440)="a0", 0x1}], 0x2, 0x15, 0x0)

2.719471499s ago: executing program 5 (id=3074):
syz_usb_connect(0x2, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000009968810524711004f320102030109021b0001000000000904"], 0x0)

1.430527217s ago: executing program 5 (id=3078):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), r0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000004c0)={'veth1_virt_wifi\x00', <r3=>0x0})
sendmsg$ETHTOOL_MSG_STRSET_GET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)={0x34, r1, 0x3141e0b2751b0f9b, 0x70bd2d, 0xa55ddbfe, {}, [@ETHTOOL_A_STRSET_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'ip6_vti0\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r3}]}]}, 0x34}, 0x1, 0x0, 0x0, 0x6051}, 0x44800)

1.339311268s ago: executing program 5 (id=3079):
r0 = syz_io_uring_setup(0xad3, &(0x7f00000002c0)={0x0, 0x3594, 0x10, 0x1003, 0x21e}, &(0x7f0000000240)=<r1=>0x0, &(0x7f0000000340)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0x2a5cc081, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x4, 0x0, 0x80, 0x2, 0x0, 0x127, 0x0, 0x1, {0x1}})
io_uring_enter(r0, 0x6efc, 0x3900, 0xb, 0x0, 0x0)
io_uring_register$IORING_REGISTER_SYNC_CANCEL(r0, 0x18, &(0x7f00000000c0)={0x1, 0xffffffffffffffff, 0x0, {0x200000000000000, 0x5}, 0xfc}, 0x1)

869.316895ms ago: executing program 5 (id=3081):
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
fdatasync(0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000b40)='source', &(0x7f0000000040)='c:::\x00', 0x0)
r4 = gettid()
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
tkill(r4, 0xb)
utimensat(0xffffffffffffff9c, &(0x7f00000003c0)='.\x00', 0x0, 0x0)

554.953446ms ago: executing program 4 (id=3082):
syz_emit_ethernet(0x8a, &(0x7f0000000000)={@broadcast, @multicast, @val={@void}, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x1, 0x0, @private=0xa010102, @local}, @redirect={0x3, 0x2, 0x0, @broadcast=0x1000000, {0x17, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, 0x0, @private, @empty, {[@timestamp_addr={0x44, 0xc, 0x0, 0x1, 0x0, [{@remote, 0x4e210000}]}, @timestamp_addr={0x44, 0x3c, 0x0, 0x1, 0x0, [{@multicast1}, {}, {@dev}, {@private}, {@empty}, {@initdev={0xac, 0x1e, 0x0, 0x0}}, {@dev}]}]}}}}}}}, 0x0)

431.67064ms ago: executing program 4 (id=3083):
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000081000000bfa300000000000007030000f1feffff720af0fff8ffffff71a4f0ff0000000071103b00000000001d400500000000004704000001ed00000f030000000000006f44000000000000730a00fe000000007203000000000006b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f18564a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccc99069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad24b89b6a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c87852730a3bd7ac923fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca4856ff03b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec860cde7c79f7b4d4e24c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b450100000001000000393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00400000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd599c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb80610eb37bd2d40ebdfed687f0b093e68f10b72146a0b749ee2105e2da94a288146abbbaf7c0b24fe0000000000000000f1a4f4de6a8d12dc9e71a20cbd412898586843b534d36e21379a8a06133c1babde9e5bd5b6afc5f684aada43ee560e800f58cb33b8483f6518abde7c86bd5d389c1b3c40fdd4bebe4adf87b1025ff57eb50984cc5bad9ea1c15484ea627c3c1501d612ed65939266e7332966f03e0376076e7c5dfe25f367dda7f69db89829b360dd2f59cbaad10f13e269eca792725bbacb96aa0a5c426ca76f84322661"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xffa3}, 0x48)

302.806375ms ago: executing program 6 (id=3084):
syz_mount_image$ocfs2(&(0x7f0000000840), &(0x7f0000000040)='./file1\x00', 0x8c1, &(0x7f0000000880)=ANY=[@ANYBLOB='acl,heartbeat=none,dir_resv_level=00003,coherency=full,coherency=full,localflocks,coherency=full,noacl,\x00'/119], 0x1, 0x443a, &(0x7f0000000900)="$eJzs3c9PHNcdAPA3A63B9Q9wfXClSl2pllq1Flp8aoulYoyNwaau3NqqelkvsLZpF9aCperBB3qz1FOkHKIcrETyDeVgccjV+RNyydE5W0oOuUSKZIVod2eBmV3CBrEQ0OcjeYf5zvvFfncebw/jFyeqj+eXc/PLueJirjL7cPly7j+V8spCKcQH5LD7pzPdyJPcH54712787f7lED6Z++zNxsbGRqjpDW0Nb/v566+ezm4/NsWZOrV227e2X/4ZQjjfMq6anhDCPz4OIQohXE1iY8mxP4RwJjSu3X/6/we5fRrNy9elK4W308/WRy5OrT1f3/l3j0J4v/yLS48Wvvh1z8jnv9un7gEAAAAAAAAAAAAAAAAAOOIm7t6599f8cHgVhd61qPV53YnkuNPzsRv75lfd/2UBAAAAAAAAAAAAAAAAAADgR2rr+f9cdK7N8//jyXG09vJRa/2NPx/MOOmOyb/cGb+eH072f49arv8hCX15tScMttn3Pbv/+9VM/fb7v7f2s1fN8TX7HQhRPJQ6j+OhoRA+TDZ+vxCdjMuV5ervH1ZWFuf2bRhHVjr/jd37U9lJNvTvNP9jmfa7v///z1s+TbXzB9/3ETvb3REdJen89+xY7sX/oo7yfy1T7yDyz96l899bj/VvLzDamABq+X+nd/f8j2fa71b+z4QQclFtrLnUDFBbw9Tio93o9BhK5/8n9Vhq6kzeyJ3u/28y+b+eaf+w5v/V7B8i2krn/6f1WF+qxNb9Pxjvfv/fyLR/GPmvjX91/5aYx1o6/ycawd5Ukfo72en8P5Fpv1v5vxcn4zwTpT4Ba1Ej3vz/6vq60fkxks5/67u19f0v7mj9dzNT/6C+/zX7bX7/a07/v40a3/9oL53//h3LdXr/T2bqdXv+H62v/9irdP5P1mPptfNA/bXT/E9l2t+n/PdmA/VVSV8z/1vzybcnGvEPrP86ks7/zxrBeHuJ1fprff0X7b7+v5Vp/zDWf7Xxr8bd7fW4SOf/1I7lXlzKh087+Pt/O1Ov+/kPIW+tv2fp/J/esVz9/u/bPf/TmXrdzv9vutk4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBEwlhwHQhQPpc7jeGgohGvJ+YVwMpopzhVmypXZfy+HMJ7Ec+Fc9KhcmSmWC/OLlblSoVguV2ZDuJ5cPx/6ouVypVpYKD65sdlWf/S4VFyqzpSK1RDCRBL/ZTjdbGtmvrpQfBJCuLl57WxcWXryuLhYmJtf+lM+n8+Hyc0xDEal/1ZLi9VG742rIUxt1h2Itg2ufvnW5lhORf+qrCwtFsv1+O1tdcqV2WJ5W53p5Nq7YTCqLq0szharpUK58qjZ32EaTY7jk3f/fvf2cMv1B1HjOHawwwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgB3o18sf3Qgg9jbO4Ga79ECX/Ul6+Ll0pvJ1+tj5ycWrt+fqbdmUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDv2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIu/aM0EERxAH4zFlp6DKtlt7NdUUQLVwRPoMfwMHoUL+EdLFKkTRECySyE/QPbJNX3NQ/mx8x7MA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlnt8695f6yYixdX2MuL38+//OH8u9ftu+v7FGWbkdJ5euvuHuin/nkb5bTlatXmfbtZfHzFRez+DPRnu08G4z9Dcvs3N1/e9jpSriGhLfpNyrqplbwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCOHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAsQAAAACAMH/rKPo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBXAAAA//8qvh/S")

302.357404ms ago: executing program 4 (id=3085):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x802)
ioctl$SG_GET_PACK_ID(r0, 0x227c, &(0x7f0000000000))

182.500537ms ago: executing program 4 (id=3086):
r0 = socket(0xa, 0x3, 0xff)
setsockopt$inet6_int(r0, 0x29, 0x5, &(0x7f00000000c0)=0x85, 0x4)
syz_emit_ethernet(0x4e, &(0x7f00000020c0)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa3986dd6c370c8900182b01fe800000000000000000000000000025fe8000000000000000000000000000aaff"], 0x0)
recvmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000002240)=""/17, 0x15}, 0x8e0f}], 0x400029c, 0x40010142, 0x0)

91.308967ms ago: executing program 4 (id=3087):
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x77, 0x101301)
ioctl$USBDEVFS_SUBMITURB(r0, 0x8038550a, &(0x7f0000000100)=@urb_type_control={0x2, {0x5}, 0x5, 0x41, &(0x7f0000000040)={0x60, 0x15, 0x0, 0x2, 0x2}, 0x8, 0x6, 0x2c, 0x0, 0x3, 0x1, 0x0})

3.410914ms ago: executing program 4 (id=3088):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000000), 0xffffffffffffffff)
syz_usb_connect(0x2, 0x0, 0x0, 0x0)
sendmsg$NBD_CMD_CONNECT(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f0000000140)={0x20, r1, 0x1, 0xffffffff, 0x0, {}, [@NBD_ATTR_SOCKETS={0x4}, @NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x20}}, 0x20000000)

0s ago: executing program 6 (id=3089):
pipe2$9p(&(0x7f0000000a80)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x4800)
fcntl$lock(r0, 0x6, &(0x7f0000000b00)={0x2, 0x1, 0xffffffffffffffff, 0xfffffffffffffff8})

kernel console output (not intermixed with test programs):

