last executing test programs:

1m10.866871183s ago: executing program 2 (id=857):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000440)='\x00'/16, 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$inet6(r1, &(0x7f0000003b80)=[{{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000240)="e6e5", 0x2}, {&(0x7f00000000c0)="c754b6b6", 0x4}], 0x2, 0x0, 0x0, 0x7000000}}], 0x1, 0x4040011)

1m10.64810899s ago: executing program 2 (id=861):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000100)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x1, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000280), 0x3)
getsockopt$bt_hci(r0, 0x11a, 0x5, 0x0, 0x0)

1m10.427629168s ago: executing program 2 (id=862):
r0 = syz_open_procfs(0x0, &(0x7f0000000180)='net/netstat\x00')
r1 = epoll_create1(0x80000)
poll(&(0x7f0000000080)=[{r1, 0x4600}], 0x1, 0xfff)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040))
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000c40)={0x2000000b})

1m9.420472296s ago: executing program 2 (id=869):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f00000000c0)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xeb0}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@lazytime}, {@nombcache}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@noquota}]}, 0x1, 0x440, &(0x7f0000000780)="$eJzs28tvG8UfAPDv2kn66+uXUJVHH0CgIMoradJSeuACAokDSEhwKMeQpFWo26AmSLSKICBUjqgSJy6IIxJ/ASe4IOCExBXuqFKFcmnhZLT2bmI7thunTlzqz0dad2Z33Jmvd8ee2ckG0LdG05ckYk9E/B4Rw9VsfYHR6j83V5am/15Zmk6iXH7zr6RS7sbK0nReNH/f7jwzEFH4NIlDTepduHT53FSpNHsxy48vnn9vfOHS5Wfnzk+dnT07e2Hy1KkTxyeePzn5XFfiTOO6cfDD+cMHXn376uvTp6++8/O3SR5/QxxdMtru4OPlcper6629NelkoIcNoSPFajeNwUr/H45irJ284Xjlk542DthS5XK5fF/rw8tl4C6WRK9bAPRG/kOfzn/zbZuGHneE6y9WJ0Bp3DezrXpkIApZmcGG+W03jUbE6eV/vkq32Jr7EAAAdb5Pxz/PNBv/FaL2vtD/szWUkYi4JyL2RcTJiNgfEfdGVMreHxEPdFh/4yLJ+vFP4dqmAtugdPz3Qra2VT/+y0d/MVLMcnsr8Q8mZ+ZKs8eyz+RoDO5I8xNt6vjh5d8+b3WsdvyXbmn9+Vgwa8e1gR3175mZWpy6nZhrXf844uBAs/iT1ZWAJCIORMTBTdYx99Q3h1sdu3X8bXRhnan8dcQT1fO/HA3x55L265Pj/4vS7LHx/KpY75dfr7zRqv7bir8L0vO/q+n1vxr/SFK7XrvQyf/+5ZPp65U/Pms5p9ns9T+UvFW374OpxcWLExFDyWvVRtfun2woN7lWPo3/6JHm/X9frH0ShyIivYgfjIiHIuLhrO2PRMSjEXGkzafw00uPvbv5+LdWGv9MR+d/LTEUjXuaJ4rnfvyurtKRTuJPz/+JSupotmcj338baVenVzMAAAD8VxUiYk8khbHVdKEwNlb9G/79satQml9YfPrM/PsXZqrPCIzEYCG/0zVccz90IpvW5/nJhvzx7L7xF8WdlfzY9HxpptfBQ5/b3aL/p/4s9rp1wJbzvBb0L/0f+pf+D/1L/4f+1aT/7+xFO4Dt1+z3/6MetAPYfg3937If9BHzf+hfm+n/vjPg7tC2Lw9tXzuAbbWwM279kLyExLpEFO6IZkhsUaLX30wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8W8AAAD//58P56I=")
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000440)='./file0/../file0/../file0/../file0\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)

1m8.977194918s ago: executing program 2 (id=872):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x801, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f00000001c0)={{0x0, 0x0, 0xfffd, 0x8001}, 'syz1\x00'})
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
ioctl$UI_DEV_SETUP(r0, 0x5501, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000900)={'syz1\x00', {0x8725, 0x0, 0x6}, 0x37b4, [0xfeff, 0x4, 0x0, 0x0, 0x0, 0x20000, 0x0, 0xfff, 0x0, 0x0, 0x0, 0xfffffffd, 0x4, 0xb7, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe5, 0x0, 0x10000000, 0x0, 0xfffffffe, 0x0, 0x4, 0x2, 0x28ad, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffc, 0x0, 0x3, 0x0, 0x20, 0x3, 0x5, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x20004, 0x0, 0x0, 0x101, 0x2, 0xfffffffe], [0x10, 0x0, 0x7, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x1, 0xfffffffc, 0xfffffffd, 0x800, 0x0, 0xfffffffc, 0x2, 0x1, 0x0, 0x3, 0x0, 0x5, 0x40000000, 0xffffffff, 0xfffffffc, 0x7fffffff, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0xfffffffc, 0x0, 0x8c, 0x0, 0x0, 0x8004, 0x8, 0x40, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x80, 0x0, 0x4, 0x0, 0x7, 0x0, 0xfffffffc], [0x0, 0x4, 0x0, 0x0, 0xffffffff, 0x1, 0x0, 0x0, 0x0, 0xb78, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x4f, 0x0, 0x0, 0x10000, 0x0, 0x0, 0x520, 0x2, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x4, 0xfffffffe, 0x2af, 0x0, 0x9, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x2ff, 0x4000005, 0x0, 0x4, 0x2, 0x0, 0x40000000, 0x0, 0xfffffffe], [0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x20e, 0x0, 0x0, 0x100, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x0, 0x2, 0x1, 0x7fff, 0x0, 0xd, 0x0, 0x0, 0x7, 0x0, 0x0, 0x4, 0x0, 0x0, 0xfffffffd, 0x0, 0x1, 0x0, 0x40000003, 0x2, 0xfffffffe, 0x4, 0x3, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0x3, 0x3, 0xfffffffd, 0x53591b27, 0x5, 0x0, 0x0, 0x0, 0x8, 0x7, 0x8000, 0x0, 0x7fff, 0x80000002, 0x1000000, 0x0, 0x3]}, 0x45c)

1m7.679964354s ago: executing program 2 (id=879):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = syz_io_uring_setup(0x495, &(0x7f0000000380)={0x0, 0xc0f6, 0x0, 0x7, 0x288}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x4, 0x0})
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0)

1m7.173109044s ago: executing program 32 (id=879):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = syz_io_uring_setup(0x495, &(0x7f0000000380)={0x0, 0xc0f6, 0x0, 0x7, 0x288}, &(0x7f0000000340)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r0, 0x4, 0x0})
io_uring_enter(r1, 0x3516, 0x0, 0x0, 0x0, 0x0)

28.819030221s ago: executing program 5 (id=1109):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r4=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000001c0)=ANY=[@ANYBLOB="380000005400e50100000000fddbdf2507000000", @ANYRES32=r2, @ANYBLOB="20000100", @ANYRES32=r4, @ANYBLOB="000100002001000000000000000000000000000286dd"], 0x38}, 0x1, 0x0, 0x0, 0x24000804}, 0x0)

28.588926698s ago: executing program 5 (id=1112):
r0 = epoll_create1(0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
ppoll(&(0x7f00000001c0)=[{r0, 0x4013}], 0x1, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)={0x20000014})
close_range(r0, r1, 0x0)

28.014068978s ago: executing program 5 (id=1118):
openat$nvram(0xffffffffffffff9c, &(0x7f0000003340), 0x4201, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000700)={0x11, 0x3, &(0x7f00000002c0)=ANY=[@ANYBLOB="1800000005000000000000000000000095"], &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x101}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r1, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000880)={r1, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x49, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x2)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)=@newqdisc={0x124, 0x24, 0xf0b, 0x70bd2e, 0x0, {0x0, 0x0, 0x12, r2, {}, {0xffff, 0xffff}, {0xd}}, [@qdisc_kind_options=@q_netem={{0xa}, {0xf4, 0x2, {{0x1, 0x401, 0x3, 0x7, 0x4}, [@TCA_NETEM_LOSS={0xd8, 0x5, 0x0, 0x1, [@NETEM_LOSS_GE={0xfffffffffffffd2b, 0x2, {0x9, 0x2}}, @NETEM_LOSS_GI={0x18, 0x1, {0x7, 0x7, 0x8, 0x2, 0xc003}}, @NETEM_LOSS_GI={0x3f, 0x1, {0xfffffff7, 0x6, 0xfff, 0xfffff3ac, 0x3}}, @NETEM_LOSS_GE={0x14, 0x2, {0x40c, 0x6, 0x2}}, @NETEM_LOSS_GE={0x14, 0x2, {0xffffffff, 0x8, 0x3, 0x4}}, @NETEM_LOSS_GE={0x14, 0x2, {0x1, 0x6, 0x8, 0x3}}, @NETEM_LOSS_GE={0x8, 0x2, {0x7fffffff, 0x3823, 0x3, 0x3}}, @NETEM_LOSS_GE={0x14, 0x2, {0x7, 0x60000, 0x6b, 0x72b3}}, @NETEM_LOSS_GE={0x14, 0x2, {0x8, 0x200, 0x6, 0x4}}, @NETEM_LOSS_GI={0x18, 0x1, {0x3, 0x5, 0x1, 0x7, 0xfff}}]}]}}}]}, 0x124}, 0x1, 0x0, 0x0, 0xc000041}, 0x20008000)

27.665799887s ago: executing program 5 (id=1122):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-serpent-sse2\x00'}, 0x31)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, 0x0, 0x0)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmmsg$alg(r1, &(0x7f0000000400)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@op={0x18}], 0x18}], 0x1, 0x0)
recvmsg(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140), 0x3a}, 0x400020b1)

