last executing test programs:

1m58.052128373s ago: executing program 3 (id=1909):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2)
ioctl$VIDIOC_S_INPUT(r0, 0xc0045627, &(0x7f0000000280)=0x2)
ioctl$VIDIOC_QUERYSTD(r0, 0x8008563f, &(0x7f0000000100))

1m57.910862624s ago: executing program 3 (id=1912):
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000a00)={'syz1\x00', {0x6ec9, 0x7, 0x5, 0x5}, 0x3e, [0x9, 0x2, 0x8, 0x2, 0x5334, 0x400, 0x80000000, 0x5, 0x8, 0x0, 0x6, 0xf5, 0x9, 0x39, 0x747d5a13, 0x8, 0xfffffb9a, 0xfffffffc, 0x4, 0xfffffffb, 0x4, 0x3, 0x4, 0xf252, 0x4, 0x800, 0x300000, 0x7, 0xe, 0x4623b, 0x0, 0x0, 0x1ff, 0x8000, 0x3ff, 0x3, 0xd, 0x3, 0xba55, 0x1000, 0x2, 0x200, 0x2, 0x400008, 0xe, 0x4, 0x2, 0x0, 0x8, 0x9, 0x1, 0x199f, 0x8, 0x2, 0x9, 0x1, 0x4, 0x6, 0x1000, 0xffff0001, 0x40, 0x9, 0x7, 0x5], [0x6, 0x1e, 0x3, 0x8000, 0xfffffffe, 0x3, 0x0, 0x5, 0x7, 0xfffffffc, 0x4, 0x7fff, 0x72c, 0x1c32, 0x3, 0x9, 0x10000, 0x400, 0x8001, 0x3, 0x1, 0x297, 0x5, 0x0, 0x981, 0x4, 0x100, 0x3ff, 0x0, 0xfffffffe, 0x0, 0x1000005, 0x10, 0xfffffff9, 0x0, 0x5, 0x1, 0xffffffff, 0x6, 0x5, 0x800, 0xffff, 0x6, 0x96, 0xfffffffd, 0x101, 0x0, 0x2, 0x401, 0xc, 0x3, 0x379, 0x9, 0xe, 0x5, 0x7, 0x6, 0x2, 0x1, 0x1, 0x8, 0x6, 0x200, 0x3], [0x401, 0xc584, 0xffff, 0xcd4, 0x7, 0x20, 0x7, 0x4, 0x8, 0x10, 0x7, 0x9, 0xe8b, 0x5, 0x80000001, 0x8, 0xffffffff, 0x1000, 0x2, 0x10, 0x1, 0xfffffff9, 0xe55, 0x14, 0x80000001, 0x4, 0x4, 0x5, 0x9, 0x2, 0x20000005, 0x80, 0x9, 0x9, 0x47, 0x8, 0x3, 0x4, 0x7, 0x6d7e, 0x3, 0x8, 0x8001, 0x1, 0x6, 0x8, 0x95a, 0xffffffff, 0x4, 0x3, 0x6, 0x100fffd, 0x2005, 0x7, 0x4, 0xea, 0x9, 0x5, 0x2, 0xd9, 0x0, 0x7ff, 0x401, 0x5], [0x108e, 0x7fff, 0x3, 0x3, 0x88, 0x2, 0x6, 0x4, 0x50, 0x2, 0x763, 0xb, 0x402, 0x800, 0x2, 0x1000, 0x7f, 0x5, 0x3fa6, 0x4, 0x0, 0x5, 0x1e0, 0x4, 0xe47, 0x3, 0x3, 0x4, 0x200, 0x1000, 0x3b, 0x2, 0x5, 0x800, 0xa80a, 0x65f413f9, 0x4, 0x8, 0x8a8, 0x2, 0x40, 0x7, 0x2, 0x4, 0x4, 0x10, 0x0, 0x0, 0x7fff, 0x1, 0x21d, 0x401, 0x1, 0x200, 0x7, 0x4edf, 0xfffffffd, 0x7, 0xe, 0x2, 0xe, 0xf, 0x133, 0x6]}, 0x45c)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$KVM_GET_EMULATED_CPUID(r0, 0xc008ae09, &(0x7f0000000500)={0x66666666666666d, 0x0, [{0x80000001, 0x3, 0x1, 0x7fffffff, 0x9, 0x3, 0x4}, {0x7, 0xb, 0x6, 0x7f, 0xd11, 0x4, 0xfffffffe}, {0xd, 0x9, 0x1, 0x4, 0x80, 0x81, 0x2}, {0x2, 0x40, 0x5, 0x5, 0x2, 0x4, 0x1}]})

1m57.803281107s ago: executing program 3 (id=1913):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f00000000c0)={0x1f, 0xffff, 0x3}, 0x6)
write(r0, &(0x7f0000000000)="3f000000010040", 0x7)