][   T56] erofs (device loop5): failed to decompress (lz4) corrupted compressed data @ pa 0 size 4096 => 3324
[  266.937596][ T5852] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  267.036593][T10471] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1691'.
[  267.109246][ T5852] usb 5-1: Using ep0 maxpacket: 8
[  267.112401][ T5852] usb 5-1: config 0 has an invalid interface number: 33 but max is 1
[  267.114870][ T5852] usb 5-1: config 0 has no interface number 1
[  267.116741][ T5852] usb 5-1: config 0 interface 33 altsetting 0 endpoint 0x6 has an invalid bInterval 0, changing to 7
[  267.122850][ T5852] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 247
[  267.140908][ T5852] usb 5-1: New USB device found, idVendor=2040, idProduct=2950, bcdDevice=85.f1
[  267.144489][ T5852] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  267.146937][ T5852] usb 5-1: Product: syz
[  267.148197][ T5852] usb 5-1: Manufacturer: syz
[  267.149651][ T5852] usb 5-1: SerialNumber: syz
[  267.169468][ T5852] usb 5-1: config 0 descriptor??
[  267.174592][ T5852] pvrusb2: Hardware description: WinTV PVR USB2 Model 29xxx
[  267.394611][ T5852] pvrusb2: Hardware description: WinTV PVR USB2 Model 29xxx
[  267.400639][ T2396] pvrusb2: Invalid read control endpoint
[  267.413553][ T2396] usb 5-1: Direct firmware load for v4l-pvrusb2-29xxx-01.fw failed with error -2
[  267.417582][ T2396] usb 5-1: Falling back to sysfs fallback for: v4l-pvrusb2-29xxx-01.fw
[  267.431198][ T5852] usb 5-1: USB disconnect, device number 21
[  267.577346][T10481] loop5: detected capacity change from 0 to 32768
[  268.050798][T10500] loop4: detected capacity change from 0 to 16
[  268.054640][T10500] erofs (device loop4): rootino(nid 36) is not a directory(i_mode 146300)
[  268.156032][ T5866] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  268.252091][ T5822] Bluetooth: hci1: command tx timeout
[  268.281504][T10508] loop4: detected capacity change from 0 to 512
[  268.299722][T10508] EXT4-fs: Ignoring removed i_version option
[  268.303145][T10508] EXT4-fs: Ignoring removed oldalloc option
[  268.313667][T10508] EXT4-fs (loop4): 1 truncate cleaned up
[  268.319233][T10508] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  268.324685][ T5866] usb 6-1: Using ep0 maxpacket: 16
[  268.330233][ T5866] usb 6-1: unable to get BOS descriptor or descriptor too short
[  268.336267][ T5866] usb 6-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  268.345500][ T5866] usb 6-1: New USB device found, idVendor=03f0, idProduct=0004, bcdDevice= 0.40
[  268.349598][ T5866] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  268.352821][ T5866] usb 6-1: Product: syz
[  268.354412][ T5866] usb 6-1: Manufacturer: 庤⊢赵Ȕⵎﲰ뭣⥗뎥ࣛ呼鵉᝽锽ᐄﭑ俈赺⫱ȟ”澿늀᪩졸欁ʆ訬࿛訥䶃≈ㅁ犔戨䘳粞琉呥藅⓭幓럛濹葄맭驓禧⋿⌜䆀붥₲琞퐠我㶛ऊ脠씋藄젶ꀀ㔦Ჯ攆੧遳氐哶莪뵗妬誘絹羫圔レ⸼ꧮ玥䵤䞨䠈옺纗袊㟩蜲뻂꼺ŭ笗⶘ᾫ혍䑚㗀꼱眃
[  268.366833][ T5866] usb 6-1: SerialNumber: syz
[  268.371383][ T8492] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.629935][ T5866] usb 6-1: USB disconnect, device number 3
[  268.823493][T10518] loop6: detected capacity change from 0 to 4096
[  268.848525][T10516] loop4: detected capacity change from 0 to 40427
[  268.862102][T10516] F2FS-fs (loop4): invalid crc value
[  268.890405][T10518] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[  268.919641][T10518] ntfs3(loop6): Failed to load $Extend (-22).
[  268.929524][T10516] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  268.930093][T10518] ntfs3(loop6): Failed to initialize $Extend.
[  268.933756][T10516] F2FS-fs (loop4): Start checkpoint disabled!
[  268.940095][T10516] F2FS-fs (loop4): f2fs_disable_checkpoint() finish, err:0
[  268.943395][T10516] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  269.278021][T10526] UDF-fs: error (device loop6): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  269.282320][T10526] UDF-fs: warning (device loop6): udf_load_vrs: No anchor found
[  269.285659][T10526] UDF-fs: Scanning with blocksize 512 failed
[  269.294126][T10526] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  269.309159][   T33] audit: type=1800 audit(2000000010.616:10557): pid=10526 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1715" name="file1" dev="loop6" ino=851 res=0 errno=0
[  269.513768][   T10] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  269.582073][T10541] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  269.593959][T10541] EXT4-fs (loop4): 1 truncate cleaned up
[  269.597726][T10541] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  269.608677][   T33] audit: type=1800 audit(2000000010.897:10558): pid=10541 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1720" name="file1" dev="loop4" ino=15 res=0 errno=0
[  269.625609][   T33] audit: type=1800 audit(2000000010.906:10559): pid=10541 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1720" name="file1" dev="loop4" ino=15 res=0 errno=0
[  269.676311][   T10] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  269.680496][   T10] usb 6-1: config 0 interface 0 has no altsetting 0
[  269.689688][   T10] usb 6-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=7e.ce
[  269.693419][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  269.699941][   T10] usb 6-1: Product: syz
[  269.701783][   T10] usb 6-1: Manufacturer: syz
[  269.703662][   T10] usb 6-1: SerialNumber: syz
[  269.714278][   T10] usb 6-1: config 0 descriptor??
[  269.724803][   T10] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state.
[  269.736632][   T10] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  269.744193][   T10] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0)
[  269.752667][   T10] usb 6-1: media controller created
[  269.780231][   T10] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  269.852498][   T10] DVB: Unable to find symbol tda10046_attach()
[  269.854927][   T10] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0'
[  269.858431][   T10] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected.
[  269.979121][   T10] dvb_usb_m920x 6-1:0.0: probe with driver dvb_usb_m920x failed with error -71
[  269.987500][   T10] usb 6-1: USB disconnect, device number 4
[  269.995672][ T8492] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.394407][T10562] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1729'.
[  270.475454][ T5822] Bluetooth: hci1: command tx timeout
[  270.489457][T10566] team_slave_0: entered promiscuous mode
[  270.492252][T10566] team_slave_1: entered promiscuous mode
[  270.494904][T10566] vlan2: entered promiscuous mode
[  270.498794][T10566] team0: entered promiscuous mode
[  270.643367][T10568] JBD2: Ignoring recovery information on journal
[  270.649805][T10570] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x544194fd, utbl_chksum : 0xe619d30d)
[  270.684965][T10568] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  270.730244][T10568] OCFS2: ERROR (device loop4): int ocfs2_validate_gd_parent(struct super_block *, struct ocfs2_dinode *, struct buffer_head *, int): Group descriptor #17056 has bad parent pointer (3298534883402, expected 74)
[  270.744358][T10568] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  270.748082][T10568] OCFS2: File system is now read-only.
[  270.750125][T10568] (syz.4.1732,10568,1):ocfs2_search_chain:1888 ERROR: status = -30
[  270.753184][T10568] (syz.4.1732,10568,1):ocfs2_search_chain:2011 ERROR: status = -30
[  270.768975][T10568] (syz.4.1732,10568,1):ocfs2_claim_suballoc_bits:2098 ERROR: status = -30
[  270.772260][T10568] (syz.4.1732,10568,1):ocfs2_claim_suballoc_bits:2151 ERROR: status = -30
[  270.778095][T10568] (syz.4.1732,10568,1):ocfs2_claim_new_inode:2392 ERROR: status = -30
[  270.780832][T10568] (syz.4.1732,10568,1):ocfs2_claim_new_inode:2407 ERROR: status = -30
[  270.783376][T10568] (syz.4.1732,10568,1):ocfs2_mknod_locked:642 ERROR: status = -30
[  270.805692][T10568] (syz.4.1732,10568,1):ocfs2_mknod:389 ERROR: status = -30
[  270.816919][T10568] (syz.4.1732,10568,1):ocfs2_mknod:506 ERROR: status = -30
[  270.821847][T10568] (syz.4.1732,10568,1):ocfs2_create:679 ERROR: status = -30
[  270.859703][T10579] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  270.912635][ T8492] ocfs2: Unmounting device (7,4) on (node local)
[  271.261002][ T5845] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  271.299829][T10584] set_capacity_and_notify: 4 callbacks suppressed
[  271.299841][T10584] loop6: detected capacity change from 0 to 32768
[  271.328168][T10584] JBD2: Ignoring recovery information on journal
[  271.366032][T10584] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  271.416219][ T5845] usb 6-1: Using ep0 maxpacket: 16
[  271.420721][ T5845] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  271.426673][ T5845] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  271.436800][ T5845] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  271.443490][ T5845] usb 6-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  271.446786][ T5845] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  271.465158][ T5845] usb 6-1: config 0 descriptor??
[  271.556177][T10348] ocfs2: Unmounting device (7,6) on (node local)
[  271.940259][ T5845] input: HID 05ac:8241 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:05AC:8241.0016/input/input25
[  272.012051][ T5845] appleir 0003:05AC:8241.0016: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.5-1/input0
[  272.136535][ T5845] usb 6-1: USB disconnect, device number 5
[  272.688699][ T5822] Bluetooth: hci1: command tx timeout
[  273.044351][T10647] netlink: 104 bytes leftover after parsing attributes in process `syz.6.1756'.
[  273.137604][ T5845] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  273.297987][ T5845] usb 6-1: Using ep0 maxpacket: 8
[  273.315478][ T5845] usb 6-1: config 2 has an invalid interface number: 31 but max is 0
[  273.318637][ T5845] usb 6-1: config 2 has no interface number 0
[  273.321517][ T5845] usb 6-1: config 2 interface 31 has no altsetting 0
[  273.326816][ T5845] usb 6-1: New USB device found, idVendor=1a86, idProduct=e092, bcdDevice=53.3f
[  273.331947][ T5845] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  273.340623][ T5845] usb 6-1: Product: syz
[  273.344282][ T5845] usb 6-1: Manufacturer: syz
[  273.346085][ T5845] usb 6-1: SerialNumber: syz
[  273.443310][T10651] loop6: detected capacity change from 0 to 40427
[  273.454896][T10651] F2FS-fs (loop6): build fault injection rate: 174
[  273.457393][T10651] F2FS-fs (loop6): build fault injection type: 0x3bfe8c
[  273.469739][T10651] F2FS-fs (loop6): invalid crc value
[  273.521536][T10651] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  273.526129][T10651] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  273.568406][T10348] syz-executor: attempt to access beyond end of device
[  273.568406][T10348] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  273.578539][T10348] CPU: 1 UID: 0 PID: 10348 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  273.578562][T10348] Tainted: [L]=SOFTLOCKUP
[  273.578566][T10348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  273.578574][T10348] Call Trace:
[  273.578579][T10348]  <TASK>
[  273.578585][T10348]  dump_stack_lvl+0xe8/0x150
[  273.578608][T10348]  f2fs_handle_critical_error+0x37c/0x540
[  273.578630][T10348]  f2fs_write_end_io+0x1273/0x1740
[  273.578658][T10348]  __submit_merged_bio+0x256/0x700
[  273.578680][T10348]  __submit_merged_write_cond+0x3c9/0x4e0
[  273.578702][T10348]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  273.578736][T10348]  f2fs_write_data_pages+0x287e/0x34f0
[  273.578782][T10348]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  273.578836][T10348]  ? mod_memcg_lruvec_state+0x208/0x220
[  273.578858][T10348]  ? __lock_acquire+0x6b5/0x2cf0
[  273.578886][T10348]  ? __lock_acquire+0x6b5/0x2cf0
[  273.578904][T10348]  ? do_raw_spin_lock+0x12b/0x2f0
[  273.578925][T10348]  ? do_raw_spin_unlock+0x4d/0x210
[  273.578937][T10348]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  273.578954][T10348]  do_writepages+0x32e/0x550
[  273.578980][T10348]  ? do_raw_spin_unlock+0x4d/0x210
[  273.578996][T10348]  filemap_fdatawrite+0x1e9/0x2f0
[  273.579016][T10348]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  273.579068][T10348]  ? do_raw_spin_unlock+0x4d/0x210
[  273.579083][T10348]  f2fs_sync_dirty_inodes+0x30e/0x860
[  273.579106][T10348]  f2fs_write_checkpoint+0x9df/0x26a0
[  273.579149][T10348]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  273.579201][T10348]  kill_f2fs_super+0x314/0x720
[  273.579218][T10348]  ? __pfx_kill_f2fs_super+0x10/0x10
[  273.579240][T10348]  ? lockdep_hardirqs_on+0x7a/0x110
[  273.579271][T10348]  deactivate_locked_super+0xbc/0x130
[  273.579291][T10348]  cleanup_mnt+0x437/0x4d0
[  273.579307][T10348]  ? _raw_spin_unlock_irq+0x23/0x50
[  273.579327][T10348]  task_work_run+0x1d9/0x270
[  273.579374][T10348]  ? __pfx_task_work_run+0x10/0x10
[  273.579394][T10348]  exit_to_user_mode_loop+0xed/0x480
[  273.579409][T10348]  ? rcu_is_watching+0x15/0xb0
[  273.579429][T10348]  do_syscall_64+0x32d/0xf80
[  273.579439][T10348]  ? trace_irq_disable+0x3b/0x150
[  273.579449][T10348]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.579465][T10348]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  273.579477][T10348] RIP: 0033:0x7f5eb799d9d7
[  273.579489][T10348] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  273.579499][T10348] RSP: 002b:00007ffcede13748 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  273.579513][T10348] RAX: 0000000000000000 RBX: 00007f5eb7a32050 RCX: 00007f5eb799d9d7
[  273.579521][T10348] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcede13800
[  273.579528][T10348] RBP: 00007ffcede13800 R08: 00007ffcede14800 R09: 00000000ffffffff
[  273.579535][T10348] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcede14890
[  273.579542][T10348] R13: 00007f5eb7a32050 R14: 000000000003fa69 R15: 00007ffcede148d0
[  273.579564][T10348]  </TASK>
[  273.579569][T10348] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  273.805006][ T1361] ieee802154 phy1 wpan1: encryption failed: -22
[  274.018043][ T5845] ch9200 6-1:2.31: probe with driver ch9200 failed with error -22
[  274.030256][ T5845] usb 6-1: USB disconnect, device number 6
[  274.603054][   T33] audit: type=1326 audit(2000000015.583:10560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.5.1762" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f489e99c799 code=0x7ffc0000
[  274.613844][   T33] audit: type=1326 audit(2000000015.583:10561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.5.1762" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f489e99c799 code=0x7ffc0000
[  274.628995][   T33] audit: type=1326 audit(2000000015.583:10562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.5.1762" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f489e99c799 code=0x7ffc0000
[  274.647698][   T33] audit: type=1326 audit(2000000015.583:10563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.5.1762" exe="/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f489e99c799 code=0x7ffc0000
[  274.657778][   T33] audit: type=1326 audit(2000000015.583:10564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.5.1762" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f489e99c799 code=0x7ffc0000
[  274.666355][   T33] audit: type=1326 audit(2000000015.583:10565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.5.1762" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f489e99c799 code=0x7ffc0000
[  274.671137][T10664] loop5: detected capacity change from 0 to 4096
[  274.673541][   T33] audit: type=1326 audit(2000000015.583:10566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.5.1762" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f489e99c799 code=0x7ffc0000
[  274.677029][T10664] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512).
[  274.690462][   T33] audit: type=1326 audit(2000000015.583:10567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.5.1762" exe="/syz-executor" sig=0 arch=c000003e syscall=443 compat=0 ip=0x7f489e99c799 code=0x7ffc0000
[  274.707778][T10664] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  274.711051][   T33] audit: type=1326 audit(2000000015.583:10568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.5.1762" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f489e99c799 code=0x7ffc0000
[  274.719072][   T33] audit: type=1326 audit(2000000015.583:10569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.5.1762" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f489e99c799 code=0x7ffc0000
[  274.728023][T10664] ntfs3(loop5): ino=19, mi_enum_attr
[  274.736384][   T33] audit: type=1326 audit(2000000015.583:10570): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.5.1762" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f489e99c799 code=0x7ffc0000
[  274.753551][T10664] ntfs3(loop5): failed to convert "c46c" to macgaelic
[  274.760379][   T33] audit: type=1326 audit(2000000015.583:10571): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.5.1762" exe="/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f489e99c799 code=0x7ffc0000
[  274.770019][T10664] ntfs3(loop5): ino=20, mi_enum_attr
[  274.772308][   T33] audit: type=1326 audit(2000000015.583:10572): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10661 comm="syz.5.1762" exe="/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f489e99c799 code=0x7ffc0000
[  276.394830][T10696] loop5: detected capacity change from 0 to 40427
[  276.398285][T10696] F2FS-fs (loop5): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  276.402662][T10696] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  276.410504][T10696] F2FS-fs (loop5): invalid crc value
[  276.450972][T10696] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  276.459658][T10696] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  276.461910][T10696] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  277.220165][T10714] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1779'.
[  277.450921][T10727] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1786'.
[  277.722519][T10733] loop6: detected capacity change from 0 to 32768
[  277.752026][T10733] XFS (loop6): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  277.772082][T10733] XFS (loop6): Ending clean mount
[  277.796709][T10348] XFS (loop6): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  277.858248][T10741] loop5: detected capacity change from 0 to 32768
[  277.870538][T10741] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1792 (10741)
[  277.897739][T10741] BTRFS info (device loop5): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  277.900761][T10741] BTRFS info (device loop5): using crc32c checksum algorithm
[  277.902961][T10741] BTRFS warning (device loop5): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  278.055711][T10741] BTRFS info (device loop5): rebuilding free space tree
[  278.069040][T10741] BTRFS info (device loop5): disabling free space tree
[  278.071326][T10741] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  278.074179][T10741] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  278.102224][T10741] BTRFS info (device loop5): enabling ssd optimizations
[  278.104292][T10741] BTRFS info (device loop5): turning on async discard
[  278.106292][T10741] BTRFS info (device loop5): enabling disk space caching
[  278.108371][T10741] BTRFS info (device loop5): force clearing of disk cache
[  278.119799][T10741] BTRFS info (device loop5): use zstd compression, level 3
[  278.200265][T10179] BTRFS info (device loop5): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[  278.278766][T10775] libceph: resolve '0' (ret=-3): failed
[  278.324265][T10777] program syz.4.1799 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  278.526013][T10790] netlink: 36 bytes leftover after parsing attributes in process `syz.6.1802'.
[  278.577909][T10792] loop5: detected capacity change from 0 to 512
[  278.581860][T10792] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  278.609129][T10792] EXT4-fs error (device loop5): ext4_get_branch:178: inode #11: block 4294967295: comm syz.5.1796: invalid block
[  278.618009][T10792] loop5: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  278.623169][T10792] EXT4-fs (loop5): Remounting filesystem read-only