27.399936229s ago: executing program 5 (id=1125):
syz_mount_image$jfs(&(0x7f0000000400), &(0x7f0000000080)='./file0\x00', 0x2000002, &(0x7f0000000000)=ANY=[], 0x11, 0x5fdf, &(0x7f0000000b00)="$eJzs3cuOHFcZB/CvL9NzCXGsCEXGYuE4EBJCfLch3OKwYAELkJDX2JpMIoMDyDaIRBaeyAvEBngE2GTDIi+SZ0A8AJZsVlkQCtXMOeOamp7pcezp6p7z+0ntqq9OV/cp/6emuqer+gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/64c/O9iLi6u/SgqMRX4hBRD9iua5PRD1zOd9/GBHHYqM5XoiIwWJEvf7GP89FXIiIT45EPHh4Z7VefG6f/bh45vbNz378g3/+8S/3jv3i7Z9/1G7/6RfPf/ynuxFHf/LGx5/dfTrbDgAAAKWoqqrqpbf5x9P7+37XnQIApiIf/6skL1er1Wr1U63/3J+t/qgLrZuq8e42i4hYb65Tv2bwcTwAzJn1+LTrLtAh+RdtGBHPdN0JYKb1uu4AB+LBwzurvZRvr3k8OLHZnv9OuS3/9d7W9R27TSdpn2MyrZ+vezGI53fpz/KU+jBLcv79dv5XN9tH6X4Hnf+07Jb/aPPSp+Lk/Aft/Fu25f/XiJjb/Ptj8y9Vzn/4OPmvD+Z4/5c/AAAAAACHX/77/9GOP/9dfPJN2Ze9Pv89MaU+AAAAAAAAAMDT9qTj/20x/h8AAADMrPq9eu1vRx4t2+272OrlV3oRz7buDxQmXSyz0nU/AAAAAAAAAAAAAKAkw81zeK/0IhYi4tmVlaqq6ltTu35cT7r+vCt9+6FkXf+SBwCATZ8caV3L34tYiogrqVxYWVmpqqXllWqlWl7Mr2dHi0vVcuN9bZ7WyxZH+3hBPBxV9YMtNdZrmvR+eVJ7+/Hq5xpVg310bDo6ChsAks2j0QNHpEOmqp6Lrl/lMB/s/4eP/Z/96PrnFAAAADh4VVVVvfR13sfT+H79rjsFAEzDUj7+tz8XUKvVarVaffjqpmq8u80iItab69SvGQzHDwBzZj0+7boLdEj+RRtGxLGuOwHMtF7XHeBAPHh4Z7WX8u01jwdpfPd8Lsi2/Nd7G+vl9cdNJ2mfYzKtn697MYjnd+nPC1PqwyzJ+ffb+V/dbB+l+x10/tOyW/71dh7toD9dy/kP2vm3HJ78+2PzL1XOf/hY+Q/kDwAAAAAAMyz//f+oz3/zJgMAAAAAAADA3Hnw8M5qvu41f/7/5TH36zXnXP95aOT8e/vO3/W/h0nOv9/Ov3VCzqAxf/+tR/n/5+Gd1Y9u//tLeTrz+S8MRvVzL/T6g2E656daeCeux41YizM77j/c1n52R/vCtvZzE9rP72gf1e3Luf1UrMav40a8vdW+OOHEqKUJ7dWE9pz/wP5fpJz/sHGr819J7b3WtHb/w/6O/b45Hfc8l//x35d37l3Tdy8GW9vWVG/fyQ76s/F/8swofntr7eap31+7ffvm2UiTbUvPRZo8ZTn/hXTL+b/y0mZ7/r3f3F/vfzh67Pxnxb0Y7pr/S435entfnXLfupDzH6Vbzj8fgcbv//Oc/+77/2sd9AcAAAAAAAAAAAAAAAD2UlXVxiWilyPiUrr+p6trMwGA6crH/yrJy9VqtVqtVh++uqka781mEUvb16lfM/xh3IMBALPsfxHxr647QWfkX7D8fX/19CtddwaYqlvvf/DLazdurN281XVPAAAAAAAAAIDPK4//eaIx/vPGeUCtcaO3jf/6VpyY2/E/+6PBxljnaYNejL3H/z4Ze4//PZzwfAt7NY4m93dxQvvShPaxF3o05PxfTBnn/I+nDStp/NdXOuhP13L+J9NYzzn/r7Xu18y/+vs859/flv/p2+/95vSt9z94/fp7195de3ftV2fPXLpw/uKF8xcvnn7n+o21M5v/jn+wPXfu+ZDzz2NfOw+0LDn/nLn8y5Lz/2qq5V+WnP/LqZZ/WXL++fWe/MuS88/vfeRflpz/q6mWf1ly/l9PtfzLkvN/LdXyL0vO/xupln9Zcv6vp1r+Zcn5n0q1/MuS8z+davmXJeefP+GSf1ly/vnMBvmXJed/LtXyL0vO/3yq5V+WnP+FVMu/LDn/i6mWf1ly/pdSLf+y5Py/mWr5lyXn/61Uy78sOf83Ui3/suT8v51q+Zcl5/+dVMu/LDn/76Za/mXJ+X8v1Vv5D7rtF9OR8/9+qu3/Zcn5v5lq+Zfl0ff/mzFjxkye6fo3EwAAAAAAAAAAAADQNo3TibveRgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCnv3FiNneZ8B/N2TvTYnN5yJA7YxYGBhd30ChxhMElJK2pSSkDYtqXHstXHiU73rBBAqS6EtUZCK1F7Qi6ZJlEaR2goURWoq0Qipkdq7cpWUm6iVuLBUqByUVEoFbDQz7/vuzOzszK696535vt8P4b935puZd775ZnaftZ4ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOpt/NjEn/eFECr/V/9YF8KFlb+vCXsqX07vXOkVAgAAAOfqveqf/3BJPmHPAi5Ut82/Xfsf35+ZmZkJX3jn9Pt/OTOTz9gQwsDqEKrnJf/+y1/M1G8TPRuG+/rrvu7vcPMDHc4f7HD+UIfzV3U4f3WH84c7nD9nB8yxpvb7mOqVba7+dV1tl4bLwlD1vM0tLvVs3+r+/vS7nKq+6mVmhg6Gw+FImAhjcy7TV/0vhFc3Vm7r/pBuq7/uttaHEM787Kn9aQ19cR9vDg03VlX/2L19b9jwzs+e2v+dqbeubjU77oY5Kw1hy6bKOp8LYfbXVaEvrM77JK2zv26d61usc6BhnX3Vy1X+3rzOMwtcZ7rfw3Gdr7dZ5/p42uPXhxCmw7zbNHs29Ie1Tbea9/dw7YioXEflofxAGFzUcbJxAcdJ5TJvXt94nDQfk2n/b4z7ZHCeNdQ/HG8/s2rOfj+r42RN7Zq74VitXPeDlRsdHq7/1WrDsVrZ5qkb5j8GWj52LY6BfCzXHQObOh0D/asGqsdA/+yaNzUcA+NzLtMf+qq3dfqG9sfA6NTRE6OTTzx52+Gj+w5NHJo4Nj62c/u2Hdu37dgxevDwkYmx2p+L26U9ZG3oz8fgpvhak47Bm5q2rT8kZ765RM+D+DrUDc+Dyn3/zI2VBV3YH+Y5xivbPLfl3J8H+ft+3fNgsO550PI1tcXzYHABz4PKNme2LOx75mDd/63WsCyvhdU19XXF98PKbT5y8/yvhevjup6/ZbHfDwfmHAPpbvXF517llPzz3vCdcb/MPS6uqZxxwapwanLi5O2P75uaOjke4jgvLq17rJqPl7V19ynMOV76F3287Pn7d2+8psXp6+K+Gr61/WNV2Wb7SPvHqvrq3rg/V4Xa/mw4dWuIY4md7/3Z6rtZZX/mLNFmf1a2ee62c/9ZMOeSute/oU6vfwNDg7XXv4G8N4YaXv/mPjQD1ZWFcOa2hb3+DcX/z/fr32Vd8vpX2VeP3N7+GKhs8/zoYo+Bwbavf9fH2RfXc3NMDMN1uf/96vnTtcO07rHseNwMDg7F42Yw3WLjcbNtzmUq11a57S1jZ3fcbLm+8bFq+LmlgMdNZV/91Vj746ayzWvj5/7asSb9te61Y1WnY2BoYFVlvUP5IKi93s2sScfA7WF/OB6OhAP5MpVHuXJbI1sXdgysiv+f79eOq7rkGKjsq5e2tj8GKtv8aNvS/uy0JZ6St6n72an59wvzZf5rBmevr3m3LeVjNRjX+fEffyqf1ipDVLZ5a/tic0b7/XRrPOWCFvup+fkz3zF9IJyf/XRVXOeRHe1/N1XZ5rKdCzye9oQQ3hh/o/r7rvj73e+d+vH3G37v2+p3ym+Mv/HA6EM/Wcz6AQA4e+9X/5xeVftZs+5frBfy7/8AAABAT0i5vz/OTP4HAACAwki5fyDOTP4HAACAwki5fzDOrCT5/7E7d7383tMhvxvgTJTOT7vhwbtr26WO93T8esPMrMrpH/320MtffXpht90fQnj3gQ+23P6xu9O6ak6kdX648fQ5rrpuQbf/6MOz29W/f8KZXbXrT/dnoYdB6iq/Orq1er0bnhivztceCNX50PTzz9auv/Z12v70ttr2fxPftGTPwb6Gy2+J69kc54b4njIP7pndD5WZLvfy+mv/9dLPzt5eulzfpourd/OlP65db3qPqBcvrW2f7vd86/+Xr3335cr2j9/Qev1P97de/+l4vW/G+cvdte3r9/lX69b/p3H96fbS5W7/1g9brv+VK2vbvxKPi2/E2bz+e//iQ++1erzS7ey5q3a5dPtj/7e9erl0fen6m9c//PR4w/5ovv7X3qldz+4v/3ygfvt0erqd5NG7Go/vvvj4NvTIQwjf/bPQsJ/DR2qX++em9afrO3FX6/Xf2rTOE33XVS8/e3/WNdyvr//d1pb3N61nzz+ua7g/L94X9987oz+qXO/ph+LxGM///9dr19f8Xqav3Nf4epO2/8a62vM2Xd9o0/pfbFr/9HWVfdd5/fe/U1v/K/esblj/nk/E4+n+2uy0/kN/e0nD5b/5ndrjcfIrI8eOT546fKBur9Y/j1cPr1l7wYUXXXxJfC1t/nrv8anHJk5uGNswFsKGHnzLwOVe/7fi/N/amF76W6j5yc9rx90Ln6x937rpF7WvX4ynPxofz/T98et/PdRwvDY/7tP31Oa5rv+WuI6FuvJr/33dgjY8/flXT/3Tn7zV/HNBuj8nLh+u3r+XNl5RPa/vtdr5za9XnfzX5Y3P658OjlXnD+J+nYnvzLzpitrtNV9/em+SFz5de/6mn+TS5UPT+4msG2i8H+e6/p/Gn2N+eFXj6186Pn7wdNO7Oa8LfZUlTMfXhzBdOz9tlfb3C2euaHl76X14wvTVi1nmvCafmBw9cvjYqcdHpyYmp0Ynn3hy79Hjp45N7a2+d+neL3a6/Ozze231+X1gYuf2UH22H6+NZVZd/0Urt/4TD+8/cMfYjQcmDu47dXDq4RMTJw/tn5zcP3Fg8sZ9Bw9OfKXT5Q8f2D2+dde2O7aOHDp8YPedu3Zt2zVy+NjxyjJqi+pg59iXRo6d3Fu9yOTu7bvGd+zYPjZy9PiBid13jI2NnOp0+er3ppHKpb88cnLiyL6pw0cnRiYPPzmxe3zXzp1bO77749ETByc3jJ48dWz01OTEydHafdkwVT258r2v0+Uph8nj8fWuSV/86fxzt+7M749b8e1n5r2q2iaNP56Gt+N7QaXvb52+Trl/KM6sJPkfAAAAyiDl/vjG/7NnyP8AAABQGCn3r44zk/8BAACgMFLuryX/4fzx72XJ/0vV/39G/79K/1//P+j/Z/r/+v9B/1//vwP9f/3/Xl6//r/+P511W/8/5v6wJgT//g8AAAAFlXL/2jgz+R8AAAAKI+X+C+LM5H8AAAAojJT7L4wzK0n+9/n/+v/6/+36/2lb/f+g/98N/f/N/6P/P4f+v/5/0P8/ayvdn+/19Xdh/3+N/j/dptv6/yn3XxRnVpL8DwAAAGWQcv/FcWbyPwAAABRGyv2XxJnJ/wAAAFAYKfevizMrSf7X/9f/79T/f3dmZqa8/X+f/19P/3/F+/8+/78F/X/9/6D/f9ZWuj/f6+vvwv6/z/+n63Rb/z/l/l+LMytJ/gcAAIAySLn/A3Fm8j8AAAAURsr9l8aZyf8AAABQGCn3XxZnVpL8X87+/5shBP3/4PP/9f+b1qn/v+L9/4Gg/79o+v/6/0H//6ytdH++19ev/6//T2fd1v9Puf/yOLOS5H8AAAAog5T7r4gzk/8BAACgMFLuvzLOTP4HAACAwki5/6o4s5Lk/3L2/33+v/5/jf5/4zr1/1e8/1+cz/9fM/tX/X/9/3b0//X/e3n9Bej/9+n/s9y6rf+fcv/VcWYlyf8AAABQBin3XxNnJv8DAABAYaTc/8E4M/kfAAAACiPl/vVxZj2f//sXtJX+v/6//r/+v/6//v9y6q3+//zfO/X/a/T/Gy1d/396dgH6/z2z/gL0/33+P8uu2/r/Kfd/KM6s5/M/AAAAkKTcf22cmfwPAAAAhZFy/3VxZvI/AAAAFEbK/RvizEqS//X/9f/1//X/9f/1/5dTb/X/56f/X6P/38jn/+v/6//r/9Net/X/U+7fGGdWkvwPAAAAZZBy/6Y4M/kfAAAACiPl/uvjzOR/AAAAKIyU+zfHmZUk/+v/6//r/+v/N/T/r62/Jf1//f9zp/+v/9+O/r/+fy+vX/9f/5/Ouq3/n3L/DXFmJcn/AAAAUAYp998YZyb/AwAAQGGk3H9TnJn8DwAAAIWRcv+WOLOS5P8F9//7Qgj6//PS/2+9fv3/Ze7/D/j8/6D/3/X0//X/29H/1//v5fXr/+v/01m39f9T7r85zqwk+R8AAADKIOX+W+LM5H8AAAAojJT7b40zk/8BAACgMFLuH4kzK0n+9/n/+v/6/z3c/1+Oz//X/8/0/5eG/r/+fzv6//r/vbz+0vX/VzV+qf/PQnRb/z/l/tvizEqS/wEAAKAMUu6/Pc5M/gcAAIDCSLl/NM5M/gcAAICeNNjitJT7x+LMSpL/z2v/v+kB0P/X/w/6//r/+v/6/+dI/1//P/Rq/39A/7/X11+6/n8T/X8Wotv6/yn3j8eZlST/AwAAQBmk3L81zkz+BwAAgMJIuX9bnJn8DwAAAIWRcv/2OLOS5H+f/6//r/+v/6//r/+/nPT/9f/bKXX/3+f/9/z69f/1/2nU3+K0buv/p9y/I86sJPkfAAAAyiDl/p1xZvI/AAAAFEbK/XfEmcn/AAAAUBgp998ZZ1aS/K//r/+v/6//r/+v/7+c9P/L1/9v1f+cj/6//n8vr1//X/+fzrqt/59y/644s5LkfwAAACiDlPs/HGcm/wMAAEBhpNx/V5yZ/A8AAAA9pV0PLeX+j8SZlST/6/8Xvf8/s1r/X/9f/7/9+vX/l9LcF2D9//L1/xezfv1//f9eXr/+v/4/nXVb/z/l/t1xZiXJ/wAAAFAGKfffHWcm/wMAAEBhpNx/T5yZ/A8AAACFkXL/njizkuR//f+i9/99/r/+v/5/p/Xr/y8v/X/9/3b0/3uz/x9/bNH/76L+f+UY0v+nG3Vb/z/l/nvjzEqS/wEAAKAMUu7/aJyZ/A8AAACFkXL/x+LM5H8AAAAojJT7Px5nVpL8r/+v/6//r/+v/6//v5z0/5et/199KdT/r9H/Pzsr3Z/v9fV3U//f5//Trbqt/59y/31xZiXJ/wAAAFAGKfd/Is5M/gcAAIDCSLn/1+PM5H8AAAAojJT7748zK0n+1//X/y9C//8Z/X/9f/3/rqX/7/P/29H/1//v5fXr/+v/01m39f9T7v+NOLOS5H8AAAAog5T7H4gzk/8BAACgMFLu/2ScmfwPAAAAPWbVvOek3P+bcWYlyf/6/+en/9+fr1//3+f/6//r/+v/LyX9f/3/oP9/1la6P9/r69f/1/+ns27r/6fc/1txZiXJ/wAAAFAGKfd/Ks5M/gcAAIDCSLn/t+PM5H8AAAAojJT7H4wzK2D+b1UqXOr+f/Pl2ylT/9/n/+v/B/1//f+6var/v3T0//X/g/7/WVvp/nyvr1//X/+fzrqt/59y/+/EmRUw/wMAAEBZpdz/UJyZ/A8AAACFkXL/p+PM5H8AAAAojJT7PxNnVpL87/P/9f/1//X/9f/1/5eT/r/+fzv6//r/vbx+/X/9fzrrtv5/yv0Px5mVJP8DAABAGaTc/9k4M/kfAAAACiPl/t+NM5P/AQAAoDBS7v+9OLOS5H/9f/1//X/9f/1//f/lpP8/t/9feQ1byv7/fz638O31/xvvh/6//r/+v/4/y6vb+v8p938uzqwk+R8AAADKIOX+348zk/8BAACgMFLu/4M4M/kfAAAACiPl/kfizEqS//X/9f/1//X/9f/1/5eT/r/P/2/nbPr/q+sur/9/bla6P9/r69f/1/+ns27r/6fc//k4s5LkfwAAACiDlPv/MM5sMfl/cKlXBQAAACyllPv3xpn5938AAAAojJT7H40zK0n+X4L+f3/Q/9f/1/9veTzo/+v/6//r/+v/t+fz//X/e3n9+v/6/3TWbf3/lPv3xZntabwZAAAAoHel3P+FOLOS/Ps/AAAAlEHK/fvjzOR/AAAAKIyU+w/EmZUk//v8f/1//X/9f/1//f/lpP+v/9+O/r/+fy+vX/9f/5/Ouq3/n3L/RJxZSfI/AAAAlEHK/QfjzOR/AAAAKIyU+w/Fmcn/AAAAUBgp9z8WZ1aS/K//r/+v/1/a/v/r32tap/6//v9y0P/X/29H/1//v5fXr/+v/09n3db/T7n/cJxZSfI/AAAAlEHK/V+MM5P/AQAAoDBS7v9SnJn8DwAAAIWRcv+ROLOS5H/9f/1//f/S9v99/n+k/7+89P/1/9vR/9f/7+X16//r/9NZt/X/U+4/GmdWkvwPAAAAZZBy/7E4M/kfAAAACiPl/uNxZvI/AAAAFEbK/SfizEqS//X/F9f/75unG3h2/f/V+v/6//r/+v/6/+dI//889f/jsa3/30j/X/9f/1//n/a6rf+fcv8fxZmVJP8DAABAGaTcfzLOTP4HAACAwki5fzLOTP4HAACAwki5f+pX7N3njl5n1cfhJ8WvE73iHDgFvvCVQ+AYkDgFekvooQZC7y30FjqEEnrvvfdOIPQqBSVeaxk7473Hk3k8977XdX1giQmC7dhC+iv66Y5bmuz/S9f/X3mXn2yx/78Q7/8f/P36f/2//l//r/+fpP8P+v9z6f/1/5P0/6d3+n/2ZLT+P3f/A+KWJvsfAAAAOsjd/8C4xf4HAACAaeTuf1DcYv8DAADANHL3PzhuabL/B3v/v2oO/b/+f6f/1/+f9/dT/6//P4j+X/+/0/8f2Un381v//on6f+//szej9f+5+x8StzTZ/wAAANBB7v6Hxi32PwAAAEwjd//D4hb7HwAAAKaRu//hcUuT/T9Y/3/2u/T/+n/9v/7/vL+f+n/9/0H0//r/nf7/yE66n9/69+v/9f+sG63/z93/iLilyf4HAACADnL3PzJusf8BAABgGrn7HxW32P8AAAAwjdz918QtB+3/05fqqy4d/b/+X/+v/9f/6//3Sf+v/1+i/9f/b/n79f/6f9aN1v/n7r82bvHP/wEAAGAaufsfHbfY/wAAADCN3P2PiVvsfwAAAJhG7v7Hxi1N9r/+X/+v/9f/X7r+/7T+X/9/7PT/+v+d/v/ITrqf3/r36//1/6wbrf/P3f+4uKXJ/gcAAIAOcvc/Pm6x/wEAAGAaufufELfY/wAAADCN3P1PjFua7H/9v/5f/6//9/6//n+f9P/6/yX6f/3/lr9f/6//Z93e+//7XnfnPWz/n7v/urilyf4HAACADnL3Pylusf8BAABgGrn7nxy32P8AAAAwjdz9T4lbmux//b/+/2z/f/tl+n/9v/7/7M/1/8dD/6//X6L/1/9v+fv1//p/1u29/1/p/c//97n7nxq3NNn/AAAA0EHu/qfFLfY/AAAATCN3/9PjFvsfAAAAppG7//q4pcn+1//r/73/r//X/+v/90n/r/9fov/X/2/5+5f6//sc4vv1/3QwWv+fu/8ZcUuT/Q8AAAAd5O5/Ztxi/wMAAMA0cvffELfY/wAAADCN3P3Pilua7H/9v/5f/6//P7f/v7xl/3/Hz/T/+6H/1/8v0f/r/7f8/d7/1/+zbrT+P3f/s+OWJvsfAAAAOsjd/5y4xf4HAACAaeTuf27cYv8DAADANHL3Py9uabL/9f/6f/2//v9uvf9/xRz9v/f/90f/r/9fov/X/2/5+/fW/19/7zv+D1P/zxRG6/9z9z8/bmmy/wEAAKCD3P0viFvsfwAAAJhG7v4Xxi32PwAAAGzZOSFW7v4XxS1N9v9d+/9zS1z9/+FM2v/fftlO/6//P2vm9//1//uj/9f/Lzls/7/T/9evRf8/zvd7/1//z7rR+v/c/S+OW5rsfwAAAOggd/9L4hb7HwAAAKaRu/+lcYv9DwAAANPI3f+yuKXJ/vf+/xD9f1Usg/X/3v/X/5/z69L/6/+PQv+v/1/i/X/9/5a/X/+v/2fdaP1/7v6Xxy1N9j8AAAB0kLv/FXGL/Q8AAADTyN3/yrjF/gcAAIBp5O5/VdzSZP8fQ/9/pf5/2vf/9f/6/3N+Xfp//f9R6P/1/0v0/wf3/1dd4H9P/z/W9+v/9f+sG63/z91/Y9zSZP8DAABAB7n7Xx232P8AAAAwjdz9r4lb7H8AAACYRu7+18YtTfb/hfr/2/7/zF/3/v/h6P8P/n79v/5f/6//1//r/5fo/73/v+Xv1//r/1k3Wv+fu/91cUuT/Q8AAAAd5O5/fdxi/wMAAMA0cve/IW6x/wEAAGAaufvfGLc02f/H8P7/ef3/PfX/+n/9f9xB+///y/8e/f8Z+v/90v/r/5fo//X/m/v+y87+idL/6/9ZN1r/n7v/TXFLk/0PAAAAHeTuf3PcYv8DAADANHL3vyVusf8BAABgGrn73xq3NNn/x9//e/9f/3+R/f/l+v/k/f/4fdX/6/8vgv5f/7/T/x+Z/t/7//p/9m20/j93/01xS5P9DwAAAB3k7n9b3GL/AwAAwDRy9789brH/AQAAYBq5+98RtzTZ//p//f+J9//e/y/6//h91f/r/y+C/l//v9P/H9le+vmr9f/6f/0/Z43W/+fuf2fc0mT/AwAAQAe5+98Vt9j/AAAAMI3c/e+OW+x/AAAAmEbu/vfELU32v/5f/6//H77/v+n8P2/6f/3/luj/9f9L9P8X3//f6eT7/5vit8b7/0P0//GDa/T/jGe0/j93/3vjlib7HwAAADrI3f++uMX+BwAAgGnk7r85brH/AQAAYBq5+98ftzTZ//r/rff/97s1vkD/P2//7/3/uPp//f9B9P/6/12z/n/49//1/97/1//zP0br/3P3fyBuabL/AQAAoIPc/R+MW+x/AAAAmEbu/g/FLfY/AAAATCN3/y1xS5P9r//fev/v/X/9v/5f/z82/b/+f4n+X/+/5e/X/+v/WTda/5+7/8NxS5P9DwAAAB3k7v9I3GL/AwAAwDRy9380brH/AQAAYBq5+z8WtzTZ//p//b/+X/9/t/v/a/X/O/3/Ben/9f9L9P/6/y1/v/5f/8+60fr/3P0fj1ua7H8AAADoIHf/J+IW+x8AAACmkbv/k3GL/Q8AAADTyN3/qbjhXvc4uU86Xqcu8PPozfX/+n/9v/7f+//6/33S/+v/l+j/9f9b/n79v/6fdaP1/7n7Px23+Of/AAAAMI3c/Z+JW+x/AAAAmEbu/lviFvsfAAAApvHZO//1qt3n4pYm+1//r//X/+v/9f/6/33S/+v/l+j/9f9b/n79v/6fdaP1/7n7Px+3NNn/AAAA0EHu/i/ELfY/AAAATCN3/xfjFvsfAAAAppG7/0txS5P9r//X/+v/9f/6f/3/Pun/9f9L9P/6/y1/v/5f/8+60fr/3P1fjlua7H8AAADoIHf/V+IW+x8AAACmkbv/q3GL/Q8AAADTyN3/tbilyf7X/+v/9f/6f/2//n+f9P/6/yX6f/3/lr9f/6//Z91o/X/u/q/HLU32PwAAAHSQu/8bcYv9DwAAANPI3f/NuMX+BwAAgGnk7v9W3NJk/8/c/y/9x/T/Z+j/9f87/b/+f8/0//r/Jfp//f+Wv1//r/9n3Wj9f+7+b8ctTfY/AAAAdJC7/ztxi/0PAAAA08jd/924xf4HAACAaeTu/17c0mT/z9z/Lznu/v9UXP2//n+n/y/6f/3/Tv+v/1+h/9f/b/n79f/6f9adUP9/aneB/j93//fjlib7HwAAADrI3f+DuMX+BwAAgGnk7v9h3GL/AwAAwDRy9/8obpln/9//5oW/qP/3/r/+X/+v/9f/75P+X/+/RP+v/9/y9+v/9f+sG+39/9z9P45b5tn/AAAA0F7u/p/ELfY/AAAATCN3/0/jFvsfAAAAppG7/2dxS5P9r//X/+v/W/X/V+z0//r/S0z/r/9fov/X/2/5+/X/+n/Wjdb/5+7/edzSZP8DAABAB7n7fxG32P8AAAAwjdz9v4xb7H8AAACYRu7+X8UtTfa//l//r/9v1f97/1//f8np//X/S/T/+v8tf7/+X//PutH6/9z9v45bmux/AAAA6CB3/2/iFvsfAAAAppG7/7dxi/0PAAAA08jd/7u4pcn+1//r//X/o/b/Z/4M6v/1//r/Zfp//f9O/39kJ93Pb/379f/6f9aN1v/n7r81bmmy/wEAAKCD3P2/j1vsfwAAAJhG7v4/xC32PwAAAEwjd/9tcUuT/a//1/9P2f+fnqH/9/6//l//fxj6f/3/Tv9/ZCfdz2/9++fu/69e/fXr/zmM0fr/3P1/jFua7H8AAADoIHf/n+IW+x8AAACmkbv/z3GL/Q8AAADTyN3/l7ilyf7X/+v/L77/P1W/7mH7/yne/9f/6//1/4eh/9f/7zbc/99w45kf6/+3+f1z9//e/+d4jNb/5+7/a9zSZP8DAABAB7n7/xa32P8AAAAwjdz9f49b7H8AAACYRu7+f8QtTfa//l//P+X7//p//b/+fxgt+//8c6f/X9W9//f+/7a/f+7+/wr9P8ditP4/d/8/45Ym+x8AAAA6yN3/r7jF/gcAAIBp5O7/d9xi/wMAAMA0cvf/J25psv/1//p//b/+X/+v/9+nlv2/9/8PTf+v/9/y98/d/3v/n+MxWv+fu/+/AQAA//9zlTC7")
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0)
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000680)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x804051, 0x0, 0x1, 0x0, &(0x7f0000000d40))
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a5a438, &(0x7f0000005880)=ANY=[@ANYRES32=0x0, @ANYRESHEX=0x0, @ANYRES32, @ANYRESHEX, @ANYRESHEX, @ANYBLOB="0d9435a8af712ba22db08aad61bf52901d77aded910bc7949acdf1a626f568d38938f8ec34f72c47268474391e0b3e6540dc1e44beac32958b12631708d0a5635580b2f9fef13a977211e5d519ab9531321cfb53a9b413ea91f290924482d4007a70a19759dd63f9fc81f2c63fe27bce5e7dddf01fa5c3f09ef226ee04045b0cf0661e3d5a67446c4d93db12c2ac7a15f0265fd7eade1a72cbd696413a03174375c955f8c82a9774c2c8ac5046d59c86dbd516", @ANYBLOB="4c07f18b4a72a428cdf1fcc6a889d51c7d395bfc15396c272d41b4a79dba0739c1c7461ae19481932aa4c03054c8b2442a4c1e4311032bebb0cb70495acfcf1f08735df868c705", @ANYBLOB="37b57cfa7d0121345c29b6064f49a0f95b88671b8e9149556e5ff3c7012f7856b6557bae1d1d61efea623114a0b4b52f68387d2040dd08c5aa753b596ede3f3d637f96752310a389efcd8cf335ca9dbbbc10bda7a16342968c9ab4fd1ac65da604cd9b42d6d0dc0e895e0b2f42822d1b342f88a8d607008d20b22b776a70a07a2c53fc32be094c857279c58542b176bfbcc6c7e9808da687b44a8b21d23cc2f80050f8fd457f5a5595226d2008bcded226ab2e75d00ab5592daa23e809e04c2b370af460ae93b7efc32bf174830779058ad75290b9abb59be5f8859001e651c1d404a5f28eaf3781f2288249ae7b385a9c40929cae3fa5a6f142cd057ebdbc000000e34db2d14a6458499de0819d89f570a72fee0dd8cf744e0daf8f31b1d8edda87296ca7632e1e6e23", @ANYRES16, @ANYBLOB="29ddcb5731bd30ccfe31b42bec88d6b180e9734ef8fdff821c550bb722db8eec86c680e37bdff058174add799559b5a87e151d8b63bb4fbea47a175ac769099357b3f6933378cd6b04e2121c63d5dd6525cc877fe7782c404ebd7987eae71011f7897863523be0dc34aa888c0e1c2cfa1f3e826cfc3e2ee0344ab5101f7f9e59c0250bcb1e7214f7ccf208222ff374fa79aa08d36260fcece95794587b4ec2d739805ba2a0b28efd4b50a8603856fcb64e903918e6b6b57f3dcd113a68546df8ab9597d9518a546a7b1ee0169a164aec3b88c0dd5ab24c95e7c97c581675e0bfcca54ab16fb701691a70096d9817c6ed85151105953df57b", @ANYBLOB="ac2d5b5b8945d57e7869648ebe10b8d2719763b4bf3f6667bf8f722606d2b3593f26218e9a5fba2e7d4166787da71737b380045fb0a682e2915271f214c0112961b73c4638e7ba68deb34826d7682ace7549c83bf52bd9142b6c5adebf82155270d33204c09c07ed4ca2fc932af48646c9624e3e3544d68f61a2b073fb85332599b299a4f441a8e2f74c57aa38b5b596238280c1693bba97ff258679ab84485970b60f81093dda6501baba18a7790ca3e6fcfa12898b9fff3faf613d71f9d64dbd5c2edad8e774fb0da39e532d92164e2d34aff7cae32f3cd7aa9aace000f136323e4808d0c66c0828942def38deb2e1d847555fe0d5ba8084babb3169f9f06246ecd5327758448c9c7e4591da12ff1b084e757d05af4f0f0444ecfcc0c4d2067a98d49fe52412218380bb75e21cd23724e0390b116b9a1c1e3350b3e6f17c5bd1f1adb4ce1d03d5b30eb0690340708f06dfca5c9d74a7c140cabddd0f37d8bcf15e578dde85d7c28ccb1c9633ceeb54bb278d5a097220ca53a2ea4781aca2b70189199938afba9a700a610225311fe8316794ca0ae139a50dbd34d572d6165eaaa94844620045e615d51f5e19c29aadad3539490961135851f15bbfd0604f3926877583d85c45a04c6f155ad6e1966d2004ab6ab51f9beb82dbcdcaaab886564cbf81b581da397eba4fc8fe430ef93ed613cd588e399669b9f4b63481163e6c2b74112538192be9551ca400bc2b947a535fccbc567a68a3ab94554385bb1f2a0e2146310113102a9ffbcbbf44d30e076d363d6201faecf8bbbbc9d7fcd38195860bbc85ee3f5f9b2c990164abc3a7674ab2a631147d708585f52694a46b681cbc623b53a272f21f2aa5597beec8094954541316cc45ec9751fef12369e7272b7bdcb527bac4a19e0bba1b68ef98e3563705e9ca40bb914cece2fd75c2375b81a06dadcdb1c54a175855e30c3d9ca58ca873e43d703b1471526fb3dfe12e140b81df3afae6104e5ffa4e8585b456a7199c75c5abc7afeca743fce310df09062f20b9a99fac5d019338d98606805f4faad9cc81ebf03b7239a340c973828b676af4e594d796689f9823730c5ead8dba256925869ab0d7196a99b75a15f9927852d7813aa5a4cb76764749e882d59c094c5ebd1911153150e8d53aa8abbf360a4045b63e0e296d03158de8aa02b5aeb459dcdc6b9d5aa8c0e455e7cb6a5d9b26ee5420e41d89590a0c04ca8701a6a386716a32e04102f281f66317a21940c0cf83e128f4f83bdf6770170d74d43f3b1f4c0bb5e8c69254e0bfd15c6d02596bf3b547e5b9b8e84390455a9c4b00b633c661616aca4a4158868be21633f343155996eaff00c2c347fea03c6f06e7adcd83cf320e3a446d07dba202e5960632560da8a3b60efe5a814a5cb2a4ff0842fff23897b583b381e5030e506caef8dc97bef9532111e3eb3621870ec39fe2351d3814a02d2f9e38aac1f0897f32ddbffdc6e0acdea95ff7f67865daae1130f68f00985682ecefc43fb6f8521514923b5cf3560be0739aeb4eb00b389d39ebb9b974e054120fcd48c0d6bc09441c2c19f41bdfceed01a3b686921500fae88795f216794d21dd3a98f2fdb5a1590e0cbdc5cd9593b164e255131c21f22ed7e7ed4ec83db91f8bf5f327d7222be1e470a7c0d0a657c73ad606f2ef0c59d3c118c601d23d67ee16ce3658c9153b8131f06c1e4f83c49dbe6dbc3478b1313b9221bc4c5eadebfd16cd07afde509f2e926fcfd5f8feabe836f4080ea5e65c1e4d859f16ac45ad8c804eb9ecce363faf19c1409d8192a644823578ccfd5b643478eb948223676d375f811fffa874f7c2a281104a28baf4da2716ae870abb3e0f05e63466176356728a700fe39ebb62bdbff139fdbf21520022984dc6d3eed1d81b94f28a07cc238ccb64d65e87534c0111bb76212368c6e8e9a536e758fa2f16a2cab9d31984055488b27bcff12bcc5a0fe21a0e44edfb87c681060e6944ff89dce4a9c7122c53acc27913a5fbf15c9ada971df88f0df3f82eb563f63c640ad6e39a1f5c1aad83c364957ec6d645f4243d1fb4ecef275d4c0ca0284064cde0c282d793f290bab5a4dec15f3e2adcc9d455d2e28bd040d6e0f651ac6f20f55d1303d2aaef2104b393afc849e9cd7743ca20a6f092cbf42a67446892493128d38bb0d0f507ffe3fd718ec48eff58df729728bc01ee180d676dfa22c81da0e4e3fda94f4f94195bc82e1f941d8a290ca0d416373d420eba196470e4f25940506061c601f12b3656d6d6b3a47e50d5235b7fd0f82bb0835aee3470b69bf7e59616ece447d9af36c396f687214ff7d7e27961f461c780b4c563aeb47fa9f335cbdade8a06711ba79b6fe8778ac1bc06bb59131c17409c1d1d0cc746aec8c3b1348f9585945192d8e32002c676753ab246a92702fc8e3a3ce89b84661b1b10dcd73fddacd311ca663d483b87a59225f60627eecf409d6188236b198633d47c5f1c0ba0bb4321aac88a6061d5e97883914cd74284ab937b9579ccee6ab5bb39f6274a04e3e7a8c3d033e340357bc15c5f6daa047b1cee448ac380bbde4bf806b0891a04b9e408609b040b7d3a02d2a76d4013756d79244792c543fe2327a3c371852bed5ab54de987bc4699b32ad1c08f7fff7a23069e72bddc9a590b2c707bac3957d46b657a4e17f1914db58fb6436bdd58b86df491016a2b9ebe0c35a859b216f17f4828c8dee30a38ed1fc36347af978999d0c404313cf99c9281c45194abd79475a80ea1486840aad72b1c0c4f17fe35a150fcb574fa9fcc09a7fc5dcd34e15d4bf1bccfa8bf423d2437e2eb0d3ca9324fbfc7e256b862c50ebc8db3fb69f69003d37807af8ddccf2d929ad9d06ebbb7e538d93bb0b7bc828e1639e0b5e89c22badca307ad28183c3083e87c917feb4c882397d397ea2e7ff0e05ebb252940302cdc0f0f7efe40685f7c3e8923e3795d70d69c70d9a071e401cee771f29dcb5316471768464c4659f2c76d11713ab44f4c944a4819deb1248b02457403e9630aaf4a180e9e55bb4d291e9a2bc85a1ed17f906d54935c7e5e8b707ead56284fda0208bd88ab5c3259bd5329c0d26653eb07b6856ad799fd6fa8d2111da3970ff8509bc2ef3a8813d04f36001526b70757646ed4bf25a256751b8ec714f2e62dea19e82aacec389195532bf7f335afae4351adb93c846e22f1f2a3e0d620d81688bd5530e389f2284b3c997d4abab7c30aac1b141425cd9aa315dc5a5e8b04fd503d79896b1494d8be48048c7392fc92c325b76bde4496c49da34c9ff95969bec8f95c356239d5336907957383b12c512fff6d797097a26a5aee9251bae940ef1a19b3f746396300d3baeb476b023f740ed7c1da92fdbf1834c3a882a6079885b933333d0e194cc1f25a06c3a2d370936886cb385d9861d6762c7416a1db5275228b6499cdef9767fb998d43251b963bc4477b2c051b70a0317de5f6ec3158914145bd036ff194df9722d2a3d2ac2397891b573a34ad16236cdc7ca77bc15f0fdbc3cae923d61633a42bab450a80cf3ee6580e792b1617d74fa189d450a64ca12d8c797698208ea61010b6072885b762af598159621f838ebacc00ea11f5924b39b2bbbc5c7d667871ce32e9aa75893a9fa13a2ffe66b360e266446259a8745addb4e186139d86d4e8d48537ac35029b0d87c03e8c1a9b9a422594496feda8bc5502777428fe737198ed896c2128a4f7d552f2eea8fef6e68feaf3cbfd549e622eea7bc988bb16fc49b7ab241426f2e40edcca07d4f947ccb1d3b8c2e9cb14a0c04495dbb75bd9c935f36bfe398455b0e5f927d5726e617c69ca81fe36c3e6ea510c5fe4735161c992f9ebf66727e5a7ded590061d4da3b86b996846a6bb102e47d33465d88a68644c8a76a770d5e0318e6c301e7c7f5575bf15a9589b32cfaa41ee15972488497195a2cb49a6b6f937a8e311e34d311dfd4fe222d3abc095b0b24a1b7193eb3353def0cc1511c8fce9b0a7867ae2fed4db93009646dc91a3745387cbe61b37f749b40d5d38970856b7ab8b6e1e0b81c078c68cb55c57854b8b5863b7a4c87f42e6d6dca2de0326b1b26970168c99f59816877448e7f72626f5354fdb5e033cd6b42e9476665efae66287e656590d1f80b3a09557a57d7de4bade6a122d40a92db1d347463b74151d44a02dbe067259c633b8c84425e77a736fca99f06d0fd66e35365511ec017537f4c212e7f2e23369958c3a7b92feffad9edb12139f1f690f9512725c0a1a164e78b4130c91fd3961df91c1a11783c24b03bcf305fd0e14e6510f4d58cf73326e94f2bc1b1ab295297bee7a98b77afe483a7d66e780d5e111b4202285f580ce571ecc0985501faa0e9f2f5b9848d770d8d8ad7b90a951f83279073e45a0c7abcf89cd6200f7fc320e46ea3de2addee3a984432501063f9928d0897d93dde20fe8fbe4dabc1ac34b0efdb3d7c7b4d49571ea64252d7209ff6d0ae5b95ef35d8160c5976f7ed9c4b69db81a73f6d00fd254c417696d6af694f3688826cc04db8019f2419fa99e47dc436fd76890b5291cd2724717a1e604e6cb5e214235664e8c7148c2bd87996c05bcfe1f29200f40a0d766df3ddc6faef82fb34d385f90b8f0e4bb7ba519e7986735c169cb3546d62fb70fbd49eec4edd70397d2fcbfdb9cd87331fce3c9786b7090501b904c8f925a1dbfa151a18e6c145ebb74da7100de60a627100d6c04ce789a7d4e88692cb090fd9ff2006e5ddb870f5b2aa502081eb7a26744de9a0d29a66ef18eb097e1d396561078e3f9258046a3a3e9b5878964d71b526755084f385d9777b2ab503f9d77c09a46004b5005f69eedee80edd87dd17f2292eba00f71dedb010b7b003a8400f6b44d63559a10bc0052c678ac8ed9658aff4f858778ebb60cbaf53d82248a260c7255f943711e8ac31a4b7a4694dcdace3be25ea43bdc9dfd52d369292d8d7581a6979d1b8ad543baeb9296907e0926025f4c3597e98e2eacd048a5dedd0e9dabc3268ed35a91c6180908af07a95bf374573c7b4f611eb30bbb5f1721a6550f483dcaed51d84fdaa5c6a52d7c4d04ca4edfd2884483c2d5aaebf6f06c6fff8bff813923ac8c6edd0eadefab938442ff09b1b3ff926c963d67a01cccbd86cb69bb5e5a4adca82110f87d3ee7800b14412b48cd94feacbaa9c1921e816d0287ad1198b94fd6de314912b79938a0d00ef5968ca4cb506afa1496ce4886c8c44955a92c9d2395f108a357e240511cc7e6548ac4174e5b52cc1f03ea8fa8268a7283e9cd25518cc71114869537891b64337222f04c111407bc2c8777f1132e1b294ec533610fd1ae3b4aa7e20c315d87aeed3a19151677e04173fbd55e88669f515dea19c8b99f8d7e829734f615a9b95e278fec62cf2d1a37d535ef71996530c62e65bb6fde625447e9122cfd947d7032c7580bfa5286bdde0bd9c4f0c63cbceddc302e1daef7f27bf289f72456802560e4477b27520b45f3a39e787824f169b3fa0ec7fba1c37f4499d43a9cdca7595f3e9ab74223c34819b260130d8a7613653101cc9a6e236ac01965356c90814c632ed421a62654a457ccc66040026451610b94898d13292cf2096fc1744b8fe67cebbcee0a3830be987694e593d732f05e3c6503a71173dc9870c3eca017318b628dd651232ea1c424a98b394188c8b8dbf30d69f1976219fd5b1975f8deebabeca970581f011f428c164bb35e0d6be187a5a2887d6bb0889c41c5c24d0b173f05db5d3a9e50318b448b3c8c", @ANYRESDEC, @ANYRESHEX, @ANYRES8], 0xb, 0x0, &(0x7f0000000000))
r0 = open(&(0x7f0000000080)='./file1\x00', 0xe6442, 0x1e)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x1600, 0x0, 0x3)

26.382979435s ago: executing program 0 (id=1131):
msgsnd(0x0, &(0x7f0000000000)={0x2, "a31934321d0575403e91901180245aa13f2ffb336a09bb9a4a8ccc0f8256880e68810ae8ccde1157d5ecafd06f358b23c79ca4fb897dd8986d4db6dde423d3a6ed9777b47b8aee2b722e0299177b6ea7708876c654d4635d236181f3456596dee20d24b628e1429770da04062c764acc29fc113c36edda278c82dc3d888a1e2b320d6e501a2c1179ce94da407bcc881884b8c6c63f0fa7737bdd25ad69a6b91efc799b2fe243ee2005434c17d039485929ab11a8a55b492c3f7b7165f53c7a9d05233e4f64643a77028a218894d6e4ad52517695f13b149d338bb2ac542480a7c5fd3b7af7cfb186c2421f9d7fb2c08fdbf9f7c435d54f8020c8651dbfa3bcbd050c893dd5261eba927eb67db16e87ad71a0ee68f12fe8f98401254e3dd6ae6468fa996bf2dea268ee7c382554bc5202fef6c40f8b93c5ed4ff0dce2e6f2102a0c081c5950d87cd3a4d8e13dd79155bf23743b2cee654314ffb9375ac16ed09ec16e727cb9e93473127f46a88955aceca9b54433f249cec03ca1aeba92178ffbd34e36d30fe8594061ffd04e2b19b682b9ef5c693f19ee6bd634e67daa0b6ec2262b7ab7f1fa301e3dc385c685add64b8977cdb2a87f43ea6e26189e6cb153b5f29cb173ecce1a3583322369522db71dbe8bb4865fb4f29fcca0b652df5fca81e5e4ac27969c346abb1326075d7aeace162bacbe3778a5f3aca6dec01d4ec2792fe30a599d6038f1b0058ed5b69333bd0a7d20a788958894fcc74fa4752da9da96e350670c3aa20987775759db61f65b0412a496b7fdc6920df0"}, 0x242, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB='&'], 0x1c}, 0x1, 0x0, 0x0, 0x40800}, 0x0)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setregs(0xd, r0, 0x20000000002, &(0x7f0000000040))
ptrace$cont(0x21, r0, 0x80000001, 0x4)

25.870594363s ago: executing program 0 (id=1133):
r0 = syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r1 = syz_open_dev$usbfs(&(0x7f0000002600), 0x20000007d, 0x0)
sendmsg$NFC_CMD_LLC_SET_PARAMS(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x14, 0x0, 0x1, 0x70bd2c, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x2404804c}, 0x8000)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r2 = dup3(r0, r1, 0x0)
ioctl$MON_IOCG_STATS(r2, 0xc0109207, &(0x7f00000001c0))