1m57.628583304s ago: executing program 3 (id=1917):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x1, &(0x7f0000001340)={[{@iocharset={'iocharset', 0x3d, 'cp857'}}, {@utf8}, {@gid}, {}, {@errors_remount}, {@dmask={'dmask', 0x3d, 0xfffd}}, {@keep_last_dots}, {@iocharset={'iocharset', 0x3d, 'maccroatian'}}, {@discard}, {@utf8}, {@sys_tz}]}, 0x1, 0x1539, &(0x7f00000049c0)="$eJzs3AucTtX6OPDnWWvtMTTxNsllWGs9mzeJZZIklyS5JEklSXJLSExyJCExhCQNSUguQxJDSC4Tk9zv91tCkjRJEpJbsv6fCT+nU+ff75z65XzOPN/PZ3+sx9pr7We/z/vOXnsz7zedB9doWLNqfSKCPwTP/5EMALEA0B8A8gBAAABl48vGZ/XnlJj8xw7C/lwPpl3uDNjlxPXP3rj+2RvXP3vj+mdvXP/sjeufvXH9szeuP2PZ2cYpBa/iLftu/Pw/O+Pr/3+RzFKjv1hd6pouADG/7oz7zSFc/+yN6//f6Eq4cOH9XVz/7I3rn13FXu4E2H8A/vxnBzn+aQ/XP3vj+jOWnV3u58+Xe4PIn/AaKPjzcjqc83xh/qrzZ4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHG/gKn/CUKAC62L3dejDHGGGOMMcYY+/P4HJc7A8YYY4wxxhhjjP3fQxAgQUEAMZADYiEn5AIBAFdCbsgDEbgK4uFqyAvXQD7IDwWgICRAISgMGgxYIAihCBSFKFwLxeC6n58mlICS4KAUJMINUBpuhDJwE5SFm6Ec3ALloQJUhEpwK1SG26AK3A5V4Q6oBtWhBtSEO6EW3AW14W6oA/dAXbgX7oP7oR48APXhQWgAD0FDeBgawSPQGJpAU2gGzf+t8c9Bd3geekBPSIZe0BtegD7QF/rBi9AfXoIB8DIMhFcgBQbBYHgVhsBrMBReh2EwHEbAGzAS3oRRMBrGwFhIhXEwHt6CCfA2TIR3YBJMhjSYAlPhXZgG02EGvAcz4X2YBbNhDsyFdPgA5sF8yIAPYQF8BAthESyGJbAUlsFyWAErYRWshjWwFtbBetgAG2ETbIYtsBW2wXb4GHbAJ7ATdsFu+BT2wGf/4viT/zC+CwICChSoUGEMxmAsxmIuzIVxGIe5MTdGMILxGI95MS/mw3xYAAtgAiZgYSyMBg0SEhbBIhjFKBbDYlgci2MJLIEOHSZiIpbGG7EMlsGyWBbLYTksjxWwAlbCSlgZK2MVrIJVsSpWw2pYA2vgnXgn9sLaWBvrYB2si3UvPp7C+lgfG2ADbIgNsRE2wsbYGJtiU2yOzbEFtsCW2BJbY2tsg22wLbbFJEzC9tgeO2AH7IgdsRN2ws7YGbtgV+ya+VwOwOfxeeyJ1UQv7I29sQ+m5OiHL+KL+BIOwJfxZXwFU3AQDsZX8VV8DYfiCRyGw3EEjsDK4k0chaORxFhMxVQcj+NxAk7ArETfwcmYhlNwKk7FaTgdp+N7OBPfx/dxNs7GuZiO6TgP52MGZuACPIkLcREuxiW4FJfhUlyBK3EFrsY1uBrX4TrcgBtwE27CLbgFt+E2/BgVAH6Cu3AXpuAe3IN7cS/uw324H/djJmbiATyAB/EgHsJDeBgP4xE8isfwKB7H43gCT+IpPIVn8AyexWcSvmrw8fWrUkBkUUKJGBEjYkWsyCVyiTgRJ3KL3CIiIiJexIu8Iq/IJ/KJAqKASBAJorAoLIwwgkQYAwAiKqKimCgmioviooQoIZxwIlEkitKitCgjyoiy4mZRTtwiyosKopWrJCqJyqK1qyJuF1VFVVFNVBc1RE1RU9QStURtUVvUEXVEXVFX3CfuF/VEL+yHD4qsyjQUg7CRGIyNRRMhL/wEayGGYkvRSrQWj4vhOAzbihYuSTwp2otR2EH8TYzGp0UnMRY7i2dFF9FVdBPPie6ipesheoqJ2Ev0FpOxj+gr+okXxTSsLt7DmTlriFdEihgkBotXxVx8TQwVr4thYrgYId4QI8WbYpQYLcaIsSJVjBPjxVtignhbTBTviEliskgTU8RU8a6YJqaLGeI9MVO8L2aJ2WKOmCvSxQdinpgvMsSHYoH4SCwUi8RisUQsFcvEcrFCrBSrxGqxRqwV68R6sUFsFJvEZhELW8U2sV18LHaIT8ROsUvsFp+KPeIzsVd8LvaJL8R+8aXIFF+JA+JrcVB8Iw6Jb8Vh8Z04Io6KY+J7cVz8IE6Ik+KUOC3OiB/FWfGTOCe8AIlSSCmVDGSMzCFjZU6ZS14h42Rw4dW9SsbLq2VeeY3MJ/PLArKgTJCFZGGppZFWkgxlEVlURuW1spi8ThaX18sSsqR0spRMlDfI0vJGWUbeJMvKm2U5eYssLyvIirKSvFVWlrdJiJw/RjVZXdaQNeWdMhnukrXl3bKOvEfWlffK++T9sp58QNaXD8oG8iHZUD4sG8lHZGPZRDaVzWRz+ahsIR+TLWUr2Vo+LtvIJ2Rb2U4mySdle+kvvEWelp3kM7KzfFZ2kV1lN/mTPCe97CF7SugFsrd8QfaRfWW/WACQL8kB8mU5UL4iU+QgOVi+KofI1+RQ+bocJofLEfINOVK+KUfJ0XKMHCtT5Tg5Xr4lJ8i35UT5jpwkJ8s0OUX2k/1/nmmGlL87/q3fGD/w56NvkBvlJrlZbpFb5Ta5XX4sd8gdcqfcKXfL3XKP3CP3yr1yn9wn98v9MlNmygPygDwoD8pD8pA8LA/LI/KoPC2/l8flD/KEPClPytPyjDwjz154DUChEkoqpQIVo3KoWJVT5VJXqDh1pcqt8qiIukrFq6tVXnWNyqfyqwKqoEpQhVRhpZVRVpEKVRFVVEXVtXjhDaNKqJLKqVIqUd3wr4xXxdR1qri6/hfjL+aX/E/ya66aqxaqhWqpWqrWqrVqo9qotqqtSlJJqr1qrzqoDqqj6qg6qU6qs+qc9X5Q3VQ31V11Vz1UD5WsklVv9YLqo/qqfupF1V+9pAaoAWqgGqhSVIoarAarIWqIGqqGqmFqmBqhRqiRaqQapUapMWqMSlWparwaryaoCWqimqgmqUkqTaWpqWqqmqamqRlqhpqpZqpZapaao+aodJWu5ql5KkNlqAVqgVqoFqlFaolaopapZWqFWqFWqVVqjVqj1ql1aqHaqDaqzWqz2qq2qu1qu9qhdqidYqfarXarPWqP2qv2qn1qn9qv9qtMlakOqAPqoDqoDqlD6rA6rI6oI+qYOqaOq+PqhDqhTqlT6ow6o86qs+qcOpe17AtEIAIVqCAmiAlig9ggV5AriAvigtxB7iASRIL4ID7IG1wT5AvyBwWCgkFCUCgoHOjABDYQF4oeDa4NigXXBcWD64MSQcnABaWCxOCGoHRwY1AmuCkoG9wclAtuCcoHFYKKQaXg1qBycFtQJbg9qBrcEVQLqgc1gprBnUGt4K6gdnB3UCe4J6gb3BvcF9wf1AseCOoHDwYNgoeChsHDQaPgkaBx0CRoGjQLmv+p83t/Iv9jrofuqZN1L91bv6D76L66n35R99cv6QH6ZT1Qv6JT9CA9WL+qh+jX9FD9uh6mh+s88IYeqd/Uo/RoPUaP1al6nB6v39IT9Nt6on5HT9KTdZqeoqfqd/U0PV3PwPf0TP2+nqVn6zl6rk7XH+h5er7O0B/qBfojvVAv0ov1Er1UL9PL9Qq9Uq/Sq/UavVav0+v1Br1Rb9Kb9Ra9VW/T2/XHeof+RO/Uu/Ru/aneoz/Te/Xnep/+Qu/XX+pM/ZU+oL/WB/U3+pD+Vh/W3+kj+qg+pr/Xx/UP+oQ+qU/p0/qM/lGf1T/pc9pnLe6zLu9GGWViTIyJNbEml8ll4kycyW1ym4iJmHgTb/KavCafyWcKmAImwSSYwqawyUKGTBFTxERN1BQzxUxxU9yUMCWMM84kmkRT2pQ2ZUwZU9aUNeVMOVPelDcVTUVzq7nV3GZuM7eb280d5g5T3VQ3NU1NU8vUMrVNbVPH1DF1TV1zn7nP1DP1TH1T3zQwDUxD09A0Mo1MY9PYNDVNTXPT3LQwLUxL09K0Nq1NG9PGtDVtTZJJMu1Ne9PBdDAdTUfTyXQynU1n08V0Md1MN9PddDc9TA+TbJJNb9Pb9DF9TD/Tz/Q3/c0AM8AMNANNikkxg81gM8QMMUPNUDPMDDcjshaq5k0zyow2Y8xYk2pSzXgz3kwwE8xEM9FMMpNMmkkzU81UM81MMzPMDDPTzDSzzCwzx8wx6SbdzDPzTIbJMAvMArPQLDSLzWKz1Cw1y81ys9KsNKvNarMW1pr1Zr3ZaDaazWaz2Wq2mu1mu9lhdpidZqfZbXabPWaP2Wv2mn1mn9lv9ptMk2kOmAPmoDloDplD5rA5bI6YI+aYOWaOm+PmhDlhTplT5ozJf+F66U2szWlz2StsnL3S5rZ57D/GBWxBm2AL2cJW23w2/y9iY60tbq+3JWxJ62wpm2hv+FVc3lawFW0le6utbG+zVX4V17J32dr2blvH3mNr2jt/Ede199qs1Uk9RADbxDawzWxD+7BtZB+xjW0T29Q2s23sE7atbWeT7JO2vX3qV/E8O9+utKvsarvG7rS77Cl72h6039gz9kfbw/a0/e1LdoB92Q60r9gUO+hX8Qj7hh1p37Sj7Gg7xo79VTzJTrZpdoqdat+10+z0X8Xp9gM702bYWXa2nWPn/hxn5ZRhP7QL7Ed2oQ1gsV1il9pldrldcTFXn8eus+vtBrvDfmI32y12q91mt19cCNtddrf91O6xn9kD9mu7z35h99tDNtN+9XOcdX6H7Lf2sP3OHrFH7TH7vT1uf1AXR2ed+/f2J3vOeguEBCRJUUAxlINiKSfloisojq6k3JSHInQVxdPVlJeuoXyUnwpQQUqgQlSYNBmyRBRSESpKUbqWLqZXgkqSo1KUSDdQabqRytBNVJZupnJ0C5WnClSRKtGtVJluoyp0O1WlO6gaVacaVJPupFp0F9Wmu6kO3UN16V66j+6nevQA1acHqQE9RA3pYWpEj1BjakJNqRk1p0epBT1GLakVtabHqQ09QW2pHSXRk9SenqIO9DfqSE9TJ3qGOtOz1IW6Ujd6jrrT89SDelIy9aLe9AL1ob7Uj16k/vQSDaCXaSC9Qik0iAbTqzSEXqOh9DoNo+