[  278.630278][T10792] EXT4-fs (loop5): 2 truncates cleaned up
[  278.632842][    C0] EXT4-fs (loop5): error count since last fsck: 1
[  278.632858][    C0] EXT4-fs (loop5): initial error at time 2000000019: ext4_get_branch:178: inode 11: block 4294967295
[  278.632875][    C0] EXT4-fs (loop5): last error at time 2000000019: ext4_get_branch:178: inode 11: block 4294967295
[  278.655486][T10792] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  278.689329][T10179] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.081674][   T10] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  279.241692][   T10] usb 6-1: Using ep0 maxpacket: 16
[  279.247093][   T10] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  279.258305][   T10] usb 6-1: New USB device found, idVendor=0d46, idProduct=2011, bcdDevice=82.8f
[  279.261008][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  279.264820][   T10] usb 6-1: Product: syz
[  279.266369][   T10] usb 6-1: Manufacturer: syz
[  279.267761][   T10] usb 6-1: SerialNumber: syz
[  279.278563][   T10] usb 6-1: config 0 descriptor??
[  279.291896][   T10] kobil_sct 6-1:0.0: required endpoints missing
[  279.525616][   T10] usb 6-1: USB disconnect, device number 7
[  279.652878][T10808] loop4: detected capacity change from 0 to 1024
[  279.685156][T10808] hfsplus: xattr exists yet
[  280.325053][T10826] loop5: detected capacity change from 0 to 128
[  280.339014][T10826] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  280.343032][T10826] ext4 filesystem being mounted at /66/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  280.374782][T10179] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  280.587915][T10832] loop5: detected capacity change from 0 to 2048
[  280.647542][T10835] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  280.864372][T10847] loop6: detected capacity change from 0 to 512
[  280.870056][T10847] EXT4-fs: Ignoring removed orlov option
[  280.895172][T10847] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  280.900271][T10847] ext4 filesystem being mounted at /55/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  280.911326][   T33] audit: type=1800 audit(2000000021.476:10573): pid=10847 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1825" name="file1" dev="loop6" ino=15 res=0 errno=0
[  280.921959][T10845] loop5: detected capacity change from 0 to 4096
[  280.925833][T10845] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512).
[  280.958289][T10348] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.968449][T10845] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  280.971476][T10845] ntfs3(loop5): Failed to load $Extend (-22).
[  280.975347][T10845] ntfs3(loop5): Failed to initialize $Extend.
[  281.154830][T10857] loop4: detected capacity change from 0 to 512
[  281.164523][T10857] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  281.171655][T10857] EXT4-fs (loop4): 1 truncate cleaned up
[  281.176966][T10857] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  281.350630][  T837] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  281.511784][  T837] usb 6-1: config 11 has an invalid interface number: 184 but max is 0
[  281.514913][  T837] usb 6-1: config 11 has an invalid descriptor of length 0, skipping remainder of the config
[  281.518238][  T837] usb 6-1: config 11 has no interface number 0
[  281.520848][  T837] usb 6-1: config 11 interface 184 has no altsetting 0
[  281.528608][  T837] usb 6-1: New USB device found, idVendor=04e2, idProduct=1402, bcdDevice=6d.9a
[  281.531624][  T837] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  281.533973][  T837] usb 6-1: Product: syz
[  281.535304][  T837] usb 6-1: Manufacturer: syz
[  281.537704][  T837] usb 6-1: SerialNumber: syz
[  281.773368][   T32] usb 6-1: USB disconnect, device number 8
[  282.095389][ T8492] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.684147][   T32] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  282.794456][T10867] loop4: detected capacity change from 0 to 131072
[  282.801228][T10867] F2FS-fs (loop4): Test dummy encryption mode enabled
[  282.804226][T10867] F2FS-fs (loop4): invalid crc value
[  282.838878][T10867] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  282.844137][T10867] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  282.863797][   T32] usb 6-1: Using ep0 maxpacket: 16
[  282.871222][   T32] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  282.875293][   T32] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  282.879792][   T32] usb 6-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00
[  282.890239][   T32] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  282.899960][   T32] usb 6-1: config 0 descriptor??
[  283.349302][   T32] ntrig 0003:1B96:0008.0017: hidraw0: USB HID v0.00 Device [HID 1b96:0008] on usb-dummy_hcd.5-1/input0
[  283.559689][   T32] ntrig 0003:1B96:0008.0017: Firmware version: 2.15.24.29.0 (7f55 b00b)
[  283.780836][   T32] usb 6-1: USB disconnect, device number 9
[  284.444435][T10886] ieee802154 phy1 wpan1: encryption failed: -22
[  284.576464][ T5822] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  284.581811][ T5822] Bluetooth: hci3: Injecting HCI hardware error event
[  284.586091][ T5822] Bluetooth: hci3: hardware error 0x00
[  284.842338][T10904] Cannot find add_set index 1 as target
[  285.568505][T10906] loop5: detected capacity change from 0 to 40427
[  285.579501][T10906] F2FS-fs (loop5): Image doesn't support compression
[  285.583507][T10906] F2FS-fs (loop5): invalid crc value
[  285.715011][T10906] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  285.719839][T10906] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  285.791235][T10179] syz-executor: attempt to access beyond end of device
[  285.791235][T10179] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  285.795536][T10179] CPU: 1 UID: 0 PID: 10179 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  285.795567][T10179] Tainted: [L]=SOFTLOCKUP
[  285.795570][T10179] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  285.795576][T10179] Call Trace:
[  285.795579][T10179]  <TASK>
[  285.795584][T10179]  dump_stack_lvl+0xe8/0x150
[  285.795602][T10179]  f2fs_handle_critical_error+0x37c/0x540
[  285.795618][T10179]  f2fs_write_end_io+0x1273/0x1740
[  285.795663][T10179]  __submit_merged_bio+0x256/0x700
[  285.795681][T10179]  __submit_merged_write_cond+0x3c9/0x4e0
[  285.795696][T10179]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  285.795718][T10179]  f2fs_write_data_pages+0x287e/0x34f0
[  285.795730][T10179]  ? is_bpf_text_address+0x26/0x2b0
[  285.795754][T10179]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  285.795790][T10179]  ? __lock_acquire+0x6b5/0x2cf0
[  285.795809][T10179]  ? __lock_acquire+0x6b5/0x2cf0
[  285.795822][T10179]  ? do_raw_spin_lock+0x12b/0x2f0
[  285.795835][T10179]  ? do_raw_spin_unlock+0x4d/0x210
[  285.795844][T10179]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  285.795857][T10179]  do_writepages+0x32e/0x550
[  285.795874][T10179]  ? do_raw_spin_unlock+0x4d/0x210
[  285.795885][T10179]  filemap_fdatawrite+0x1e9/0x2f0
[  285.795900][T10179]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  285.795931][T10179]  ? do_raw_spin_unlock+0x4d/0x210
[  285.795941][T10179]  f2fs_sync_dirty_inodes+0x30e/0x860
[  285.795956][T10179]  f2fs_write_checkpoint+0x9df/0x26a0
[  285.795978][T10179]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  285.796008][T10179]  kill_f2fs_super+0x314/0x720
[  285.796018][T10179]  ? __pfx_kill_f2fs_super+0x10/0x10
[  285.796031][T10179]  ? lockdep_hardirqs_on+0x7a/0x110
[  285.796051][T10179]  deactivate_locked_super+0xbc/0x130
[  285.796062][T10179]  cleanup_mnt+0x437/0x4d0
[  285.796073][T10179]  ? _raw_spin_unlock_irq+0x23/0x50
[  285.796086][T10179]  task_work_run+0x1d9/0x270
[  285.796097][T10179]  ? __pfx_task_work_run+0x10/0x10
[  285.796110][T10179]  exit_to_user_mode_loop+0xed/0x480
[  285.796120][T10179]  ? rcu_is_watching+0x15/0xb0
[  285.796134][T10179]  do_syscall_64+0x32d/0xf80
[  285.796142][T10179]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.796153][T10179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  285.796161][T10179] RIP: 0033:0x7f489e99d9d7
[  285.796171][T10179] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  285.796179][T10179] RSP: 002b:00007ffd0379a3c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  285.796189][T10179] RAX: 0000000000000000 RBX: 00007f489ea32050 RCX: 00007f489e99d9d7
[  285.796194][T10179] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd0379a480
[  285.796199][T10179] RBP: 00007ffd0379a480 R08: 00007ffd0379b480 R09: 00000000ffffffff
[  285.796205][T10179] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd0379b510
[  285.796210][T10179] R13: 00007f489ea32050 R14: 00000000000426f5 R15: 00007ffd0379b550
[  285.796224][T10179]  </TASK>
[  285.801338][T10179] F2FS-fs (loop5): Remounting filesystem read-only
[  286.161252][T10920] loop5: detected capacity change from 0 to 1024
[  286.268312][T10926] loop6: detected capacity change from 0 to 1024
[  286.321473][T10926] hfsplus: bad catalog file entry
[  286.353515][ T3530] hfsplus: bad catalog file entry
[  286.452170][T10930] loop6: detected capacity change from 0 to 256
[  286.462549][T10930] exfat: Deprecated parameter 'namecase'
[  286.470244][T10930] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xf4419509, utbl_chksum : 0xe619d30d)
[  286.515629][T10924] loop5: detected capacity change from 0 to 32768
[  286.529205][T10932] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  286.549981][T10924] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  286.589472][T10924] XFS (loop5): Ending clean mount
[  286.608391][T10924] XFS (loop5): Quotacheck needed: Please wait.
[  286.648325][T10924] XFS (loop5): Quotacheck: Done.
[  286.681030][   T33] audit: type=1804 audit(2000000026.864:10574): pid=10924 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.1857" name="/newroot/85/file0/file1" dev="loop5" ino=6150 res=1 errno=0
[  286.734628][T10179] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  286.800394][ T5822] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  286.805372][T10946] loop6: detected capacity change from 0 to 256
[  286.809405][T10946] exfat: Deprecated parameter 'utf8'
[  286.821461][T10946] exfat: Deprecated parameter 'namecase'
[  286.858135][T10948] loop4: detected capacity change from 0 to 128
[  286.858311][T10946] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xbcde3a0f, utbl_chksum : 0xe619d30d)
[  286.862894][T10948] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  286.868199][T10948] hpfs: filesystem error: improperly stopped
[  286.870000][T10948] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  286.872224][T10948] hpfs: You really don't want any checks? You are crazy...
[  286.876116][T10948] hpfs: hpfs_map_sector(): read error
[  286.877767][T10948] hpfs: code page support is disabled
[  286.879529][T10948] hpfs: hpfs_map_4sectors(): unaligned read
[  286.881359][T10948] hpfs: hpfs_map_4sectors(): unaligned read
[  286.883257][T10948] hpfs: filesystem error: unable to find root dir
[  286.927370][T10946] exFAT-fs (loop6): error, in sector 160, dentry 7 should be unused, but 0xc0
[  286.935843][T10948] hpfs: hpfs_map_4sectors(): unaligned read
[  286.939081][T10946] exFAT-fs (loop6): Filesystem has been set read-only
[  286.959779][T10948] hpfs: hpfs_map_sector(): read error
[  287.144775][T10956] binder: 10949:10956 ioctl d000943d 0 returned -22
[  287.666000][  T781] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  287.983863][  T781] usb 6-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  287.986998][  T781] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  287.990248][  T781] usb 6-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  287.994003][  T781] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  287.996749][  T781] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  288.007480][  T781] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  288.012585][  T781] usb 6-1: invalid MIDI out EP 0
[  288.087017][  T781] snd-usb-audio 6-1:27.0: probe with driver snd-usb-audio failed with error -22
[  288.241882][   T10] usb 6-1: USB disconnect, device number 10
[  289.582735][T10974] loop5: detected capacity change from 0 to 131072
[  289.585465][T10974] xfs: Deprecated parameter 'ikeep'
[  289.587057][T10974] XFS: ikeep mount option is deprecated.
[  289.598828][T10974] XFS (loop5): Mounting V5 Filesystem b93a8937-ccd4-41a2-86c7-66a1570a2846
[  289.629012][T10974] XFS (loop5): Starting recovery (logdev: internal)
[  289.651896][T10974] XFS (loop5): Ending recovery (logdev: internal)
[  289.797840][T10179] XFS (loop5): Unmounting Filesystem b93a8937-ccd4-41a2-86c7-66a1570a2846
[  290.028091][T10985] loop6: detected capacity change from 0 to 32768
[  290.313332][T10993] /dev/nullb0: Can't open blockdev
[  290.518117][T10998] loop4: detected capacity change from 0 to 128
[  290.535793][T10998] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  290.554261][T10998] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  290.683147][T10989] F2FS-fs (loop5): QUOTA feature is enabled, so ignore qf_name
[  290.686839][T10989] F2FS-fs (loop5): invalid crc value
[  290.724502][T10989] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  290.728170][T10989] F2FS-fs (loop5): Mounted with checkpoint version = 1b41e955
[  290.740767][T10989] F2FS-fs (loop5): sanity_check_inode: inode (ino=4) has corrupted i_inline_xattr_size: 0, min: 6, max: 903
[  291.097440][T11005] set_capacity_and_notify: 1 callbacks suppressed
[  291.097451][T11005] loop5: detected capacity change from 0 to 164
[  291.353242][T11022] loop6: detected capacity change from 0 to 512
[  291.377668][T11022] EXT4-fs error (device loop6): ext4_expand_extra_isize_ea:2808: inode #11: comm syz.6.1891: corrupted xattr block 95: invalid header
[  291.388383][T11022] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  291.390490][T11026] netlink: 165 bytes leftover after parsing attributes in process `syz.5.1892'.
[  291.396912][    C1] EXT4-fs (loop6): error count since last fsck: 1
[  291.398830][    C1] EXT4-fs (loop6): initial error at time 2000000031: ext4_expand_extra_isize_ea:2808: inode 11
[  291.401859][    C1] EXT4-fs (loop6): last error at time 2000000031: ext4_expand_extra_isize_ea:2808: inode 11
[  291.409522][T11022] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm syz.6.1891: bg 0: block 7: invalid block bitmap
[  291.414553][T11022] loop6: lost filesystem error report for type 5 error -117
[  291.421743][T11022] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6685: Corrupt filesystem
[  291.429099][T11022] loop6: lost filesystem error report for type 5 error -117
[  291.429497][T11022] EXT4-fs error (device loop6): ext4_xattr_delete_inode:2970: inode #11: comm syz.6.1891: corrupted xattr block 95: invalid header
[  291.437670][T11022] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  291.449294][T11022] EXT4-fs warning (device loop6): ext4_evict_inode:275: xattr delete (err -117)
[  291.456419][T11022] EXT4-fs (loop6): 1 orphan inode deleted
[  291.459607][T11022] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  291.492330][T10348] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.924769][T11046] sg_write: data in/out 28/10 bytes for SCSI command 0x5d-- guessing data in;
[  291.924769][T11046]    program syz.4.1900 not setting count and/or reply_len properly
[  292.076197][T11048] loop5: detected capacity change from 0 to 32768
[  292.082398][T11048] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.1902 (11048)
[  292.096575][T11048] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  292.100375][T11048] BTRFS info (device loop5): using sha256 checksum algorithm
[  292.103929][T11048] BTRFS warning (device loop5): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  292.131578][T11048] BTRFS info (device loop5): rebuilding free space tree
[  292.141639][T11048] BTRFS info (device loop5): disabling free space tree
[  292.143846][T11048] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  292.147339][T11048] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  292.152955][T11048] BTRFS info (device loop5): enabling ssd optimizations
[  292.155139][T11048] BTRFS info (device loop5): turning on async discard
[  292.157329][T11048] BTRFS info (device loop5): enabling disk space caching
[  292.159455][T11048] BTRFS info (device loop5): force clearing of disk cache
[  292.161605][T11048] BTRFS info (device loop5): enabling auto defrag
[  292.163660][T11048] BTRFS info (device loop5): force zlib compression, level 3
[  292.213399][T10179] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  292.215618][ T5671] BTRFS info (device loop5): qgroup scan completed (inconsistency flag cleared)
[  292.386869][T11065] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1903'.
[  292.443834][T11067] loop5: detected capacity change from 0 to 4096
[  292.467140][T11068] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  292.709405][ T5817] Bluetooth: hci1: command 0x0405 tx timeout
[  292.769546][T11077] loop5: detected capacity change from 0 to 128
[  292.832367][T11079] loop4: detected capacity change from 0 to 8
[  292.837940][T11079] squashfs image failed sanity check
[  293.126528][T11092] loop4: detected capacity change from 0 to 4096
[  293.136764][T11092] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512).
[  293.527853][T11092] ntfs3(loop4): $Secure::$SDH is corrupted.
[  293.529932][T11092] ntfs3(loop4): Failed to initialize $Secure (-22).
[  293.616275][T11094] loop4: detected capacity change from 0 to 8
[  294.174109][T11104] syzkaller1: entered promiscuous mode
[  294.176207][T11104] syzkaller1: entered allmulticast mode
[  294.529501][T11108] loop5: detected capacity change from 0 to 32768
[  294.917392][T11120] loop6: detected capacity change from 0 to 2048
[  294.957255][T10483] udevd[10483]: incorrect nilfs2 checksum on /dev/loop6
[  294.962830][T11120] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024)
[  295.064179][T11126] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  295.090509][   T33] audit: type=1800 audit(2000000034.731:10575): pid=11120 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1926" name="file2" dev="loop6" ino=16 res=0 errno=0
[  295.123899][   T33] audit: type=1326 audit(2000000034.750:10576): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11127 comm="syz.5.1929" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f489e99c799 code=0x7ffc0000
[  295.176127][   T33] audit: type=1326 audit(2000000034.750:10577): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11127 comm="syz.5.1929" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f489e99c799 code=0x7ffc0000
[  295.240171][   T33] audit: type=1326 audit(2000000034.750:10578): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11127 comm="syz.5.1929" exe="/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7f489e99c799 code=0x7ffc0000
[  295.276469][   T33] audit: type=1326 audit(2000000034.750:10579): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11127 comm="syz.5.1929" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f489e99c799 code=0x7ffc0000
[  295.305767][   T33] audit: type=1326 audit(2000000034.750:10580): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11127 comm="syz.5.1929" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f489e99c799 code=0x7ffc0000
[  297.922745][T11180] netlink: 27 bytes leftover after parsing attributes in process `syz.5.1953'.
[  297.948105][T11182] loop5: detected capacity change from 0 to 21
[  297.950974][T11182] jffs2: Unknown parameter ''
[  297.992078][T11184] netlink: 224 bytes leftover after parsing attributes in process `syz.5.1955'.
[  298.122410][T11184] loop5: detected capacity change from 0 to 32768
[  298.166836][T11184] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  298.180289][T11184] XFS (loop5): Ending clean mount
[  298.999099][T10179] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  299.226296][T11203] GUP no longer grows the stack in syz.5.1960 (11203): 200000004000-20000000a000 (200000002000)