25.760674423s ago: executing program 5 (id=1134):
syz_mount_image$hfsplus(&(0x7f0000000c00), &(0x7f0000000100)='./file1\x00', 0x8, &(0x7f00000003c0)=ANY=[@ANYRES8=0x0, @ANYRESOCT, @ANYRES8, @ANYBLOB="0a42f7415a3663f0ccff19a8b6c74a5ca36cde3a0764e4539a0072118a8ca35f4cfd925432ff27a561206de87f8ef8fd024eb3b7293d4f804164aa55affb403bca8af4c0f0fb72f91e3d6b0bb844b31943a9deeeafb1a147ec2703ef0dcb51f0b130653ab2053803328849a0ce1549b84673bd2905fb1371c07486fcc547a816c117c340d1683e87ffde3073bb03c6b1155e6cb645b5e79b6c216befe7790345349e", @ANYRESOCT, @ANYRES8], 0xfb, 0x6b4, &(0x7f00000013c0)="$eJzs3ctvXFcdB/DvHU9sT1pCmiZtQJVqNRIgIhInVlrMhoAQyqKqqrJgbSVOY8VJi+Mit0LE4bnton9AWWSDWCGxYhOpsGADu+6Ql0hIbMqCsGHQvXPHHs+MJ+M28QM+n+jOOeeec88953cf87CiG+D/1pWzaT5IkStnX10ryxv355Y37s/d6uRfayaZSrKelNlGkuJf7Xb7o+RyUmx2U/SlAz5Ymn/j4082/tYpNeulat8YtV2fut163+r17rqZJBN1+hls6+/qZ+6v2Bz55SRn6hT23ZEk7W1+8KenN2t6tIZtPb0nYwSerKLzvjngeHK0vtDLzwHdd97G3o5uPBPdQXYVzR3b9n+CAAAAgMOm+g48+NV325rPP8zDrBXH9nBYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcKitJ5P14/OLeml08zMpus//n6zXpc4fLC/urvmDzpwAAAAAAAAA4FB78WEeZi3HuuV2Uf3N/6WqcLJ6fSrv5E4Ws5JzWctCVrNaJBeSHO/paHJtYXV1qlvaccus5OKwLVcuPmKg3a5bj2HSAAAAAAAAAPC/5ye5svX3fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAiKZKKTpLjXs/p4Gs0k00kmyxXrSdGs8wfb9MjaB3s2DgAAANg/U8nDrOVYt9wucjLJc9VvANN5J7ezmqWsZjmLuVb9LtD51t/YuD+3vHF/7la5DPb7rX/sahhVj+n89jB8z6fLFu0i17NUrTmXq3kry7mWRrVl6XQ9nm6vfeO6V46p+GbtlfFGdq1Oy5m/X6cD7u5qsjvZ5Y8px6uYHelEZCKZrcdWRuOZ7pEZfoR2eXS27SmLuZDG5mBP9u1pcvtktsd8q8vGqP0drdNyPr/YKeb7ohOJ/7Q7FnOx5+x7bnTMky//7jffn63zB2dK45mo03b12ho8J+Z6IvH8OJG4sXz75o3rd84etkgMmK0icWqzfCXfzfdyNjN5PStZyg+zkNUsZibfqXIL9cEvei75HSJ1eVvp9UeNZLI+QzsHa3djeqna9liW8lreyrUs5uXq38VcyCu5lEuZ7znCp0Yf4eqqbwxe9ZX254YO/sxX6kwryS/r9GAo4/pMT1y3zvrZKt7PbFtTR6lo5sQYURpybxyl+cU6U+7jp4+6ke6p/khc6Dlfnh0diV9Vt5U7y7dvrtxYeHu83Z14v86U19HPk5mDcyMpz5cT5cGqSlPbzo6y7tnNuu3xKutObtY1BupO5fdpNrt7Wcr6jlfqZP0ZbrCni1Xd80Pr5qq60z11rSGftwA48I5+9ehk6++tP7c+bP2sdaP16vS3p74+9cJkjvzhyDeasxNfarxQ/DYf5sdb3/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBP7867791cWF5eXOnLtNvtu38ZXjVmpvu8mk+5eX+m+1SoMRpn5q9PlU2HVE2kfXeHqieV+cLTyV7t6+Bm/t1ut+s1xQ5tfv3H/kBNZZ9CVz/nr30gQjciM/34rq+BzL7dkoA9cn711tvn77z73teWbi28ufjm4u35S5fmZ+cvvTw3fX1peXH2fPW636MEnoStN/39HgkAAAAAAAAAAAAwrsf8fwbWh1Xt9xwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAw+3K2TQfpMiF2XOzZXnj/txyuXTzWy2bSRpJih8lxUfJ5XSWHO/prthpPx8szb/x8Scb/2x31P1V7RujthvPer1kJslEJ733uPq7WqcjFaOmUGzOsAzYmW7gYL/9NwAA//8wOw48")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x120)
r1 = open(&(0x7f0000000140)='.\x00', 0x0, 0x112)
getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8)
getdents64(r0, &(0x7f0000000080)=""/203, 0xcb)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)

25.617107055s ago: executing program 0 (id=1137):
syz_mount_image$f2fs(&(0x7f0000000380), &(0x7f00000000c0)='./bus\x00', 0xa18008, &(0x7f0000006e00)=ANY=[@ANYBLOB="6167655f657874656e745f63616368652c6e6f6c617a7974696d652c616c6c6f635f6d6f64653d64656661756c742c6163746976655f6c6f67733d362c61636c2c6661756c745f696e6a656374696f6e3d30303030303030303030303030303030313236322c61636c2c6e6f61636c2c636f6d70726573735f63616368652c6261636b67726f756e645f67633d6f66662c6e6f626172726965722c636f6d70726573735f63616368652c6d6f64653d6c66732c00a0f136a7b12c237938b84e413b4410176f83a54dc492582695e005d110d725abbe2adec1ac2f6f77d172f0a20b3c1a8f19a6b28a8e0ba53dc3bf8ebe1ba50407cd64781927026076251050bd3ce7", @ANYRES64, @ANYRESHEX], 0x1, 0x5517, &(0x7f0000008f00)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnbnLUhuE4gP4TSKFfKqq671W6g2P0CF1214oD9BIcoAt6hV6AM9BdjzAiI+IMA8wsRoqTaEbvScHYCj9sRBa2JQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH36V21Xf35+/tU151B3E6/yjAcAAAB4aF9tV82bRaq/bdvft00f23oREWVEPDZ3n1xN3idtTnV//+/z+6urPvyNaBKO3zFrrzcR8aW9bj70/SsAAADAy7Vbb5Zptp5eFmN3iCGlRZvy3ddMeUVEVIv/mdLKY96nTGHN/3sa3zOlNQtY80xhacltmivtSZrH/bRqNz8rilSUTUtd1z/OP3bqZLaxAwAAA5pcFMPOQgAAABjSt7E7wDiKuNvKPG0FzlLRbu+9vqgBAAAAz1AxdgcAAACA3jXz/4HO/6ud/wcAAADjSOf/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0Kd9tV3t1ptl15xD3U2e0QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcMv+vKNACIRBGOxd35nM/Q8rDZqamlSB8PE3BgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8+d1f/k9MjTPJ3Gtj6XkkWTs1tk6NvXPj6A/j69cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF/vzkgIhEARRMGf876Tvf1hJ0DOIEAENjypq0QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF/0u1/+T0yNM8ncaWPpeCRZu2psXTX2HjSOHoy3fwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFzv38xtFFQcA/DszO4ugxlpNDzVGEw96kbIgyM140DQe/BNMmrJgZfEH9CCEGHvxZuqVi9GjMSaaeuN/4AwJF7xx6AETz5iZnekO0MRF68yWfj7Jm/fdyfDe980mpN950wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAbfvdSZwVh7lxnFbnbt67ulr0tx7qC9c3by8WrYiTNpPeH15ufkgWuksEAACAgyOr6/uIuJNvLRd9OlfW/3l9TVHz//DsOK7r+Yfr/rqva/+i/f7b3Rd3Jpobz1MMenZtNDz2aCq9/2+Vs+25f7yiV9758tlLVn4h6QcbL2zn5f1Mvr1x471+GR5qI1sA4N84WvdVUP88VPSDLhMD4MDoNQrvuv7P5rrNCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAN2xvxdB0nEbHYm8SFW/euru7WX9+8vVi3U9eubcbXkzGLIfKIOLs2Gh5rdTWz7dLlK+dXRqPhxfaDVyJiTwa8HxGP+a/eqZZ//qMpLo7o5P4I9ihIqy97VvLZH0GH/ykBAPBEyqtW1PV38q3l4lwyH3H/xwfr/9cbcUxZ/9/9+NTN5lzN+n/Q2gpn39L6hc+XLl2+8ubahZVzw3PDT986Pnh7cOL0yZOnl8pnJUuemAAAAPDf9KvWrP/T+Uf3/4804piy/v/i+8FXzbky9f+uJpt+XWcCAABwsD3/6l9/JrucT/r9+HJlff3iYHzc+Xx8fOwg1cd2qGrN+j+b7zorAAAAoA3bG8kD+/9nGnFMuf//zE8v/dIcM4uIw9X+/9HVz0Zn2lvOTGvj14m7XiMAAADdOly15v5/Xr7/n+688pBGxBuvjePqzwBOVf9n73/zc3Ou5vv/J9pb4kxKF8b3o+wXInoLXWcEAADAPvVdf4qLnqpaUez/kW8tf/LrkQ/73v8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaNvfAQAA//9swUHm")
r0 = open(&(0x7f0000000280)='./file0\x00', 0x14d042, 0x0)
lseek(r0, 0xcf, 0x0)
ftruncate(r0, 0x2008001)
sendfile(r0, r0, 0x0, 0x800000009)
open(&(0x7f0000000080)='./file0\x00', 0x8000, 0x50)

23.90953347s ago: executing program 0 (id=1143):
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000044, &(0x7f00000003c0), 0x1, 0x55e, &(0x7f0000001bc0)="$eJzs3d9rW+UbAPDnpM1+f7/rYAwVkcIunMyla+uPCV7MS9HhQO9naM/KaLqMJh1rHbhduBtvZAgiDsR7vfdKhv+Af8VAB0NG0QtvKic9abs1adIuWzrz+cDZ3jfnJO95cs7z9n1zTkgAA2s0+6cQ8WJEfJVEHI6IJF83HPnK0dXtlh9en8qWJFZWPv4zaWyX1Zuv1XzewbzyQkT8+kXEycLmdmuLS7PlSiWdz+tj9bkrY7XFpVOX5soz6Ux6eWJy8sybkxPvvP1Wz2J97fzf33509/0zXx5f/uan+0duJ3E2DuXrNsbxBG5srIzGaP6eFOPsYxuOr/7XizZ3haTfO8CODOV5XoysDzgcQ3nWA/99n0fECjCgEvkPA6o5DmjO7Xs0D35uPHhvdQK0Of7h1c9GYl9jbnRgOXlkZpTNd0d60H7Wxs9/3LmdLdG7zyEAOrpxMyJODw9v7v+SvP/budNdbPN4G/o/eHbuZuOf11uNfwpr459oMf452CJ3d6Jz/hfu96CZtrLx37stx79rF61GhvLa/xpjvmJy8VIlzfq2/0fEiSjuzerjW7RxZvneSrt1G8d/2ZK13xwL5vtxf3jvo8+ZLtfLTxLzRg9uRrzUcvybrB3/pMXxz96P8122cSy980q7dZ3jf7pWfoh4teXxX7+ilWx9fXKscT6MNc+Kzf66dey3du33O/7s+B/YOv6RZOP12tr22/h+3z9pu3WPxB/dn/97kk8a5T35Y9fK9fr8eMSe5MPNj0+sP7dZb26fxX/i+Nb93/r5/8va6+yPiE+7jP/W0R9f3tdN/H06/tPbOv7bL9z74LPv2rXfXf/3RqN0In+km/6vw34VY8dnMwAAAAAAAOxehYg4FEmhtFYuFEql1fs7jsaBQqVaq5+8WF24PB2N78qORLHQvNJ9eMP9EOP5/bDN+sRj9cmIOBIRXw/tb9RLU9XKdL+DBwAAAAAAAAAAAAAAAAAAgF3iYJvv/2d+H+r33gFPnZ/8hsHVMf978UtPwK7k7z8MLvkPg0v+w+CS/zC45D8MLvkPg0v+w+CS/wAAAAAAAAAAAAAAAAAAAAAAAAAAANBT58+dy5aV5YfXp7L69NXFhdnq1VPTaW22NLcwVZqqzl8pzVSrM5W0NFWd6/R6lWr1yvhELFwbq6e1+lhtcenCXHXhcv3CpbnyTHohLT6TqAAAAAAAAAAAAAAAAAAAAOD5Ultcmi1XKum8gsKOCsO7YzcUelzod88EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOv+DQAA//8Kozfs")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
sendmsg$NL80211_CMD_GET_WIPHY(0xffffffffffffffff, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x4042, 0xf8)
writev(r0, &(0x7f0000000140)=[{&(0x7f0000001200)="10", 0x64000}], 0x1)

22.242074008s ago: executing program 0 (id=1156):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x1f, 0xf, &(0x7f0000000240)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000000)={r1}, 0xc)

21.585432487s ago: executing program 0 (id=1161):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5, r0})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)

10.382697462s ago: executing program 33 (id=1134):
syz_mount_image$hfsplus(&(0x7f0000000c00), &(0x7f0000000100)='./file1\x00', 0x8, &(0x7f00000003c0)=ANY=[@ANYRES8=0x0, @ANYRESOCT, @ANYRES8, @ANYBLOB="0a42f7415a3663f0ccff19a8b6c74a5ca36cde3a0764e4539a0072118a8ca35f4cfd925432ff27a561206de87f8ef8fd024eb3b7293d4f804164aa55affb403bca8af4c0f0fb72f91e3d6b0bb844b31943a9deeeafb1a147ec2703ef0dcb51f0b130653ab2053803328849a0ce1549b84673bd2905fb1371c07486fcc547a816c117c340d1683e87ffde3073bb03c6b1155e6cb645b5e79b6c216befe7790345349e", @ANYRESOCT, @ANYRES8], 0xfb, 0x6b4, &(0x7f00000013c0)="$eJzs3ctvXFcdB/DvHU9sT1pCmiZtQJVqNRIgIhInVlrMhoAQyqKqqrJgbSVOY8VJi+Mit0LE4bnton9AWWSDWCGxYhOpsGADu+6Ql0hIbMqCsGHQvXPHHs+MJ+M28QM+n+jOOeeec88953cf87CiG+D/1pWzaT5IkStnX10ryxv355Y37s/d6uRfayaZSrKelNlGkuJf7Xb7o+RyUmx2U/SlAz5Ymn/j4082/tYpNeulat8YtV2fut163+r17rqZJBN1+hls6+/qZ+6v2Bz55SRn6hT23ZEk7W1+8KenN2t6tIZtPb0nYwSerKLzvjngeHK0vtDLzwHdd97G3o5uPBPdQXYVzR3b9n+CAAAAgMOm+g48+NV325rPP8zDrBXH9nBYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcKitJ5P14/OLeml08zMpus//n6zXpc4fLC/urvmDzpwAAAAAAAAA4FB78WEeZi3HuuV2Uf3N/6WqcLJ6fSrv5E4Ws5JzWctCVrNaJBeSHO/paHJtYXV1qlvaccus5OKwLVcuPmKg3a5bj2HSAAAAAAAAAPC/5ye5svX3fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAiKZKKTpLjXs/p4Gs0k00kmyxXrSdGs8wfb9MjaB3s2DgAAANg/U8nDrOVYt9wucjLJc9VvANN5J7ezmqWsZjmLuVb9LtD51t/YuD+3vHF/7la5DPb7rX/sahhVj+n89jB8z6fLFu0i17NUrTmXq3kry7mWRrVl6XQ9nm6vfeO6V46p+GbtlfFGdq1Oy5m/X6cD7u5qsjvZ5Y8px6uYHelEZCKZrcdWRuOZ7pEZfoR2eXS27SmLuZDG5mBP9u1pcvtktsd8q8vGqP0drdNyPr/YKeb7ohOJ/7Q7FnOx5+x7bnTMky//7jffn63zB2dK45mo03b12ho8J+Z6IvH8OJG4sXz75o3rd84etkgMmK0icWqzfCXfzfdyNjN5PStZyg+zkNUsZibfqXIL9cEvei75HSJ1eVvp9UeNZLI+QzsHa3djeqna9liW8lreyrUs5uXq38VcyCu5lEuZ7znCp0Yf4eqqbwxe9ZX254YO/sxX6kwryS/r9GAo4/pMT1y3zvrZKt7PbFtTR6lo5sQYURpybxyl+cU6U+7jp4+6ke6p/khc6Dlfnh0diV9Vt5U7y7dvrtxYeHu83Z14v86U19HPk5mDcyMpz5cT5cGqSlPbzo6y7tnNuu3xKutObtY1BupO5fdpNrt7Wcr6jlfqZP0ZbrCni1Xd80Pr5qq60z11rSGftwA48I5+9ehk6++tP7c+bP2sdaP16vS3p74+9cJkjvzhyDeasxNfarxQ/DYf5sdb3/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBP7867791cWF5eXOnLtNvtu38ZXjVmpvu8mk+5eX+m+1SoMRpn5q9PlU2HVE2kfXeHqieV+cLTyV7t6+Bm/t1ut+s1xQ5tfv3H/kBNZZ9CVz/nr30gQjciM/34rq+BzL7dkoA9cn711tvn77z73teWbi28ufjm4u35S5fmZ+cvvTw3fX1peXH2fPW636MEnoStN/39HgkAAAAAAAAAAAAwrsf8fwbWh1Xt9xwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAw+3K2TQfpMiF2XOzZXnj/txyuXTzWy2bSRpJih8lxUfJ5XSWHO/prthpPx8szb/x8Scb/2x31P1V7RujthvPer1kJslEJ733uPq7WqcjFaOmUGzOsAzYmW7gYL/9NwAA//8wOw48")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x120)
r1 = open(&(0x7f0000000140)='.\x00', 0x0, 0x112)
getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8)
getdents64(r0, &(0x7f0000000080)=""/203, 0xcb)
unlinkat(0xffffffffffffff9c, &(0x7f0000000380)='./file1\x00', 0x0)

6.326801834s ago: executing program 34 (id=1161):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5, r0})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0)

3.357974066s ago: executing program 3 (id=1259):
r0 = syz_io_uring_setup(0xb7f, &(0x7f0000000180)={0x0, 0x38ab, 0x80, 0x0, 0x1e6}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000600)=<r2=>0x0)
io_uring_register$IORING_REGISTER_PBUF_RING(r0, 0x16, &(0x7f00000000c0)={&(0x7f0000001000)={[{0x0, 0x0, 0x4, 0xf4}]}, 0x1, 0x1}, 0x1)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x10, r3, 0x0, 0x0, 0x0, 0x322, 0x1, {0x1}})
io_uring_enter(r0, 0x3516, 0x0, 0x0, 0x0, 0x0)

2.294120513s ago: executing program 3 (id=1263):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000ff1000/0xf000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f00006e3000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x7f9, &(0x7f0000000040)={0x0, 0xc8df, 0xfc00, 0xa, 0x20002f7})
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[], 0x28}}, 0x0)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

2.290834036s ago: executing program 4 (id=1264):
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file1\x00', 0x1000000, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
umount2(&(0x7f00000002c0)='./file0\x00', 0x9)
mount$overlay(0x0, &(0x7f0000000580)='./file0\x00', &(0x7f0000000b80), 0x4008, &(0x7f00000001c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

2.17611955s ago: executing program 1 (id=1265):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
get_mempolicy(0x0, 0x0, 0x6, &(0x7f0000ff7000/0x1000)=nil, 0x3)
mprotect(&(0x7f0000ff5000/0x3000)=nil, 0x3000, 0x8)
r0 = mq_open(&(0x7f0000000080)='eth0\x00#~\x02\x00\x00\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfd\x05\x00\x00\x00\x00\x00\x80\x00\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94uu_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18A\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x05\x00\x00\x000\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xce\x00\x00\x00\xe8\vq+\xbb\xc7\xaf\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x120, 0x0)
mq_timedsend(r0, &(0x7f0000000600)="6d12483bb95dab4da2bccb9a5c51f7769b4aa2ed6f00bcfff2058843f7de72fa8f9dd7572991db9f2968c67d150dbd80321f91c14a7705c3d6e2292f74d074e24cdfdc28da61b60db4ac67a81c04430dd72555dcebe8193594b8fe29718d5781fe3f418379dab48089b86edc4facdbc388e30fdfabe867722b348dcfbff8f7745bb98584b3384eb1b1c541d05427c4e5c33b3692ebf599d4a179bcd27271d55e4a38ac7be3cae3e85eddbdcf574ac462df22b6b2242245f32d5826de908a96ea66331cad4d0ff094f552e118ee643f2f12f854c32d4e548bd82a69c4102bc516a41a52436f6dfd80133de801fdc8e75276c631f041d86269f2ba0791e8119868816c1fe9c78654919d6dcce67a5f32b77575867f43f76e99108bf9ee3fd550cc18f8bee8505da7ea8fe0a3a9e40c01be1d39435821c5f52cf39a7d5558f278b01be298e5460d3ebf011345ed0030603f767fe44876fdf1cb172a4cbfb2f7784ac61c4786a147b6d446eaf46d5b26c6b85580ba4913fc12a443d8dcf05d08513ae01a7f489826fdc8bff83c1708ebbc060aa72d25e6ce21521799bd37c34fdad973fd7e17070b7783bf341fc079c6b0c9811388430c84540d8d544d1887b73e3a9d2625358be4b09128ee7f8d2dacf2d9704b9143c0341568d1e39429e1d442d21878c87271e66651e12d077b8dd49c0bf285097e261a5116b91036368265c1c5b74353bb42ff4936e27a20c48dea290685b09c2e5baa29dbeb790969f793692fb112c973329236f30bd29c39ee6104e1e0ccd1f855e5837d156c83834661a2aa8929ad78c025413179d880ee905d0b1ee1c9c3eacb63ac807a6ce73d492502ce52beba9ea5214a9387e2c5a810a96e14956809b6865e46a9d9ce2deb4cce2155562dd7e3daef9b3c0c0a55f1fe1a89835971dbc9c09ee9d4abe827b0e87dcd08e5e7cf08869cdcd6fe7f42d93c075db2fec9d96aff21410c3cbd5d904ed147af08c297011ec105dec6fb319cc5637ac71dac05d01ef356dcc6b6bd3f8625204d92f6d0447c0ee5c72d13b4e951a5ba060d4e0ab4680bba08ca9e0079ed6332e6449e01ec480903b0f377e08e8146c8a1e86df678dd88f3768e0958b04f24d58f39a15ee93e4b3e1e2dcd91f8cd36c37b2806d5f7c1871d0e1d7496ac64b377a8fb32104166536597bbfd6d814b2eb41970ba1aef50238e34ec8069690029c58c8a01b28b711ff44aed4652629c7cdc7843d83efe9514bb5b1f80d1047e6075870c53505a142e48d6897d7811f84d8c3e8f9985f9a9d01c8fd68960aee376caa465f25622d7ff5deae8f0d628e048bc4387ca3046067768f3014a3ef4d1b55123ce45507ab1b6f587f6302bb9b715899d2fc20cabfd306549b6a2ec8ea5169e5be19cf59ef71cbb16d402cdc62a422b2bf5c01bb6139e60fd61ea4b77382c7e2e038c6511bfe08f7a3cea5e793f9e2cb4facce20e719d179104418f6745bf8065c70da3815c8e1a1b650d96865c41fd45dbcae51e1d54b41002c2f673cd1008dbf3f17847dd28d8fe3c24ef238000be692e05b0365cb7691fa8f134efe70df46b5cc4765def995971ae0c45f653292f4a3c26300e359afbe0c4f7b049f505ab8e8a0d4c7090cc07c62dbcb9bf6682425553de4ca63f98ac5d420d01bf729bf815683d11451eea0295675778f00bef94ac6e29dd2285847fd857cf2d204de3170e024169d568500befd5c6f34e9d3fcae78bd8fcd6d8f85fcf56241c7787d86bdfca06a6e69b996d72530c94eaa82e99f8ccbd66b53ce0f066fffcb3b643f84a1112c4c8a153ef745f7da3c4887f95de7df8dcf6653200eccb389a7aad4a874d347791cd00cf767bdd8d36de55cbc0879e11cddec175b36be0d1224d1dab7d8f8f3bab0f622d031be123b6ab48188716162afea5e0529830a39c3c9edc86b3e6020830f2f94060685d96887fb536afaedcd9523c53e5e210e87a07bc941b29b968ec9b0f6e5a74b929ad56ef7e80b981d39460040df8aedb253bc4681e72de2b3e886320b2f9a52f675bb08e4dee27b468d0822d6269ad1eee16d1c1781ad17b1fae21b44e427ace6d1fa932ca9c295c5ae74140ffea23ac2b70a6ca71af12c6d63adc32110521cee84dce3514c51417fa794fff4fb7b72844fbb3ba786173d3ffea23e03eb49acbd957d52494ffff3cd2dc420ace19bbe375aabb97953dd1b8adc24856a81b2888e2fb635332c2d4257cf6833ccb3135c0327f79c4846b691b693b066cd5de30ca40e29fe8775fd6a8844f566223008d017ccb6f2ee47496b61aa2900f64c1e2136c8dfbb6dd7ab368e0cfeb3e639657f16d9f26f0c575b61476ea7cd499e2fffe75f6118d19d6186e9433d1b92dc30e84bceba4c9bd8e889575c50da8e236d0ad184a2ae7e91e31485a44389a7c6a63c4d7588fa0755ae292102c46df1cfcc21eccfa5bc815a2491cb845de2feae93d5a9365cff327d048b7e66733b1d1cbf1eadae7296631f3f1681ab5878272a9b17e11f64e8ea8afbd297f388b951e39b94d909c74a4c667f6204128c84566c2347222a984f67177160e3f144518721f25aab93c9d0a34d407b84485bf1f2fa07af7de0617dbda0b2eb3ef839d6ad8649fa7133e14646cb30462e827a1bba8b6cf97c93c95552c70aae8ba4918f8b51275ed7e1f90f7ae7a5313aff699f54265adad4b0608a90165c8e7df729ceb0eda12357ea37e7bbb86fc542544c93d494d4edfd098432e389666a8a93f4333e630deefa87397ece144a59fbf736aeefb7b66744954e8076e9d0534508a3631dbdcd2c15b5fd844d62409bf6c63699ac5ff0cab98d4b7f0e33e5cb20853554c895ea26607e9554d74e1511c4c476c41aa7fa717259e5048d80f1f30f07dd5397c17d818dac1849b7ccf6425fa0265edfecb58a763615dedbe98e215ce63dd1688e191a191ccdb4e939bd370f68054440296cb511b5f070fb9479bdef321b7d124506f6345ac3c2ca0ef22292d3f83ec21908de3a3c7f98cc5e086034d0b08df704382a8ee9f6129542cac7dc5fd54e71270f5ea9739b625347f3200d6f74d41106aed8fa8af5a3a6cd58a44de62af681d449a44b5f86702e625a1658f2bb09e1c7a178ec27081bb8e0f3febf700a1663374325bbb17a17c6178fbc0424f83cfafdd8ed301450bc6822105e6033bc999c833ce3f60814f9db98c3880aae837027cc4fd82a1aa61d1c7fbacf0e5da0c820f97e35f52abb212dcfd77c7e159ef4f777a2cbf61508539660a577974291852a3dfdcb0706961faf65f62745240e281e9c1ea25a2bf29729008b59b5bac92c8ffc53b240761c0021edb53bad82a322510f480a53945c63803abb0b5947aa32a7ad5cf8059933ae4dc5d18a261b8d4a126dadd1d7f186cc0f3bc00c82c15516ea2a4b5a5517395d2a16a3beb920b16c706381bae273443ebfa3c37778596177de18a62cb96c08a35459a897ac87bcd87cdbcecae83c95cd4b5eb878a8d31e75955eb11e0cb58c6ad2b39f8f9350ff95778a961b07b4b0e4ff6b58caab6db44c6345c8ad9da0aef0c2b4a09e459a027d774da684ce2defd0b23b6e15ec573268050cba4cd1be4d899672ea3562f280df3b3ee878bd2e9989357829c363b4b47eacadeee76144957f4d76c3ea703aa5bf32f75a0370f49ae371f001eced8bbdaa781f66c83f959af0cb0ecbabeeeb0f91c26a22b430d5cae34e470f79f01446cdca5b70ba6448a8d9e4722dba03369b3204253eea942de2fb7b4408212a4c6a5d36c7e82417edd052a59d6d1ce2b0a2bd94f334647712cc2296e75db316be650195dd28a360e2e44fd32951b2b983d673bce51eea778d2ed2a2468c3b6b94b67ee175aa08f757d5522b43cefd5969511579cd79300802c811adad7b6bdf789f70bc76e94f8ea317043cf29b562a2041c553122ec338834455be1b68fe7470808451b0e1f1d444ae1e430c51c718a751142fa675a663e9d9f66a8a6199b56d18e4167e54942a37366fa0b5242de86bf1af6c758b2f0bb1f0fda16dc5241e3cc442326fdb501b95fe768c45781c8b60fbe576c7e790e2d5a2a76085cdca098fb3209b30a017eefbf6f8b315b38d8f8f194e456d1776cf6c9c4f4a99e9b50ca4bbc57ff1f035f13a3d8261617b5d55387488f9456a32400a84f95320e722c7abed22b9f8b574da8322fe104c12fb35c9d0c600dde78c47cd46647a8e24aafa53c68e2119ed1473bb3b7c9873d0a256e8eec8dc9f57820a7e23d49deb4041beae704b3fb527ce57316ff238515c248c80d51fd44e31dbb2d2e1d6b8007a03bf9b981fee094ee82f413698af66a3057621490d60207bca2e7a11e96cfb850a9a371ce672d0c4826be044acaa0a0a04fab4f2807eac896c48db2c35caf97fdf8bacb854f5351328cfbab2c3b251fc0abe20ba4b8fe8f4a98dfb76a0b1ea6b6463bdd900e23114c94f205f492a4acb30cc8a6efe6f73a96d3688853c60dce92732440db5ec245478bb64ebe9b60e7469ffb253febcda05613a8c1dbf72634e68d912e2fc98501d99c7dafb50081edcc60dc74daf9cecbcf65aa57661451fc6131f8c879b2181984bc4e0973ad6984837e19595caa35ff4713266b6a6c090a50afeb1461590c4c36f7fead0c9620af82302616c154e74199ee11353f6e9861472e2f1826afd0ce1a2ce9712b50019b32397960f54f4fce3c6655e13d8ef3ba20eaa3ca03a831a39732203dc3d2d3bf8de63fb4c96b3ec10cc852401f25a2575e98d9a25bf0767fc180f6fef5928565fa9ffdd620b6713f85bbc140060df1b50607b4eb51c0c71dac8ee2c19b9bd03b1840bb4d1f8a767d788a31926c9c39be4709dd57e856cb417d3947ce825f194fac18323f36a3b7743603abc628d477b3292a6b3f4965e882a110728f2a9f4fa8fd9d9d50859c48fe0f07f6a826bd5c5d8d645c0f7d8d03cf49be2419e2986f8ad55a228cacd0838f867a8612fd1c4b04d54dc9d5b05cc9395f5bb7fe918083bedfa33734a3f6afaf70379f4d423fa592dcfdeef84161df3f8f42204116442fc815a3cb3c79348d489296014fb8d4334c4ad776e14207ed2115781a0caac4cbfddf8f788f58cd9da9c33f145d87a187d7db78ce4368c5bdbba67fde5264a53a65a027a52aa09fd4943aeeae146a769a26a0f3597fd5004b60c179ce2bcafc78220d691c44c153c883bf942f01586b5321e4bbb28ab44d97bea3368f7c5d0c3dda0ef359065fd31f62060beb0b2a31f7164867e4b78f89f5ea0131aed7014ef3385f0b350ff847f4321b81c7dc9a484605ee397a2d5ea8ad9593020cea3acb6a106a560b4bf675c89aa3b14678dfef6602fdfa9afeeb6f16cb1b3cc944ad5d0492a3d07308c07dfc204c071d92f6b8b5694c70d166fe29f7894ceee7554dc32c71f3b971c8f20f2cafa4399a8755684090f90e6b45ee924d1205e0a075fd2259b6ca6430d28c780735353be38578b3cf1badcba4dae86419d4a0c1ec21f4a7510a08018e90974f0757aab8b51dc0fc068193d040cbd9706eeec02360da646b11cc5f1a544ecf24ce87c7165a0cb9bdb6990db03320ecf2f65fb6dfd1f3d32b2ae10723707cf5f30ea387f677aea100649c72e795b5f7d652e0e2fd0ae19eaf96f1b6453d056e01c97aa5c271b5e5f303fa4013f686cfbf64a1c1fe4263786b835e46a98699b8d5262520c4947987748ab21a48aef3", 0xfd1, 0x6, 0x0)
mq_timedreceive(r0, &(0x7f000001a600)=""/102385, 0x18ff1, 0x0, 0x0)