E0gt6gkfQmjaLRNIbGUiqNo/H0Fk2gt2kivUOTaDKl0RSaSu/SNJpOM+g9mknv0yyaTXNoLqXTBzSP5lMGfUgL6CNaSItoMS2hpbSMltMKWkmraDWtobW0jtbTBtpIm2gzbaGttI2208e0gz6hnbSLdtOntIc+I6TPaR99QfvpS8qkr+gAfU0H6Rs6RN/6nvQdHaGjdIy+p+P0A52gk3SKTtMZ+pHO0k90jjxBiKEIZajCIIwJc4SxYc4wV3hFGBdeGeYO84SR8KowPrw6zBteE+YL84cFwoJhQlgoLBzq0IQ2pDAMi4RFw2h4bVgsvC4sHl4flghLhi4sFSaGN4SlwxvDMuFNYdnw5rBceEtYPqwQPnxPpfDWsHJ4W1glvD2sGt4RVgurhzXCmuGdYa3wrrB2eHdYJ7wnLBPeG94X3h/WCx8I64cPhg3Ch8KG4cNho/CRsHHYJGwaNgubh4+GLcLHwpZhq7B1+HjYJnwibBu2C5PCJ8P24VM/9987/5/3J4e9wt7hC+ELofd3yznRudH06AfRedH50Yzoh9EF0Y+iC6OLooujS6JLo8uiy6Mroiujq6Kro2uia6ProuujG6Le18wBDp1w0ikXuBiXw8W6nC6Xu8LFuStdbpfHRdxVLt5d7fK6a1w+l98VcAVdgivkCjvtjLOOXOiKuKIu6q51xdx1rri73pVwJZ1zpVyia+aau+auhXvMtXStXGv3uHvcPeGecO1cO/eka++ech3c31xH97Tr5J5xz7hnXRfX1XVzz7nublzu85/JZNfb9XZ9XB/Xz/Vz/V1/N8ANcAPdQJfiUtxgN9gNcUPcUDfUDXPD3Ag3wo10I90oN8qNcWNcqkt14914N8FNcBPdRDfJTXJpLs1NdVPdNDfNVZ5+/iiz3Cw3x81x6S7dzXNZa8YMt8AtcAvdQrfYLXZL3VK33C13K91Kt9qtdmvdWrferXcb3Ua32W12W91Wt91tdzvcDrfT5zk/qdvj9rq9bp/b5/a7L12m+8odcF+7g+4bd8h96w6779wRd9Qdc9+74+4Hd8KddKfcaXfG/ejOup/cOeddamRcZHzkrciEyNuRiZF3smaNpEWmRKZG3o1Mi0yPzIi8F5kZeT8yKzI7MicyN5Ie+SAyLzI/khH5MLIg8lFkYWRRZHFkSWRpZFnE+0KbQ1/EF/VRf60v5q/zxf31voQv6Z0v5RP9Db60v9GX8Tf5sv5mX87f4sv7Cr6if8Q39k18U9/MN/eP+hb+Md/St/Kt/eO+jX/Ct/XtfJJ/0rf3T/kO/m++o3/ad/LP+M7+Wd/Fd/Xd/HO+u3/e9/A9fbLv5Xv7F3wf39f38y/6/v4lP8C/7Af6V3yKH+QH+1f9EP+aH+pf98P8cD8i5g0/8uItMoz1qX6cH+/f8hP8236if8dP8pN9mp/ip/p3/TQ/3c/w7/mZ/n0/y8/2c/xcn+4/8PP8fJ/hP0TAXzxU9sv9Cr/Sr/Kr/Rq/1q/z6/0Gv9Fv8pv9Fr/Vb/Pb/cd+h//E7/S7/G7/qd/jP/N7/ed+n//C7/df+kz/lT/gv/YH/Tf+kP/WH/bf+SP+qD/mv/fH/Q/+hD/pT/nT/oz/0Z/1P/lz539nTf3hx+GMMcYYY//lxl1qil/2nF/Q9fqNMeLvdu4NAFduKZj59/1ZK8q1+c63+4qENhEAeLJn5wcvbtWqJScnX9h3oYSg6Oysdfel8TFwKV4EreEJSIJWUPo38+8rup6h35k/ejNArr8bEwuX4kvzfw6Ayb8x/6OPj5hXLjwV//+ZfzZA8aKXxuSES/EiaP3zmrQVlPkn+edv8Tv55/wiFaDl342Jg0vxpfwT4TF4CpJ+sSdjjDHGGGOMMXZeX1Gx48X7z4v/4/O37s8T/udfVuIgB1yKf+/+nDHGGGOMMcYYY5ff0127tXs0KalVx3+9UeX391H/uwljfqurEfy7iXHj32p4D/A/hQOAPzghQFZD/pVnsekvOVbKhY/OP3YtPe0D6NYO/gNK+Wc0LvMPJsYYY4wxxtif7tKi/5d/z79IyRhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOM/XX+6He8wf/iW/ou9zkyxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjl9v/CwAA//9zU+4h")
mkdirat(0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0xd9)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0xc00, 0x0)

1m57.225521526s ago: executing program 3 (id=1921):
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
ioctl$VIDIOC_QBUF(r1, 0xc058ff0b, &(0x7f0000000200)=@mmap={0x96c, 0x1, 0x4, 0x10, 0x200, {}, {0x3, 0x8, 0xe, 0x9f, 0x0, 0x7b, "c16599e2"}, 0xabdb, 0x1, {}, 0xbaa})