[  299.230812][T11203] CPU: 1 UID: 0 PID: 11203 Comm: syz.5.1960 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  299.230839][T11203] Tainted: [L]=SOFTLOCKUP
[  299.230845][T11203] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  299.230855][T11203] Call Trace:
[  299.230862][T11203]  <TASK>
[  299.230896][T11203]  dump_stack_lvl+0xe8/0x150
[  299.230924][T11203]  __get_user_pages+0x2378/0x2720
[  299.230955][T11203]  ? mtree_load+0x12a/0x780
[  299.230978][T11203]  get_user_pages_remote+0x2f6/0xab0
[  299.230993][T11203]  ? __pfx_mtree_load+0x10/0x10
[  299.231012][T11203]  ? __pfx_get_user_pages_remote+0x10/0x10
[  299.231028][T11203]  ? __access_remote_vm+0xa3/0x6f0
[  299.231044][T11203]  ? __access_remote_vm+0x42c/0x6f0
[  299.231065][T11203]  __access_remote_vm+0x222/0x6f0
[  299.231089][T11203]  ? __pfx___access_remote_vm+0x10/0x10
[  299.231109][T11203]  ? alloc_pages_noprof+0x13b/0x2a0
[  299.231134][T11203]  proc_pid_cmdline_read+0x419/0x7f0
[  299.231162][T11203]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  299.231187][T11203]  ? rw_verify_area+0x2a6/0x4d0
[  299.231209][T11203]  vfs_readv+0x587/0x840
[  299.231226][T11203]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  299.231251][T11203]  ? __pfx_vfs_readv+0x10/0x10
[  299.231276][T11203]  ? __fget_files+0x2a/0x420
[  299.231296][T11203]  ? __fget_files+0x3a0/0x420
[  299.231311][T11203]  ? __fget_files+0x2a/0x420
[  299.231334][T11203]  __x64_sys_preadv+0x19f/0x2a0
[  299.231357][T11203]  ? __pfx___x64_sys_preadv+0x10/0x10
[  299.231388][T11203]  do_syscall_64+0x14d/0xf80
[  299.231401][T11203]  ? trace_irq_disable+0x3b/0x150
[  299.231414][T11203]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.231434][T11203]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  299.231449][T11203] RIP: 0033:0x7f489e99c799
[  299.231465][T11203] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  299.231478][T11203] RSP: 002b:00007f489f802028 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  299.231496][T11203] RAX: ffffffffffffffda RBX: 00007f489ec15fa0 RCX: 00007f489e99c799
[  299.231509][T11203] RDX: 0000000000000001 RSI: 0000200000000680 RDI: 0000000000000003
[  299.231520][T11203] RBP: 00007f489ea32c99 R08: 00000000fffffff9 R09: 0000000000000000
[  299.231531][T11203] R10: 0000000000000016 R11: 0000000000000246 R12: 0000000000000000
[  299.231541][T11203] R13: 00007f489ec16038 R14: 00007f489ec15fa0 R15: 00007ffd0379b158
[  299.231568][T11203]  </TASK>
[  299.584485][T11211] loop4: detected capacity change from 0 to 32768
[  299.593510][T11211] JBD2: Ignoring recovery information on journal
[  299.616629][T11211] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  299.626360][T11211] (syz.4.1964,11211,1):ocfs2_read_blocks_sync:112 ERROR: status = -12
[  299.630178][T11211] (syz.4.1964,11211,1):ocfs2_group_add:503 ERROR: Can't read the group descriptor # 262144 from the device.
[  299.666772][ T8492] ocfs2: Unmounting device (7,4) on (node local)
[  299.725044][  T781] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  299.885357][  T781] usb 6-1: Using ep0 maxpacket: 8
[  299.890105][  T781] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  299.894090][  T781] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  299.906715][  T781] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.913743][  T781] usb 6-1: config 0 descriptor??
[  300.015885][T11219] loop4: detected capacity change from 0 to 32768
[  300.047984][T11219] JBD2: Ignoring recovery information on journal
[  300.081500][T11219] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  300.125411][T11219] overlayfs: upper fs does not support tmpfile.
[  300.131529][T11219] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  300.140672][  T781] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  300.148321][T11219] overlayfs: upper fs missing required features.
[  300.202198][ T8492] ocfs2: Unmounting device (7,4) on (node local)
[  300.339443][T11223] netlink: 212368 bytes leftover after parsing attributes in process `syz.4.1968'.
[  300.466573][T11230] loop4: detected capacity change from 0 to 164
[  300.663667][  T781] usb 6-1: USB disconnect, device number 11
[  300.781747][T11232] loop4: detected capacity change from 0 to 32768
[  300.786345][T11232] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1972 (11232)
[  300.794214][T11232] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  300.799369][T11232] BTRFS info (device loop4): using crc32c checksum algorithm
[  300.847852][T11232] BTRFS info (device loop4): enabling ssd optimizations
[  300.850671][T11232] BTRFS info (device loop4): turning on flush-on-commit
[  300.853002][T11232] BTRFS info (device loop4): enabling free space tree
[  300.855285][T11232] BTRFS info (device loop4): enabling auto defrag
[  300.857217][T11232] BTRFS info (device loop4): use lzo compression, level 1
[  300.862093][T11232] BTRFS info (device loop4): max_inline set to 4096
[  300.914269][ T8492] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  301.541041][T11270] netlink: 16150 bytes leftover after parsing attributes in process `syz.4.1983'.
[  301.637076][T11268] loop5: detected capacity change from 0 to 32768
[  301.641941][T11268] (syz.5.1982,11268,0):ocfs2_validate_inode_block:1449 ERROR: Invalid dinode #70: Corrupt state (nlink = 0 or mode = 0) detected!
[  301.645855][T11268] (syz.5.1982,11268,0):ocfs2_read_locked_inode:599 ERROR: status = -117
[  301.648515][T11268] (syz.5.1982,11268,0):_ocfs2_get_system_file_inode:144 ERROR: status = -117
[  301.657130][T11273] loop4: detected capacity change from 0 to 512
[  301.659384][T11268] (syz.5.1982,11268,0):ocfs2_init_global_system_inodes:465 ERROR: status = -22
[  301.667472][T11268] (syz.5.1982,11268,0):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 3, possibly corrupt fs?
[  301.667492][T11268] (syz.5.1982,11268,0):ocfs2_init_global_system_inodes:476 ERROR: status = -22
[  301.675915][T11273] EXT4-fs: Ignoring removed orlov option
[  301.683467][T11268] (syz.5.1982,11268,0):ocfs2_initialize_super:2198 ERROR: status = -22
[  301.691220][T11273] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  301.700521][T11268] (syz.5.1982,11268,0):ocfs2_fill_super:1177 ERROR: status = -22
[  301.716586][T11273] EXT4-fs (loop4): orphan cleanup on readonly fs
[  301.729662][T11273] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.1984: bg 0: block 248: padding at end of block bitmap is not set
[  301.757155][T11273] loop4: lost filesystem error report for type 5 error -117
[  301.758020][T11273] Quota error (device loop4): write_blk: dquota write failed
[  301.762692][T11273] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  301.766469][T11273] EXT4-fs error (device loop4): ext4_acquire_dquot:7001: comm syz.4.1984: Failed to acquire dquot type 1
[  301.770944][    C0] EXT4-fs (loop4): error count since last fsck: 1
[  301.770964][    C0] EXT4-fs (loop4): last error at time 2000000040: ext4_validate_block_bitmap:441
[  301.831076][T11273] loop4: lost filesystem error report for type 5 error -117
[  301.832547][T11273] EXT4-fs (loop4): 1 truncate cleaned up
[  301.859406][T11273] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  302.481788][T11284] loop6: detected capacity change from 0 to 8
[  302.489289][T11284] SQUASHFS error: xz decompression failed, data probably corrupt
[  302.492061][T11284] SQUASHFS error: Failed to read block 0x108: -5
[  302.495024][T11284] SQUASHFS error: Unable to read metadata cache entry [106]
[  302.497522][T11284] SQUASHFS error: Unable to read inode 0x11f
[  302.543264][ T8492] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  302.685325][T11293] loop4: detected capacity change from 0 to 1024
[  302.722650][   T33] audit: type=1800 audit(2000000041.868:10581): pid=11293 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1991" name="file1" dev="loop4" ino=20 res=0 errno=0
[  302.799254][ T5276] hid-generic 0000:0000:0000.0018: unknown main item tag 0x0
[  302.812699][ T5276] hid-generic 0000:0000:0000.0018: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  302.825049][   T30] hfsplus: b-tree write err: -5, ino 25
[  302.834758][   T30] hfsplus: b-tree write err: -5, ino 4
[  302.839020][   T30] hfsplus: b-tree write err: -5, ino 2
[  302.841197][   T30] hfsplus: b-tree write err: -5, ino 20
[  303.366875][T11323] can0: slcan on ttyS3.
[  303.440559][T11322] can0 (unregistered): slcan off ttyS3.
[  303.509246][T11313] loop6: detected capacity change from 0 to 32768
[  303.514531][T11313] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.2001 (11313)
[  303.532209][T11313] BTRFS info (device loop6): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  303.536094][T11313] BTRFS info (device loop6): using blake2b checksum algorithm
[  303.692226][T11313] BTRFS info (device loop6): enabling ssd optimizations
[  303.696151][T11313] BTRFS info (device loop6): turning on async discard
[  303.705430][T11313] BTRFS info (device loop6): enabling free space tree
[  303.810357][T10348] BTRFS info (device loop6): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  303.951361][T11362] loop4: detected capacity change from 0 to 256
[  304.502244][T11383] netlink: 'syz.4.2021': attribute type 4 has an invalid length.
[  304.629375][T11392] loop6: detected capacity change from 0 to 256
[  304.646027][T11392] exfat: Deprecated parameter 'namecase'
[  304.672974][T11392] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  305.872185][ T5817] Bluetooth: hci2: Entering manufacturer mode failed (-110)
[  305.872752][ T5822] Bluetooth: hci2: command 0xfc11 tx timeout
[  306.493426][   T33] audit: type=1326 audit(2000000045.413:10582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11402 comm="syz.5.2030" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f489e99c799 code=0x7ffc0000
[  306.502081][   T33] audit: type=1326 audit(2000000045.413:10583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11402 comm="syz.5.2030" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f489e99c799 code=0x7ffc0000
[  306.510740][   T33] audit: type=1326 audit(2000000045.413:10584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11402 comm="syz.5.2030" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f489e99c799 code=0x7ffc0000
[  306.521699][   T33] audit: type=1326 audit(2000000045.413:10585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11402 comm="syz.5.2030" exe="/syz-executor" sig=0 arch=c000003e syscall=10 compat=0 ip=0x7f489e99c799 code=0x7ffc0000
[  306.531058][   T33] audit: type=1326 audit(2000000045.413:10586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11402 comm="syz.5.2030" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f489e99c799 code=0x7ffc0000
[  306.545823][   T33] audit: type=1326 audit(2000000045.413:10587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11402 comm="syz.5.2030" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f489e99c799 code=0x7ffc0000
[  306.554236][   T33] audit: type=1326 audit(2000000045.413:10588): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11402 comm="syz.5.2030" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f489e99c799 code=0x7ffc0000
[  306.607301][T11407] loop5: detected capacity change from 0 to 512
[  306.638952][T11407] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  306.671818][T11407] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 48 vs 41 free clusters
[  306.678352][T11407] EXT4-fs (loop5): Remounting filesystem read-only
[  306.681347][T11407] EXT4-fs (loop5): 1 truncate cleaned up
[  306.686651][T11407] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  306.723162][T10179] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.155853][   T32] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  307.317453][   T32] usb 6-1: config 220 has an invalid interface number: 76 but max is 2
[  307.320487][   T32] usb 6-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  307.323911][   T32] usb 6-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  307.327438][   T32] usb 6-1: config 220 has no interface number 2
[  307.329623][   T32] usb 6-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  307.333741][   T32] usb 6-1: config 220 interface 0 has no altsetting 0
[  307.336508][   T32] usb 6-1: config 220 interface 76 has no altsetting 0
[  307.339137][   T32] usb 6-1: config 220 interface 1 has no altsetting 0
[  307.344534][   T32] usb 6-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  307.350267][   T32] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  307.353322][   T32] usb 6-1: Product: syz
[  307.355062][   T32] usb 6-1: Manufacturer: syz
[  307.356884][   T32] usb 6-1: SerialNumber: syz
[  307.591030][   T32] uvcvideo 6-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[  307.593958][   T32] uvcvideo 6-1:220.0: No valid video chain found.
[  307.596601][   T32] usb 6-1: selecting invalid altsetting 0
[  307.605203][   T32] usb 6-1: selecting invalid altsetting 0
[  307.607478][   T32] usbtest 6-1:220.1: probe with driver usbtest failed with error -22
[  307.614807][   T32] usb 6-1: USB disconnect, device number 12
[  308.405735][  T781] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  308.566133][  T781] usb 6-1: Using ep0 maxpacket: 8
[  308.574385][  T781] usb 6-1: New USB device found, idVendor=046d, idProduct=08dd, bcdDevice=ff.f4
[  308.577935][  T781] usb 6-1: New USB device strings: Mfr=8, Product=2, SerialNumber=3
[  308.580967][  T781] usb 6-1: Product: syz
[  308.582649][  T781] usb 6-1: Manufacturer: syz
[  308.584409][  T781] usb 6-1: SerialNumber: syz
[  308.588739][  T781] usb 6-1: config 0 descriptor??
[  308.595297][  T781] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08dd
[  308.952894][T11427] loop4: detected capacity change from 0 to 2048
[  308.966415][T11427] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  309.240437][  T781] gspca_zc3xx: reg_w_i err -71
[  309.242039][  T781] gspca_zc3xx 6-1:0.0: probe with driver gspca_zc3xx failed with error -71
[  309.246026][  T781] usb 6-1: USB disconnect, device number 13
[  309.918567][T11433] cgroup: fork rejected by pids controller in /syz5
[  311.207824][T11553] loop5: detected capacity change from 0 to 764
[  311.227568][T11553] Symlink component flag not implemented
[  311.230957][T11553] Symlink component flag not implemented
[  311.235072][T11553] Symlink component flag not implemented (129)
[  311.246501][T11553] Symlink component flag not implemented (6)
[  311.430091][T11561] loop6: detected capacity change from 0 to 1024
[  311.439395][T11561] EXT4-fs: Ignoring removed i_version option
[  311.483540][T11561] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  311.496339][   T33] kauditd_printk_skb: 11 callbacks suppressed
[  311.496354][   T33] audit: type=1800 audit(2000000050.090:10596): pid=11561 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2053" name="bus" dev="loop6" ino=18 res=0 errno=0
[  311.511887][T11561] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4222: comm syz.6.2053: Allocating blocks 385-513 which overlap fs metadata
[  311.519868][T11560] EXT4-fs (loop6): pa ffff88810f5f70e8: logic 16, phys. 129, len 24
[  311.522925][T11560] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5465: group 0, free 0, pa_free 8
[  311.560551][T10348] Trying to write to read-only block-device loop6
[  311.565968][T10348] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.592668][   T10] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  311.764890][   T10] usb 6-1: Using ep0 maxpacket: 16
[  311.769679][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  311.774595][   T10] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  311.779514][   T10] usb 6-1: New USB device found, idVendor=056e, idProduct=010d, bcdDevice= 0.00
[  311.782970][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  311.797377][   T10] usb 6-1: config 0 descriptor??
[  311.961567][T11576] PID 11576 killed due to inadequate hugepage pool
[  312.060889][T11582] loop6: detected capacity change from 0 to 256
[  312.246437][   T10] elecom 0003:056E:010D.0019: unknown main item tag 0x0
[  312.251423][   T10] elecom 0003:056E:010D.0019: unknown main item tag 0x0
[  312.261573][   T10] elecom 0003:056E:010D.0019: unknown main item tag 0x0
[  312.264235][   T10] elecom 0003:056E:010D.0019: unknown main item tag 0x0
[  312.269403][   T10] elecom 0003:056E:010D.0019: unknown main item tag 0x0
[  312.272073][   T10] elecom 0003:056E:010D.0019: unknown main item tag 0x0
[  312.274805][   T10] elecom 0003:056E:010D.0019: unknown main item tag 0x0
[  312.281549][   T10] elecom 0003:056E:010D.0019: unknown main item tag 0x0
[  312.284249][   T10] elecom 0003:056E:010D.0019: unknown main item tag 0x0
[  312.298511][   T10] elecom 0003:056E:010D.0019: unknown main item tag 0x0
[  312.314493][   T10] elecom 0003:056E:010D.0019: hidraw0: USB HID v0.0c Device [HID 056e:010d] on usb-dummy_hcd.5-1/input0
[  312.472463][   T32] usb 6-1: USB disconnect, device number 14
[  312.561982][T11592] loop4: detected capacity change from 0 to 32768
[  312.572863][T11592] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.2066 (11592)
[  312.615199][T11592] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  312.620223][T11592] BTRFS info (device loop4): using crc32c checksum algorithm
[  312.905593][T11592] BTRFS info (device loop4): enabling ssd optimizations
[  312.907768][T11592] BTRFS info (device loop4): turning on flush-on-commit
[  312.910293][T11592] BTRFS info (device loop4): enabling free space tree
[  312.912842][T11592] BTRFS info (device loop4): enabling auto defrag
[  312.915366][T11592] BTRFS info (device loop4): use lzo compression, level 1
[  312.918872][T11592] BTRFS info (device loop4): max_inline set to 4096
[  313.047017][ T8492] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  314.485119][   T32] IPVS: starting estimator thread 0...
[  314.610948][T11630] IPVS: using max 70 ests per chain, 168000 per kthread
[  315.149598][T11636] loop5: detected capacity change from 0 to 32768
[  315.240599][T11636] JBD2: Ignoring recovery information on journal
[  315.339747][T11636] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  315.496101][T10179] ocfs2: Unmounting device (7,5) on (node local)
[  316.267827][T11671] loop6: detected capacity change from 0 to 1024
[  316.277883][T11671] EXT4-fs: Ignoring removed bh option
[  316.356312][T11677] netlink: 56 bytes leftover after parsing attributes in process `syz.6.2093'.
[  316.607616][T11695] program syz.6.2101 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  316.828591][T11705] loop5: detected capacity change from 0 to 164
[  316.912670][T11705] iso9660: Corrupted directory entry in block 2 of inode 1792
[  317.236245][    T9] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  317.387339][T11725] loop6: detected capacity change from 0 to 32768
[  317.393847][T11725] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.2117 (11725)
[  317.399007][T11725] BTRFS error: failed to open device for path /dev/loop6 with flags 0x23: -13
[  317.419981][    T9] usb 6-1: Using ep0 maxpacket: 8
[  317.467691][    T9] usb 6-1: config 0 has an invalid interface number: 33 but max is 1
[  317.470894][    T9] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  317.493330][    T9] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[  317.522391][    T9] usb 6-1: config 0 has no interface number 0
[  317.526875][    T9] usb 6-1: config 0 interface 33 altsetting 0 endpoint 0x6 has invalid wMaxPacketSize 0
[  317.542671][    T9] usb 6-1: New USB device found, idVendor=2040, idProduct=2950, bcdDevice=85.f1
[  317.562348][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  317.565513][    T9] usb 6-1: Product: syz
[  317.567245][    T9] usb 6-1: Manufacturer: syz
[  317.578265][    T9] usb 6-1: SerialNumber: syz
[  317.584125][    T9] usb 6-1: config 0 descriptor??
[  317.606986][    T9] pvrusb2: Hardware description: WinTV PVR USB2 Model 29xxx
[  318.086744][  T781] usb 6-1: USB disconnect, device number 15
[  318.128149][  T781] pvrusb2: Device being rendered inoperable
[  318.785550][T11747] hugetlbfs: Bad value '%' for mount option 'size'
[  318.785550][T11747] 
[  319.320933][  T781] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  319.502673][  T781] usb 6-1: Using ep0 maxpacket: 8