1.904871904s ago: executing program 1 (id=1266):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000300)={0x0, 0x10, &(0x7f0000000100)=[@in={0x2, 0x4e20, @private=0xa010103}]}, &(0x7f0000000380)=0x10)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r0, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r1=>0x0]}, &(0x7f0000000080)=0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1, 0x1}, &(0x7f00000000c0)=0x8)
r2 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
landlock_restrict_self(r2, 0x8)

1.770626176s ago: executing program 4 (id=1267):
r0 = fsopen(&(0x7f0000000040)='tracefs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0xa)
fchdir(r1)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x8880, 0x85)
lseek(r2, 0xd, 0x1)

1.643965937s ago: executing program 3 (id=1268):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000200)=""/83, 0x53}], 0x1}, 0x0)

1.55577913s ago: executing program 1 (id=1269):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000180)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-twofish-3way\x00'}, 0x62)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, 0x0}], 0x1, 0x40800)
recvmmsg$unix(r1, &(0x7f0000006d00)=[{{0x0, 0x0, &(0x7f0000000a40)=[{&(0x7f00000010c0)=""/4, 0x4}], 0x1}}], 0x1, 0x40004022, 0x0)

1.499183292s ago: executing program 4 (id=1270):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text16={0x10, 0x0}], 0x1, 0x4, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000040)="f779000f20d835080000000f22d866b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f07b8010000000f01d9c4033921820f47a753fd", 0x4c}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.443285448s ago: executing program 3 (id=1271):
unshare(0x26020480)
r0 = fsopen(&(0x7f0000000140)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
setuid(0xee00)
syz_clone3(&(0x7f0000000340)={0x201800000, 0x0, 0x0, 0x0, {0x2d}, 0x0, 0x0, 0x0, 0x0, 0x0, {r1}}, 0x58)

1.273983839s ago: executing program 1 (id=1272):
r0 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000140)={&(0x7f0000000300)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f00000002c0)={&(0x7f0000000240)=[0x0, <r3=>0x0], &(0x7f0000000040), 0x2, r2})
ioctl$DRM_IOCTL_MODE_ATOMIC(r0, 0xc03864bc, &(0x7f0000000380)={0x200, 0x1, &(0x7f0000000440)=[r2], &(0x7f0000000180)=[0x7], &(0x7f0000000280)=[r3, r3], &(0x7f0000000040)=[0x0]})

963.979913ms ago: executing program 1 (id=1273):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f0000000840)=ANY=[@ANYBLOB='fd=', @ANYRESOCT=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
unshare(0x20040600)
ioctl$FUSE_DEV_IOC_CLONE(r1, 0x8004e500, &(0x7f0000000140)=r0)

963.758538ms ago: executing program 3 (id=1274):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x800, &(0x7f0000000300)={[{@grpquota}, {@quota}, {@quota}, {}, {@dioread_lock}]}, 0xff, 0x4fa, &(0x7f00000005c0)="$eJzs3c9vG1kdAPCvnThx0uwmu+wBEOyW3YWCqjqJuxut9gDLCSFUCdEjSG1I3CiKHUexU5rQQ3rmikQlTnDkD+DcE3cuCG5cygGJHxGoQeLg1YwnqZvaTdQkdhR/PtJo3ps39fe9pvNe/U3iF8DQuhoRuxExFhF3I2I6u57LjvisfST3Pdt7uLS/93ApF63W7X/l0vbkWnT8mcSV7DWLEfGj70X8NPdy3Mb2ztpitVrZzOqzzdrGbGN758ZqbXGlslJZL5cX5hfmPrn5cfnMxvpebSwrffXpH3e/9fOkW1PZlc5xnKX20AuHcRKjEfGD8wg2ACPZeMYG3RFeSz4i3o6I99PnfzpG0q8mAHCZtVrT0ZrurAMAl10+zYHl8qUsFzAV+Xyp1M7hvROT+Wq90bx+r761vtzOlc1EIX9vtVqZy3KFM1HIJfX5tPy8Xj5SvxkRb0XEL8cn0nppqV5dHuR/fABgiF05sv7/d7y9/gMAl1xx0B0AAPrO+g8Aw8f6DwDDx/oPAMOnvf5PDLobAEAfef8PAMPH+g8AQ+WHt24lR2s/+/zr5fvbW2v1+zeWK421Um1rqbRU39wordTrK+ln9tSOe71qvb4x/1FsPZj59kajOdvY3rlTq2+tN++kn+t9p1JI79rtw8gAgF7eeu/JX3LJivzpRHpEx14OhYH2DDhv+UF3ABiYkUF3ABgYu33B8DrFe3zpAbgkumzR+4Jit18QarVarfPrEnDOrn1J/h+GVUf+308Bw5CR/4fhJf8Pw6vVyp10z/846Y0AwMUmxw/0+P7/29n5d9k3B36yfPSOx+fZKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALjYDvb/LWV7gU9FPl8qRbwRETNRyN1brVbmIuLNiPjzeGE8qc8PuM8AwGnl/57L9v+6Nv3h1AtN7145LI5FxM9+fftXDxabzc0/RYzl/j1+cL35OLte7n/vAYDjHazT6bnjjfyzvYdLB0c/+/OP70ZEsR1/f28s9g/jj8Zoei5GISIm/5PL6m25jtzFaew+iogvdht/LqbSHEh759Oj8ZPYb/Q1fv6F+Pm0rX1O/i6+cAZ9gWHzJJl/Puv2/OXjanru/vwX0xnq9LL5L3mppf10Dnwe/2D+G+kx/109aYyP/vD9dmni5bZHEV8ejTiIvd8x/xzEz/WI/+EJ4//1K+++36ut9ZuIa9E9fmes2WZtY7axvXNjtba4UlmprJfLC/MLc5/c/Lg8m+aoZ3uvBv/89PqbvdqS8U/2iF88ZvxfP+H4f/v/uz/+2ivif/ODbvHz8c4r4idr4jdOGH9x8vfFXm1J/OUe4z/u63/9hPGf/m3npW3DAYDBaWzvrC1Wq5VNBYWLX0j+yV6AbnQtfKdfscaie9MvPmg/00eaWq3XitVrxjiLrBtwERw+9BHxv0F3BgAAAAAAAAAAAAAA6Kofv7E06DECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABweX0eAAD//19xzyM=")
r0 = creat(&(0x7f0000000e40)='./file1\x00', 0x18)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0xa4c42, 0x108)
fallocate(r0, 0x0, 0xbf5, 0x2000402)
truncate(&(0x7f0000000080)='./file2\x00', 0x1ffa)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0xc, r0, 0x0, 0x18, 0x0, 0xfffffffffe000001})

786.205473ms ago: executing program 1 (id=1275):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
syz_clone3(&(0x7f00000003c0)={0x8000080, 0x0, 0x0, 0x0, {0x10}, 0x0, 0x0, 0x0, 0x0}, 0x58)
mlock2(&(0x7f0000245000/0x1000)=nil, 0x1000, 0x1)

681.150503ms ago: executing program 4 (id=1276):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./bus\x00', 0x4400, &(0x7f0000000200), 0x1, 0x528, &(0x7f0000000b00)="$eJzs3cFvG1kZAPBvHDs0bUpS4AArsSzsorSC2smG3Y04LLsSgtNKQLmXkDhRFCeOYqdtogqCOHBEQgiQOMEBLkj8AUioEheOCKkScEaAQAhSOHCADrI9TtPUdpzWG6fJ7ye9zJv3Zvy9Z2sm82ZGMwGcWy9FxFsR8TBN02sRMZGV57IUu63UWO7B3t2FRkoiTW/8I4kkK2t/VpJNL2WrXYiIL30+4qvJk3Fr2zur85VKeTObL9XXNkq17Z3rK2vzy+Xl8vrs7Mzrc2/MvTY3PZB+Xo6INz/7l+99+6efe/OXn7z9x5t/u/q1RrPGs/qD/TimfK/KVtcLze/i4AqbTxnsNMo3e5gZ67TEyMGZjksAAHAyGsf474uIj0XEtZiIkd6HswAAAMBzKP3MePw3iUg7G+1SDgAAADxHcs17YJNcMbsXYDxyuWKxdQ/vB+JirlKt1T+xVN1aX2zdKzsZhdzSSqU8nd0rPBmFpDE/08w/mn/10PxsRFyJiO9OjDXniwvVyuKwT34AAADAOXHp0Pj/3xOt8T8AAABwxkwOuwEAAADAu874HwAAAM4+438AAAA4077wzjuNlLbff714a3trtXrr+mK5tlpc21ooLlQ3N4rL1epy85l9a0d9XqVa3fhUrG/dKdXLtXqptr1zc626tV6/ufLYK7ABAACAE3TlI/d+n0TE7qfHmqlhtL9V+1wMOK3y+7kkm3bYrEey6Z9Ppk3AyRgZdgOAockPuwHA0BR61o6dWDuA4UmOqO96885vsulHB9seAABg8KY+1P36f67nmru9q4FTz0YM55fr/3B+Na//93snr4MFOFMKjgDg3Hvm6/9HStNjNQgAABi48WZKcsXs9N545HLFYsTl5msBCsnSSqU8HRHvjYjfTRTe05ifaa6ZHDlmAAAAAAAAAAAAAAAAAAAAAAAAAABa0jSJFAAAADjTInJ/TX7Vepb/1MQr4wfPDexGxGjyn4nIXhF6+4c3vn9nvl7fnGmU/3O/vP6DrPzVYZ3FAAAAgDOvjxf4f2s/1x6nt8fxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADBID/buLrTTScb9+9sRMdkpfj4uNKcXohARF/+VRP7AeklEjAwg/ljjzwc7xU8azWqEfCu6xB8bQPzdn/SMH5PZt3A4/mhEXBpAfDjP7r3d2sIf7N29khVl218uXmpOO29/+VZK02eM333/F/v7v5Eu+5/LfcZ44f7PS13jfyPihXzn/U87ftIl/st9xv/Kl3d2utWlP4qY6vj/J3ksVqm+tlGqbe9cX1mbXy4vl9dnZ2den3tj7rW56dLSSqWc/e0Y4zsf/sXDXv2/2CX+5BH9f6XP/v/v/p2997eyhcN1jd/26ssd4v/6x9kST8bPZet9PMs36qfa+d1W/qAXf/bbF3v1f7FL/4/6/a/22f9rX/zmn/pcFAA4AbXtndX5SqW8eWYzjVH6KWiGzCnMfH2gH5imreHgo5L8cbevJE7D19LMDHvPBAAADNqjg/5htwQAAAAAAAAAAAAAAAAAAADOr2M+GOwPT/N8snas9sOPd/ejJ/lh9BkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoJP/BwAA//+BH9Ow")
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x67)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000005c0)='syz_tun\x00', 0x10)
sendto$inet(r0, 0x0, 0x0, 0x24000840, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x3a, &(0x7f0000000bc0)={@local, @random="3747e76de379", @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x6, 0x2, 0x0, 0x0, 0x0, {[@sack={0x5, 0x2}]}}}}}}}, 0x0)

179.403801ms ago: executing program 4 (id=1277):
r0 = fsopen(&(0x7f0000000080)='mqueue\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
r2 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r2, 0xfffffffffffffffe, 0x29)

176.252219ms ago: executing program 3 (id=1278):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000000180)=@o_path={0x0, 0x0, 0x4008}, 0x18)
sendmsg$DEVLINK_CMD_TRAP_POLICER_SET(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[], 0x14}}, 0x0)
r0 = syz_mount_image$btrfs(&(0x7f0000000200), &(0x7f0000005600)='./file0\x00', 0x2000000, &(0x7f0000000240), 0x0, 0x559e, &(0x7f000000ac40)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
ioctl$BTRFS_IOC_SUBVOL_GETFLAGS(r0, 0x80809440, &(0x7f0000000180))

0s ago: executing program 4 (id=1279):
syz_mount_image$fuse(0x0, &(0x7f0000000280)='./file0\x00', 0x42000, 0x0, 0x1, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x1a42028, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x48, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x4bc002, 0x0)
io_setup(0x20fe, &(0x7f0000000540)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000002680)=[&(0x7f0000000240)={0x0, 0x0, 0x0, 0x1, 0x0, r0, 0x0, 0x0, 0x600}])

kernel console output (not intermixed with test programs):