1m56.606069476s ago: executing program 3 (id=1927):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="240000002000010327bd7000ffdbdf2502000000000081001e000000080006"], 0x24}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[], 0x28}}, 0x0)

1m56.205916099s ago: executing program 32 (id=1927):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="240000002000010327bd7000ffdbdf2502000000000081001e000000080006"], 0x24}, 0x1, 0x0, 0x0, 0x240480d4}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[], 0x28}}, 0x0)

1m50.225780359s ago: executing program 1 (id=2009):
mknod$loop(&(0x7f0000000040)='./file0\x00', 0x6000, 0x1)
r0 = creat(&(0x7f0000000400)='./file0\x00', 0x13b)
fallocate(r0, 0x40, 0x7, 0x1)

1m50.190987722s ago: executing program 1 (id=2010):
r0 = getpid()
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000004e00)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000022c0)=[@cred={{0x1c, 0x1, 0x2, {r0}}}, @rights={{0x14, 0x1, 0x1, [r1]}}], 0x38, 0x8004}}], 0x1, 0x0)

1m50.13812978s ago: executing program 1 (id=2011):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
recvmmsg(r0, &(0x7f0000005c80), 0x400030f, 0x0, 0x0)
listen(r0, 0xd3)

1m49.786146375s ago: executing program 1 (id=2015):
r0 = syz_open_dev$vim2m(&(0x7f0000000300), 0x10, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000040)={0x80000001, 0x1, 0x4})
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000003c0)={0x1, @sdr={0x8409131a, 0x6}})

1m49.595094204s ago: executing program 1 (id=2017):
syz_mount_image$xfs(&(0x7f0000000200), &(0x7f0000000280)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4012, &(0x7f0000000180)={[{@nogrpid}]}, 0x1, 0x9764, &(0x7f00000097c0)="$eJzs3QeYJHWhcP1ZYMkZRERRVFSMRAkiShAQCRIVFBAkSw5KUJKIBEVBQJGcc84555xzzjnn+D3L7iquB/S+331fvPec8zy7M11dVVP9/3VXzUz1dC85z2JzDgyMPjC0KQZG7JY751xo4x3nvGKfnfY8ZYoxx5982ORhC0w67OKkg4Z9HGlgYGCkYesZNm2sR088aaSBUd6d/vfGGmPMQeMMDEw37OLswz7ONPTDRI8Nn++dERpxQwf97eKg7Yf+e7fxhnyJIZ8sffOF5wwMDIz/nuWHLDLNP91QaUvOMe88f7f6m9sQq8HDPn/vv1GH/pvogYGBie4d4PvHe+cd9CHcpCFfc/wdHxx93Q/ha/+Pa8k55p1vBP8hj8WRh02bachjfMTHoLER7+c3rzLr7sOG8N3728DAkF3cPzxW/ke05BzzLDDw/vv5gYfHHPeMd97db4717MDAWM8NDIz1/MDAWC8MDIz14sDAWC992C71/6855px+ziGP9+GXh7EPvy+PT/eLfVZ/ce+BgYHRhs4z1ttDjxdjTzH8mFBVVVX/2c0x5/RzwfF/9A86/m+19Ry3dvyvqqr6n9t8c8w5/ZDj+AjH/7E/6Pj/vRtvXGPo7/5nn2noUm9/uDeiqqqq/kvNMx8e/8f/oOP/eDtcv3/H/6qqqv+5Lbrgu8f/sUc4/k/8Qcf/Nea/87Jh8w3/vuGt96zy3eePDZv+xnumj/ye6a+/Z/rg96znvfOP+p7pr75n+ugDA2M9Omz6m3+fPNazQ5b55/WM9fLfn48z6Sjvmf7Ke6aP+p7prw7bpiHTR3vP9LfeM//of58+9pD/phj2dV/7gKGuqqr6j2nR6eeZa+A9z7MfNnn4E/vxeaHHHLP1XR/W9lZVVVVVVVXVf723nzr97L//zfcnB97zt6t/+xvWYb8XGHTsudde+6Ft6H9Gg/759yFbfNjb