[  319.506506][  T781] usb 6-1: config index 0 descriptor too short (expected 9755, got 18)
[  319.509611][  T781] usb 6-1: config 17 has too many interfaces: 149, using maximum allowed: 32
[  319.513003][  T781] usb 6-1: config 17 has an invalid descriptor of length 207, skipping remainder of the config
[  319.518694][  T781] usb 6-1: config 17 has 0 interfaces, different from the descriptor's value: 149
[  319.524500][  T781] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  319.527927][  T781] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  319.530925][  T781] usb 6-1: Product: syz
[  319.532509][  T781] usb 6-1: Manufacturer: syz
[  319.534364][  T781] usb 6-1: SerialNumber: syz
[  319.767437][  T781] usb 6-1: USB disconnect, device number 16
[  320.530631][T11788] loop5: detected capacity change from 0 to 256
[  321.593941][T11812] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2155'.
[  322.557283][T11838] overlayfs: failed to clone upperpath
[  322.748024][T11850] fuse: Bad value for 'fd'
[  322.804430][T11854] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2176'.
[  322.807756][T11854] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2176'.
[  322.810641][T11854] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2176'.
[  322.888329][T11858] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0x5
[  324.278191][T11876] overlayfs: failed to clone upperpath
[  324.314527][T11879] loop5: detected capacity change from 0 to 32768
[  324.317736][T11879] btrfs: Deprecated parameter 'usebackuproot'
[  324.319932][T11879] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  324.328504][T11879] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2187 (11879)
[  324.335648][T11879] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  324.339603][T11879] BTRFS info (device loop5): using crc32c checksum algorithm
[  324.414542][T11879] BTRFS info (device loop5): rebuilding free space tree
[  324.425677][T11879] BTRFS info (device loop5): disabling free space tree
[  324.428127][T11879] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  324.431760][T11879] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  324.437281][T11879] BTRFS info (device loop5): enabling ssd optimizations
[  324.439812][T11879] BTRFS info (device loop5): force clearing of disk cache
[  324.442448][T11879] BTRFS info (device loop5): trying to use backup root at mount time
[  324.461907][   T33] audit: type=1800 audit(2000000062.213:10597): pid=11879 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2187" name="bus" dev="loop5" ino=263 res=0 errno=0
[  324.531836][T10179] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  324.901356][ T5276] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  325.063624][ T5276] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  325.066957][ T5276] usb 6-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  325.070473][ T5276] usb 6-1: config 1 has no interface number 1
[  325.075290][ T5276] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  325.078639][ T5276] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  325.081699][ T5276] usb 6-1: Product: syz
[  325.083412][ T5276] usb 6-1: Manufacturer: syz
[  325.085430][ T5276] usb 6-1: SerialNumber: syz
[  325.341758][ T5276] usb 6-1: 2:1: invalid format type 0x1022 is detected, processed as PCM
[  325.344688][ T5276] usb 6-1: 2:1 : sample bitwidth 43 in over sample bytes 4
[  325.353170][ T5276] usb 6-1: failed to enable PITCH for EP 0x82
[  325.401505][ T5276] usb 6-1: USB disconnect, device number 17
[  325.522854][T10485] udevd[10485]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  325.644428][T11913] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  325.665470][T11913] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  327.241431][T11948] fuse: Bad value for 'fd'
[  329.775299][T11988] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2226'.
[  329.778908][T11988] netlink: 'syz.5.2226': attribute type 30 has an invalid length.
[  329.781905][T11988] netlink: 'syz.5.2226': attribute type 29 has an invalid length.
[  329.787561][T11988] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2226'.
[  329.949424][T11996] bridge1: entered allmulticast mode
[  330.273467][T12019] trusted_key: encrypted_key: insufficient parameters specified
[  332.001483][T12061] loop5: detected capacity change from 0 to 512
[  332.019176][T12061] EXT4-fs (loop5): Test dummy encryption mode enabled
[  332.022109][T12061] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  332.037575][T12061] EXT4-fs error (device loop5): ext4_orphan_get:1417: comm syz.5.2257: bad orphan inode 131083
[  332.041473][T12061] loop5: lost filesystem error report for type 5 error -117
[  332.042668][    C1] EXT4-fs (loop5): error count since last fsck: 1
[  332.047865][    C1] EXT4-fs (loop5): initial error at time 2000000069: ext4_orphan_get:1417
[  332.051026][    C1] EXT4-fs (loop5): last error at time 2000000069: ext4_orphan_get:1417
[  332.056773][T12061] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  332.108460][T10179] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.153245][T12069] loop5: detected capacity change from 0 to 128
[  332.161594][T12069] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  332.165408][T12069] hpfs: filesystem error: improperly stopped
[  332.167528][T12069] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  332.170451][T12069] hpfs: You really don't want any checks? You are crazy...
[  332.175751][T12069] hpfs: Code page index out of array
[  332.178518][T12069] hpfs: code page support is disabled
[  332.180703][T12069] hpfs: hpfs_map_4sectors(): unaligned read
[  332.184085][T12069] hpfs: hpfs_map_4sectors(): unaligned read
[  332.186344][T12069] hpfs: filesystem error: unable to find root dir
[  332.191974][T12069] hpfs: hpfs_map_4sectors(): unaligned read
[  332.240737][T12073] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2263'.
[  332.292890][T12073] bridge1: port 1(veth0_to_bond) entered blocking state
[  332.295105][T12073] bridge1: port 1(veth0_to_bond) entered disabled state
[  332.300136][T12073] veth0_to_bond: entered allmulticast mode
[  332.308412][T12073] veth0_to_bond: entered promiscuous mode
[  332.439694][T12075] loop5: detected capacity change from 0 to 32768
[  332.444212][T12075] OCFS2: ERROR (device loop5): int ocfs2_validate_slot_map_block(struct super_block *, struct buffer_head *): Invalid Slot Map Buffer Head Block Number : 0, Should be >= 2
[  332.444376][T12075] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  332.454715][T12075] OCFS2: File system is now read-only.
[  332.456818][T12075] (syz.5.2264,12075,1):ocfs2_map_slot_buffers:410 ERROR: status = -30
[  332.459349][T12075] (syz.5.2264,12075,1):ocfs2_init_slot_info:448 ERROR: status = -30
[  332.462550][T12075] (syz.5.2264,12075,1):ocfs2_initialize_super:2222 ERROR: status = -30
[  332.465747][T12075] (syz.5.2264,12075,1):ocfs2_fill_super:1177 ERROR: status = -30
[  332.718307][T12090] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2271'.
[  332.765524][T12092] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  333.765146][T12130] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  333.947788][T12140] tipc: Started in network mode
[  333.949691][T12140] tipc: Node identity aaaaaaaaaa35, cluster identity 4711
[  333.952610][T12140] tipc: Enabled bearer <eth:macvlan1>, priority 10
[  334.007821][T12144] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2295'.
[  334.050668][ T2396] pvrusb2: request_firmware fatal error with code=-110
[  334.056093][ T2396] pvrusb2: Failure uploading firmware1
[  334.059763][ T2396] pvrusb2: Device initialization was not successful.
[  334.085224][ T2396] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  334.088300][ T2396] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  334.091192][ T2396] pvrusb2: Failed to submit write-control URB status=-19
[  334.091418][ T5852] pvrusb2: Device being rendered inoperable
[  334.093603][ T2396] usb 5-1: Direct firmware load for v4l-pvrusb2-29xxx-01.fw failed with error -2
[  334.110649][ T2396] usb 5-1: Falling back to sysfs fallback for: v4l-pvrusb2-29xxx-01.fw
[  334.124765][T12149] loop6: detected capacity change from 0 to 512
[  334.214916][T12156] fuse: Bad value for 'fd'
[  334.546535][T12176] trusted_key: encrypted_key: master key parameter 'trusted:' is invalid
[  335.183792][    T9] tipc: Node number set to 10463914
[  335.872457][T12203] loop5: detected capacity change from 0 to 64
[  335.876466][T12203] BFS-fs: bfs_fill_super(): loop5 is unclean, continuing
[  336.081207][T12210] geneve2: entered promiscuous mode
[  336.083353][T12210] geneve2: entered allmulticast mode
[  336.293161][T12212] loop5: detected capacity change from 0 to 1024
[  336.329336][T12212] hfsplus: bad catalog file entry
[  336.366251][ T3541] hfsplus: b-tree write err: -5, ino 3
[  336.371321][ T3541] hfsplus: bad catalog file entry
[  336.766576][T12227] comedi comedi3: 8255: I/O port conflict (0x40404f26,4)
[  337.422115][T12230] loop5: detected capacity change from 0 to 131072
[  337.427014][T12230] F2FS-fs (loop5): Test dummy encryption mode enabled
[  337.431343][T12230] F2FS-fs (loop5): invalid crc value
[  337.469840][T12230] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  337.476130][T12230] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  338.430183][T12250] loop5: detected capacity change from 0 to 40427
[  338.436675][T12250] F2FS-fs (loop5): Invalid SB checksum offset: 0
[  338.438556][T12250] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[  338.454188][T12250] F2FS-fs (loop5): invalid crc value
[  338.504413][T12250] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  338.508296][T12250] F2FS-fs (loop5): Try to recover 2th superblock, ret: 0
[  338.510474][T12250] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  338.539595][T10179] syz-executor: attempt to access beyond end of device
[  338.539595][T10179] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  338.546659][T10179] CPU: 0 UID: 0 PID: 10179 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  338.546686][T10179] Tainted: [L]=SOFTLOCKUP
[  338.546692][T10179] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  338.546702][T10179] Call Trace:
[  338.546707][T10179]  <TASK>
[  338.546714][T10179]  dump_stack_lvl+0xe8/0x150
[  338.546742][T10179]  f2fs_handle_critical_error+0x37c/0x540
[  338.546767][T10179]  f2fs_write_end_io+0x1273/0x1740
[  338.546797][T10179]  __submit_merged_bio+0x256/0x700
[  338.546822][T10179]  __submit_merged_write_cond+0x3c9/0x4e0
[  338.546848][T10179]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  338.546884][T10179]  f2fs_write_data_pages+0x287e/0x34f0
[  338.546904][T10179]  ? is_bpf_text_address+0x26/0x2b0
[  338.546945][T10179]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  338.547005][T10179]  ? lockdep_hardirqs_on+0x7a/0x110
[  338.547059][T10179]  ? __lock_acquire+0x6b5/0x2cf0
[  338.547097][T10179]  ? filemap_get_folios_tag+0x118/0x720
[  338.547115][T10179]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  338.547137][T10179]  do_writepages+0x32e/0x550
[  338.547165][T10179]  ? do_raw_spin_unlock+0x4d/0x210
[  338.547184][T10179]  filemap_fdatawrite+0x1e9/0x2f0
[  338.547208][T10179]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  338.547261][T10179]  ? do_raw_spin_unlock+0x4d/0x210
[  338.547280][T10179]  f2fs_sync_dirty_inodes+0x30e/0x860
[  338.547306][T10179]  f2fs_write_checkpoint+0x9df/0x26a0
[  338.547343][T10179]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  338.547397][T10179]  kill_f2fs_super+0x314/0x720
[  338.547416][T10179]  ? __pfx_kill_f2fs_super+0x10/0x10
[  338.547440][T10179]  ? lockdep_hardirqs_on+0x7a/0x110
[  338.547471][T10179]  deactivate_locked_super+0xbc/0x130
[  338.547492][T10179]  cleanup_mnt+0x437/0x4d0
[  338.547579][T10179]  ? _raw_spin_unlock_irq+0x23/0x50
[  338.547652][T10179]  task_work_run+0x1d9/0x270
[  338.547671][T10179]  ? __pfx_task_work_run+0x10/0x10
[  338.547694][T10179]  exit_to_user_mode_loop+0xed/0x480
[  338.547711][T10179]  ? rcu_is_watching+0x15/0xb0
[  338.547736][T10179]  do_syscall_64+0x32d/0xf80
[  338.547748][T10179]  ? trace_irq_disable+0x3b/0x150
[  338.547761][T10179]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.547780][T10179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  338.547795][T10179] RIP: 0033:0x7f489e99d9d7
[  338.547811][T10179] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  338.547823][T10179] RSP: 002b:00007ffd0379a3c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  338.547839][T10179] RAX: 0000000000000000 RBX: 00007f489ea32050 RCX: 00007f489e99d9d7
[  338.547849][T10179] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd0379a480
[  338.547857][T10179] RBP: 00007ffd0379a480 R08: 00007ffd0379b480 R09: 00000000ffffffff
[  338.547867][T10179] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd0379b510
[  338.547875][T10179] R13: 00007f489ea32050 R14: 000000000004e7c9 R15: 00007ffd0379b550
[  338.547899][T10179]  </TASK>
[  338.548903][T10179] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  338.751295][T12256] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  338.911398][T12260] futex_wake_op: syz.4.2346 tries to shift op by -1; fix this program
[  338.989557][T12266] fuse: Bad value for 'fd'
[  339.118831][T12274] 9p: Bad value for 'rfdno'
[  339.487151][ T1361] ieee802154 phy1 wpan1: encryption failed: -22
[  339.694307][T12269] loop5: detected capacity change from 0 to 131072
[  339.698136][T12269] F2FS-fs (loop5): invalid crc value
[  339.748746][T12269] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  339.757087][T12269] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  340.757713][T12309] loop6: detected capacity change from 0 to 128
[  340.959582][T12316] loop6: detected capacity change from 0 to 4096
[  341.239359][T12333] netlink: 104 bytes leftover after parsing attributes in process `syz.5.2377'.
[  342.681520][T12369] ufs: You didn't specify the type of your ufs filesystem
[  342.681520][T12369] 
[  342.681520][T12369] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  342.681520][T12369] 
[  342.681520][T12369] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  342.694304][T12369] ufs: ufstype=old is supported read-only
[  343.532404][T12381] loop5: detected capacity change from 0 to 16
[  343.544242][T12381] erofs (device loop5): mounted with root inode @ nid 36.
[  343.694077][T12387] loop5: detected capacity change from 0 to 2048
[  343.702825][T12387] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  343.753205][T12389] loop5: detected capacity change from 0 to 256
[  343.763420][T12389] exFAT-fs (loop5): failed to load upcase table (idx : 0x000106cd, chksum : 0x3aeaf2c0, utbl_chksum : 0xe619d30d)
[  343.767954][T12389] exFAT-fs (loop5): failed to load alloc-bitmap
[  343.772567][T12389] exFAT-fs (loop5): failed to recognize exfat type
[  344.156793][T12401] loop5: detected capacity change from 0 to 8
[  344.162723][T12401] SQUASHFS error: Failed to read block 0xe000000000001ea: -5
[  344.165376][T12401] unable to read xattr id index table
[  344.548313][   T32] kernel write not supported for file bpf-prog (pid: 32 comm: kworker/1:1)
[  344.771973][T12408] loop6: detected capacity change from 0 to 32768
[  344.775493][T12408] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.2408 (12408)
[  344.779696][T12408] BTRFS error: failed to open device for path /dev/loop6 with flags 0x23: -13
[  345.099994][T12428] loop5: detected capacity change from 0 to 2048
[  345.109953][T12428] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  345.511781][T12446] loop5: detected capacity change from 0 to 4096
[  345.541878][T12446] ntfs3(loop5): ino=3, ntfs_set_state failed, -22.
[  345.548762][T12446] ntfs3(loop5): Failed to initialize $Extend/$ObjId.
[  345.564269][   T33] audit: type=1800 audit(2000000081.950:10598): pid=12446 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2426" name="file1" dev="loop5" ino=30 res=0 errno=0
[  345.573343][T12434] loop6: detected capacity change from 0 to 32768
[  345.596129][T12445] ntfs3(loop5): ino=1e, "file1" attr_set_size_ex
[  345.662948][ T3541] ntfs3(loop5): ino=3, ntfs3_write_inode failed, -22.
[  345.669675][T10179] ntfs3(loop5): ino=3, ntfs_set_state failed, -22.
[  345.676234][T10179] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  345.685293][T10179] ntfs3(loop5): ino=3, ntfs_set_state failed, -22.
[  345.694724][   T88] ntfs3(loop5): ino=3, ntfs3_write_inode failed, -22.
[  345.797868][T12450] loop6: detected capacity change from 0 to 512
[  345.803382][T12450] EXT4-fs: Ignoring removed bh option
[  345.929318][T12456] loop6: detected capacity change from 0 to 256
[  346.197526][T12458] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2432 (12458)
[  346.215391][T12458] BTRFS info (device loop5): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  346.218752][T12458] BTRFS info (device loop5): using crc32c checksum algorithm
[  346.278882][T12458] BTRFS info (device loop5): enabling ssd optimizations
[  346.280957][T12458] BTRFS info (device loop5): turning on async discard
[  346.283243][T12458] BTRFS info (device loop5): enabling free space tree
[  346.379947][T10179] BTRFS info (device loop5): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  347.105808][   T10] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  347.266663][   T10] usb 6-1: Using ep0 maxpacket: 8
[  347.271705][   T10] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  347.275861][   T10] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  347.279306][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  347.290549][   T10] usb 6-1: config 0 descriptor??
[  347.513454][   T10] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  347.800943][   T32] usb 6-1: USB disconnect, device number 18
[  347.801044][    C0] iowarrior 6-1:0.0: iowarrior_callback - usb_submit_urb failed with result -19
[  348.469228][T12534] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2459'.
[  348.555194][T12536] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  348.656413][T12537] UDF-fs: error (device loop5): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  348.892728][T12545] VFS: Mount too revealing
[  349.204058][T12552] set_capacity_and_notify: 2 callbacks suppressed
[  349.204117][T12552] loop5: detected capacity change from 0 to 128
[  349.214415][T12552] adfs: Bad value for 'gid'
[  349.216300][T12552] adfs: Bad value for 'gid'
[  350.601836][   T24] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  350.693793][T12578] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2479'.
[  350.697364][T12578] openvswitch: netlink: nsh attribute has 4 unknown bytes.
[  350.764241][   T24] usb 6-1: Using ep0 maxpacket: 32
[  350.768450][   T24] usb 6-1: config 0 has an invalid interface number: 85 but max is 0
[  350.770884][   T24] usb 6-1: config 0 has no interface number 0
[  350.773063][   T24] usb 6-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  350.776230][   T24] usb 6-1: config 0 interface 85 has no altsetting 0
[  350.780120][   T24] usb 6-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  350.782897][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  350.785452][   T24] usb 6-1: Product: syz
[  350.786699][   T24] usb 6-1: Manufacturer: syz
[  350.788145][   T24] usb 6-1: SerialNumber: syz
[  350.791848][   T24] usb 6-1: config 0 descriptor??
[  351.421695][T12584] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2482'.
[  351.447947][   T24] appletouch 6-1:0.85: Geyser mode initialized.
[  351.452009][   T24] input: appletouch as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.85/input/input26
[  351.667754][   T10] usb 6-1: USB disconnect, device number 19
[  351.690054][   T10] appletouch 6-1:0.85: input: appletouch disconnected
[  352.398527][T12596] loop5: detected capacity change from 0 to 40427
[  352.407622][T12596] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  352.413758][T12596] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  352.451508][T12596] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  352.455253][T12596] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  352.457321][T12596] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  352.502101][T12596] syz.5.2486: attempt to access beyond end of device