2]  exit_to_user_mode_loop+0xed/0x480
[  196.928637][ T5842]  ? rcu_is_watching+0x15/0xb0
[  196.928659][ T5842]  do_syscall_64+0x32d/0xf80
[  196.928678][ T5842]  ? trace_irq_disable+0x3b/0x150
[  196.928704][ T5842]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.928736][ T5842]  ? clear_bhb_loop+0x40/0x90
[  196.928759][ T5842]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  196.928778][ T5842] RIP: 0033:0x7f5d1019d9d7
[  196.928797][ T5842] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  196.928812][ T5842] RSP: 002b:00007ffd71c88778 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  196.928834][ T5842] RAX: 0000000000000000 RBX: 00007f5d10232050 RCX: 00007f5d1019d9d7
[  196.928846][ T5842] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd71c88830
[  196.928858][ T5842] RBP: 00007ffd71c88830 R08: 00007ffd71c89830 R09: 00000000ffffffff
[  196.928871][ T5842] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd71c898c0
[  196.928882][ T5842] R13: 00007f5d10232050 R14: 0000000000030242 R15: 00007ffd71c89900
[  196.928914][ T5842]  </TASK>
[  197.235328][ T5842] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  197.822348][ T8110] loop8: detected capacity change from 0 to 8
[  197.855657][ T8110] Dev loop8: unable to read RDB block 8
[  197.878196][ T8110]  loop8: unable to read partition table
[  197.901241][ T8110] loop8: partition table beyond EOD, truncated
[  197.953332][ T8110] loop_reread_partitions: partition scan of loop8 (þ被xü^>à– �) failed (rc=-5)
[  198.122001][ T8121] Illegal XDP return value 1429725352 on prog  (id 46) dev N/A, expect packet loss!
[  198.251387][   T29] audit: type=1326 audit(1773775954.996:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8123 comm="syz.0.725" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa31739c799 code=0x0
[  198.398124][ T8128] loop1: detected capacity change from 0 to 512
[  198.425850][ T8128] EXT4-fs: Ignoring removed orlov option
[  198.513264][ T8128] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  198.642437][ T8128] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  198.672870][ T8128] EXT4-fs error (device loop1): ext4_iget_extra_inode:5028: inode #15: comm syz.1.726: corrupted in-inode xattr: e_value size too large
[  198.689012][ T8128] loop1: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  198.698715][ T8128] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.726: couldn't read orphan inode 15 (err -117)
[  198.708179][    C1] EXT4-fs (loop1): error count since last fsck: 1
[  198.708205][    C1] EXT4-fs (loop1): initial error at time 1773775955: ext4_iget_extra_inode:5028: inode 15
[  198.708238][    C1] EXT4-fs (loop1): last error at time 1773775955: ext4_iget_extra_inode:5028: inode 15
[  198.748803][ T8128] loop1: lost filesystem error report for type 5 error -117
[  198.753823][ T8128] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  198.802174][   T29] audit: type=1800 audit(1773775955.556:16): pid=8128 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.726" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop1" ino=18 res=0 errno=0
[  198.858689][ T8128] EXT4-fs error (device loop1): ext4_check_dx_root:2201: inode #2: comm syz.1.726: Corrupt dir, invalid name_len for '..', running e2fsck is recommended
[  199.278434][ T5842] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  199.308575][ T8147] loop0: detected capacity change from 0 to 1024
[  199.416258][ T8147] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  199.613628][ T8160] netlink: 4 bytes leftover after parsing attributes in process `syz.1.740'.
[  199.887188][ T5859] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.062122][ T5854] Bluetooth: hci3: command 0x0406 tx timeout
[  200.663567][ T8187] GUP no longer grows the stack in syz.1.750 (8187): 200000004000-200000008000 (200000002000)
[  200.699517][ T8187] CPU: 0 UID: 0 PID: 8187 Comm: syz.1.750 Not tainted syzkaller #0 PREEMPT(full) 
[  200.699548][ T8187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  200.699561][ T8187] Call Trace:
[  200.699570][ T8187]  <TASK>
[  200.699578][ T8187]  dump_stack_lvl+0xe8/0x150
[  200.699625][ T8187]  __get_user_pages+0x2378/0x2720
[  200.699673][ T8187]  ? mtree_load+0x12a/0x780
[  200.699710][ T8187]  get_user_pages_remote+0x2f6/0xab0
[  200.699735][ T8187]  ? __pfx_mtree_load+0x10/0x10
[  200.699766][ T8187]  ? __pfx_get_user_pages_remote+0x10/0x10
[  200.699792][ T8187]  ? __access_remote_vm+0xa3/0x6f0
[  200.699817][ T8187]  ? __access_remote_vm+0x42c/0x6f0
[  200.699847][ T8187]  __access_remote_vm+0x222/0x6f0
[  200.699889][ T8187]  ? __pfx___access_remote_vm+0x10/0x10
[  200.699920][ T8187]  ? alloc_pages_noprof+0x13b/0x2a0
[  200.699944][ T8187]  proc_pid_cmdline_read+0x419/0x7f0
[  200.699976][ T8187]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  200.700005][ T8187]  ? rw_verify_area+0x2a6/0x4d0
[  200.700030][ T8187]  vfs_readv+0x587/0x840
[  200.700055][ T8187]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  200.700079][ T8187]  ? __pfx_vfs_readv+0x10/0x10
[  200.700112][ T8187]  ? __fget_files+0x2a/0x420
[  200.700137][ T8187]  ? __fget_files+0x3a0/0x420
[  200.700157][ T8187]  ? __fget_files+0x2a/0x420
[  200.700187][ T8187]  __x64_sys_preadv+0x19f/0x2a0
[  200.700209][ T8187]  ? __pfx___x64_sys_preadv+0x10/0x10
[  200.700241][ T8187]  do_syscall_64+0x14d/0xf80
[  200.700263][ T8187]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.700283][ T8187]  ? clear_bhb_loop+0x40/0x90
[  200.700307][ T8187]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  200.700324][ T8187] RIP: 0033:0x7f5d1019c799
[  200.700341][ T8187] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  200.700358][ T8187] RSP: 002b:00007f5d1112e028 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  200.700381][ T8187] RAX: ffffffffffffffda RBX: 00007f5d10415fa0 RCX: 00007f5d1019c799
[  200.700394][ T8187] RDX: 0000000000000001 RSI: 0000200000000d00 RDI: 0000000000000003
[  200.700405][ T8187] RBP: 00007f5d10232c99 R08: 0000000000000200 R09: 0000000000000000
[  200.700416][ T8187] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  200.700427][ T8187] R13: 00007f5d10416038 R14: 00007f5d10415fa0 R15: 00007ffd71c89508
[  200.700459][ T8187]  </TASK>
[  201.565856][ T8197] loop1: detected capacity change from 0 to 1024
[  201.610688][ T8197] EXT4-fs: inline encryption not supported
[  201.692094][ T8197] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  201.719083][   T29] audit: type=1800 audit(1773775958.466:17): pid=8197 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.755" name="file1" dev="loop1" ino=15 res=0 errno=0
[  201.780929][ T5842] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.649969][ T8242] netlink: 'syz.1.774': attribute type 1 has an invalid length.
[  202.658390][ T8238] loop3: detected capacity change from 0 to 1024
[  202.672697][ T8242] netlink: 88 bytes leftover after parsing attributes in process `syz.1.774'.
[  202.692369][ T8242] netlink: 1 bytes leftover after parsing attributes in process `syz.1.774'.
[  202.703145][ T8242] netlink: 'syz.1.774': attribute type 1 has an invalid length.
[  202.739604][ T8242] netlink: 634 bytes leftover after parsing attributes in process `syz.1.774'.
[  203.023274][ T8238] hfsplus: xattr searching failed
[  203.503093][ T8263] loop0: detected capacity change from 0 to 128
[  203.590572][ T8263] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  203.633772][ T8263] ext4 filesystem being mounted at /161/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  203.825287][   T29] audit: type=1800 audit(1773775960.576:18): pid=8263 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.784" name="file1" dev="loop0" ino=12 res=0 errno=0
[  204.030257][ T5859] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  204.395496][ T8255] loop1: detected capacity change from 0 to 32768
[  204.422969][ T8255] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.780 (8255)
[  204.536130][ T8255] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  204.588974][ T8255] BTRFS info (device loop1): using sha256 checksum algorithm
[  204.628256][ T8257] loop3: detected capacity change from 0 to 40427
[  204.704307][ T8257] F2FS-fs (loop3): Image doesn't support compression
[  204.766797][ T8257] F2FS-fs (loop3): build fault injection rate: 690
[  204.794864][ T8255] BTRFS info (device loop1): enabling ssd optimizations
[  204.818691][ T8257] F2FS-fs (loop3): invalid crc value
[  204.835342][ T8255] BTRFS info (device loop1): turning on async discard
[  204.868931][ T8255] BTRFS info (device loop1): enabling free space tree
[  205.227349][ T8257] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  205.262713][ T8257] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  205.312987][ T8275] loop4: detected capacity change from 0 to 32768
[  205.351254][ T5842] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  205.366113][ T8275] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.788 (8275)
[  205.423226][ T8275] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  205.469538][ T8275] BTRFS info (device loop4): using crc32c checksum algorithm
[  205.503657][ T8257] syz.3.781: attempt to access beyond end of device
[  205.503657][ T8257] loop3: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  205.562681][ T8257] CPU: 1 UID: 0 PID: 8257 Comm: syz.3.781 Not tainted syzkaller #0 PREEMPT(full) 
[  205.562711][ T8257] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  205.562723][ T8257] Call Trace:
[  205.562731][ T8257]  <TASK>
[  205.562742][ T8257]  dump_stack_lvl+0xe8/0x150
[  205.562781][ T8257]  f2fs_handle_critical_error+0x37c/0x540
[  205.562827][ T8257]  f2fs_write_end_io+0x1274/0x1740
[  205.562884][ T8257]  __submit_merged_bio+0x256/0x700
[  205.562926][ T8257]  __submit_merged_write_cond+0x3c9/0x4e0
[  205.562964][ T8257]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  205.563019][ T8257]  f2fs_write_data_pages+0x287e/0x34f0
[  205.563090][ T8257]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  205.563134][ T8257]  ? unwind_get_return_address+0x4d/0x90
[  205.563156][ T8257]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  205.563213][ T8257]  ? check_noncircular+0xda/0x150
[  205.563244][ T8257]  ? lockdep_unlock+0x5d/0xd0
[  205.563270][ T8257]  ? __lock_acquire+0x146e/0x2cf0
[  205.563327][ T8257]  ? do_raw_spin_lock+0x12b/0x2f0
[  205.563365][ T8257]  ? do_raw_spin_unlock+0xf5/0x210
[  205.563390][ T8257]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  205.563421][ T8257]  do_writepages+0x32e/0x550
[  205.563458][ T8257]  ? do_raw_spin_unlock+0xf5/0x210
[  205.563489][ T8257]  filemap_write_and_wait_range+0x335/0x3f0
[  205.563520][ T8257]  ? __pfx_filemap_write_and_wait_range+0x10/0x10
[  205.563590][ T8257]  ? down_write+0x16d/0x200
[  205.563617][ T8257]  ? __pfx_down_write+0x10/0x10
[  205.563657][ T8257]  f2fs_collapse_range+0x48f/0x530
[  205.563679][ T8257]  ? inode_dio_wait+0x7f/0x270
[  205.563712][ T8257]  ? __pfx_f2fs_collapse_range+0x10/0x10
[  205.563742][ T8257]  ? mnt_put_write_access_file+0xc0/0x100
[  205.563765][ T8257]  ? file_update_time_flags+0x400/0x4a0
[  205.563791][ T8257]  f2fs_fallocate+0x54d/0x9b0
[  205.563839][ T8257]  vfs_fallocate+0x669/0x7e0
[  205.563865][ T8257]  ? __fget_files+0x2a/0x420
[  205.563898][ T8257]  ? __pfx_vfs_fallocate+0x10/0x10
[  205.563918][ T8257]  ? __fget_files+0x2a/0x420
[  205.563956][ T8257]  __x64_sys_fallocate+0xc0/0x110
[  205.563983][ T8257]  do_syscall_64+0x14d/0xf80
[  205.564006][ T8257]  ? trace_irq_disable+0x3b/0x150
[  205.564030][ T8257]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.564050][ T8257]  ? clear_bhb_loop+0x40/0x90
[  205.564076][ T8257]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  205.564096][ T8257] RIP: 0033:0x7fb20379c799
[  205.564117][ T8257] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  205.564133][ T8257] RSP: 002b:00007fb204707028 EFLAGS: 00000246 ORIG_RAX: 000000000000011d
[  205.564155][ T8257] RAX: ffffffffffffffda RBX: 00007fb203a15fa0 RCX: 00007fb20379c799
[  205.564169][ T8257] RDX: 0000000000004000 RSI: 0000000000000008 RDI: 0000000000000005
[  205.564181][ T8257] RBP: 00007fb203832c99 R08: 0000000000000000 R09: 0000000000000000
[  205.564193][ T8257] R10: 0000000000010000 R11: 0000000000000246 R12: 0000000000000000
[  205.564205][ T8257] R13: 00007fb203a16038 R14: 00007fb203a15fa0 R15: 00007ffd6a43e6f8
[  205.564241][ T8257]  </TASK>
[  205.565263][ T8257] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  206.000067][ T8257] syz.3.781: attempt to access beyond end of device
[  206.000067][ T8257] loop3: rw=0, sector=53248, nr_sectors = 8 limit=40427
[  206.025112][ T8275] BTRFS info (device loop4): enabling ssd optimizations
[  206.046746][ T8275] BTRFS info (device loop4): turning on flush-on-commit
[  206.109550][ T8275] BTRFS info (device loop4): enabling free space tree
[  206.149505][ T8275] BTRFS info (device loop4): enabling auto defrag
[  206.177160][ T8275] BTRFS info (device loop4): use lzo compression, level 1
[  206.226042][ T8275] BTRFS info (device loop4): max_inline set to 4096
[  206.616220][ T8334] input: syz0 as /devices/virtual/input/input11
[  207.208383][ T5841] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  207.331588][ T5912] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  207.523218][ T8329] loop2: detected capacity change from 0 to 32768
[  207.540479][ T5912] usb 2-1: Using ep0 maxpacket: 32
[  207.560793][ T5912] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  207.601709][ T5912] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  207.634990][ T8329] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  207.651112][ T5912] usb 2-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  207.660680][ T5912] usb 2-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  207.669862][ T5912] usb 2-1: Product: syz
[  207.674379][ T5912] usb 2-1: Manufacturer: syz
[  207.679119][ T5912] usb 2-1: SerialNumber: syz
[  207.737732][ T5912] input: appletouch as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/input/input12
[  207.771763][ T8329] XFS (loop2): Ending clean mount
[  207.964454][ T8329] XFS (loop2): Quotacheck needed: Please wait.
[  208.037308][ T5912] usb 2-1: USB disconnect, device number 5
[  208.037347][    C1] appletouch 2-1:1.0: atp_complete: usb_submit_urb failed with result -19
[  208.267761][ T8329] XFS (loop2): Quotacheck: Done.
[  208.326406][ T5912] appletouch 2-1:1.0: input: appletouch disconnected
[  208.507804][ T5850] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  209.143387][ T8367] syzkaller1: entered promiscuous mode
[  209.162958][ T8367] syzkaller1: entered allmulticast mode
[  209.408597][ T8377] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  209.751823][ T5920] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  209.780068][   T29] audit: type=1326 audit(1773775966.526:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8382 comm="syz.3.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb20379c799 code=0x7ffc0000
[  209.817832][ T8383] Bluetooth: MGMT ver 1.23
[  209.833582][   T29] audit: type=1326 audit(1773775966.566:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8382 comm="syz.3.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb20379c799 code=0x7ffc0000
[  209.885910][   T29] audit: type=1326 audit(1773775966.566:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8382 comm="syz.3.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb20379c799 code=0x7ffc0000
[  209.930176][ T5920] usb 3-1: Using ep0 maxpacket: 32
[  209.951908][ T5920] usb 3-1: config 2 has an invalid interface number: 88 but max is 0
[  209.967397][   T29] audit: type=1326 audit(1773775966.566:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8382 comm="syz.3.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb20379c799 code=0x7ffc0000
[  209.999447][ T5920] usb 3-1: config 2 has no interface number 0
[  210.018798][ T5920] usb 3-1: config 2 interface 88 altsetting 7 bulk endpoint 0x6 has invalid maxpacket 256
[  210.050464][ T5920] usb 3-1: config 2 interface 88 has no altsetting 0
[  210.066429][   T29] audit: type=1326 audit(1773775966.566:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8382 comm="syz.3.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb20379c799 code=0x7ffc0000
[  210.123380][ T5920] usb 3-1: New USB device found, idVendor=0557, idProduct=2009, bcdDevice=c7.1e
[  210.135234][ T5920] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  210.149609][   T29] audit: type=1326 audit(1773775966.566:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8382 comm="syz.3.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb20379c799 code=0x7ffc0000
[  210.176972][ T5920] usb 3-1: Product: syz
[  210.188078][ T5920] usb 3-1: Manufacturer: syz
[  210.205784][ T5920] usb 3-1: SerialNumber: syz
[  210.240486][ T8379] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  210.258402][   T29] audit: type=1326 audit(1773775966.566:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8382 comm="syz.3.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb20379c799 code=0x7ffc0000
[  210.330155][   T29] audit: type=1326 audit(1773775966.566:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8382 comm="syz.3.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb20379c799 code=0x7ffc0000
[  210.353249][   T29] audit: type=1326 audit(1773775966.566:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8382 comm="syz.3.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb20375cfce code=0x7ffc0000
[  210.378221][   T29] audit: type=1326 audit(1773775966.566:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8382 comm="syz.3.814" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fb20379da97 code=0x7ffc0000
[  210.434128][ T8396] netlink: 28 bytes leftover after parsing attributes in process `syz.3.819'.
[  210.453185][ T8396] netlink: 28 bytes leftover after parsing attributes in process `syz.3.819'.
[  210.483451][ T8379] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  210.908638][ T8406] loop3: detected capacity change from 0 to 4096
[  211.174561][ T8414] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  211.340676][ T5920] asix 3-1:2.88 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  211.396701][ T5920] asix 3-1:2.88 (unnamed net_device) (uninitialized): Failed to write RX_CTL mode to 0x0080: ffffffb9
[  211.448531][ T5920] asix 3-1:2.88: probe with driver asix failed with error -71
[  211.505249][ T5920] usb 3-1: USB disconnect, device number 8
[  211.725773][ T8430] sctp: [Deprecated]: syz.0.835 (pid 8430) Use of struct sctp_assoc_value in delayed_ack socket option.
[  211.725773][ T8430] Use struct sctp_sack_info instead
[  211.749548][ T5161] Bluetooth: hci1: command 0x0406 tx timeout
[  211.755692][ T5857] Bluetooth: hci2: command 0x0406 tx timeout
[  211.773708][ T5857] Bluetooth: hci0: command 0x0406 tx timeout
[  211.779988][ T5161] Bluetooth: hci3: command 0x0406 tx timeout
[  211.871366][ T5961] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  212.070043][ T5961] usb 2-1: Using ep0 maxpacket: 32
[  212.081444][ T5961] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  212.107840][ T5961] usb 2-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  212.132693][ T5961] usb 2-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  212.168241][ T5961] usb 2-1: Product: syz
[  212.184518][ T5961] usb 2-1: Manufacturer: syz
[  212.202405][ T5961] usb 2-1: SerialNumber: syz
[  212.244293][ T5961] usb 2-1: config 0 descriptor??
[  212.257533][ T8426] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  212.275280][ T5961] hub 2-1:0.0: bad descriptor, ignoring hub
[  212.284339][ T5961] hub 2-1:0.0: probe with driver hub failed with error -5
[  212.429497][ T5934] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  212.590640][ T5934] usb 1-1: Using ep0 maxpacket: 8
[  212.608386][ T5934] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  212.619027][ T8454] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  212.636715][ T5934] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  212.661763][ T8454] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  212.671716][ T5934] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  212.707238][ T5934] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  212.721600][ T5934] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  212.739312][ T5934] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  212.760891][ T5934] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.814368][ T8456] loop3: detected capacity change from 0 to 512
[  212.859713][ T8456] FAT-fs (loop3): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 4)
[  213.156691][ T8447] loop4: detected capacity change from 0 to 40427
[  213.175494][ T8447] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  213.202629][ T8447] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  213.257900][ T8460] netlink: 44 bytes leftover after parsing attributes in process `syz.3.848'.
[  213.292952][ T8460] bridge0: port 2(bridge_slave_1) entered disabled state
[  213.304150][ T8460] bridge0: port 1(bridge_slave_0) entered disabled state
[  213.346691][ T8464] netlink: 44 bytes leftover after parsing attributes in process `syz.3.848'.
[  213.390524][ T8447] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  213.404057][ T8447] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  213.412605][ T8447] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  213.546075][ T8458] loop2: detected capacity change from 0 to 32768
[  213.557489][ T8458] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.847 (8458)
[  213.609847][ T8469] netlink: 8 bytes leftover after parsing attributes in process `syz.3.849'.
[  213.620298][ T8458] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  213.646171][ T8458] BTRFS info (device loop2): using blake2b checksum algorithm
[  213.669378][  T200] raw-gadget.0 gadget.1: failed to queue suspend event
[  213.770192][ T8426] raw-gadget.0 gadget.1: failed to queue resume event
[  213.865973][  T200] raw-gadget.0 gadget.1: failed to queue suspend event
[  213.902651][ T8458] BTRFS info (device loop2): enabling ssd optimizations
[  213.914044][   T13] kworker/u8:1: attempt to access beyond end of device
[  213.914044][   T13] loop4: rw=1, sector=45096, nr_sectors = 32 limit=40427
[  213.923834][ T8458] BTRFS info (device loop2): turning on async discard
[  213.958069][ T8489] mmap: syz.3.851 (8489) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  213.973352][ T8426] raw-gadget.0 gadget.1: failed to queue resume event
[  214.003496][ T8458] BTRFS info (device loop2): enabling free space tree
[  214.023031][   T77] raw-gadget.0 gadget.1: failed to queue suspend event
[  214.034245][ T8458] BTRFS info (device loop2): use zstd compression, level 3
[  214.120792][ T8426] raw-gadget.0 gadget.1: failed to queue resume event
[  214.218389][   T77] raw-gadget.0 gadget.1: failed to queue suspend event
[  214.251636][ T5920] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  214.313287][ T8426] raw-gadget.0 gadget.1: failed to queue resume event
[  214.353045][   T49] raw-gadget.0 gadget.1: failed to queue suspend event
[  214.420530][ T5920] usb 4-1: Using ep0 maxpacket: 16
[  214.433738][ T5920] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  214.450692][ T5920] usb 4-1: config 0 interface 0 has no altsetting 0
[  214.459734][ T8426] raw-gadget.0 gadget.1: failed to queue resume event
[  214.475249][ T5920] usb 4-1: New USB device found, idVendor=15c2, idProduct=0041, bcdDevice=1f.20
[  214.490487][ T5920] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.510979][ T5920] usb 4-1: Product: syz
[  214.518410][  T200] raw-gadget.0 gadget.1: failed to queue suspend event
[  214.525626][ T5920] usb 4-1: Manufacturer: syz
[  214.531355][ T5920] usb 4-1: SerialNumber: syz
[  214.541720][ T5920] usb 4-1: config 0 descriptor??
[  214.584705][ T5850] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  214.601455][ T8426] raw-gadget.0 gadget.1: failed to queue resume event
[  214.622447][   T77] raw-gadget.0 gadget.1: failed to queue suspend event
[  214.655435][ T8426] raw-gadget.0 gadget.1: failed to queue disconnect event
[  214.689701][   T10] usb 2-1: USB disconnect, device number 6
[  214.830216][ T5920] imon:imon_find_endpoints: no valid input (IR) endpoint found
[  214.886972][ T5920] imon 4-1:0.0: unable to initialize intf0, err -19
[  214.917390][ T5920] imon:imon_probe: failed to initialize context!
[  214.930815][ T5920] imon 4-1:0.0: unable to register, err -19
[  214.953512][ T5920] usb 4-1: USB disconnect, device number 8
[  215.144685][ T8503] netlink: 4 bytes leftover after parsing attributes in process `syz.1.856'.
[  215.180927][ T8503] chnl_net:caif_netlink_parms(): no params data found
[  215.227515][ T8505] overlayfs: failed to verify upper root origin
[  215.310416][ T5920] usb 1-1: USB disconnect, device number 7
[  216.747881][ T8540] loop1: detected capacity change from 0 to 764
[  216.754490][ T5920] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  216.866735][ T8542] loop2: detected capacity change from 0 to 512
[  216.875174][ T8526] loop0: detected capacity change from 0 to 40427
[  216.885523][ T8542] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  216.893335][ T8526] F2FS-fs (loop0): build fault injection rate: 174
[  216.933100][ T5920] usb 5-1: Using ep0 maxpacket: 16
[  216.945127][ T8526] F2FS-fs (loop0): build fault injection type: 0x3bfe8c
[  216.960277][ T5920] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  216.967733][ T8526] F2FS-fs (loop0): invalid crc value
[  216.973331][ T5920] usb 5-1: config 0 interface 0 has no altsetting 0
[  216.986025][ T8542] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  217.007448][ T8542] EXT4-fs (loop2): 1 truncate cleaned up
[  217.019011][ T5920] usb 5-1: New USB device found, idVendor=15c2, idProduct=0041, bcdDevice=1f.20
[  217.034941][ T5920] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  217.047857][ T5920] usb 5-1: Product: syz
[  217.048689][ T8542] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  217.053542][ T5920] usb 5-1: Manufacturer: syz
[  217.069084][ T5920] usb 5-1: SerialNumber: syz
[  217.078611][ T5920] usb 5-1: config 0 descriptor??
[  217.246321][ T5850] EXT4-fs error (device loop2): mb_free_blocks:2047: group 0, inode 11: block 54:freeing already freed block (bit 53); block bitmap corrupt.
[  217.280707][ T8526] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  217.313619][ T8526] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  217.343462][ T5850] EXT4-fs error (device loop2): ext4_lookup:1785: inode #14: comm syz-executor: invalid fast symlink length 39
[  217.387157][ T5850] EXT4-fs error (device loop2): ext4_lookup:1785: inode #14: comm syz-executor: invalid fast symlink length 39
[  217.472738][ T5920] input: iMON Panel, Knob and Mouse(15c2:0041) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input13
[  217.727087][ T5859] syz-executor: attempt to access beyond end of device
[  217.727087][ T5859] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  217.751399][ T5859] CPU: 1 UID: 0 PID: 5859 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  217.751429][ T5859] Tainted: [L]=SOFTLOCKUP
[  217.751435][ T5859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  217.751444][ T5859] Call Trace:
[  217.751451][ T5859]  <TASK>
[  217.751458][ T5859]  dump_stack_lvl+0xe8/0x150
[  217.751490][ T5859]  f2fs_handle_critical_error+0x37c/0x540
[  217.751517][ T5859]  f2fs_write_end_io+0x1274/0x1740
[  217.751561][ T5859]  __submit_merged_bio+0x256/0x700
[  217.751589][ T5859]  __submit_merged_write_cond+0x3c9/0x4e0
[  217.751618][ T5859]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  217.751660][ T5859]  f2fs_write_data_pages+0x287e/0x34f0
[  217.751715][ T5859]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  217.751775][ T5859]  ? arch_stack_walk+0xfb/0x150
[  217.751800][ T5859]  ? __lock_acquire+0x6b5/0x2cf0
[  217.751838][ T5859]  ? __lock_acquire+0x6b5/0x2cf0
[  217.751865][ T5859]  ? do_raw_spin_lock+0x12b/0x2f0
[  217.751894][ T5859]  ? do_raw_spin_unlock+0xf5/0x210
[  217.751914][ T5859]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  217.751936][ T5859]  do_writepages+0x32e/0x550
[  217.751965][ T5859]  ? do_raw_spin_unlock+0xf5/0x210
[  217.751996][ T5859]  filemap_fdatawrite+0x1e9/0x2f0
[  217.752018][ T5859]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  217.752079][ T5859]  ? do_raw_spin_unlock+0xf5/0x210
[  217.752101][ T5859]  f2fs_sync_dirty_inodes+0x30e/0x860
[  217.752138][ T5859]  f2fs_write_checkpoint+0x9df/0x26a0
[  217.752184][ T5859]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  217.752272][ T5859]  kill_f2fs_super+0x314/0x720
[  217.752302][ T5859]  ? __pfx_kill_f2fs_super+0x10/0x10
[  217.752337][ T5859]  ? lockdep_hardirqs_on+0x7a/0x110
[  217.752380][ T5859]  deactivate_locked_super+0xbc/0x130
[  217.752406][ T5859]  cleanup_mnt+0x437/0x4d0
[  217.752422][ T5859]  ? _raw_spin_unlock_irq+0x23/0x50
[  217.752443][ T5859]  task_work_run+0x1d9/0x270
[  217.752467][ T5859]  ? __pfx_task_work_run+0x10/0x10
[  217.752497][ T5859]  exit_to_user_mode_loop+0xed/0x480
[  217.752518][ T5859]  ? rcu_is_watching+0x15/0xb0
[  217.752540][ T5859]  do_syscall_64+0x32d/0xf80
[  217.752559][ T5859]  ? trace_irq_disable+0x3b/0x150
[  217.752577][ T5859]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.752593][ T5859]  ? clear_bhb_loop+0x40/0x90
[  217.752613][ T5859]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  217.752629][ T5859] RIP: 0033:0x7fa31739d9d7
[  217.752647][ T5859] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  217.752661][ T5859] RSP: 002b:00007ffdc4581a08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  217.752680][ T5859] RAX: 0000000000000000 RBX: 00007fa317432050 RCX: 00007fa31739d9d7
[  217.752692][ T5859] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdc4581ac0
[  217.752703][ T5859] RBP: 00007ffdc4581ac0 R08: 00007ffdc4582ac0 R09: 00000000ffffffff
[  217.752715][ T5859] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdc4582b50
[  217.752725][ T5859] R13: 00007fa317432050 R14: 0000000000035357 R15: 00007ffdc4582b90
[  217.752756][ T5859]  </TASK>
[  217.753558][ T5859] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  217.780817][ T8558] input: syz0 as /devices/virtual/input/input15
[  217.839574][ T5920] rc_core: IR keymap rc-imon-pad not found
[  218.095175][ T5920] Registered IR keymap rc-empty
[  218.100469][ T5920] imon 5-1:0.0: Looks like you're trying to use an IR protocol this device does not support
[  218.112984][ T5920] imon 5-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  218.161919][ T5920] rc rc0: iMON Remote (15c2:0041) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  218.235306][ T5920] input: iMON Remote (15c2:0041) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input14
[  218.312505][ T5920] imon 5-1:0.0: iMON device (15c2:0041, intf0) on usb<5:8> initialized
[  218.351267][ T5850] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.413141][    C1] imon 5-1:0.0: imon usb_rx_callback_intf0: status(-71)
[  218.416327][   T10] usb 5-1: USB disconnect, device number 8