9P+3Ic6jHz7FwMBaS3zYm1IfQv9j/la9/q+Uv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/mLe5/z/3/7+/+Be7+0w7BZZ5nszvsW+/uSkw6sNuyzW+6cc6HVPoRt/xD633r+f2C1QQMDw3zHH2K50ByLLj7VwMDAYvfdOdmMA3+7buYh18064cjv/jHnwMBU7/4/eNL3WfOwd1l4980dJv7bOo59d/3zvbPfyING2Ij3NNs59x+06pKvzDDixy+8/+342/tLLPXyflMO/1uWkUaYafT3WXj4+offlhGdh237VEO2feoN1lxn6vU33uSrq625/CorrbLSWtNNN+0M0884w3Rfn2XqlVdbY6Vphv7/PmM29K0rRv53xmzsEcfsqTneO2Yj3rYJTj4Ix+yf39XjH1bx7hrPm+3hy4eP2Sj/5pgN/3ojf/CYTbHasC806cDggeXeHZpBAwOTjjJ4YKMhF6YdbWBg0sHD5p10yLzfnHCkgYEd/35DBw17sdGh8wzaYsg8/2HvWzLLsBHZdPh8I77O+ogb+q/et+SEsXe5c4T3Lfm/1f/R8f+fvGYe9LeBGv4GCMPmGer1Ib/PxD9t7xSjvHuQe7/t/YDXxXk3un+tuepjS/x3vS4Obe/YH7C9H/A6fu+7vVNN+8weQ1f137a9I+zrFhh65b+zrxv44H3dyLT8SldNPuK+bv7338R/eBwPH6PRRpjp/fZ1O85/3uZD1j/wwfu6BVYb9uIBf9/XjTQwMOnIw/d1Q3Z8ow4e2HHIhemGXBht8MChQy5M/+6FMQbOHXLhayusvcaKg959mYFh651myHpnn3DQ0AfQTQetOtou77wzyrBteXmsf9zWYfePKd57PJ9jwmGDOWzZ4esdMuvw9b66zdDrRh223lf+C+sdvixt76RnDb1utGHrfXWE9Q7+gPUOX/afHg9TDfqHJ6rC/uZDfV8jevyO/gHb+wGvw433t3fdp1z24f+G1+Ee9H7bO8oHb+/7vW/I+27v45c/se9/1+uG0/3s3n2G3ldGH3Y/e+u/cP8dvuyI+7GhLwQydLc/+r+zH5vin/ZjW4480giD/Z7e7/vcFWH+YY+Iv61txQNfWW342A8eYb3/6vvc99yWQbAfG3+En+cGbb7vwCAa80fXeGHDt3f+4DEfPPCPP1sMH/Phy37QmI/274z5Jz54zEf8Pvn9xnyqzw69fvAI2//eMV9kt9lvGj7mo46w3n815qN98LHjn8d8YGAwjfmOkw0dtw/an77fmA9fdviYD/k6s044ysDcAwMDUw4b81H/nTGf9L/nfj4mzD/085X+NunZGRf+yvAxH3GM/9WYj/pfHPPN7v3b/XzKd6/7zEgDo446sNHyG2yw3rRD/x9+cbqh//O+6NkVh47zBx1L389o+LIf9LgY5d8xGv/fMhr0r4wmG+X9jP7+0Br5oEWf+z/dF43yXzU6l/dFp847dNw+6Pui9xvz4cvScXDi9yw/4s+hH/D6WXib3h2f+bcd/vPef8LrZw3/efd/5OtnDf+d5Goj7uTr363f/7vL313+7vJ3l7+49zn/P8Xw8//vjH3AJMN+6Bx81cy3zv5hb++H3P/q8//DfP/h/P/st8581ZAfrYZd94HnZ4fO8x95fnamoR8memz4fCOeHxxxQ//V+dl9dt3gqv9H52f/jxr+WP03fi5u/+8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vIX9z7n/6cZ/jyAhxZf6PvDToQO3nTaozb9sLf3Q+5/9fn/Yb7/cP5/06Om3XSkgb9d94Hn/4fO4zj/f/+Cmy/zn3z+f/hjtfP/9S/K313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zFvc/5/9mHPw/giNnm/tzw5wPcsN1+e3zY2/sh97/1/H/v/++t/b+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8tf3LDz/wMjvE3iwt0vMDj//z+79/FfJH/M4r9o/pjFf7H8MYv/4vljFv8l8scs/j/IH7P4/zB/zOK/ZP6YxX+p/DGL/4/yxyz+P84fs/gvnT9m8V8mf8ziv2z+mMX/J/ljFv/l8scs/svnj1n8f5o/ZvFfIX/M4r9i/pjFf6X8MYv/yvljFv9V8scs/qvmj1n8V8sfs/j/LH/M4r96/pjFf438MYv/mvljFv+18scs/mvnj1n818kfs/ivmz9m8V8vf8ziv37+mMV/g/wxi//P88cs/r/IH7P4b5g/ZvHfKH/M4r9x/pjFf5P8MYv/L/PHLP6/yh+z+G+aP2bx3yx/zOK/ef6YxX+L/DGL/5b5Yxb/X+ePWfy3yh+z+P8mf8ziv3X+mMX/t/ljFv9t8scs/tvmj1n8t8sfs/hvnz9m8f9d/pjF//f5Yxb/HfLHLP5/yB+z+P8xf8ziv2P+mMV/p/wxi/+f8scs/jvnj1n8d8kfs/jvmj9m8f9z/pjF/y/5Yxb/3fLHLP5/zR+z+O+eP2bx3yN/zOK/Z/6YxX+v/DGL/975Yxb/ffLHLP775o9Z/PfLH7P4758