[  352.502101][T12596] loop5: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  353.041538][T12621] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2496'.
[  353.046116][T12621] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2496'.
[  353.080708][T12624] loop5: detected capacity change from 0 to 8
[  353.103453][T12624] SQUASHFS error: Failed to read block 0x26067d: -5
[  353.112506][T12624] SQUASHFS error: Unable to read metadata cache entry [26067d]
[  353.115587][T12624] SQUASHFS error: Unable to read directory block [26067d:ffff]
[  353.911598][T12636] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2502'.
[  354.917790][T12674] fuse: Bad value for 'fd'
[  355.571040][T12693] loop5: detected capacity change from 0 to 512
[  355.581075][T12693] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  355.670436][T12695] fuse: Bad value for 'fd'
[  355.751287][T12701] binder: 12700:12701 ioctl c018620b 200000000780 returned -14
[  355.859809][T12709] netlink: 372 bytes leftover after parsing attributes in process `syz.4.2536'.
[  355.864090][T12709] netlink: 648 bytes leftover after parsing attributes in process `syz.4.2536'.
[  355.867060][T12709] sch_tbf: burst 0 is lower than device ip6tnl0 mtu (1452) !
[  355.978081][T12707] loop5: detected capacity change from 0 to 32768
[  355.984250][T12707] (syz.5.2535,12707,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xc2d589a7, computed 0x937fa31f. Applying ECC.
[  355.997668][T12707] (syz.5.2535,12707,1):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0xc2d589a7, computed 0x937fa31f
[  356.007594][T12707] (syz.5.2535,12707,1):ocfs2_validate_inode_block:1441 ERROR: Checksum failed for dinode 17
[  356.012059][T12707] (syz.5.2535,12707,1):ocfs2_read_locked_inode:599 ERROR: status = -5
[  356.014580][T12707] (syz.5.2535,12707,1):ocfs2_init_global_system_inodes:444 ERROR: status = -5
[  356.017208][T12707] (syz.5.2535,12707,1):ocfs2_init_global_system_inodes:476 ERROR: status = -5
[  356.019723][T12707] (syz.5.2535,12707,1):ocfs2_initialize_super:2198 ERROR: status = -5
[  356.023173][T12707] (syz.5.2535,12707,1):ocfs2_fill_super:1177 ERROR: status = -5
[  356.887461][   T33] audit: type=1800 audit(2000000092.539:10599): pid=12727 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.2545" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  358.211258][T12771] netlink: 'syz.5.2565': attribute type 1 has an invalid length.
[  358.318884][T12773] lo speed is unknown, defaulting to 1000
[  358.322869][T12773] lo speed is unknown, defaulting to 1000
[  358.347724][T12773] lo speed is unknown, defaulting to 1000
[  358.379664][T12773] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  358.404152][T12773] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  358.524516][T12773] lo speed is unknown, defaulting to 1000
[  358.528518][T12773] lo speed is unknown, defaulting to 1000
[  358.531694][T12773] lo speed is unknown, defaulting to 1000
[  358.534807][T12773] lo speed is unknown, defaulting to 1000
[  358.951746][T12781] loop6: detected capacity change from 0 to 1024
[  359.165163][T12790] fuse: Bad value for 'fd'
[  359.349546][T12795] overlayfs: failed to resolve './file0': -2
[  361.275854][T12848] overlayfs: failed to clone upperpath
[  361.336860][T12854] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2601'.
[  361.343053][T12854] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2601'.
[  361.354822][T12854] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2601'.
[  361.361654][T12854] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2601'.
[  361.388049][T12856] loop5: detected capacity change from 0 to 1024
[  361.406349][T12856] EXT4-fs: inline encryption not supported
[  361.416362][T12856] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  361.438447][T12856] EXT4-fs error (device loop5): ext4_free_blocks:6724: comm syz.5.2602: Freeing blocks not in datazone - block = 0, count = 4096
[  361.455210][T12856] loop5: lost filesystem error report for type 5 error -117
[  361.463221][    C0] EXT4-fs (loop5): error count since last fsck: 1
[  361.468536][    C0] EXT4-fs (loop5): initial error at time 2000000096: ext4_free_blocks:6724
[  361.471888][    C0] EXT4-fs (loop5): last error at time 2000000096: ext4_free_blocks:6724
[  361.476064][T12856] EXT4-fs (loop5): Remounting filesystem read-only
[  361.482074][T12856] EXT4-fs (loop5): 1 orphan inode deleted
[  361.488924][T12856] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  361.495691][   T26] EXT4-fs (loop5): Quota write (off=2048, len=1024) cancelled because transaction is not started
[  361.505281][   T26] Quota error (device loop5): write_blk: dquota write failed
[  361.512871][   T26] Quota error (device loop5): remove_free_dqentry: Can't write block (2) with free entries
[  361.521426][   T26] EXT4-fs (loop5): Quota write (off=2048, len=1024) cancelled because transaction is not started
[  361.530018][   T26] Quota error (device loop5): write_blk: dquota write failed
[  361.536206][   T26] Quota error (device loop5): free_dqentry: Can't move quota data block (2) to free list
[  361.542845][T10179] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  361.546539][   T26] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[  361.551102][   T26] Quota error (device loop5): v2_write_file_info: Can't write info structure
[  361.808065][T12875] loop6: detected capacity change from 0 to 128
[  362.682776][   T10] usb 6-1: new high-speed USB device number 20 using dummy_hcd
[  362.830368][T12889] overlayfs: failed to clone upperpath
[  362.845294][   T10] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 248, changing to 7
[  362.850364][   T10] usb 6-1: New USB device found, idVendor=041e, idProduct=3000, bcdDevice= 0.40
[  362.857047][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  362.860346][   T10] usb 6-1: Product: syz
[  362.861729][   T10] usb 6-1: Manufacturer: syz
[  362.863006][   T10] usb 6-1: SerialNumber: syz
[  363.095004][   T10] usb 6-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  363.097905][   T10] usb 6-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  363.134858][   T10] usb 6-1: USB disconnect, device number 20
[  363.349227][    T9] kernel read not supported for file /vcs (pid: 9 comm: kworker/0:0)
[  363.463325][T12903] loop6: detected capacity change from 0 to 512
[  364.515399][T12916] netlink: 52 bytes leftover after parsing attributes in process `syz.4.2628'.
[  364.518986][T12916] bridge0: port 2(bridge_slave_1) entered disabled state
[  364.522372][T12916] bridge0: port 1(bridge_slave_0) entered disabled state
[  364.740146][T12930] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2635'.
[  364.815296][T12936] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  364.818960][T12936] IPv6: NLM_F_CREATE should be set when creating new route
[  364.872594][T12938] loop5: detected capacity change from 0 to 512
[  364.902168][T12938] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  364.906944][T12938] EXT4-fs error (device loop5): ext4_get_journal_inode:5863: comm syz.5.2640: inode #1792: comm syz.5.2640: iget: illegal inode #
[  364.911891][T12938] loop5: lost filesystem error report for type 5 error -117
[  364.915873][T12938] EXT4-fs (loop5): Remounting filesystem read-only
[  364.918743][    C0] EXT4-fs (loop5): error count since last fsck: 1
[  364.918761][    C0] EXT4-fs (loop5): initial error at time 2000000100: ext4_get_journal_inode:5863
[  364.918779][    C0] EXT4-fs (loop5): last error at time 2000000100: ext4_get_journal_inode:5863
[  364.931131][T12938] EXT4-fs (loop5): no journal found
[  364.933138][T12938] EXT4-fs (loop5): can't get journal size
[  364.940308][T12938] EXT4-fs (loop5): warning: mounting fs with errors, running e2fsck is recommended
[  364.944540][T12938] EXT4-fs (loop5): Errors on filesystem, clearing orphan list.
[  364.951380][T12938] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  364.976682][T10179] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  366.422785][T12973] loop5: detected capacity change from 0 to 1024
[  366.430325][T12973] EXT4-fs (loop5): Can't support bigalloc feature without extents feature
[  366.430325][T12973] 
[  366.445610][T12973] EXT4-fs (loop5): couldn't mount as ext3 due to feature incompatibilities
[  366.621407][T12975] loop5: detected capacity change from 0 to 32768
[  366.629223][T12975] OCFS2: ERROR (device loop5): int ocfs2_validate_inode_block(struct super_block *, struct buffer_head *): Invalid dinode #70: signature = INOE01
[  366.644107][T12975] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  366.651648][T12975] OCFS2: File system is now read-only.
[  366.657525][T12975] (syz.5.2655,12975,1):ocfs2_read_locked_inode:599 ERROR: status = -30
[  366.661865][T12975] (syz.5.2655,12975,1):_ocfs2_get_system_file_inode:144 ERROR: status = -30
[  366.665027][T12975] (syz.5.2655,12975,1):ocfs2_init_global_system_inodes:465 ERROR: status = -30
[  366.667630][T12975] (syz.5.2655,12975,1):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 3, possibly corrupt fs?
[  366.667646][T12975] (syz.5.2655,12975,1):ocfs2_init_global_system_inodes:476 ERROR: status = -30
[  366.675874][T12975] (syz.5.2655,12975,1):ocfs2_initialize_super:2198 ERROR: status = -30
[  366.678905][T12975] (syz.5.2655,12975,1):ocfs2_fill_super:1177 ERROR: status = -30
[  367.225601][    T9] usb 6-1: new full-speed USB device number 21 using dummy_hcd
[  367.387758][    T9] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  367.391727][    T9] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2
[  367.395032][    T9] usb 6-1: config 1 has no interface number 0
[  367.397924][    T9] usb 6-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  367.402039][    T9] usb 6-1: config 1 interface 1 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  367.406101][    T9] usb 6-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  367.409854][    T9] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  367.412733][    T9] usb 6-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  367.423022][    T9] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  367.426300][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  367.429533][    T9] usb 6-1: Product: syz
[  367.430773][    T9] usb 6-1: Manufacturer: syz
[  367.432187][    T9] usb 6-1: SerialNumber: syz
[  367.435593][T12989] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  367.721908][T12979] syz.6.2657 (12979): drop_caches: 2
[  367.886893][T12989] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  367.889549][T13004] loop6: detected capacity change from 0 to 1024
[  367.902027][T13004] EXT4-fs: Ignoring removed orlov option
[  367.908764][T13004] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (24670!=35945)
[  367.912557][T13004] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  367.921287][T13004] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  367.923784][T13004] EXT4-fs (loop6): write access unavailable, skipping orphan cleanup
[  367.927125][T13004] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  367.943210][T13004] EXT4-fs error (device loop6): ext4_search_dir:1474: inode #2: block 16: comm syz.6.2669: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[  367.953280][T13004] EXT4-fs (loop6): Remounting filesystem read-only
[  367.987787][T10348] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.063504][T13013] loop6: detected capacity change from 0 to 4096
[  368.322293][    T9] cdc_ncm 6-1:1.1: bind() failure
[  368.507410][T13027] loop6: detected capacity change from 0 to 40427
[  368.543170][    T9] usb 6-1: USB disconnect, device number 21
[  369.149341][T13037] loop5: detected capacity change from 0 to 128
[  369.163811][T13037] zonefs (loop5) ERROR: Not a zoned block device
[  369.255443][T13041] loop5: detected capacity change from 0 to 128
[  369.264667][T13041] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  369.272909][T13041] ext4 filesystem being mounted at /359/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  369.303124][T10179] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  369.538526][T13061] loop5: detected capacity change from 0 to 2048
[  369.566161][T13061] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  370.129295][T13081] A link change request failed with some changes committed already. Interface veth0_to_team may have been left with an inconsistent configuration, please check.
[  370.177248][   T33] audit: type=1326 audit(2000000104.979:10600): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13082 comm="syz.4.2706" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f681ed9c799 code=0x7ffc0000
[  370.184478][   T33] audit: type=1326 audit(2000000104.979:10601): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13082 comm="syz.4.2706" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f681ed9c799 code=0x7ffc0000
[  370.195470][   T33] audit: type=1326 audit(2000000104.979:10602): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13082 comm="syz.4.2706" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f681ed9c799 code=0x7ffc0000
[  370.203879][   T33] audit: type=1326 audit(2000000104.979:10603): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13082 comm="syz.4.2706" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f681ed9c799 code=0x7ffc0000
[  370.211963][   T33] audit: type=1326 audit(2000000104.979:10604): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13082 comm="syz.4.2706" exe="/syz-executor" sig=0 arch=c000003e syscall=86 compat=0 ip=0x7f681ed9c799 code=0x7ffc0000
[  370.219224][   T33] audit: type=1326 audit(2000000104.979:10605): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13082 comm="syz.4.2706" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f681ed9c799 code=0x7ffc0000
[  370.227022][   T33] audit: type=1326 audit(2000000104.979:10606): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13082 comm="syz.4.2706" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f681ed9c799 code=0x7ffc0000
[  370.235366][   T33] audit: type=1326 audit(2000000104.979:10607): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13082 comm="syz.4.2706" exe="/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f681ed9c799 code=0x7ffc0000
[  370.242499][   T33] audit: type=1326 audit(2000000104.979:10608): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13082 comm="syz.4.2706" exe="/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f681ed9c799 code=0x7ffc0000
[  371.982829][ T5817] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  371.983524][ T5822] Bluetooth: hci2: command 0x1003 tx timeout
[  372.596591][T13107] program syz.5.2713 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  372.643887][T13109] loop5: detected capacity change from 0 to 512
[  372.654795][T13109] EXT4-fs: Ignoring removed nobh option
[  372.660611][T13109] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  372.672682][T13109] EXT4-fs error (device loop5): ext4_orphan_get:1391: inode #15: comm syz.5.2714: iget: bad i_size value: 38620345925642
[  372.676334][T13109] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  372.676609][T13109] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.2714: couldn't read orphan inode 15 (err -117)
[  372.679350][    C0] EXT4-fs (loop5): error count since last fsck: 1
[  372.679362][    C0] EXT4-fs (loop5): initial error at time 2000000107: ext4_orphan_get:1391: inode 15
[  372.679376][    C0] EXT4-fs (loop5): last error at time 2000000107: ext4_orphan_get:1391: inode 15
[  372.693150][T13109] loop5: lost filesystem error report for type 5 error -117
[  372.694716][T13109] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  372.706229][T13109] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #16: comm syz.5.2714: invalid indirect mapped block 3973251072 (level 0)
[  372.738878][T10179] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  375.555302][T13151] loop5: detected capacity change from 0 to 131072
[  375.563128][T13151] F2FS-fs (loop5): invalid crc value
[  375.615031][T13151] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  375.622336][T13151] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e4
[  376.273704][T13179] dummy0: entered promiscuous mode
[  376.279814][T13179] macsec1: entered promiscuous mode
[  376.294776][T13179] macsec1: entered allmulticast mode
[  376.296804][T13179] dummy0: entered allmulticast mode
[  376.341698][T13181] Process accounting resumed
[  376.369145][T13179] dummy0: left allmulticast mode
[  376.372606][T13179] dummy0: left promiscuous mode
[  376.448827][T13183] overlayfs: missing 'lowerdir'
[  377.144519][T13213] overlayfs: failed to clone upperpath
[  377.503204][ T5671] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  377.506752][ T5671] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  377.512490][ T5671] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  377.515637][ T5671] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  379.706080][ T3541] Bluetooth: hci2: Frame reassembly failed (-84)
[  379.718650][ T3533] Bluetooth: hci2: received HCILL_GO_TO_SLEEP_ACK in state 0
[  381.904269][ T5822] Bluetooth: hci2: command 0x1003 tx timeout
[  381.909186][ T5817] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  382.034958][T13327] loop6: detected capacity change from 0 to 256
[  382.037780][T13327] exfat: Deprecated parameter 'namecase'
[  382.040985][T13327] exfat: Deprecated parameter 'utf8'
[  382.160797][T13336] vivid-002: disconnect
[  382.175223][T13335] vivid-002: reconnect
[  383.420091][T13361] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2823'.
[  384.730958][T13393] loop5: detected capacity change from 0 to 256
[  384.781575][T13393] FAT-fs (loop5): Directory bread(block 64) failed
[  384.784248][T13393] FAT-fs (loop5): Directory bread(block 65) failed
[  384.786816][T13393] FAT-fs (loop5): Directory bread(block 66) failed
[  384.789342][T13393] FAT-fs (loop5): Directory bread(block 67) failed
[  384.801986][T13393] FAT-fs (loop5): Directory bread(block 68) failed
[  384.803955][T13393] FAT-fs (loop5): Directory bread(block 69) failed
[  384.806036][T13393] FAT-fs (loop5): Directory bread(block 70) failed
[  384.808086][T13393] FAT-fs (loop5): Directory bread(block 71) failed
[  384.810019][T13393] FAT-fs (loop5): Directory bread(block 72) failed
[  384.812460][T13393] FAT-fs (loop5): Directory bread(block 73) failed
[  385.363843][T13404] loop5: detected capacity change from 0 to 32768
[  385.400104][T13404] JBD2: Ignoring recovery information on journal
[  385.425968][T13404] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  385.501848][T10179] ocfs2: Unmounting device (7,5) on (node local)
[  385.905328][   T33] audit: type=1326 audit(2000000119.693:10609): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13422 comm="syz.4.2848" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f681ed9c799 code=0x7ffc0000
[  385.918642][   T33] audit: type=1326 audit(2000000119.693:10610): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13422 comm="syz.4.2848" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f681ed9c799 code=0x7ffc0000
[  385.927355][   T33] audit: type=1326 audit(2000000119.693:10611): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13422 comm="syz.4.2848" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f681ed9c799 code=0x7ffc0000
[  386.227966][   T33] audit: type=1326 audit(2000000119.693:10612): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13422 comm="syz.4.2848" exe="/syz-executor" sig=0 arch=c000003e syscall=291 compat=0 ip=0x7f681ed9c799 code=0x7ffc0000
[  386.234676][   T33] audit: type=1326 audit(2000000119.693:10613): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13422 comm="syz.4.2848" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f681ed9c799 code=0x7ffc0000
[  386.242575][   T33] audit: type=1326 audit(2000000119.693:10614): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13422 comm="syz.4.2848" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f681ed9c799 code=0x7ffc0000