[  218.849317][   T49] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.234048][   T49] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.299671][ T8574] netlink: 16 bytes leftover after parsing attributes in process `syz.3.883'.
[  219.318835][ T5844] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  219.344109][ T5844] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  219.361624][ T5844] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  219.375376][ T5844] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  219.386710][ T5844] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  219.568668][   T49] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.859025][   T49] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  220.020752][ T5934] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  220.192958][ T5934] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  220.230380][ T5934] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  220.252425][ T8602] loop1: detected capacity change from 0 to 4096
[  220.260770][ T5934] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  220.274317][ T8602] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[  220.295149][ T5934] usb 1-1: Product: syz
[  220.312665][ T5934] usb 1-1: Manufacturer: syz
[  220.326118][ T5934] usb 1-1: SerialNumber: syz
[  220.855103][ T8581] chnl_net:caif_netlink_parms(): no params data found
[  220.945998][   T49] bridge_slave_1: left allmulticast mode
[  220.962313][   T49] bridge_slave_1: left promiscuous mode
[  220.994618][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  221.083494][   T49] bridge_slave_0: left allmulticast mode
[  221.109245][   T49] bridge_slave_0: left promiscuous mode
[  221.131730][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  221.272654][ T8600] loop3: detected capacity change from 0 to 32768
[  221.331626][ T8600] ocfs2: Slot 0 on device (7,3) was already allocated to this node!
[  221.357915][ T8600] JBD2: Ignoring recovery information on journal
[  221.418909][ T5934] cdc_ncm 1-1:1.0: SET_NTB_FORMAT failed
[  221.451481][ T5934] cdc_ncm 1-1:1.0: bind() failure
[  221.472012][ T5934] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  221.489059][ T5934] cdc_ncm 1-1:1.1: bind() failure
[  221.506366][ T5844] Bluetooth: hci2: command tx timeout
[  221.509847][ T5934] usb 1-1: USB disconnect, device number 8
[  221.741833][ T8600] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  222.845780][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  222.855629][ T5851] ocfs2: Unmounting device (7,3) on (node local)
[  222.933722][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  222.949242][   T49] bond0 (unregistering): Released all slaves
[  223.259623][   T49] tipc: Disabling bearer <udp:syz2>
[  223.270229][   T49] tipc: Left network mode
[  223.579611][ T5844] Bluetooth: hci2: command tx timeout
[  223.713936][ T8660] loop4: detected capacity change from 0 to 2048
[  223.773444][ T8660] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  223.827658][ T8660] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  224.149198][ T8581] bridge0: port 1(bridge_slave_0) entered blocking state
[  224.160637][ T8581] bridge0: port 1(bridge_slave_0) entered disabled state
[  224.171032][ T8581] bridge_slave_0: entered allmulticast mode
[  224.189562][ T8581] bridge_slave_0: entered promiscuous mode
[  224.217626][ T8581] bridge0: port 2(bridge_slave_1) entered blocking state
[  224.229690][ T8581] bridge0: port 2(bridge_slave_1) entered disabled state
[  224.242915][ T8677] loop4: detected capacity change from 0 to 8
[  224.250842][ T8581] bridge_slave_1: entered allmulticast mode
[  224.271927][ T8581] bridge_slave_1: entered promiscuous mode
[  224.306682][ T8677] SQUASHFS error: lzo decompression failed, data probably corrupt
[  224.319211][ T8677] SQUASHFS error: Failed to read block 0x202: -5
[  224.330746][ T8677] SQUASHFS error: Unable to read metadata cache entry [200]
[  224.508941][ T8581] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  224.883728][ T8581] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  224.958498][ T8684] loop0: detected capacity change from 0 to 32768
[  225.008373][ T8684] XFS (loop0): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  225.136585][ T8684] XFS (loop0): Starting recovery (logdev: internal)
[  225.205658][ T8684] XFS (loop0): Ending recovery (logdev: internal)
[  225.293440][ T8684] XFS (loop0): Corruption warning: Metadata has LSN (8192:64) ahead of current LSN (1:192). Please unmount and run xfs_repair (>= v4.3) to resolve.
[  225.313353][ T8684] XFS (loop0): Metadata CRC error detected at xfs_allocbt_read_verify+0x42/0xe0, xfs_bnobt block 0x4 
[  225.326433][ T8684] XFS (loop0): Unmount and run xfs_repair
[  225.332412][ T8684] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[  225.339942][ T8684] 00000000: 53 55 4d 59 00 00 00 02 ff ff ff ff ff ff ff ff  SUMY............
[  225.348842][ T8684] 00000010: 00 00 00 00 00 00 00 04 00 00 20 00 00 00 00 40  .......... ....@
[  225.357851][ T8684] 00000020: 9f 91 83 2a 3b 79 45 c3 9d 6d ed 0b c7 35 7f e4  ...*;yE..m...5..
[  225.366962][ T8684] 00000030: 00 00 00 00 25 47 cc 81 00 00 00 0d 00 00 00 03  ....%G..........
[  225.376046][ T8684] 00000040: 00 00 0e a8 00 00 11 58 00 00 00 00 00 00 00 00  .......X........
[  225.385575][ T8684] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  225.390983][ T8581] team0: Port device team_slave_0 added
[  225.394533][ T8684] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  225.409352][ T8684] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  225.418374][ T8684] XFS (loop0): metadata I/O error in "xfs_btree_read_buf_block+0x2b0/0x490" at daddr 0x4 len 4 error 74
[  225.444303][ T8684] XFS (loop0): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x518/0x950 (fs/xfs/xfs_trans_buf.c:311).  Shutting down filesystem.
[  225.455170][ T8581] team0: Port device team_slave_1 added
[  225.459596][ T8684] XFS (loop0): Please unmount the filesystem and rectify the problem(s)
[  225.527503][ T5859] XFS (loop0): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  225.567889][ T8581] batman_adv: batadv0: Adding interface: batadv_slave_0
[  225.586761][ T8581] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  225.630294][ T8581] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  225.666628][ T5844] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  225.668921][ T5847] Bluetooth: hci2: command tx timeout
[  225.674306][ T5912] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  225.709240][   T49] hsr_slave_0: left promiscuous mode
[  225.728077][   T49] hsr_slave_1: left promiscuous mode
[  225.812548][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  225.836495][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[  225.905360][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  225.909814][ T5912] usb 5-1: Using ep0 maxpacket: 16
[  225.920211][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[  225.939124][ T5912] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  225.985055][ T5912] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  226.016543][ T5912] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  226.047349][ T5912] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  226.076816][ T5912] usb 5-1: Product: syz
[  226.083099][ T5912] usb 5-1: Manufacturer: syz
[  226.107166][ T5912] usb 5-1: SerialNumber: syz
[  226.114026][   T49] veth1_macvtap: left promiscuous mode
[  226.149597][   T49] veth0_macvtap: left promiscuous mode
[  226.152402][ T5912] usb 5-1: config 0 descriptor??
[  226.157834][   T49] veth1_vlan: left promiscuous mode
[  226.170028][ T8707] loop3: detected capacity change from 0 to 256
[  226.185938][ T5912] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  226.197495][   T49] veth0_vlan: left promiscuous mode
[  226.228719][ T5912] em28xx 5-1:0.0: Audio interface 0 found (Vendor Class)
[  226.243996][ T8707] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010076, chksum : 0x23d3c8ff, utbl_chksum : 0xe619d30d)
[  226.594541][ T5844] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:201'
[  226.604297][ T5844] CPU: 0 UID: 0 PID: 5844 Comm: kworker/u9:2 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  226.604330][ T5844] Tainted: [L]=SOFTLOCKUP
[  226.604343][ T5844] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  226.604357][ T5844] Workqueue: hci3 hci_rx_work
[  226.604387][ T5844] Call Trace:
[  226.604396][ T5844]  <TASK>
[  226.604405][ T5844]  dump_stack_lvl+0xe8/0x150
[  226.604440][ T5844]  sysfs_create_dir_ns+0x271/0x2a0
[  226.604471][ T5844]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  226.604501][ T5844]  ? do_raw_spin_unlock+0xf5/0x210
[  226.604530][ T5844]  kobject_add_internal+0x62b/0xd00
[  226.604577][ T5844]  kobject_add+0x163/0x240
[  226.604610][ T5844]  ? __pfx_kobject_add+0x10/0x10
[  226.604637][ T5844]  ? _raw_spin_unlock+0x28/0x50
[  226.604661][ T5844]  ? get_device_parent+0x366/0x3a0
[  226.604691][ T5844]  device_add+0x408/0xb70
[  226.604720][ T5844]  hci_conn_add_sysfs+0xd5/0x210
[  226.604747][ T5844]  le_conn_complete_evt+0xf1d/0x1430
[  226.604787][ T5844]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  226.604813][ T5844]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  226.604841][ T5844]  ? __pfx___mutex_lock+0x10/0x10
[  226.604866][ T5844]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  226.604889][ T5844]  ? skb_pull_data+0xfb/0x200
[  226.604925][ T5844]  hci_le_conn_complete_evt+0x187/0x470
[  226.604960][ T5844]  hci_event_packet+0x7af/0x12c0
[  226.604991][ T5844]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  226.605017][ T5844]  ? __pfx_hci_event_packet+0x10/0x10
[  226.605047][ T5844]  ? kcov_remote_start+0x49a/0x7a0
[  226.605073][ T5844]  ? hci_send_to_monitor+0xe2/0x590
[  226.605107][ T5844]  hci_rx_work+0x3ee/0x1040
[  226.605140][ T5844]  ? process_one_work+0x8bb/0x1780
[  226.605168][ T5844]  process_one_work+0x9ab/0x1780
[  226.605221][ T5844]  ? __pfx_process_one_work+0x10/0x10
[  226.605248][ T5844]  ? do_raw_spin_lock+0x12b/0x2f0
[  226.605292][ T5844]  worker_thread+0xba8/0x11e0
[  226.605321][ T5844]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  226.605346][ T5844]  ? __kthread_parkme+0x7a/0x1f0
[  226.605367][ T5844]  ? __kthread_parkme+0x19c/0x1f0
[  226.605393][ T5844]  kthread+0x388/0x470
[  226.605418][ T5844]  ? __pfx_worker_thread+0x10/0x10
[  226.605435][ T5844]  ? __pfx_kthread+0x10/0x10
[  226.605461][ T5844]  ret_from_fork+0x51e/0xb90
[  226.605491][ T5844]  ? __pfx_ret_from_fork+0x10/0x10
[  226.605516][ T5844]  ? __switch_to+0xc7d/0x1450
[  226.605543][ T5844]  ? __pfx_kthread+0x10/0x10
[  226.605578][ T5844]  ret_from_fork_asm+0x1a/0x30
[  226.605619][ T5844]  </TASK>
[  226.605683][ T5844] kobject: kobject_add_internal failed for hci3:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  226.873491][ T5844] Bluetooth: hci3: failed to register connection device
[  226.931652][ T5912] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[  226.938535][ T5912] em28xx 5-1:0.0: Config register raw data: 0x41
[  227.214026][   T42] usb 5-1: USB disconnect, device number 9
[  227.231436][   T42] em28xx 5-1:0.0: Disconnecting em28xx
[  227.360258][   T42] em28xx 5-1:0.0: Freeing device
[  227.403392][   T49] team0 (unregistering): Port device team_slave_1 removed
[  227.456415][   T49] team0 (unregistering): Port device team_slave_0 removed
[  227.681841][ T8581] batman_adv: batadv0: Adding interface: batadv_slave_1
[  227.689118][ T8581] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  227.715523][ T8581] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  227.739854][ T5847] Bluetooth: hci2: command tx timeout
[  227.829934][ T5961] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  228.033474][ T5961] usb 4-1: Using ep0 maxpacket: 32
[  228.052955][ T8581] hsr_slave_0: entered promiscuous mode
[  228.055666][ T5961] usb 4-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15
[  228.072251][ T8581] hsr_slave_1: entered promiscuous mode
[  228.092616][ T5961] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  228.112762][ T8581] debugfs: 'hsr0' already exists in 'hsr'
[  228.118660][ T5961] usb 4-1: Product: syz
[  228.124398][ T8581] Cannot create hsr debugfs directory
[  228.131623][ T5961] usb 4-1: Manufacturer: syz
[  228.149186][ T5961] usb 4-1: SerialNumber: syz
[  228.189365][ T5961] usb 4-1: config 0 descriptor??
[  228.533639][ T5961] RobotFuzz Open Source InterFace, OSIF 4-1:0.0: version d4.15 found at bus 004 address 009
[  228.698460][ T8735] i2c i2c-1: failure reading data
[  228.726188][ T5961] usb 4-1: USB disconnect, device number 9
[  228.988101][ T8739] loop0: detected capacity change from 0 to 32768
[  229.089194][ T8739] JBD2: Ignoring recovery information on journal
[  229.294046][ T8739] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  230.020589][ T5859] ocfs2: Unmounting device (7,0) on (node local)
[  230.166452][ T8581] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  230.234718][ T8581] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  230.347839][ T8581] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  230.353536][ T8782] loop3: detected capacity change from 0 to 4096
[  230.405027][ T8581] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  230.977234][ T8804] loop0: detected capacity change from 0 to 512
[  231.054744][ T8804] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c198, mo2=0002]
[  231.073941][ T8804] System zones: 1-12
[  231.113545][ T8804] EXT4-fs error (device loop0): ext4_iget_extra_inode:5028: inode #15: comm syz.0.939: corrupted in-inode xattr: e_value size too large
[  231.126088][ T8581] 8021q: adding VLAN 0 to HW filter on device bond0
[  231.157086][ T8581] 8021q: adding VLAN 0 to HW filter on device team0
[  231.199561][ T8804] loop0: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  231.200107][ T8804] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.939: couldn't read orphan inode 15 (err -117)
[  231.209558][    C1] EXT4-fs (loop0): error count since last fsck: 1
[  231.209583][    C1] EXT4-fs (loop0): initial error at time 1773775987: ext4_iget_extra_inode:5028: inode 15
[  231.209617][    C1] EXT4-fs (loop0): last error at time 1773775987: ext4_iget_extra_inode:5028: inode 15
[  231.210118][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  231.255195][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  231.266518][ T8804] loop0: lost filesystem error report for type 5 error -117
[  231.270606][ T8804] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  231.360729][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  231.368239][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  231.684194][ T5859] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.257268][ T8581] 8021q: adding VLAN 0 to HW filter on device batadv0
[  232.584848][ T8836] netlink: 25 bytes leftover after parsing attributes in process `syz.1.947'.
[  232.853527][ T8818] loop4: detected capacity change from 0 to 40427
[  232.889962][ T8818] F2FS-fs (loop4): Image doesn't support compression
[  232.921331][ T8818] F2FS-fs (loop4): build fault injection rate: 690
[  232.957423][ T8818] F2FS-fs (loop4): build fault injection type: 0x35f7
[  232.985385][ T8818] F2FS-fs (loop4): invalid crc value
[  233.099997][ T5844] Bluetooth: hci3: command 0x0406 tx timeout
[  233.218422][ T8581] veth0_vlan: entered promiscuous mode
[  233.247806][ T8581] veth1_vlan: entered promiscuous mode
[  233.306403][ T8818] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  233.357618][ T8818] F2FS-fs (loop4): Start checkpoint disabled!
[  233.385427][ T8831] loop0: detected capacity change from 0 to 40427
[  233.415818][ T8831] F2FS-fs: heap/no_heap options were deprecated
[  233.428459][ T8581] veth0_macvtap: entered promiscuous mode
[  233.481080][ T8581] veth1_macvtap: entered promiscuous mode
[  233.488686][ T8831] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504)
[  233.498650][ T8818] F2FS-fs (loop4): f2fs_disable_checkpoint() finish, err:0
[  233.514509][ T8831] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  233.528866][ T8818] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  233.550044][ T8831] F2FS-fs (loop0): invalid crc value
[  233.643913][ T8581] batman_adv: batadv0: Interface activated: batadv_slave_0
[  233.710379][ T8581] batman_adv: batadv0: Interface activated: batadv_slave_1
[  233.796739][   T49] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  233.820667][   T49] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  233.852929][ T8831] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  233.862297][   T49] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  233.862346][   T49] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  233.938775][ T8831] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  233.962235][ T8831] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  234.013850][   T35] kworker/u8:2: attempt to access beyond end of device
[  234.013850][   T35] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  234.143086][   T35] CPU: 0 UID: 0 PID: 35 Comm: kworker/u8:2 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  234.143120][   T35] Tainted: [L]=SOFTLOCKUP
[  234.143127][   T35] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  234.143139][   T35] Workqueue: writeback wb_workfn (flush-7:4)
[  234.143178][   T35] Call Trace:
[  234.143185][   T35]  <TASK>
[  234.143194][   T35]  dump_stack_lvl+0xe8/0x150
[  234.143226][   T35]  f2fs_handle_critical_error+0x37c/0x540
[  234.143258][   T35]  f2fs_write_end_io+0x1274/0x1740
[  234.143307][   T35]  __submit_merged_bio+0x256/0x700
[  234.143340][   T35]  f2fs_submit_merged_write+0x284/0x390
[  234.143369][   T35]  ? __pfx_f2fs_submit_merged_write+0x10/0x10
[  234.143410][   T35]  f2fs_sync_node_pages+0x14bf/0x1680
[  234.143461][   T35]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  234.143485][   T35]  ? __percpu_counter_sum+0x1c2/0x1e0
[  234.143540][   T35]  ? update_cfs_rq_load_avg+0x3fb/0x4e0
[  234.143572][   T35]  ? blk_start_plug+0x51/0x1b0
[  234.143597][   T35]  f2fs_write_node_pages+0x312/0x700
[  234.143626][   T35]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  234.143663][   T35]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  234.143687][   T35]  do_writepages+0x32e/0x550
[  234.143718][   T35]  ? reacquire_held_locks+0x104/0x190
[  234.143737][   T35]  ? writeback_sb_inodes+0x477/0x1a20
[  234.143766][   T35]  __writeback_single_inode+0x133/0x11a0
[  234.143791][   T35]  ? do_raw_spin_unlock+0xf5/0x210
[  234.143820][   T35]  writeback_sb_inodes+0x992/0x1a20
[  234.143871][   T35]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  234.143892][   T35]  ? do_raw_spin_lock+0x12b/0x2f0
[  234.143960][   T35]  ? rcu_is_watching+0x15/0xb0
[  234.143990][   T35]  wb_writeback+0x456/0xb70
[  234.144018][   T35]  ? queue_io+0x211/0x4a0
[  234.144051][   T35]  ? __pfx_wb_writeback+0x10/0x10
[  234.144072][   T35]  ? do_raw_spin_lock+0x12b/0x2f0
[  234.144114][   T35]  wb_workfn+0x414/0xf50
[  234.144136][   T35]  ? look_up_lock_class+0x57/0x110
[  234.144173][   T35]  ? __pfx_wb_workfn+0x10/0x10
[  234.144195][   T35]  ? do_raw_spin_lock+0x12b/0x2f0
[  234.144219][   T35]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  234.144268][   T35]  ? process_one_work+0x8bb/0x1780
[  234.144294][   T35]  process_one_work+0x9ab/0x1780
[  234.144345][   T35]  ? __pfx_process_one_work+0x10/0x10
[  234.144367][   T35]  ? do_raw_spin_lock+0x12b/0x2f0
[  234.144407][   T35]  worker_thread+0xba8/0x11e0
[  234.144436][   T35]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  234.144467][   T35]  ? __kthread_parkme+0x7a/0x1f0
[  234.144487][   T35]  ? __kthread_parkme+0x19c/0x1f0
[  234.144513][   T35]  kthread+0x388/0x470
[  234.144534][   T35]  ? __pfx_worker_thread+0x10/0x10
[  234.144550][   T35]  ? __pfx_kthread+0x10/0x10
[  234.144572][   T35]  ret_from_fork+0x51e/0xb90
[  234.144603][   T35]  ? __pfx_ret_from_fork+0x10/0x10
[  234.144626][   T35]  ? __switch_to+0xc7d/0x1450
[  234.144653][   T35]  ? __pfx_kthread+0x10/0x10
[  234.144691][   T35]  ret_from_fork_asm+0x1a/0x30
[  234.144727][   T35]  </TASK>
[  234.229601][   T35] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  234.472611][   T77] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  234.485294][   T77] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  234.505438][ T8831] syz.0.946: attempt to access beyond end of device
[  234.505438][ T8831] loop0: rw=2049, sector=77824, nr_sectors = 8 limit=40427
[  234.528079][ T8831] syz.0.946: attempt to access beyond end of device
[  234.528079][ T8831] loop0: rw=2049, sector=77840, nr_sectors = 8 limit=40427
[  234.603236][ T1153] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  234.618868][   T35] CPU: 1 UID: 0 PID: 35 Comm: kworker/u8:2 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  234.618901][   T35] Tainted: [L]=SOFTLOCKUP
[  234.618908][   T35] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  234.618919][   T35] Workqueue: writeback wb_workfn (flush-7:4)
[  234.618947][   T35] Call Trace:
[  234.618955][   T35]  <TASK>
[  234.618963][   T35]  dump_stack_lvl+0xe8/0x150
[  234.619003][   T35]  f2fs_handle_critical_error+0x37c/0x540
[  234.619037][   T35]  f2fs_write_end_io+0x1274/0x1740
[  234.619093][   T35]  __submit_merged_bio+0x256/0x700
[  234.619124][   T35]  f2fs_submit_merged_write+0x284/0x390
[  234.619153][   T35]  ? __pfx_f2fs_submit_merged_write+0x10/0x10
[  234.619205][   T35]  f2fs_sync_node_pages+0x14bf/0x1680
[  234.619252][   T35]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  234.619275][   T35]  ? __percpu_counter_sum+0x1c2/0x1e0
[  234.619336][   T35]  ? update_cfs_rq_load_avg+0x3fb/0x4e0
[  234.619367][   T35]  ? blk_start_plug+0x51/0x1b0
[  234.619392][   T35]  f2fs_write_node_pages+0x312/0x700
[  234.619422][   T35]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  234.619459][   T35]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  234.619486][   T35]  do_writepages+0x32e/0x550
[  234.619517][   T35]  ? reacquire_held_locks+0x104/0x190
[  234.619536][   T35]  ? writeback_sb_inodes+0x477/0x1a20
[  234.619567][   T35]  __writeback_single_inode+0x133/0x11a0
[  234.619592][   T35]  ? do_raw_spin_unlock+0xf5/0x210
[  234.619619][   T35]  writeback_sb_inodes+0x992/0x1a20
[  234.619670][   T35]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  234.619690][   T35]  ? do_raw_spin_lock+0x12b/0x2f0
[  234.619759][   T35]  ? rcu_is_watching+0x15/0xb0
[  234.619770][ T5859] syz-executor: attempt to access beyond end of device
[  234.619770][ T5859] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  234.619791][   T35]  wb_writeback+0x456/0xb70
[  234.619819][   T35]  ? queue_io+0x211/0x4a0
[  234.619848][   T35]  ? __pfx_wb_writeback+0x10/0x10
[  234.619867][   T35]  ? do_raw_spin_lock+0x12b/0x2f0
[  234.619905][   T35]  wb_workfn+0x414/0xf50
[  234.619927][   T35]  ? look_up_lock_class+0x57/0x110
[  234.619962][   T35]  ? __pfx_wb_workfn+0x10/0x10
[  234.619984][   T35]  ? do_raw_spin_lock+0x12b/0x2f0
[  234.620008][   T35]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  234.620053][   T35]  ? process_one_work+0x8bb/0x1780
[  234.620077][   T35]  process_one_work+0x9ab/0x1780
[  234.620125][   T35]  ? __pfx_process_one_work+0x10/0x10
[  234.620147][   T35]  ? do_raw_spin_lock+0x12b/0x2f0
[  234.620196][   T35]  worker_thread+0xba8/0x11e0
[  234.620224][   T35]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  234.620245][   T35]  ? __kthread_parkme+0x7a/0x1f0
[  234.620263][   T35]  ? __kthread_parkme+0x19c/0x1f0
[  234.620289][   T35]  kthread+0x388/0x470
[  234.620309][   T35]  ? __pfx_worker_thread+0x10/0x10
[  234.620324][   T35]  ? __pfx_kthread+0x10/0x10
[  234.620346][   T35]  ret_from_fork+0x51e/0xb90
[  234.620373][   T35]  ? __pfx_ret_from_fork+0x10/0x10
[  234.620395][   T35]  ? __switch_to+0xc7d/0x1450
[  234.620422][   T35]  ? __pfx_kthread+0x10/0x10
[  234.620444][   T35]  ret_from_fork_asm+0x1a/0x30
[  234.620480][   T35]  </TASK>
[  234.634778][   T35] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  234.663898][ T1153] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  234.680562][ T5859] CPU: 1 UID: 0 PID: 5859 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  234.680590][ T5859] Tainted: [L]=SOFTLOCKUP
[  234.680597][ T5859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  234.680607][ T5859] Call Trace:
[  234.680614][ T5859]  <TASK>
[  234.680621][ T5859]  dump_stack_lvl+0xe8/0x150
[  234.680652][ T5859]  f2fs_handle_critical_error+0x37c/0x540
[  234.680682][ T5859]  f2fs_write_end_io+0x1274/0x1740
[  234.680727][ T5859]  __submit_merged_bio+0x256/0x700
[  234.680756][ T5859]  __submit_merged_write_cond+0x3c9/0x4e0
[  234.680787][ T5859]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  234.680833][ T5859]  f2fs_write_data_pages+0x287e/0x34f0
[  234.680855][ T5859]  ? ktime_get+0x1f5/0x220
[  234.680910][ T5859]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  234.680947][ T5859]  ? __pfx_css_rstat_updated+0x10/0x10
[  234.680999][ T5859]  ? mod_memcg_lruvec_state+0x208/0x220
[  234.681025][ T5859]  ? lru_gen_update_size+0x7c7/0xd10
[  234.681064][ T5859]  ? __lock_acquire+0x6b5/0x2cf0
[  234.681108][ T5859]  ? filemap_get_folios_tag+0x118/0x720
[  234.681133][ T5859]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  234.681158][ T5859]  do_writepages+0x32e/0x550
[  234.681196][ T5859]  ? do_raw_spin_unlock+0xf5/0x210
[  234.681222][ T5859]  filemap_fdatawrite+0x1e9/0x2f0
[  234.681246][ T5859]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  234.681311][ T5859]  ? do_raw_spin_unlock+0xf5/0x210
[  234.681336][ T5859]  f2fs_sync_dirty_inodes+0x30e/0x860
[  234.681376][ T5859]  f2fs_write_checkpoint+0x9df/0x26a0
[  234.681425][ T5859]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  234.681495][ T5859]  kill_f2fs_super+0x314/0x720
[  234.681525][ T5859]  ? __pfx_kill_f2fs_super+0x10/0x10
[  234.681563][ T5859]  ? lockdep_hardirqs_on+0x7a/0x110
[  234.681597][ T5859]  deactivate_locked_super+0xbc/0x130
[  234.681625][ T5859]  cleanup_mnt+0x437/0x4d0
[  234.681641][ T5859]  ? _raw_spin_unlock_irq+0x23/0x50
[  234.681663][ T5859]  task_work_run+0x1d9/0x270
[  234.681688][ T5859]  ? __pfx_task_work_run+0x10/0x10
[  234.681720][ T5859]  exit_to_user_mode_loop+0xed/0x480
[  234.681742][ T5859]  ? rcu_is_watching+0x15/0xb0
[  234.681764][ T5859]  do_syscall_64+0x32d/0xf80
[  234.681782][ T5859]  ? trace_irq_disable+0x3b/0x150
[  234.681801][ T5859]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.681818][ T5859]  ? clear_bhb_loop+0x40/0x90
[  234.681840][ T5859]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  234.681856][ T5859] RIP: 0033:0x7fa31739d9d7
[  234.681874][ T5859] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  234.681888][ T5859] RSP: 002b:00007ffdc4581a08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  234.681908][ T5859] RAX: 0000000000000000 RBX: 00007fa317432050 RCX: 00007fa31739d9d7
[  234.681919][ T5859] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdc4581ac0
[  234.681929][ T5859] RBP: 00007ffdc4581ac0 R08: 00007ffdc4582ac0 R09: 00000000ffffffff
[  234.681941][ T5859] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdc4582b50
[  234.681951][ T5859] R13: 00007fa317432050 R14: 000000000003956c R15: 00007ffdc4582b90
[  234.681981][ T5859]  </TASK>
[  234.682162][ T5859] F2FS-fs (loop0): Remounting filesystem read-only
[  236.177119][ T8860] loop4: detected capacity change from 0 to 128
[  236.707753][ T8870] loop4: detected capacity change from 0 to 128
[  236.748505][ T8870] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  239.834240][ T8902] loop0: detected capacity change from 0 to 32768
[  239.897959][ T5895]  loop0: p9 p11 p16
[  239.997711][ T8902]  loop0: p9 p11 p16
[  240.646035][ T5899] udevd[5899]: inotify_add_watch(7, /dev/loop0p11, 10) failed: No such file or directory
[  240.649316][ T5895] udevd[5895]: inotify_add_watch(7, /dev/loop0p9, 10) failed: No such file or directory
[  240.668047][ T6034] udevd[6034]: inotify_add_watch(7, /dev/loop0p16, 10) failed: No such file or directory
[  240.773012][ T6034] udevd[6034]: inotify_add_watch(7, /dev/loop0p16, 10) failed: No such file or directory
[  240.779093][ T5899] udevd[5899]: inotify_add_watch(7, /dev/loop0p11, 10) failed: No such file or directory
[  240.788777][ T5895] udevd[5895]: inotify_add_watch(7, /dev/loop0p9, 10) failed: No such file or directory
[  242.122712][ T8970] loop5: detected capacity change from 0 to 128
[  242.929999][ T8958] loop4: detected capacity change from 0 to 40427
[  242.978423][ T8958] F2FS-fs (loop4): invalid crc value
[  243.075026][ T8990] netlink: 'syz.5.997': attribute type 7 has an invalid length.
[  243.152836][ T8947] loop1: detected capacity change from 0 to 32768
[  243.207865][ T8947] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.984 (8947)
[  243.242266][ T8995] capability: warning: `syz.3.999' uses 32-bit capabilities (legacy support in use)
[  243.301444][   T35] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  243.310988][ T8990] netlink: 'syz.5.997': attribute type 7 has an invalid length.
[  243.347109][   T35] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  243.373692][ T8958] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  243.389813][ T1153] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  243.407084][ T8947] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  243.409768][ T8958] F2FS-fs (loop4): Start checkpoint disabled!
[  243.428253][ T1153] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  243.473539][ T8999] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1000'.
[  243.478232][ T8947] BTRFS info (device loop1): using crc32c checksum algorithm
[  243.494417][ T8958] F2FS-fs (loop4): f2fs_disable_checkpoint() finish, err:0
[  243.530693][ T8958] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  243.842641][ T9021] loop3: detected capacity change from 0 to 64
[  244.147496][ T8947] BTRFS info (device loop1): allowing degraded mounts
[  244.159945][   T35] kworker/u8:2: attempt to access beyond end of device
[  244.159945][   T35] loop4: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  244.203874][   T35] CPU: 0 UID: 0 PID: 35 Comm: kworker/u8:2 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  244.203908][   T35] Tainted: [L]=SOFTLOCKUP
[  244.203915][   T35] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  244.203927][   T35] Workqueue: writeback wb_workfn (flush-7:4)
[  244.203960][   T35] Call Trace:
[  244.203969][   T35]  <TASK>
[  244.203977][   T35]  dump_stack_lvl+0xe8/0x150
[  244.204009][   T35]  f2fs_handle_critical_error+0x37c/0x540
[  244.204044][   T35]  f2fs_write_end_io+0x1274/0x1740
[  244.204100][   T35]  __submit_merged_bio+0x256/0x700
[  244.204133][   T35]  __submit_merged_write_cond+0x3c9/0x4e0
[  244.204170][   T35]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  244.204225][   T35]  f2fs_write_data_pages+0x287e/0x34f0