/ZvE/IH/M4n9g/pjF/6D8MYv/wfljFv9D8scs/ofmj1n8D8sfs/gfnj9m8T8if8zif2T+mMX/qPwxi//R+WMW/2Pyxyz+x+aPWfyPyx+z+B+fP2bxPyF/zOJ/Yv6Yxf+k/DGL/8n5Yxb/U/LHLP6n5o9Z/E/LH7P4n54/ZvE/I3/M4n9m/pjF/6z8MYv/2fljFv9z8scs/ufmj1n8z8sfs/ifnz9m8b8gf8zif2H+mMX/ovwxi//F+WMW/0vyxyz+l+aPWfwvyx+z+F+eP2bxvyJ/zOJ/Zf6Yxf+q/DGL/9X5Yxb/a/LHLP7X5o9Z/K/LH7P4X58/ZvG/IX/M4n9j/pjF/6b8MYv/zfljFv9b8scs/rfmj1n8b8sfs/jfnj9m8b8jf8zif2f+mMX/rvwxi//d+WMW/3vyxyz+9+aPWfzvyx+z+N+fP2bxfyB/zOL/YP6Yxf+h/DGL/8P5Yxb/R/LHLP6P5o9Z/B/LH7P4P54/ZvF/In/M4v9k/pjF/6n8MYv/0/ljFv9n8scs/s/mj1n8n8sfs/g/nz9m8X8hf8zi/2L+mMX/pfwxi//L+WMW/1fyxyz+r+aPWfxfyx+z+L+eP2bxfyN/zOL/Zv6Yxf+t/DGL/9v5Yxb/d/LHJP6DBvLHLP6D8scs/iPlj1n8R84fs/iPkj9m8R+cP2bxHzV/zOI/Wv6YxX/0/DGL/xj5Yxb/MfPHLP5j5Y9Z/MfOH7P4j5M/ZvEfN3/M4j9e/pjFf/z8MYv/BPljFv8J88cs/hPlj1n8J84fs/h/JH/M4j9J/pjF/6P5Yxb/SfPHLP4fyx+z+E+WP2bx/3j+mMX/E/ljFv/J88cs/p/MH7P4fyp/zOI/Rf6Yxf/T+WMW/8/kj1n8P5s/ZvGfMn/M4v+5/DGL/+fzxyz+X8gfs/hPlT9m8f9i/pjF/0v5Yxb/L+ePWfy/kj9m8f9q/pjF/2v5Yxb/qfPHLP7T5I9Z/KfNH7P4T5c/ZvGfPn/M4j9D/pjF/+v5Yxb/GfPHLP4z5Y9Z/GfOH7P4z5I/ZvH/Rv6YxX/W/DGL/zfzxyz+s+WPWfy/lT9m8f92/pjFf/b8MYv/HPljFv8588cs/nPlj1n8v5M/ZvGfO3/M4j9P/pjFf978MYv/d/PHLP7z5Y9Z/L+XP2bxnz9/zOK/QP6YxX/B/DGL/0L5Yxb/7+ePWfwXzh+z+C+SP2bxXzR/zOK/WP6YxX/x/DGL/xL5Yxb/H+SPWfx/mD9m8V8yf8ziv1T+mMX/R/ljFv8f549Z/JfOH7P4L5M/ZvFfNn/M4v+T/DGL/3L5Yxb/5fPHLP4/zR+z+K+QP2bxXzF/zOK/Uv6YxX/l/DGL/yr5Yxb/VfPHLP6r5Y9Z/H+WP2bxXz1/zOK/Rv6YxX/N/DGL/1r5Yxb/tfPHLP7r5I9Z/NfNH7P4r5c/ZvFfP3/M4r9B/pjF/+f5Yxb/X+SPWfw3zB+z+G+UP2bx3zh/zOK/Sf6Yxf+X+WMW/1/lj1n8N80fs/hvlj9m8d88f8ziv0X+mMV/y/wxi/+v88cs/lvlj1n8f5M/ZvHfOn/M4v/b/DGL/zb5Yxb/bfPHLP7b5Y9Z/LfPH7P4/y5/zOL/+/wxi/8O+WMW/z/kj1n8/5g/ZvHfMX/M4r9T/pjF/0/5Yxb/nfPHLP675I9Z/HfNH7P4/zl/zOL/l/wxi/9u+WMW/7/mj1n8d88fs/jvkT9m8d8zf8ziv1f+mMV/7/wxi/8++WMW/33zxyz+++WPWfz3zx+z+B+QP2bxPzB/zOJ/UP6Yxf/g/DGL/yH5Yxb/Q/PHLP6H5Y9Z/A/PH7P4H5E/ZvE/Mn/M4n9U/pjF/+j8MYv/MfljFv9j88cs/sflj1n8j88fs/ifkD9m8T8xf8zif1L+mMX/5Pwxi/8p+WMW/1Pzxyz+p+WPWfxPzx+z+J+RP2bxPzN/zOJ/Vv6Yxf/s/DGL/zn5Yxb/c/PHLP7n5Y9Z/M/PH7P4X5A/ZvG/MH/M4n9R/pjF/+L8MYv/JfljFv9L88cs/pflj1n8L88fs/hfkT9m8b8yf8zif1X+mMX/6vzf25bDP7H4X5M/ZvG/Nn/M4n9d/pjF//r8MYv/DfljFv8b88cs/jflj1n8b84fs/jfkj9m8b81f8zif1v+mMX/9vwxi/8d+WMW/zvzxyz+d+WPWfzvzh+z+N+TP2bxvzd/zOJ/X/6Yxf/+/DGL/wP5Yxb/B/PHLP4P5Y9Z/B/OH7P4P5I/ZvF/NH/M4v9Y/pjF//H8MYv/E/ljFv8n88cs/k/lj1n8n84fs/g/kz9m8X82f8zi/1z+mMX/+fwxi/8L+WMW/xfzxyz+L+WPWfxfzh+z+L+SP2bxfzV/zOL/Wv6Yxf/1/DGL/xv5Yxb/N/PHLP5v5Y9Z/N/OH7P4v5M/JvF/99P8/zmL/6D8MYv/SPljFv+R88cs/qPkj1n8B+ePWfxHzR+z+I+WP2bxHz1/zOI/Rv6YxX/M/DGL/1j5Yxb/sfPHLP7j5I9Z/MfNH7P4j5c/ZvEfP3/M4j9B/pjFf8L8MYv/RPljFv+J88cs/h/JH7P4T5I/ZvH/aP6YxX/S/DGL/8fyxyz+k+WPWfw/nj9m8f9E/pjFf/L8MYv/J/PHLP6fyh