[  386.250760][   T33] audit: type=1326 audit(2000000119.693:10615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13422 comm="syz.4.2848" exe="/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f681ed9c799 code=0x7ffc0000
[  386.259266][   T33] audit: type=1326 audit(2000000119.693:10616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13422 comm="syz.4.2848" exe="/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f681ed9c799 code=0x7ffc0000
[  386.298603][T13430] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2852'.
[  386.313553][T13430] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2852'.
[  386.480442][T13428] loop5: detected capacity change from 0 to 32768
[  386.495784][T13428] XFS (loop5): DAX unsupported by block device. Turning off DAX.
[  386.506902][T13428] XFS (loop5): Mounting V5 filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 in no-recovery mode. Filesystem will be inconsistent.
[  386.552027][   T33] audit: type=1326 audit(2000000120.292:10617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13447 comm="syz.4.2857" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f681ed9c799 code=0x0
[  386.563963][T10179] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  387.031162][T13457] loop5: detected capacity change from 0 to 40427
[  387.038644][T13457] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  387.057106][T13457] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  387.060195][T13457] F2FS-fs (loop5): invalid crc value
[  387.109296][T13457] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  387.114313][T13457] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  387.116393][T13457] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  387.125861][T13457] syz.5.2858: attempt to access beyond end of device
[  387.125861][T13457] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  387.167773][T10179] syz-executor: attempt to access beyond end of device
[  387.167773][T10179] loop5: rw=8390659, sector=45096, nr_sectors = 8 limit=40427
[  387.172106][T10179] F2FS-fs (loop5): Issue discard(5637, 5637, 1) failed, ret: -5
[  387.249383][T13467] loop6: detected capacity change from 0 to 32768
[  387.254029][T13467] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.2864 (13467)
[  387.264784][T13467] BTRFS error: failed to open device for path /dev/loop6 with flags 0x23: -13
[  387.543839][T13491] AppArmor: change_hat: Invalid input '0'
[  388.381681][T13514] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2885'.
[  388.539343][T13516] overlayfs: failed to clone upperpath
[  389.442395][T13533] loop5: detected capacity change from 0 to 128
[  389.446190][T13533] vfat: Unknown parameter '18446744073709551615'
[  389.627232][T13537] loop6: detected capacity change from 0 to 4096
[  390.314281][T13547] loop6: detected capacity change from 0 to 131072
[  391.657959][T13587] loop6: detected capacity change from 0 to 2048
[  391.660774][T13587] udf: Unexpected value for 'shortad'
[  391.859925][T13598] loop6: detected capacity change from 0 to 4096
[  391.886965][T13583] loop5: detected capacity change from 0 to 32768
[  391.927234][T13583] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  391.958246][T13583] XFS (loop5): Ending clean mount
[  391.961529][T13583] XFS (loop5): Quotacheck needed: Please wait.
[  392.013060][T13583] XFS (loop5): Quotacheck: Done.
[  392.065890][T10179] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  392.395886][T13639] netlink: 'syz.4.2937': attribute type 10 has an invalid length.
[  392.398357][T13639] netlink: 40 bytes leftover after parsing attributes in process `syz.4.2937'.
[  392.410875][T13639] batadv0: entered promiscuous mode
[  392.417994][T13639] batadv0: entered allmulticast mode
[  392.429448][T13639] bridge0: port 3(batadv0) entered blocking state
[  392.431470][T13639] bridge0: port 3(batadv0) entered disabled state
[  392.467180][   T33] audit: type=1326 audit(2000000125.820:10618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13644 comm="syz.6.2939" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eb799c799 code=0x7ffc0000
[  392.493939][T13643] lo speed is unknown, defaulting to 1000
[  392.498778][   T33] audit: type=1326 audit(2000000125.820:10619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13644 comm="syz.6.2939" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eb799c799 code=0x7ffc0000
[  392.517222][   T33] audit: type=1326 audit(2000000125.820:10620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13644 comm="syz.6.2939" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5eb799c799 code=0x7ffc0000
[  392.524942][   T33] audit: type=1326 audit(2000000125.820:10621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13644 comm="syz.6.2939" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eb799c799 code=0x7ffc0000
[  392.537269][   T33] audit: type=1326 audit(2000000125.820:10622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13644 comm="syz.6.2939" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eb799c799 code=0x7ffc0000
[  392.546104][   T33] audit: type=1326 audit(2000000125.820:10623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13644 comm="syz.6.2939" exe="/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7f5eb799c799 code=0x7ffc0000
[  392.560847][   T33] audit: type=1326 audit(2000000125.820:10624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13644 comm="syz.6.2939" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eb799c799 code=0x7ffc0000
[  392.574003][   T33] audit: type=1326 audit(2000000125.820:10625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13644 comm="syz.6.2939" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eb799c799 code=0x7ffc0000
[  392.589299][   T33] audit: type=1326 audit(2000000125.820:10626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13644 comm="syz.6.2939" exe="/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7f5eb799c799 code=0x7ffc0000
[  392.597649][   T33] audit: type=1326 audit(2000000125.820:10627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13644 comm="syz.6.2939" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5eb799c799 code=0x7ffc0000
[  392.636386][T13655] loop6: detected capacity change from 0 to 256
[  392.761221][T13659] loop6: detected capacity change from 0 to 256
[  392.861123][T13662] unsupported nlmsg_type 40
[  392.924167][T13664] lo: entered allmulticast mode
[  392.930094][T13663] lo: left allmulticast mode
[  392.979535][ T5671] batman_adv: batadv0: No IGMP Querier present - multicast optimizations disabled
[  392.995831][ T5671] batman_adv: batadv0: No MLD Querier present - multicast optimizations disabled
[  393.434832][T13682] nvme_fabrics: missing parameter 'transport=%s'
[  393.437585][T13682] nvme_fabrics: missing parameter 'nqn=%s'
[  394.426994][T13710] loop6: detected capacity change from 0 to 128
[  394.495073][T13713] loop6: detected capacity change from 0 to 64
[  394.570479][T13716] netlink: 'syz.6.2969': attribute type 32 has an invalid length.
[  395.020672][T13732] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2976'.
[  395.140672][T13740] loop6: detected capacity change from 0 to 2048
[  395.868993][T13756] SET target dimension over the limit!
[  396.443233][ T5817] Bluetooth: hci1: command 0x0405 tx timeout
[  396.902634][   T10] usb 6-1: new full-speed USB device number 22 using dummy_hcd
[  397.054465][T13782] netlink: 'syz.6.2998': attribute type 1 has an invalid length.
[  397.102133][   T10] usb 6-1: unable to get BOS descriptor or descriptor too short
[  397.105900][   T10] usb 6-1: not running at top speed; connect to a high speed hub
[  397.113885][   T10] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 128, changing to 4
[  397.119186][   T10] usb 6-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  397.122218][   T10] usb 6-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 255, changing to 4
[  397.137604][   T10] usb 6-1: New USB device found, idVendor=1235, idProduct=8214, bcdDevice= 0.40
[  397.140695][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  397.143363][   T10] usb 6-1: Product: syz
[  397.144651][   T10] usb 6-1: Manufacturer: syz
[  397.146143][   T10] usb 6-1: SerialNumber: syz
[  397.207786][T13790] overlayfs: failed to clone lowerpath
[  397.332120][T13798] overlayfs: failed to clone upperpath
[  397.386435][   T10] usb 6-1: 2:1 : no UAC_FORMAT_TYPE desc
[  397.425634][   T10] usb 6-1: USB disconnect, device number 22
[  397.448517][T10483] udevd[10483]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  397.822828][   T33] kauditd_printk_skb: 254 callbacks suppressed
[  397.823059][   T33] audit: type=1326 audit(2000000130.825:10882): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13795 comm="syz.6.3005" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5eb795cfce code=0x7ffc0000
[  397.838062][   T33] audit: type=1326 audit(2000000130.853:10883): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13795 comm="syz.6.3005" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5eb795cfce code=0x7ffc0000
[  397.847065][   T33] audit: type=1326 audit(2000000130.862:10884): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13795 comm="syz.6.3005" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5eb795cfce code=0x7ffc0000
[  398.130328][   T33] audit: type=1326 audit(2000000130.890:10885): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13795 comm="syz.6.3005" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5eb795cfce code=0x7ffc0000
[  398.137874][   T33] audit: type=1326 audit(2000000130.899:10886): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13795 comm="syz.6.3005" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5eb795cfce code=0x7ffc0000
[  398.155309][   T33] audit: type=1326 audit(2000000130.899:10887): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13795 comm="syz.6.3005" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5eb795cfce code=0x7ffc0000
[  398.162090][T13811] syz_tun: entered allmulticast mode
[  398.175705][   T33] audit: type=1326 audit(2000000131.115:10888): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13795 comm="syz.6.3005" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5eb795cfce code=0x7ffc0000
[  398.202700][   T33] audit: type=1326 audit(2000000131.133:10889): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13795 comm="syz.6.3005" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5eb795cfce code=0x7ffc0000
[  398.217114][   T33] audit: type=1326 audit(2000000131.152:10890): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13795 comm="syz.6.3005" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5eb795cfce code=0x7ffc0000
[  398.217866][T13816] loop5: detected capacity change from 0 to 512
[  398.234772][   T33] audit: type=1326 audit(2000000131.161:10891): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13795 comm="syz.6.3005" exe="/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f5eb795cfce code=0x7ffc0000
[  398.255607][T13816] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  398.260781][T13816] ext4 filesystem being mounted at /458/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  398.350515][T10179] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  398.523726][T13809] syz_tun: left allmulticast mode
[  399.600475][T13852] binder: 13851:13852 unknown command 3
[  399.602198][T13852] binder: 13851:13852 ioctl c0306201 200000000180 returned -22
[  399.697763][ T2396] pvrusb2: request_firmware fatal error with code=-110
[  399.702548][ T2396] pvrusb2: Failure uploading firmware1
[  399.705005][ T2396] pvrusb2: Device initialization was not successful.
[  399.707609][ T2396] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  399.710899][ T2396] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  399.717841][ T5852] pvrusb2: Device being rendered inoperable
[  399.783544][T13857] loop5: detected capacity change from 0 to 512
[  399.791351][T13857] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  399.826062][T13857] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  399.830803][T13857] ext4 filesystem being mounted at /463/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  399.857980][T10179] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  401.668148][T13827] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  401.860458][T13887] loop5: detected capacity change from 0 to 256
[  401.887292][T13887] FAT-fs (loop5): Directory bread(block 64) failed
[  401.889482][T13887] FAT-fs (loop5): Directory bread(block 65) failed
[  401.891585][T13887] FAT-fs (loop5): Directory bread(block 66) failed
[  401.893670][T13887] FAT-fs (loop5): Directory bread(block 67) failed
[  401.898051][T13887] FAT-fs (loop5): Directory bread(block 68) failed
[  401.900644][T13887] FAT-fs (loop5): Directory bread(block 69) failed
[  401.902570][T13887] FAT-fs (loop5): Directory bread(block 70) failed
[  401.906012][T13887] FAT-fs (loop5): Directory bread(block 71) failed
[  401.907945][T13887] FAT-fs (loop5): Directory bread(block 72) failed
[  401.909916][T13887] FAT-fs (loop5): Directory bread(block 73) failed
[  401.940248][T13890] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  402.127460][T13901] loop5: detected capacity change from 0 to 512
[  402.166177][T13901] EXT4-fs (loop5): 1 orphan inode deleted
[  402.168761][T13901] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  402.172481][T13901] ext4 filesystem being mounted at /479/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  402.184194][T12530] EXT4-fs error (device loop5): ext4_release_dquot:7037: comm kworker/u9:7: Failed to release dquot type 1
[  402.201849][T13901] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  402.206255][T13901] EXT4-fs error (device loop5): ext4_get_parent:1836: inode #14: comm syz.5.3045: iget: bogus i_mode (0)
[  402.222602][T10179] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  402.515458][   T10] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[  402.678485][   T10] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  402.681797][   T10] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  402.695853][   T10] usb 6-1: New USB device found, idVendor=0dfc, idProduct=0001, bcdDevice= c.19
[  402.706657][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  402.711115][   T10] usb 6-1: config 0 descriptor??
[  402.934109][   T10] usb 6-1: USB disconnect, device number 23
[  403.540126][T13948] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3066'.
[  403.545773][T13948] netlink: 8 bytes leftover after parsing attributes in process `syz.5.3066'.
[  403.742711][T13964] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3070'.
[  403.746021][T13964] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3070'.
[  404.033329][   T10] usb 6-1: new full-speed USB device number 24 using dummy_hcd
[  404.197316][   T10] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  404.203581][   T10] usb 6-1: New USB device found, idVendor=4752, idProduct=0011, bcdDevice=32.4f
[  404.207314][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  404.209666][   T10] usb 6-1: Product: syz
[  404.211149][   T10] usb 6-1: Manufacturer: syz
[  404.212541][   T10] usb 6-1: SerialNumber: syz
[  404.216428][   T10] usb 6-1: config 0 descriptor??
[  404.220583][   T10] hub 6-1:0.0: bad descriptor, ignoring hub
[  404.222332][   T10] hub 6-1:0.0: probe with driver hub failed with error -5
[  404.226497][   T10] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  404.252886][   T10] snd-usb-audio 6-1:0.0: probe with driver snd-usb-audio failed with error -2
[  404.274499][ T5824] udevd[5824]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  404.557405][   T32] usb 6-1: USB disconnect, device number 24
[  405.169415][ T1361] ieee802154 phy1 wpan1: encryption failed: -22
[  406.036927][T13987] ceph: No mds server is up or the cluster is laggy
[  406.040379][   T32] libceph: connect (1)[c::]:6789 error -113
[  406.042660][   T32] libceph: mon0 (1)[c::]:6789 connect error
[  406.421102][T13994] loop6: detected capacity change from 0 to 32768
[  406.436243][T13994] ocfs2: Readonly device (7,6) detected. Cluster services will not be used for this mount. Recovery will be skipped.
[  406.447121][T13994] ocfs2: Mounting device (7,6) on (node local, slot 65535) with ordered data mode.
[  406.485888][T10348] INFO: trying to register non-static key.
[  406.487931][T10348] The code is fine but needs lockdep annotation, or maybe
[  406.490673][T10348] you didn't initialize this object before use?
[  406.494142][T10348] turning off the locking correctness validator.
[  406.496042][T10348] CPU: 1 UID: 0 PID: 10348 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  406.496056][T10348] Tainted: [L]=SOFTLOCKUP
[  406.496059][T10348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  406.496065][T10348] Call Trace:
[  406.496070][T10348]  <TASK>
[  406.496074][T10348]  dump_stack_lvl+0xe8/0x150
[  406.496093][T10348]  assign_lock_key+0x133/0x150
[  406.496109][T10348]  register_lock_class+0xcc/0x2e0
[  406.496120][T10348]  ? __lock_acquire+0x6b5/0x2cf0
[  406.496131][T10348]  __lock_acquire+0xad/0x2cf0
[  406.496142][T10348]  ? kasan_save_track+0x4f/0x80
[  406.496153][T10348]  ? kasan_save_track+0x3e/0x80
[  406.496162][T10348]  ? kasan_save_free_info+0x46/0x50
[  406.496171][T10348]  ? __kasan_slab_free+0x5c/0x80
[  406.496181][T10348]  ? kfree+0x1c5/0x640
[  406.496191][T10348]  ? ocfs2_journal_shutdown+0x63c/0xb90
[  406.496201][T10348]  ? ocfs2_dismount_volume+0x3e2/0x900
[  406.496212][T10348]  ? generic_shutdown_super+0x13d/0x2d0
[  406.496222][T10348]  ? kill_block_super+0x44/0x90
[  406.496232][T10348]  ? deactivate_locked_super+0xbc/0x130
[  406.496241][T10348]  ? cleanup_mnt+0x437/0x4d0
[  406.496252][T10348]  ? task_work_run+0x1d9/0x270
[  406.496263][T10348]  lock_acquire+0xf0/0x2e0
[  406.496273][T10348]  ? ocfs2_mark_lockres_freeing+0x164/0x840
[  406.496288][T10348]  ? rcu_is_watching+0x15/0xb0
[  406.496301][T10348]  _raw_spin_lock_irqsave+0x40/0x60
[  406.496316][T10348]  ? ocfs2_mark_lockres_freeing+0x164/0x840
[  406.496328][T10348]  ocfs2_mark_lockres_freeing+0x164/0x840
[  406.496342][T10348]  ? __pfx_ocfs2_mark_lockres_freeing+0x10/0x10
[  406.496353][T10348]  ? kasan_quarantine_put+0xbb/0x1f0
[  406.496367][T10348]  ? ocfs2_journal_shutdown+0x63c/0xb90
[  406.496376][T10348]  ? __pfx_ocfs2_journal_shutdown+0x10/0x10
[  406.496384][T10348]  ? ocfs2_release_system_inodes+0x426/0x490
[  406.496394][T10348]  ocfs2_dlm_shutdown+0x3a/0x240
[  406.496407][T10348]  ocfs2_dismount_volume+0x468/0x900
[  406.496417][T10348]  ? __pfx_hook_sb_delete+0x10/0x10
[  406.496429][T10348]  ? __pfx_ocfs2_dismount_volume+0x10/0x10
[  406.496438][T10348]  ? __pfx_evict_inodes+0x10/0x10
[  406.496449][T10348]  ? __pfx_ocfs2_put_super+0x10/0x10
[  406.496458][T10348]  generic_shutdown_super+0x13d/0x2d0
[  406.496468][T10348]  kill_block_super+0x44/0x90
[  406.496479][T10348]  deactivate_locked_super+0xbc/0x130
[  406.496488][T10348]  cleanup_mnt+0x437/0x4d0
[  406.496498][T10348]  ? _raw_spin_unlock_irq+0x23/0x50
[  406.496509][T10348]  task_work_run+0x1d9/0x270
[  406.496518][T10348]  ? __pfx_task_work_run+0x10/0x10
[  406.496528][T10348]  exit_to_user_mode_loop+0xed/0x480
[  406.496539][T10348]  ? rcu_is_watching+0x15/0xb0
[  406.496550][T10348]  do_syscall_64+0x32d/0xf80
[  406.496559][T10348]  ? trace_irq_disable+0x3b/0x150
[  406.496566][T10348]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.496575][T10348]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  406.496584][T10348] RIP: 0033:0x7f5eb799d9d7
[  406.496593][T10348] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  406.496602][T10348] RSP: 002b:00007ffcede13748 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  406.496612][T10348] RAX: 0000000000000000 RBX: 00007f5eb7a32050 RCX: 00007f5eb799d9d7
[  406.496618][T10348] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcede13800
[  406.496623][T10348] RBP: 00007ffcede13800 R08: 00007ffcede14800 R09: 00000000ffffffff
[  406.496628][T10348] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcede14890
[  406.496634][T10348] R13: 00007f5eb7a32050 R14: 000000000005e00b R15: 00007ffcede148d0
[  406.496642][T10348]  </TASK>
[  406.616998][T10348] ocfs2: Unmounting device (7,6) on (node local)