[  244.204308][   T35]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  244.204354][   T35]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  244.204413][   T35]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  244.204470][   T35]  ? __lock_acquire+0x6b5/0x2cf0
[  244.204522][   T35]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  244.204552][   T35]  do_writepages+0x32e/0x550
[  244.204583][   T35]  ? reacquire_held_locks+0x104/0x190
[  244.204602][   T35]  ? writeback_sb_inodes+0x477/0x1a20
[  244.204633][   T35]  __writeback_single_inode+0x133/0x11a0
[  244.204660][   T35]  ? do_raw_spin_unlock+0xf5/0x210
[  244.204689][   T35]  writeback_sb_inodes+0x992/0x1a20
[  244.204741][   T35]  ? do_raw_spin_unlock+0xf5/0x210
[  244.204774][   T35]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  244.204798][   T35]  ? do_raw_spin_lock+0x12b/0x2f0
[  244.204873][   T35]  ? rcu_is_watching+0x15/0xb0
[  244.204904][   T35]  wb_writeback+0x456/0xb70
[  244.204934][   T35]  ? queue_io+0x211/0x4a0
[  244.204971][   T35]  ? __pfx_wb_writeback+0x10/0x10
[  244.204991][   T35]  ? do_raw_spin_lock+0x12b/0x2f0
[  244.205035][   T35]  wb_workfn+0x414/0xf50
[  244.205060][   T35]  ? look_up_lock_class+0x57/0x110
[  244.205102][   T35]  ? __pfx_wb_workfn+0x10/0x10
[  244.205128][   T35]  ? do_raw_spin_lock+0x12b/0x2f0
[  244.205162][   T35]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  244.205214][   T35]  ? process_one_work+0x8bb/0x1780
[  244.205249][   T35]  process_one_work+0x9ab/0x1780
[  244.205306][   T35]  ? __pfx_process_one_work+0x10/0x10
[  244.205332][   T35]  ? do_raw_spin_lock+0x12b/0x2f0
[  244.205377][   T35]  worker_thread+0xba8/0x11e0
[  244.205409][   T35]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  244.205433][   T35]  ? __kthread_parkme+0x7a/0x1f0
[  244.205454][   T35]  ? __kthread_parkme+0x19c/0x1f0
[  244.205483][   T35]  kthread+0x388/0x470
[  244.205507][   T35]  ? __pfx_worker_thread+0x10/0x10
[  244.205523][   T35]  ? __pfx_kthread+0x10/0x10
[  244.205549][   T35]  ret_from_fork+0x51e/0xb90
[  244.205580][   T35]  ? __pfx_ret_from_fork+0x10/0x10
[  244.205607][   T35]  ? __switch_to+0xc7d/0x1450
[  244.205639][   T35]  ? __pfx_kthread+0x10/0x10
[  244.205665][   T35]  ret_from_fork_asm+0x1a/0x30
[  244.205704][   T35]  </TASK>
[  244.209275][ T8947] BTRFS info (device loop1): enabling ssd optimizations
[  244.279556][   T35] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  244.524106][ T8947] BTRFS info (device loop1): turning on async discard
[  244.547540][ T8947] BTRFS info (device loop1): enabling free space tree
[  244.569617][ T8947] BTRFS info (device loop1): enabling auto defrag
[  244.652852][   T35] CPU: 1 UID: 0 PID: 35 Comm: kworker/u8:2 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  244.652888][   T35] Tainted: [L]=SOFTLOCKUP
[  244.652895][   T35] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  244.652906][   T35] Workqueue: writeback wb_workfn (flush-7:4)
[  244.652946][   T35] Call Trace:
[  244.652954][   T35]  <TASK>
[  244.652963][   T35]  dump_stack_lvl+0xe8/0x150
[  244.652996][   T35]  f2fs_handle_critical_error+0x37c/0x540
[  244.653031][   T35]  f2fs_write_end_io+0x1274/0x1740
[  244.653083][   T35]  __submit_merged_bio+0x256/0x700
[  244.653118][   T35]  __submit_merged_write_cond+0x3c9/0x4e0
[  244.653155][   T35]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  244.653211][   T35]  f2fs_write_data_pages+0x287e/0x34f0
[  244.653285][   T35]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  244.653340][   T35]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  244.653404][   T35]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  244.653460][   T35]  ? __lock_acquire+0x6b5/0x2cf0
[  244.653512][   T35]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  244.653542][   T35]  do_writepages+0x32e/0x550
[  244.653576][   T35]  ? reacquire_held_locks+0x104/0x190
[  244.653596][   T35]  ? writeback_sb_inodes+0x477/0x1a20
[  244.653630][   T35]  __writeback_single_inode+0x133/0x11a0
[  244.653657][   T35]  ? do_raw_spin_unlock+0xf5/0x210
[  244.653687][   T35]  writeback_sb_inodes+0x992/0x1a20
[  244.653735][   T35]  ? do_raw_spin_unlock+0xf5/0x210
[  244.653768][   T35]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  244.653790][   T35]  ? do_raw_spin_lock+0x12b/0x2f0
[  244.653864][   T35]  ? rcu_is_watching+0x15/0xb0
[  244.653896][   T35]  wb_writeback+0x456/0xb70
[  244.653925][   T35]  ? queue_io+0x211/0x4a0
[  244.653961][   T35]  ? __pfx_wb_writeback+0x10/0x10
[  244.653983][   T35]  ? do_raw_spin_lock+0x12b/0x2f0
[  244.654028][   T35]  wb_workfn+0x414/0xf50
[  244.654053][   T35]  ? look_up_lock_class+0x57/0x110
[  244.654094][   T35]  ? __pfx_wb_workfn+0x10/0x10
[  244.654120][   T35]  ? do_raw_spin_lock+0x12b/0x2f0
[  244.654148][   T35]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  244.654201][   T35]  ? process_one_work+0x8bb/0x1780
[  244.654228][   T35]  process_one_work+0x9ab/0x1780
[  244.654285][   T35]  ? __pfx_process_one_work+0x10/0x10
[  244.654324][   T35]  ? do_raw_spin_lock+0x12b/0x2f0
[  244.654371][   T35]  worker_thread+0xba8/0x11e0
[  244.654403][   T35]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[  244.654427][   T35]  ? __kthread_parkme+0x7a/0x1f0
[  244.654448][   T35]  ? __kthread_parkme+0x19c/0x1f0
[  244.654477][   T35]  kthread+0x388/0x470
[  244.654501][   T35]  ? __pfx_worker_thread+0x10/0x10
[  244.654519][   T35]  ? __pfx_kthread+0x10/0x10
[  244.654544][   T35]  ret_from_fork+0x51e/0xb90
[  244.654576][   T35]  ? __pfx_ret_from_fork+0x10/0x10
[  244.654602][   T35]  ? __switch_to+0xc7d/0x1450
[  244.654633][   T35]  ? __pfx_kthread+0x10/0x10
[  244.654658][   T35]  ret_from_fork_asm+0x1a/0x30
[  244.654700][   T35]  </TASK>
[  245.007489][   T35] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  245.227908][ T5842] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  246.537322][ T9073] veth0: entered promiscuous mode
[  246.592111][ T9073] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1015'.
[  247.484061][ T9090] ip6gre1: entered promiscuous mode
[  247.511005][ T9090] ip6gre1: entered allmulticast mode
[  247.612909][   T10] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  247.630673][ T5912] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  247.802018][   T10] usb 5-1: Using ep0 maxpacket: 32
[  247.820893][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  247.847525][ T5912] usb 1-1: config 0 has too many interfaces: 253, using maximum allowed: 32
[  247.857607][ T5912] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 253
[  247.872789][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  247.896378][   T10] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  247.915893][ T5912] usb 1-1: New USB device found, idVendor=055f, idProduct=c630, bcdDevice=b6.ac
[  247.931570][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  247.951601][ T5912] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  247.974094][ T5912] usb 1-1: Product: syz
[  247.987203][   T10] usb 5-1: config 0 descriptor??
[  248.000093][ T5912] usb 1-1: Manufacturer: syz
[  248.025302][ T5912] usb 1-1: SerialNumber: syz
[  248.063817][ T5912] usb 1-1: config 0 descriptor??
[  248.093961][ T5912] gspca_main: sunplus-2.14.0 probing 055f:c630
[  248.251058][ T5961] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  248.435286][ T5961] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  248.480470][ T5961] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  248.499312][ T5961] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  248.519900][ T5961] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  248.539078][ T5961] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  248.564455][   T10] savu 0003:1E7D:2D5A.0008: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.4-1/input0
[  248.604489][ T5961] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  248.641930][ T5961] usb 2-1: config 0 descriptor??
[  248.784011][ T5920] usb 5-1: USB disconnect, device number 10
[  248.856591][ T9123] fido_id[9123]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:1E7D:2D5A.0008/report_descriptor': No such file or directory
[  249.183285][ T5961] plantronics 0003:047F:FFFF.0009: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  249.309650][ T5912] gspca_sunplus: reg_r err -71
[  249.317372][ T5912] sunplus 1-1:0.0: probe with driver sunplus failed with error -71
[  249.364821][ T5912] usb 1-1: USB disconnect, device number 9
[  249.386385][ T9142] loop3: detected capacity change from 0 to 512
[  249.594538][ T9142] EXT4-fs error (device loop3): ext4_do_update_inode:5572: inode #3: comm syz.3.1036: corrupted inode contents
[  249.643537][ T9142] loop3: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[  249.649422][    C0] EXT4-fs (loop3): error count since last fsck: 1
[  249.665873][    C0] EXT4-fs (loop3): initial error at time 1773776006: ext4_do_update_inode:5572: inode 3
[  249.675735][    C0] EXT4-fs (loop3): last error at time 1773776006: ext4_do_update_inode:5572: inode 3
[  249.706611][ T9142] EXT4-fs error (device loop3): ext4_dirty_inode:6453: inode #3: comm syz.3.1036: mark_inode_dirty error
[  249.725166][ T9142] loop3: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[  249.737778][ T9142] EXT4-fs error (device loop3): ext4_do_update_inode:5572: inode #3: comm syz.3.1036: corrupted inode contents
[  249.769501][ T9142] loop3: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[  249.787019][ T9142] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #3: comm syz.3.1036: mark_inode_dirty error
[  249.809093][ T9142] loop3: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[  249.816858][ T9142] __quota_error: 17 callbacks suppressed
[  249.816882][ T9142] Quota error (device loop3): write_blk: dquota write failed
[  249.874979][ T9142] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  249.925495][ T9142] EXT4-fs error (device loop3): ext4_acquire_dquot:7001: comm syz.3.1036: Failed to acquire dquot type 0
[  249.966363][ T9142] loop3: lost filesystem error report for type 5 error -117
[  249.987300][   T42] usb 2-1: USB disconnect, device number 7
[  250.087844][ T9142] EXT4-fs error (device loop3): ext4_do_update_inode:5572: inode #16: comm syz.3.1036: corrupted inode contents
[  250.118890][ T9142] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  250.163072][ T9142] EXT4-fs error (device loop3): ext4_dirty_inode:6453: inode #16: comm syz.3.1036: mark_inode_dirty error
[  250.188784][ T9142] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  250.190303][ T9142] EXT4-fs error (device loop3): ext4_do_update_inode:5572: inode #16: comm syz.3.1036: corrupted inode contents
[  250.215534][ T9142] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  250.216053][ T9142] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #16: comm syz.3.1036: mark_inode_dirty error
[  250.240301][ T9142] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  250.247821][ T9142] EXT4-fs error (device loop3): ext4_do_update_inode:5572: inode #16: comm syz.3.1036: corrupted inode contents
[  250.271651][ T9142] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  250.272239][ T9142] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem
[  250.294701][ T9142] loop3: lost filesystem error report for type 5 error -117
[  250.295191][ T9142] EXT4-fs error (device loop3): ext4_do_update_inode:5572: inode #16: comm syz.3.1036: corrupted inode contents
[  250.316658][ T9142] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  250.317169][ T9142] EXT4-fs error (device loop3): ext4_truncate:4590: inode #16: comm syz.3.1036: mark_inode_dirty error
[  250.339149][ T9142] EXT4-fs error (device loop3) in ext4_process_orphan:345: Corrupt filesystem
[  250.348599][ T9142] loop3: lost filesystem error report for type 5 error -117
[  250.362709][ T9142] EXT4-fs (loop3): 1 truncate cleaned up
[  250.379347][ T9142] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  250.393055][ T9142] ext4 filesystem being mounted at /221/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  250.468340][ T5851] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  250.492788][ T9174] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1046'.
[  251.210815][ T9195] loop0: detected capacity change from 0 to 256
[  251.251743][ T9195] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  252.598945][ T9234] loop5: detected capacity change from 0 to 128
[  252.690922][ T9234] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  252.732623][ T9234] hpfs: filesystem error: improperly stopped
[  252.748306][ T9234] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  252.776790][ T9234] hpfs: You really don't want any checks? You are crazy...
[  252.809205][ T9234] hpfs: hpfs_map_sector(): read error
[  252.825549][ T9234] hpfs: code page support is disabled
[  252.842928][ T9234] hpfs: hpfs_map_4sectors(): unaligned read
[  252.864540][ T9234] hpfs: hpfs_map_4sectors(): unaligned read
[  252.883674][ T9234] hpfs: filesystem error: unable to find root dir
[  253.194723][ T9229] loop1: detected capacity change from 0 to 32768
[  253.424026][ T9243] loop4: detected capacity change from 0 to 40427
[  253.438015][ T9243] F2FS-fs (loop4): invalid crc value
[  253.516412][ T9243] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  253.527934][ T9243] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  253.694342][ T9243] syz.4.1076: attempt to access beyond end of device
[  253.694342][ T9243] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  253.712717][ T9243] CPU: 1 UID: 0 PID: 9243 Comm: syz.4.1076 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  253.712753][ T9243] Tainted: [L]=SOFTLOCKUP
[  253.712760][ T9243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  253.712772][ T9243] Call Trace:
[  253.712780][ T9243]  <TASK>
[  253.712789][ T9243]  dump_stack_lvl+0xe8/0x150
[  253.712826][ T9243]  f2fs_handle_critical_error+0x37c/0x540
[  253.712861][ T9243]  f2fs_write_end_io+0x1274/0x1740
[  253.712935][ T9243]  __submit_merged_bio+0x256/0x700
[  253.712969][ T9243]  f2fs_submit_merged_write+0x284/0x390
[  253.713000][ T9243]  ? __pfx_f2fs_submit_merged_write+0x10/0x10
[  253.713047][ T9243]  f2fs_sync_node_pages+0x14bf/0x1680
[  253.713091][ T9243]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  253.713164][ T9243]  f2fs_write_checkpoint+0xeb8/0x26a0
[  253.713225][ T9243]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  253.713243][ T9243]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  253.713309][ T9243]  ? down_write+0x16d/0x200
[  253.713336][ T9243]  ? __pfx_down_write+0x10/0x10
[  253.713362][ T9243]  ? uplift_priority+0xdb/0x730
[  253.713388][ T9243]  ? __pfx_folio_mark_accessed+0x10/0x10
[  253.713419][ T9243]  f2fs_issue_checkpoint+0x456/0x790
[  253.713450][ T9243]  ? __pfx_f2fs_issue_checkpoint+0x10/0x10
[  253.713468][ T9243]  ? from_kgid+0x1ca/0x660
[  253.713538][ T9243]  ? f2fs_sync_fs+0x1f0/0x400
[  253.713569][ T9243]  f2fs_unlink+0x653/0xb30
[  253.713602][ T9243]  ? __pfx_f2fs_unlink+0x10/0x10
[  253.713630][ T9243]  ? __pfx_f2fs_empty_dir+0x10/0x10
[  253.713654][ T9243]  ? down_write+0x16d/0x200
[  253.713697][ T9243]  vfs_rmdir+0x3fd/0x6e0
[  253.713726][ T9243]  filename_rmdir+0x292/0x520
[  253.713756][ T9243]  ? __pfx_filename_rmdir+0x10/0x10
[  253.713784][ T9243]  ? do_getname+0x151/0x250
[  253.713810][ T9243]  __se_sys_rmdir+0x2e/0x140
[  253.713834][ T9243]  do_syscall_64+0x14d/0xf80
[  253.713855][ T9243]  ? trace_irq_disable+0x3b/0x150
[  253.713877][ T9243]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.713897][ T9243]  ? clear_bhb_loop+0x40/0x90
[  253.713920][ T9243]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  253.713950][ T9243] RIP: 0033:0x7f650db9c799
[  253.713973][ T9243] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  253.713990][ T9243] RSP: 002b:00007f650eb06028 EFLAGS: 00000246 ORIG_RAX: 0000000000000054
[  253.714013][ T9243] RAX: ffffffffffffffda RBX: 00007f650de15fa0 RCX: 00007f650db9c799
[  253.714028][ T9243] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000400
[  253.714041][ T9243] RBP: 00007f650dc32c99 R08: 0000000000000000 R09: 0000000000000000
[  253.714053][ T9243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  253.714066][ T9243] R13: 00007f650de16038 R14: 00007f650de15fa0 R15: 00007ffe7b9186e8
[  253.714105][ T9243]  </TASK>
[  253.714114][ T9243] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  254.016790][ T9243] CPU: 1 UID: 0 PID: 9243 Comm: syz.4.1076 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  254.016854][ T9243] Tainted: [L]=SOFTLOCKUP
[  254.016861][ T9243] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  254.016873][ T9243] Call Trace:
[  254.016881][ T9243]  <TASK>
[  254.016891][ T9243]  dump_stack_lvl+0xe8/0x150
[  254.016930][ T9243]  f2fs_handle_critical_error+0x37c/0x540
[  254.016983][ T9243]  f2fs_write_end_io+0x1274/0x1740
[  254.017045][ T9243]  __submit_merged_bio+0x256/0x700
[  254.017082][ T9243]  f2fs_submit_merged_write+0x284/0x390
[  254.017118][ T9243]  ? __pfx_f2fs_submit_merged_write+0x10/0x10
[  254.017177][ T9243]  f2fs_sync_node_pages+0x14bf/0x1680
[  254.017228][ T9243]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  254.017311][ T9243]  f2fs_write_checkpoint+0xeb8/0x26a0
[  254.017374][ T9243]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  254.017393][ T9243]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[  254.017465][ T9243]  ? down_write+0x16d/0x200
[  254.017492][ T9243]  ? __pfx_down_write+0x10/0x10
[  254.017515][ T9243]  ? uplift_priority+0xdb/0x730
[  254.017541][ T9243]  ? __pfx_folio_mark_accessed+0x10/0x10
[  254.017573][ T9243]  f2fs_issue_checkpoint+0x456/0x790
[  254.017608][ T9243]  ? __pfx_f2fs_issue_checkpoint+0x10/0x10
[  254.017627][ T9243]  ? from_kgid+0x1ca/0x660
[  254.017700][ T9243]  ? f2fs_sync_fs+0x1f0/0x400
[  254.017731][ T9243]  f2fs_unlink+0x653/0xb30
[  254.017765][ T9243]  ? __pfx_f2fs_unlink+0x10/0x10
[  254.017795][ T9243]  ? __pfx_f2fs_empty_dir+0x10/0x10
[  254.017820][ T9243]  ? down_write+0x16d/0x200
[  254.017865][ T9243]  vfs_rmdir+0x3fd/0x6e0
[  254.017895][ T9243]  filename_rmdir+0x292/0x520
[  254.017928][ T9243]  ? __pfx_filename_rmdir+0x10/0x10
[  254.017960][ T9243]  ? do_getname+0x151/0x250
[  254.017990][ T9243]  __se_sys_rmdir+0x2e/0x140
[  254.018017][ T9243]  do_syscall_64+0x14d/0xf80
[  254.018042][ T9243]  ? trace_irq_disable+0x3b/0x150
[  254.018066][ T9243]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.018087][ T9243]  ? clear_bhb_loop+0x40/0x90
[  254.018115][ T9243]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  254.018144][ T9243] RIP: 0033:0x7f650db9c799
[  254.018166][ T9243] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  254.018183][ T9243] RSP: 002b:00007f650eb06028 EFLAGS: 00000246 ORIG_RAX: 0000000000000054
[  254.018207][ T9243] RAX: ffffffffffffffda RBX: 00007f650de15fa0 RCX: 00007f650db9c799
[  254.018221][ T9243] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000400
[  254.018234][ T9243] RBP: 00007f650dc32c99 R08: 0000000000000000 R09: 0000000000000000
[  254.018246][ T9243] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  254.018256][ T9243] R13: 00007f650de16038 R14: 00007f650de15fa0 R15: 00007ffe7b9186e8
[  254.018291][ T9243]  </TASK>
[  254.018300][ T9243] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  254.733162][   T42] libceph: connect (1)[c::]:6789 error -101
[  254.780886][   T42] libceph: mon0 (1)[c::]:6789 connect error
[  254.871456][   T42] libceph: connect (1)[c::]:6789 error -101
[  254.891300][   T42] libceph: mon0 (1)[c::]:6789 connect error
[  254.891472][   T10] libceph: connect (1)[c::]:6789 error -101
[  254.934311][   T10] libceph: mon0 (1)[c::]:6789 connect error
[  254.978641][ T9272] loop1: detected capacity change from 0 to 128
[  255.013965][ T9272] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  255.044911][ T9272] hpfs: filesystem error: improperly stopped
[  255.066068][ T9272] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  255.085901][ T9272] hpfs: You really don't want any checks? You are crazy...
[  255.102018][ T9272] hpfs: Code page index out of array
[  255.122108][ T9272] hpfs: code page support is disabled
[  255.136524][ T9259] ceph: No mds server is up or the cluster is laggy
[  255.136689][ T9257] ceph: No mds server is up or the cluster is laggy
[  255.144805][ T9272] hpfs: hpfs_map_4sectors(): unaligned read
[  255.170722][   T42] libceph: connect (1)[c::]:6789 error -101
[  255.174056][ T9272] hpfs: hpfs_map_4sectors(): unaligned read
[  255.189295][ T9272] hpfs: filesystem error: unable to find root dir
[  255.196402][   T42] libceph: mon0 (1)[c::]:6789 connect error
[  255.227401][   T10] libceph: connect (1)[c::]:6789 error -101
[  255.244134][   T10] libceph: mon0 (1)[c::]:6789 connect error
[  255.374350][ T9279] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1087'.
[  255.436543][ T9279] bridge0: port 2(bridge_slave_1) entered disabled state
[  255.441781][ T9282] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1087'.
[  255.444363][ T9279] bridge0: port 1(bridge_slave_0) entered disabled state
[  255.748206][ T1313] ieee802154 phy0 wpan0: encryption failed: -22
[  255.765248][ T1313] ieee802154 phy1 wpan1: encryption failed: -22
[  255.797127][ T5961] hid-generic 0003:0004:0000.000A: unknown main item tag 0x0
[  255.862645][ T5961] hid-generic 0003:0004:0000.000A: unknown main item tag 0x0
[  255.877949][ T9290] netlink: 212348 bytes leftover after parsing attributes in process `syz.1.1089'.
[  255.908303][ T5961] hid-generic 0003:0004:0000.000A: unknown main item tag 0x0
[  255.927305][ T9290] netlink: Unknown conntrack attr (0)
[  256.089817][ T5961] hid-generic 0003:0004:0000.000A: hidraw0: USB HID v0.00 Device [syz0] on syz1
[  256.208194][ T9294] fido_id[9294]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  256.914134][ T9316] Bluetooth: hci0: unsupported parameter 433
[  256.935534][ T9316] Bluetooth: hci0: invalid length 0, exp 2 for type 13
[  257.830080][ T5847] Bluetooth: hci4: command 0x0406 tx timeout
[  258.190635][ T9346] loop3: detected capacity change from 0 to 32768
[  258.223175][ T9346] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1115 (9346)
[  258.243214][ T9346] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  258.249874][   T42] delete_channel: no stack
[  258.254201][ T9346] BTRFS info (device loop3): using sha256 checksum algorithm
[  258.267090][ T9346] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  258.448615][ T9346] BTRFS info (device loop3): rebuilding free space tree
[  258.476083][ T9346] BTRFS info (device loop3): disabling free space tree
[  258.483430][ T9346] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  258.494769][ T9346] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  258.519073][ T9346] BTRFS info (device loop3): enabling ssd optimizations
[  258.528705][ T9346] BTRFS info (device loop3): turning on async discard
[  258.536212][ T9346] BTRFS info (device loop3): enabling disk space caching
[  258.543681][ T9346] BTRFS info (device loop3): force clearing of disk cache
[  258.551123][ T9346] BTRFS info (device loop3): enabling auto defrag
[  258.557585][ T9346] BTRFS info (device loop3): force zlib compression, level 3
[  259.105525][ T5851] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  259.202453][  T200] BTRFS info (device loop3): qgroup scan completed (inconsistency flag cleared)
[  259.499505][   T42] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  259.694429][   T42] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 16
[  259.720150][   T42] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 64
[  259.758939][   T42] usb 2-1: New USB device found, idVendor=0a46, idProduct=9621, bcdDevice=4f.32
[  259.776470][   T42] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  259.807252][   T42] usb 2-1: Product: syz
[  259.823153][   T42] usb 2-1: Manufacturer: syz
[  259.834108][   T42] usb 2-1: SerialNumber: syz
[  259.860502][   T42] usb 2-1: config 0 descriptor??
[  259.878312][ T9390] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  259.895593][ T9390] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  259.933401][ T9381] loop5: detected capacity change from 0 to 32768
[  259.984990][ T9381] jfs_mkdir: dtInsert returned -EIO
[  259.991789][ T9381] ERROR: (device loop5): jfs_mkdir: 
[  259.991789][ T9381] 
[  260.000074][ T9381] ERROR: (device loop5): remounting filesystem as read-only
[  260.070722][   T29] audit: type=1800 audit(1773776016.826:46): pid=9381 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1125" name="file1" dev="loop5" ino=3 res=0 errno=0
[  260.088386][  T119] ERROR: (device loop5): diUpdatePMap: inode 4 not marked as allocated in wmap!
[  260.088386][  T119] 
[  260.107878][  T119] ERROR: (device loop5): remounting filesystem as read-only
[  260.141336][  T119] ERROR: (device loop5): diUpdatePMap: inode 4 not marked as allocated in pmap!
[  260.141336][  T119] 
[  260.159294][ T9390] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  260.189505][ T9390] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  260.199575][  T119] ERROR: (device loop5): diFree: wmap shows inode already free
[  260.199575][  T119] 
[  260.648930][   T42] dm9601: No valid MAC address in EEPROM, using 00:00:00:00:00:00
[  261.084783][ T9408] loop4: detected capacity change from 0 to 32768
[  261.097861][ T9408] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1135 (9408)
[  261.135156][ T9408] BTRFS info (device loop4): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  261.156929][ T9408] BTRFS info (device loop4): using blake2b checksum algorithm
[  261.282358][   T42] dm9601 2-1:0.0 (unnamed net_device) (uninitialized): MDIO read error: -71
[  261.298181][ T9411] loop0: detected capacity change from 0 to 40427
[  261.315477][ T9411] F2FS-fs (loop0): Image doesn't support compression
[  261.335300][ T9411] F2FS-fs (loop0): build fault injection rate: 690
[  261.383825][ T9408] BTRFS info (device loop4): enabling ssd optimizations
[  261.397374][ T9411] F2FS-fs (loop0): invalid crc value
[  261.397617][   T42] dm9601 2-1:0.0 eth5: register 'dm9601' at usb-dummy_hcd.1-1, Davicom DM96xx USB 10/100 Ethernet, 6a:e1:b9:c3:c8:7c
[  261.421275][ T9408] BTRFS info (device loop4): turning on async discard
[  261.433508][ T9408] BTRFS info (device loop4): enabling free space tree
[  261.440707][ T9408] BTRFS info (device loop4): use zstd compression, level 3
[  261.445043][   T42] usb 2-1: USB disconnect, device number 8
[  261.461723][ T9433] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  261.505630][   T42] dm9601 2-1:0.0 eth5: unregister 'dm9601' usb-dummy_hcd.1-1, Davicom DM96xx USB 10/100 Ethernet
[  261.530707][   T29] audit: type=1800 audit(1773776018.286:47): pid=9408 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1135" name="file1" dev="loop4" ino=260 res=0 errno=0
[  261.756459][ T9411] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  261.794072][ T9411] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  261.806033][ T9437] 8021q: adding VLAN 0 to HW filter on device bond0
[  261.822311][ T9437] team0: Device bond0 failed to register rx_handler
[  261.916814][ T5841] BTRFS info (device loop4): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  261.983437][   T29] audit: type=1800 audit(1773776018.726:48): pid=9411 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1137" name="file0" dev="loop0" ino=10 res=0 errno=0
[  262.154668][ T9444] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size
[  262.170551][   T29] audit: type=1804 audit(1773776018.916:49): pid=9411 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.1137" name="/newroot/233/bus/file0" dev="loop0" ino=10 res=1 errno=0
[  262.275711][ T5859] syz-executor: attempt to access beyond end of device
[  262.275711][ T5859] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  262.329687][ T5859] CPU: 1 UID: 0 PID: 5859 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  262.329720][ T5859] Tainted: [L]=SOFTLOCKUP
[  262.329726][ T5859] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  262.329737][ T5859] Call Trace:
[  262.329745][ T5859]  <TASK>
[  262.329753][ T5859]  dump_stack_lvl+0xe8/0x150
[  262.329796][ T5859]  f2fs_handle_critical_error+0x37c/0x540
[  262.329828][ T5859]  f2fs_write_end_io+0x1274/0x1740
[  262.329877][ T5859]  __submit_merged_bio+0x256/0x700
[  262.329908][ T5859]  __submit_merged_write_cond+0x3c9/0x4e0
[  262.329941][ T5859]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  262.329991][ T5859]  f2fs_write_data_pages+0x287e/0x34f0
[  262.330056][ T5859]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  262.330134][ T5859]  ? kernel_text_address+0xa5/0xe0
[  262.330163][ T5859]  ? __lock_acquire+0x6b5/0x2cf0
[  262.330204][ T5859]  ? __lock_acquire+0x6b5/0x2cf0
[  262.330235][ T5859]  ? do_raw_spin_lock+0x12b/0x2f0
[  262.330269][ T5859]  ? do_raw_spin_unlock+0xf5/0x210
[  262.330296][ T5859]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  262.330322][ T5859]  do_writepages+0x32e/0x550
[  262.330356][ T5859]  ? do_raw_spin_unlock+0xf5/0x210
[  262.330383][ T5859]  filemap_fdatawrite+0x1e9/0x2f0
[  262.330409][ T5859]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  262.330482][ T5859]  ? do_raw_spin_unlock+0xf5/0x210
[  262.330509][ T5859]  f2fs_sync_dirty_inodes+0x30e/0x860
[  262.330553][ T5859]  f2fs_write_checkpoint+0x9df/0x26a0
[  262.330609][ T5859]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  262.330688][ T5859]  kill_f2fs_super+0x314/0x720
[  262.330720][ T5859]  ? __pfx_kill_f2fs_super+0x10/0x10
[  262.330760][ T5859]  ? lockdep_hardirqs_on+0x7a/0x110
[  262.330806][ T5859]  deactivate_locked_super+0xbc/0x130
[  262.330835][ T5859]  cleanup_mnt+0x437/0x4d0
[  262.330853][ T5859]  ? _raw_spin_unlock_irq+0x23/0x50
[  262.330877][ T5859]  task_work_run+0x1d9/0x270
[  262.330903][ T5859]  ? __pfx_task_work_run+0x10/0x10
[  262.330938][ T5859]  exit_to_user_mode_loop+0xed/0x480
[  262.330961][ T5859]  ? rcu_is_watching+0x15/0xb0
[  262.330984][ T5859]  do_syscall_64+0x32d/0xf80
[  262.331004][ T5859]  ? trace_irq_disable+0x3b/0x150
[  262.331023][ T5859]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.331041][ T5859]  ? clear_bhb_loop+0x40/0x90
[  262.331063][ T5859]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  262.331080][ T5859] RIP: 0033:0x7fa31739d9d7
[  262.331100][ T5859] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  262.331115][ T5859] RSP: 002b:00007ffdc4581a08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  262.331135][ T5859] RAX: 0000000000000000 RBX: 00007fa317432050 RCX: 00007fa31739d9d7
[  262.331148][ T5859] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdc4581ac0
[  262.331158][ T5859] RBP: 00007ffdc4581ac0 R08: 00007ffdc4582ac0 R09: 00000000ffffffff
[  262.331171][ T5859] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdc4582b50
[  262.331182][ T5859] R13: 00007fa317432050 R14: 000000000004016b R15: 00007ffdc4582b90
[  262.331215][ T5859]  </TASK>
[  262.338160][ T5859] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  262.987345][ T9448] loop4: detected capacity change from 0 to 32768