VM DIAGNOSIS:
18:39:46  Registers:
info registers vcpu 0

CPU#0
RAX=ffffc9000175fcf8 RBX=ffffc9000175f3c0 RCX=1ffff920002ebe01 RDX=0000000000000010
RSI=0000000000000000 RDI=ffffc9000175f3d8 RBP=dffffc0000000000 RSP=ffffc9000175f2a0
R8 =0000000000000001 R9 =0000000000000000 R10=ffffc9000175f3d8 R11=ffffffff81b0b8d0
R12=ffffc9000175f3d8 R13=1ffff920002ebe73 R14=ffffc9000175f388 R15=ffffc9000175f3d0
RIP=ffffffff822ed917 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff88818de63000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f681ede9e80 CR3=00000001b9b72000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffffffffffff ffffffffffffffff
XMM02=0000000000000000 0000000000000000 XMM03=ffffffffffffffff ffffffffffffffff
XMM04=0000000000000000 00000000000000ff XMM05=6161616161616161 6161616161616161
XMM06=6161616161616161 6161616161616161 XMM07=6161616161616161 6161616161616161
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=000000000000000d RBX=000000000000000d RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc90007f2f230
R8 =ffff888104ac0237 R9 =1ffff11020958046 R10=dffffc0000000000 R11=ffffffff853ec200
R12=dffffc0000000000 R13=ffffffff9a2b3a84 R14=ffffffff9a5cb960 R15=0000000000000000
RIP=ffffffff853ec27c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055555f0d3500 ffffffff 00c00000
GS =0000 ffff8882a9463000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f3f4b7f486c CR3=00000001a4a18000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000001 XMM01=0000000000000000 0000000000000000
XMM02=0008002cb0030f10 002ca0030110002c XMM03=2c80040c10000100 00000806060106a4
XMM04=012c80040c100001 0000000806060106 XMM05=a40008002cb0030f 10002ca003011000
XMM06=2c90030204002c84 030404002c800308 XMM07=2a88000502a08010 002a800404014ec0
XMM08=6a90030020808080 880005b803020400 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