[  263.004304][ T9448] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1140 (9448)
[  263.079628][ T9448] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  263.117232][ T9448] BTRFS info (device loop4): using crc32c checksum algorithm
[  263.311152][ T9448] BTRFS info (device loop4): enabling ssd optimizations
[  263.341983][ T9448] BTRFS info (device loop4): turning on flush-on-commit
[  263.380988][ T9448] BTRFS info (device loop4): enabling free space tree
[  263.403892][ T9448] BTRFS info (device loop4): enabling auto defrag
[  263.446868][ T9448] BTRFS info (device loop4): use lzo compression, level 1
[  263.478003][ T9448] BTRFS info (device loop4): max_inline set to 4096
[  263.578590][ T9484] loop0: detected capacity change from 0 to 1024
[  263.680334][ T9484] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  263.803342][ T9483] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  263.811346][   T29] audit: type=1800 audit(1773776020.556:50): pid=9484 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1143" name="file1" dev="loop0" ino=15 res=0 errno=0
[  263.835502][ T9483] overlayfs: failed to set xattr on upper
[  263.841171][ T9484] EXT4-fs error (device loop0): mb_free_blocks:2047: group 0, inode 15: block 241:freeing already freed block (bit 15); block bitmap corrupt.
[  263.844509][ T9483] overlayfs: ...falling back to redirect_dir=nofollow.
[  263.903560][ T9483] overlayfs: ...falling back to index=off.
[  263.929282][ T9483] overlayfs: ...falling back to uuid=null.
[  263.951722][ T9483] overlayfs: NFS export requires "index=on", falling back to nfs_export=off.
[  264.006624][ T5841] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  264.194776][ T5859] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.092608][ T9502] loop3: detected capacity change from 0 to 32768
[  265.105178][ T9502] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1158 (9502)
[  265.160144][ T9502] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  265.178402][ T9502] BTRFS info (device loop3): using crc32c checksum algorithm
[  265.317729][ T9502] BTRFS info (device loop3): rebuilding free space tree
[  265.363205][ T9529] input: syz0 as /devices/virtual/input/input17
[  265.393821][ T9502] BTRFS info (device loop3): checking UUID tree
[  265.427143][ T9502] BTRFS info (device loop3): allowing degraded mounts
[  265.436424][ T9502] BTRFS info (device loop3): enabling ssd optimizations
[  265.472440][ T9502] BTRFS info (device loop3): enabling free space tree
[  265.483899][ T9502] BTRFS info (device loop3): force clearing of disk cache
[  265.494393][ T9502] BTRFS info (device loop3): force zlib compression, level 3
[  265.615313][   T29] audit: type=1800 audit(1773776022.366:51): pid=9502 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1158" name="file1" dev="loop3" ino=260 res=0 errno=0
[  265.708458][ T9539] input: syz1 as /devices/virtual/input/input18
[  266.039010][ T5851] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  266.871151][ T9565] loop1: detected capacity change from 0 to 2048
[  266.937567][ T9567] random: crng reseeded on system resumption
[  266.951516][ T9565] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  266.956272][ T9571] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1177'.
[  267.060986][ T9565] EXT4-fs error (device loop1): ext4_iget_extra_inode:5028: inode #12: comm syz.1.1175: corrupted in-inode xattr: invalid size in ea xattr
[  267.214640][ T5842] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  267.452057][ T9584] loop3: detected capacity change from 0 to 2048
[  267.540762][ T9587] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  267.646089][ T9584] NILFS error (device loop3): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0
[  267.674076][ T9584] Remounting filesystem read-only
[  267.682596][ T9584] NILFS error (device loop3): nilfs_check_folio: bad entry in directory #2: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, name_len=0
[  268.063697][ T9599] loop3: detected capacity change from 0 to 1024
[  268.132126][   T29] audit: type=1800 audit(1773776024.886:52): pid=9599 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1188" name="file1" dev="loop3" ino=20 res=0 errno=0
[  268.318432][ T9601] loop1: detected capacity change from 0 to 512
[  268.334458][ T9601] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  268.359079][ T9601] EXT4-fs (loop1): 1 orphan inode deleted
[  268.367324][ T9601] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  268.419920][   T29] audit: type=1800 audit(1773776025.176:53): pid=9601 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1189" name="bus" dev="loop1" ino=15 res=0 errno=0
[  268.512087][ T5842] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.564507][   T77] hfsplus: b-tree write err: -5, ino 25
[  268.582627][   T77] hfsplus: b-tree write err: -5, ino 4
[  268.594324][   T77] hfsplus: b-tree write err: -5, ino 2
[  269.006885][ T9618] input: syz0 as /devices/virtual/input/input19
[  269.743127][ T9633] loop1: detected capacity change from 0 to 2048
[  269.776171][ T9633] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  270.146522][ T5842] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.395769][ T9638] loop3: detected capacity change from 0 to 40427
[  270.414247][ T9638] F2FS-fs (loop3): build fault injection rate: 174
[  270.447793][ T9638] F2FS-fs (loop3): build fault injection type: 0x3bfe8c
[  270.477263][ T9638] F2FS-fs (loop3): invalid crc value
[  270.668037][ T9638] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  270.697756][ T9638] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  270.765872][ T9638] F2FS-fs (loop3): inject no more block in inc_valid_node_count of f2fs_new_node_folio+0x361/0xd80
[  270.824842][ T5851] syz-executor: attempt to access beyond end of device
[  270.824842][ T5851] loop3: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  270.839314][ T5851] CPU: 0 UID: 0 PID: 5851 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  270.839350][ T5851] Tainted: [L]=SOFTLOCKUP
[  270.839357][ T5851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  270.839368][ T5851] Call Trace:
[  270.839376][ T5851]  <TASK>
[  270.839384][ T5851]  dump_stack_lvl+0xe8/0x150
[  270.839420][ T5851]  f2fs_handle_critical_error+0x37c/0x540
[  270.839455][ T5851]  f2fs_write_end_io+0x1274/0x1740
[  270.839512][ T5851]  __submit_merged_bio+0x256/0x700
[  270.839548][ T5851]  __submit_merged_write_cond+0x3c9/0x4e0
[  270.839585][ T5851]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  270.839641][ T5851]  f2fs_write_data_pages+0x287e/0x34f0
[  270.839713][ T5851]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  270.839800][ T5851]  ? __pfx_clockevents_program_event+0x10/0x10
[  270.839828][ T5851]  ? __lock_acquire+0x6b5/0x2cf0
[  270.839877][ T5851]  ? __lock_acquire+0x6b5/0x2cf0
[  270.839912][ T5851]  ? do_raw_spin_lock+0x12b/0x2f0
[  270.839960][ T5851]  ? do_raw_spin_unlock+0xf5/0x210
[  270.839986][ T5851]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  270.840017][ T5851]  do_writepages+0x32e/0x550
[  270.840055][ T5851]  ? do_raw_spin_unlock+0xf5/0x210
[  270.840087][ T5851]  filemap_fdatawrite+0x1e9/0x2f0
[  270.840116][ T5851]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  270.840197][ T5851]  ? do_raw_spin_unlock+0xf5/0x210
[  270.840229][ T5851]  f2fs_sync_dirty_inodes+0x30e/0x860
[  270.840278][ T5851]  f2fs_write_checkpoint+0x9df/0x26a0
[  270.840340][ T5851]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  270.840427][ T5851]  kill_f2fs_super+0x314/0x720
[  270.840464][ T5851]  ? __pfx_kill_f2fs_super+0x10/0x10
[  270.840510][ T5851]  ? lockdep_hardirqs_on+0x7a/0x110
[  270.840552][ T5851]  deactivate_locked_super+0xbc/0x130
[  270.840586][ T5851]  cleanup_mnt+0x437/0x4d0
[  270.840606][ T5851]  ? _raw_spin_unlock_irq+0x23/0x50
[  270.840633][ T5851]  task_work_run+0x1d9/0x270
[  270.840663][ T5851]  ? __pfx_task_work_run+0x10/0x10
[  270.840700][ T5851]  exit_to_user_mode_loop+0xed/0x480
[  270.840727][ T5851]  ? rcu_is_watching+0x15/0xb0
[  270.840753][ T5851]  do_syscall_64+0x32d/0xf80
[  270.840777][ T5851]  ? trace_irq_disable+0x3b/0x150
[  270.840800][ T5851]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  270.840820][ T5851]  ? clear_bhb_loop+0x40/0x90
[  270.840846][ T5851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  270.840866][ T5851] RIP: 0033:0x7fb20379d9d7
[  270.840887][ T5851] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  270.840903][ T5851] RSP: 002b:00007ffd6a43d968 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  270.840925][ T5851] RAX: 0000000000000000 RBX: 00007fb203832050 RCX: 00007fb20379d9d7
[  270.840947][ T5851] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd6a43da20
[  270.840958][ T5851] RBP: 00007ffd6a43da20 R08: 00007ffd6a43ea20 R09: 00000000ffffffff
[  270.840971][ T5851] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd6a43eab0
[  270.840983][ T5851] R13: 00007fb203832050 R14: 0000000000042321 R15: 00007ffd6a43eaf0
[  270.841020][ T5851]  </TASK>
[  271.149808][ T9641] loop4: detected capacity change from 0 to 131072
[  271.173823][ T5851] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  271.180882][ T5851] CPU: 1 UID: 0 PID: 5851 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  271.180913][ T5851] Tainted: [L]=SOFTLOCKUP
[  271.180920][ T5851] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  271.180931][ T5851] Call Trace:
[  271.180947][ T5851]  <TASK>
[  271.180955][ T5851]  dump_stack_lvl+0xe8/0x150
[  271.180991][ T5851]  f2fs_handle_critical_error+0x37c/0x540
[  271.181025][ T5851]  f2fs_write_end_io+0x1274/0x1740
[  271.181078][ T5851]  __submit_merged_bio+0x256/0x700
[  271.181112][ T5851]  __submit_merged_write_cond+0x3c9/0x4e0
[  271.181147][ T5851]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  271.181199][ T5851]  f2fs_write_data_pages+0x287e/0x34f0
[  271.181268][ T5851]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  271.181348][ T5851]  ? __pfx_clockevents_program_event+0x10/0x10
[  271.181375][ T5851]  ? __lock_acquire+0x6b5/0x2cf0
[  271.181421][ T5851]  ? __lock_acquire+0x6b5/0x2cf0
[  271.181455][ T5851]  ? do_raw_spin_lock+0x12b/0x2f0
[  271.181491][ T5851]  ? do_raw_spin_unlock+0xf5/0x210
[  271.181516][ T5851]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  271.181546][ T5851]  do_writepages+0x32e/0x550
[  271.181581][ T5851]  ? do_raw_spin_unlock+0xf5/0x210
[  271.181610][ T5851]  filemap_fdatawrite+0x1e9/0x2f0
[  271.181639][ T5851]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  271.181712][ T5851]  ? do_raw_spin_unlock+0xf5/0x210
[  271.181741][ T5851]  f2fs_sync_dirty_inodes+0x30e/0x860
[  271.181787][ T5851]  f2fs_write_checkpoint+0x9df/0x26a0
[  271.181845][ T5851]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  271.181925][ T5851]  kill_f2fs_super+0x314/0x720
[  271.181967][ T5851]  ? __pfx_kill_f2fs_super+0x10/0x10
[  271.182011][ T5851]  ? lockdep_hardirqs_on+0x7a/0x110
[  271.182050][ T5851]  deactivate_locked_super+0xbc/0x130
[  271.182082][ T5851]  cleanup_mnt+0x437/0x4d0
[  271.182101][ T5851]  ? _raw_spin_unlock_irq+0x23/0x50
[  271.182126][ T5851]  task_work_run+0x1d9/0x270
[  271.182154][ T5851]  ? __pfx_task_work_run+0x10/0x10
[  271.182191][ T5851]  exit_to_user_mode_loop+0xed/0x480
[  271.182217][ T5851]  ? rcu_is_watching+0x15/0xb0
[  271.182242][ T5851]  do_syscall_64+0x32d/0xf80
[  271.182264][ T5851]  ? trace_irq_disable+0x3b/0x150
[  271.182286][ T5851]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.182306][ T5851]  ? clear_bhb_loop+0x40/0x90
[  271.182330][ T5851]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  271.182349][ T5851] RIP: 0033:0x7fb20379d9d7
[  271.182368][ T5851] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  271.182384][ T5851] RSP: 002b:00007ffd6a43d968 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  271.182405][ T5851] RAX: 0000000000000000 RBX: 00007fb203832050 RCX: 00007fb20379d9d7
[  271.182418][ T5851] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd6a43da20
[  271.182429][ T5851] RBP: 00007ffd6a43da20 R08: 00007ffd6a43ea20 R09: 00000000ffffffff
[  271.182442][ T5851] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd6a43eab0
[  271.182453][ T5851] R13: 00007fb203832050 R14: 0000000000042321 R15: 00007ffd6a43eaf0
[  271.182487][ T5851]  </TASK>
[  271.182495][ T5851] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  271.609216][ T9641] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  271.630455][ T9641] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  271.652084][ T9641] F2FS-fs (loop4): lookup inode (7) has corrupted xattr
[  271.713157][ T9641] F2FS-fs (loop4): lookup inode (7) has corrupted xattr
[  271.722076][ T9641] F2FS-fs (loop4): f2fs_check_nid_range: out-of-range nid=fff70000, run fsck to fix.
[  271.875447][ T9653] loop1: detected capacity change from 0 to 8
[  271.991280][ T9653] unable to read inode lookup table
[  272.612037][ T5912] usb 2-1: new full-speed USB device number 9 using dummy_hcd
[  272.775040][ T5912] usb 2-1: New USB device found, idVendor=09c0, idProduct=0203, bcdDevice=d3.43
[  272.796069][ T5912] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  272.817530][ T5912] usb 2-1: config 0 descriptor??
[  272.833519][ T5912] dvb-usb: found a 'Genpix SkyWalker-1 DVB-S receiver' in warm state.
[  273.029569][ T5934] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  273.042514][ T5912] gp8psk: usb in 128 operation failed.
[  273.221448][ T5934] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  273.233054][ T5934] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  273.243892][ T5934] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  273.253933][ T5934] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  273.258640][ T5912] gp8psk: usb in 146 operation failed.
[  273.266425][ T9666] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  273.284054][ T5912] gp8psk: failed to get FW version
[  273.285223][ T5934] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  273.312278][ T5912] gp8psk: FPGA Version = 114
[  273.497600][ T5934] usb 5-1: USB disconnect, device number 11
[  273.713671][ T5912] gp8psk: usb out operation failed.
[  273.720999][ T5912] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  273.745246][ T5912] dvb-usb: Genpix SkyWalker-1 DVB-S receiver error while loading driver (-19)
[  273.766897][ T5912] usb 2-1: USB disconnect, device number 9
[  273.925794][ T9675] loop3: detected capacity change from 0 to 4096
[  273.933959][ T9675] EXT4-fs: inline encryption not supported
[  273.941924][ T9675] EXT4-fs (loop3): Test dummy encryption mode enabled
[  273.952564][ T9675] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  273.964586][ T9675] System zones: 0-5
[  273.973828][ T9675] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  274.043314][ T5851] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  274.378414][ T9687] loop4: detected capacity change from 0 to 512
[  274.736297][ T9702] netlink: 'syz.4.1222': attribute type 3 has an invalid length.
[  275.119606][ T5843] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  275.270859][ T5843] usb 5-1: Using ep0 maxpacket: 32
[  275.284295][ T5843] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  275.306343][ T5843] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  275.326815][ T5843] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  275.349490][ T5843] usb 5-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  275.369222][ T5843] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  275.385596][ T5843] usb 5-1: config 0 descriptor??
[  275.623607][ T9711] loop3: detected capacity change from 0 to 32768
[  275.649883][ T9711] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  275.683020][ T9711] XFS (loop3): Ending clean mount
[  275.794761][ T5851] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  275.888924][ T5843] input: HID 0458:5011 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0458:5011.000B/input/input20
[  276.097988][ T5847] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  276.130683][ T5847] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  276.143544][ T5847] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  276.231732][ T5847] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  276.264075][ T5847] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  276.277646][ T5843] input: HID 0458:5011 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0458:5011.000B/input/input21
[  276.677479][ T9734] loop1: detected capacity change from 0 to 2048
[  276.696339][ T5843] kye 0003:0458:5011.000B: input,hiddev0,hidraw0: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.4-1/input0
[  276.702257][ T9734] UDF-fs: warning (device loop1): udf_load_vrs: No anchor found
[  276.727279][ T9734] UDF-fs: Scanning with blocksize 512 failed
[  276.824490][ T9734] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  277.002459][ T5934] usb 5-1: USB disconnect, device number 12
[  277.856288][ T9748] netlink: 'syz.4.1236': attribute type 1 has an invalid length.
[  277.875431][ T9724] chnl_net:caif_netlink_parms(): no params data found
[  278.023809][ T9748] 8021q: adding VLAN 0 to HW filter on device bond1
[  278.384656][ T5847] Bluetooth: hci5: command tx timeout
[  278.414232][ T9724] bridge0: port 1(bridge_slave_0) entered blocking state
[  278.429812][ T9724] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.442791][ T9724] bridge_slave_0: entered allmulticast mode
[  278.463562][ T9724] bridge_slave_0: entered promiscuous mode
[  278.470729][ T9742] loop3: detected capacity change from 0 to 131072
[  278.484635][ T9742] F2FS-fs (loop3): Wrong CP boundary, start(512) end(1536) blocks(0)
[  278.493090][ T9742] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  278.503235][ T9742] F2FS-fs (loop3): invalid crc value
[  278.565885][ T9724] bridge0: port 2(bridge_slave_1) entered blocking state
[  278.608520][ T9724] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.629847][ T9742] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  278.645579][ T9742] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  278.652883][ T9742] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  278.670157][ T9724] bridge_slave_1: entered allmulticast mode
[  278.679120][ T9724] bridge_slave_1: entered promiscuous mode
[  278.783507][ T9724] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  278.815489][ T9724] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  278.936708][ T9724] team0: Port device team_slave_0 added
[  278.960549][ T9724] team0: Port device team_slave_1 added
[  279.072872][ T9724] batman_adv: batadv0: Adding interface: batadv_slave_0
[  279.089748][ T9724] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  279.151557][ T9724] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  279.183158][ T9724] batman_adv: batadv0: Adding interface: batadv_slave_1
[  279.199628][ T9724] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  279.259504][ T9724] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  279.304045][ T9764] loop1: detected capacity change from 0 to 32768
[  279.361821][ T9764] XFS (loop1): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  279.504226][ T9764] XFS (loop1): Ending clean mount
[  279.540443][ T9724] hsr_slave_0: entered promiscuous mode
[  279.594993][ T9724] hsr_slave_1: entered promiscuous mode
[  279.622856][ T9724] debugfs: 'hsr0' already exists in 'hsr'
[  279.649488][ T9724] Cannot create hsr debugfs directory
[  279.800733][ T5842] XFS (loop1): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  280.236019][ T9789] input: syz0 as /devices/virtual/input/input22
[  280.462592][ T5847] Bluetooth: hci5: command tx timeout
[  280.941875][ T5920] libceph: connect (1)[c::]:6789 error -101
[  280.965180][ T5920] libceph: mon0 (1)[c::]:6789 connect error
[  281.285501][   T42] libceph: connect (1)[c::]:6789 error -101
[  281.301407][   T42] libceph: mon0 (1)[c::]:6789 connect error
[  281.322198][ T9724] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  281.341952][ T9792] loop4: detected capacity change from 0 to 32768
[  281.361888][ T9792] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1248 (9792)
[  281.377269][ T9724] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  281.401172][ T9792] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  281.426942][ T9724] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  281.438152][ T9792] BTRFS info (device loop4): using sha256 checksum algorithm
[  281.489253][ T9724] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  281.636075][ T9792] BTRFS info (device loop4): rebuilding free space tree
[  281.684189][ T9802] ceph: No mds server is up or the cluster is laggy
[  281.943668][ T9792] BTRFS info (device loop4): enabling ssd optimizations
[  281.965698][ T9792] BTRFS info (device loop4): using spread ssd allocation scheme
[  281.991074][ T9724] 8021q: adding VLAN 0 to HW filter on device bond0
[  282.004942][ T9792] BTRFS info (device loop4): turning on async discard
[  282.045529][ T9792] BTRFS info (device loop4): enabling free space tree
[  282.068763][ T9792] BTRFS info (device loop4): force clearing of disk cache
[  282.127072][ T9724] 8021q: adding VLAN 0 to HW filter on device team0
[  282.192521][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  282.199889][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  282.316012][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  282.323530][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  282.539700][ T5847] Bluetooth: hci5: command tx timeout
[  282.882131][ T5841] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  283.160803][ T9873] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  283.260497][ T5919] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  283.260785][ T5847] Bluetooth: hci0: command 0x0406 tx timeout
[  283.295106][ T9724] 8021q: adding VLAN 0 to HW filter on device batadv0
[  283.318976][ T5919] Bluetooth: hci0: Error when powering off device on rfkill (-110)
[  283.526427][ T9878] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  284.198043][ T9892] overlayfs: failed to verify upper (263/file0, ino=1420, err=-116)
[  284.235258][ T9892] overlayfs: failed to verify index dir 'upper' xattr
[  284.263474][ T9892] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index.
[  284.545051][ T9724] veth0_vlan: entered promiscuous mode
[  284.611692][ T9724] veth1_vlan: entered promiscuous mode
[  284.621099][ T5847] Bluetooth: hci5: command tx timeout
[  284.824709][ T9724] veth0_macvtap: entered promiscuous mode
[  284.874235][ T9724] veth1_macvtap: entered promiscuous mode
[  285.000638][ T9724] batman_adv: batadv0: Interface activated: batadv_slave_0
[  285.088982][ T9724] batman_adv: batadv0: Interface activated: batadv_slave_1
[  285.153972][ T1153] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  285.191442][ T1153] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  285.214096][ T1153] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  285.248346][ T1153] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  285.371814][ T9927] loop3: detected capacity change from 0 to 512
[  285.608006][ T9933] loop4: detected capacity change from 0 to 512
[  285.622253][ T9927] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  285.636700][ T9927] ext4 filesystem being mounted at /288/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  285.684342][ T9933] EXT4-fs error (device loop4): ext4_quota_enable:7192: inode #4: comm syz.4.1276: iget: immutable or append flags not allowed on symlinks
[  285.735767][ T9933] fserror_report: 1 callbacks suppressed
[  285.735789][ T9933] loop4: lost file I/O error report for ino 4 type 5 pos 0x0 len 0x0 error -117
[  285.739702][   T29] audit: type=1800 audit(1773776042.476:54): pid=9937 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1274" name="file2" dev="loop3" ino=16 res=0 errno=0
[  285.749418][    C0] EXT4-fs (loop4): error count since last fsck: 1
[  285.778107][    C0] EXT4-fs (loop4): initial error at time 1773776042: ext4_quota_enable:7192: inode 4
[  285.784386][ T9933] EXT4-fs error (device loop4): ext4_quota_enable:7195: comm syz.4.1276: Bad quota inode: 4, type: 1
[  285.787827][    C0] EXT4-fs (loop4): last error at time 1773776042: ext4_quota_enable:7192: inode 4
[  285.813211][ T9933] loop4: lost filesystem error report for type 5 error -117
[  285.814040][ T9933] EXT4-fs warning (device loop4): ext4_enable_quotas:7236: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  285.841966][ T9933] EXT4-fs (loop4): mount failed
[  286.039233][ T5851] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.064254][ T5847] Bluetooth: hci1: command 0x0406 tx timeout
[  286.065494][ T5919] Bluetooth: hci1: Opcode 0x0c1a failed: -110
[  286.109430][ T5919] Bluetooth: hci1: Error when powering off device on rfkill (-110)
[  286.273084][ T9950] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000006: 0000 [#1] SMP KASAN PTI
[  286.285214][ T9950] KASAN: null-ptr-deref in range [0x0000000000000030-0x0000000000000037]
[  286.293679][ T9950] CPU: 0 UID: 0 PID: 9950 Comm: syz.4.1279 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  286.304561][ T9950] Tainted: [L]=SOFTLOCKUP
[  286.308893][ T9950] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  286.319519][ T9950] RIP: 0010:do_dentry_open+0xaf/0x14e0
[  286.324993][ T9950] Code: 44 24 28 80 3c 28 00 74 08 4c 89 ff e8 ba 5b ef ff 4c 89 7c 24 20 4d 89 27 4d 8d 7c 24 30 4c 89 f8 48 c1 e8 03 48 89 44 24 58 <80> 3c 28 00 74 08 4c 89 ff e8 a3 5a ef ff 4c 89 7c 24 60 4d 8b 3f
[  286.344700][ T9950] RSP: 0018:ffffc90003417638 EFLAGS: 00010206
[  286.350801][ T9950] RAX: 0000000000000006 RBX: ffff88803501b560 RCX: 0000000000000000
[  286.358781][ T9950] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 00000000ffffffff
[  286.366763][ T9950] RBP: dffffc0000000000 R08: ffff8880770156c3 R09: 1ffff1100ee02ad8
[  286.374910][ T9950] R10: dffffc0000000000 R11: ffffed100ee02ad9 R12: 0000000000000000
[  286.382881][ T9950] R13: 1ffff11006a036bd R14: ffff88803501b5e8 R15: 0000000000000030
[  286.390868][ T9950] FS:  00007f650eb066c0(0000) GS:ffff888125435000(0000) knlGS:0000000000000000
[  286.399880][ T9950] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  286.406464][ T9950] CR2: 000000110c270884 CR3: 000000005d742000 CR4: 00000000003526f0
[  286.414713][ T9950] Call Trace:
[  286.417996][ T9950]  <TASK>
[  286.420932][ T9950]  ? vfs_open+0x31/0x340
[  286.425197][ T9950]  vfs_open+0x3b/0x340
[  286.429268][ T9950]  ? backing_file_open_user_path+0x12/0x50
[  286.435422][ T9950]  backing_file_open_user_path+0x24/0x50
[  286.441252][ T9950]  backing_tmpfile_open+0x9b/0xf0
[  286.446286][ T9950]  ovl_tmpfile+0x400/0x810
[  286.450722][ T9950]  ? __pfx_ovl_tmpfile+0x10/0x10
[  286.455672][ T9950]  ? _raw_spin_unlock+0x28/0x50
[  286.460523][ T9950]  ? d_alloc+0x144/0x190
[  286.464857][ T9950]  ? mode_strip_sgid+0x6a/0x1b0
[  286.469712][ T9950]  vfs_tmpfile+0x3ff/0x890
[  286.474134][ T9950]  do_tmpfile+0xd3/0x240
[  286.478472][ T9950]  path_openat+0x300d/0x3860
[  286.483174][ T9950]  ? arch_stack_walk+0xfb/0x150
[  286.488137][ T9950]  ? do_getname+0x2e/0x250
[  286.492559][ T9950]  ? stack_trace_save+0xa9/0x100
[  286.497522][ T9950]  ? __pfx_stack_trace_save+0x10/0x10
[  286.502924][ T9950]  ? do_getname+0x2e/0x250
[  286.507355][ T9950]  ? stack_depot_save_flags+0x33/0x810
[  286.512842][ T9950]  ? kasan_save_track+0x3e/0x80
[  286.517753][ T9950]  ? __kasan_slab_alloc+0x6c/0x80
[  286.522810][ T9950]  ? __pfx_path_openat+0x10/0x10
[  286.527753][ T9950]  ? __x64_sys_openat+0x138/0x170
[  286.532782][ T9950]  ? do_syscall_64+0x14d/0xf80
[  286.537644][ T9950]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  286.543713][ T9950]  ? __lock_acquire+0x6b5/0x2cf0
[  286.548836][ T9950]  do_file_open+0x23e/0x4a0
[  286.553427][ T9950]  ? __pfx_do_file_open+0x10/0x10
[  286.558559][ T9950]  ? _raw_spin_unlock+0x28/0x50
[  286.563421][ T9950]  ? alloc_fd+0x64b/0x6c0
[  286.567783][ T9950]  do_sys_openat2+0x113/0x200
[  286.572469][ T9950]  ? __se_sys_futex+0x3a8/0x450
[  286.577406][ T9950]  ? __pfx_do_sys_openat2+0x10/0x10
[  286.582625][ T9950]  ? rcu_is_watching+0x15/0xb0
[  286.587483][ T9950]  __x64_sys_openat+0x138/0x170
[  286.592354][ T9950]  do_syscall_64+0x14d/0xf80
[  286.597068][ T9950]  ? trace_irq_disable+0x3b/0x150
[  286.602116][ T9950]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  286.608195][ T9950]  ? clear_bhb_loop+0x40/0x90
[  286.612968][ T9950]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  286.618872][ T9950] RIP: 0033:0x7f650db9c799
[  286.623294][ T9950] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  286.643343][ T9950] RSP: 002b:00007f650eb06028 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  286.651862][ T9950] RAX: ffffffffffffffda RBX: 00007f650de15fa0 RCX: 00007f650db9c799
[  286.660406][ T9950] RDX: 00000000004bc002 RSI: 0000200000000080 RDI: ffffffffffffff9c
[  286.668646][ T9950] RBP: 00007f650dc32c99 R08: 0000000000000000 R09: 0000000000000000
[  286.676721][ T9950] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  286.684701][ T9950] R13: 00007f650de16038 R14: 00007f650de15fa0 R15: 00007ffe7b9186e8
[  286.692681][ T9950]  </TASK>
[  286.695714][ T9950] Modules linked in:
[  286.701852][ T9950] ---[ end trace 0000000000000000 ]---
[  286.720405][ T9950] RIP: 0010:do_dentry_open+0xaf/0x14e0
[  286.741122][ T9950] Code: 44 24 28 80 3c 28 00 74 08 4c 89 ff e8 ba 5b ef ff 4c 89 7c 24 20 4d 89 27 4d 8d 7c 24 30 4c 89 f8 48 c1 e8 03 48 89 44 24 58 <80> 3c 28 00 74 08 4c 89 ff e8 a3 5a ef ff 4c 89 7c 24 60 4d 8b 3f
[  286.798983][ T9950] RSP: 0018:ffffc90003417638 EFLAGS: 00010206
[  286.821239][ T9950] RAX: 0000000000000006 RBX: ffff88803501b560 RCX: 0000000000000000
[  286.846045][ T9950] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 00000000ffffffff
[  286.881983][ T9950] RBP: dffffc0000000000 R08: ffff8880770156c3 R09: 1ffff1100ee02ad8
[  286.882203][ T9953] loop3: detected capacity change from 0 to 32768
[  286.900469][ T9953] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1278 (9953)
[  286.917907][ T9953] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  286.928239][ T9953] BTRFS info (device loop3): using sha256 checksum algorithm
[  286.943344][ T9950] R10: dffffc0000000000 R11: ffffed100ee02ad9 R12: 0000000000000000
[  286.977660][ T9950] R13: 1ffff11006a036bd R14: ffff88803501b5e8 R15: 0000000000000030
[  287.043587][ T9950] FS:  00007f650eb066c0(0000) GS:ffff888125535000(0000) knlGS:0000000000000000
[  287.054662][ T9953] BTRFS info (device loop3): enabling ssd optimizations
[  287.061820][ T9953] BTRFS info (device loop3): turning on async discard
[  287.068889][ T9953] BTRFS info (device loop3): enabling free space tree
[  287.074342][ T9950] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  287.106983][ T9950] CR2: 00007ffedb15aff8 CR3: 000000005d742000 CR4: 00000000003526f0
[  287.117282][ T5851] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  287.127572][ T9950] Kernel panic - not syncing: Fatal exception
[  287.133964][ T9950] Kernel Offset: disabled
[  287.138285][ T9950] Rebooting in 86400 seconds..