+z+E+RP2bx/3T+mMX/M/ljFv/P5o9Z/KfMH7P4fy5/zOL/+fwxi/8X8scs/lPlj1n8v5g/ZvH/Uv6Yxf/L+WMW/6/kj1n8v5o/ZvH/Wv6YxX/q/DGL/zT5Yxb/afPHLP7T5Y9Z/KfPH7P4z5A/ZvH/ev6YxX/G/DGL/0z5Yxb/mfPHLP6z5I9Z/L+RP2bxnzV/zOL/zfwxi/9s+WMW/2/lj1n8v50/ZvGfPX/M4j9H/pjFf878MYv/XPljFv/v5I9Z/OfOH7P4z5M/ZvGfN3/M4v/d/DGL/3z5Yxb/7+WPWfznzx+z+C+QP2bxXzB/zOK/UP6Yxf/7+WMW/4Xzxyz+i+SPWfwXzR+z+C+WP2bxXzx/zOK/RP6Yxf8H+WMW/x/mj1n8l8wfs/gvlT9m8f9R/pjF/8f5Yxb/pfPHLP7L5I9Z/JfNH7P4/yR/zOK/XP6YxX/5/DGL/0/zxyz+K+SPWfxXzB+z+K+UP2bxXzl/zOK/Sv6YxX/V/DGL/2r5Yxb/n+WPWfxXzx+z+K+RP2bxXzN/zOK/Vv6YxX/t/DGL/zr5Yxb/dfPHLP7r5Y9Z/NfPH7P4b5A/ZvH/ef6Yxf8X+WMW/w3zxyz+G+WPWfw3zh+z+G+SP2bx/2X+mMX/V/ljFv9N88cs/pvlj1n8N88fs/hvkT9m8d8yf8zi/+v8MYv/VvljFv/f5I9Z/LfOH7P4/zZ/zOK/Tf6YxX/b/DGL/3b5Yxb/7fPHLP6/yx+z+P8+f8ziv0P+mMX/D/ljFv8/5o9Z/HfMH7P475Q/ZvH/U/6YxX/n/DGL/y75Yxb/XfPHLP5/zh+z+P8lf8ziv1v+mMX/r/ljFv/d88cs/nvkj1n898wfs/jvlT9m8d87f8ziv0/+mMV/3/wxi/9++WMW//3zxyz+B+SPWfwPzB+z+B+UP2bxPzh/zOJ/SP6Yxf/Q/DGL/2H5Yxb/w/PHLP5H5I9Z/I/MH7P4H5U/ZvE/On/M4n9M/pjF/9j8MYv/cfljFv/j88cs/ifkj1n8T8wfs/iflD9m8T85f8zif0r+mMX/1Pwxi/9p+WMW/9Pzxyz+Z+SPWfzPzB+z+J+VP2bxPzt/zOJ/Tv6Yxf/c/DGL/3n5Yxb/8/PHLP4X5I9Z/C/MH7P4X5Q/ZvG/OH/M4n9J/pjF/9L8MYv/ZfljFv/L88cs/lfkj1n8r8wfs/hflT9m8b86f8zif03+mMX/2vwxi/91+WMW/+vzxyz+N+SPWfxvzB+z+N+UP2bxvzl/zOJ/S/6Yxf/W/DGL/235Yxb/2/PHLP535I9Z/O/MH7P435U/ZvG/O3/M4n9P/pjF/978MYv/ffljFv/788cs/g/kj1n8H8wfs/g/lD9m8X84f8zi/0j+mMX/0fwxi/9j+WMW/8fzxyz+T+SPWfyfzB+z+D+VP2bxfzp/zOL/TP6Yxf/Z/DGL/3P5Yxb/5/PHLP4v5I9Z/F/MH7P4v5Q/ZvF/OX/M4v9K/pjF/9X8MYv/a/ljFv/X88cs/m/kj1n838wfs/i/lT9m8X87f8zi/07+mMR/5IH8MYv/oPwxi/9I+WMW/5Hzxyz+o+SPWfwH549Z/EfNH7P4j5Y/ZvEfPX/M4j9G/pjFf8z8MYv/WPljFv+x88cs/uPkj1n8x80fs/iPlz9m8R8/f8ziP0H+mMV/wvwxi/9E+WMW/4nzxyz+H8kfs/hPkj9m8f9o/pjFf9L8MYv/x/LHLP6T5Y9Z/D+eP2bx/0T+mMV/8vwxi/8n88cs/p/KH7P4T5E/ZvH/dP6Yxf8z+WMW/8/mj1n8p8wfs/h/Ln/M4v/5/DGL/xfyxyz+U+WPWfy/mD9m8f9S/pjF/8v5Yxb/r+SPWfy/mj9m8f9a/pjFf+r8MYv/NPljFv9p88cs/tPlj1n8p88fs/jPkD9m8f96/pjFf8b8MYv/TPljFv+Z88cs/rPkj1n8v5E/ZvGfNX/M4v/N/DGL/2z5Yxb/b+WPWfy/nT9m8Z89f8ziP0f+mMV/zvwxi/9c+WMW/+/kj1n8584fs/jPkz9m8Z83f8zi/938MYv/fPljFv/v5Y9Z/OfPH7P4L5A/ZvFfMH/M4r9Q/pjF//v5Yxb/hfPHLP6L5I9Z/BfNH7P4L5Y/ZvFfPH/M4r9E/pjF/wf5Yxb/H+aPWfyXzB+z+C+VP2bx/1H+mMX/x/ljFv+l88cs/svkj1n8l80fs/j/JH/M4r9c/pjFf/n8MYv/T/PHLP4r5I9Z/FfMH7P4r5Q/ZvFfOX/M4r9K/pjFf9X8MYv/avljFv+f5Y9Z/FfPH7P4r5E/ZvFfM3/M4r9W/pjFf+38MYv/OvljFv9188cs/uvlj1n8188fs/hvkD9m8f95/pjF/xf5Yxb/DfPHLP4b5Y9Z/DfOH7P4b5I/ZvH/Zf6Yxf9X+WMW/03zxyz+m+WPWfw3zx+z+G+RP2bx3zJ/zOL/6/wxi/9W+WMW/9/kj1n8t84fs/j/Nn/M4r9N/pjFf9v8MYv/dvljFv/t88cs/r/LH7P4/z5/zOK/Q/6Yxf8P+WMW/z/mj1n8d8wfs/jvlD9m8f9T/pjFf+f8MYv/LvljFv9d88cs/n/OH7P4/yV/zOK/W/6Yxf+v+WMW/93zxyz+e+SPWfz3zB+z+O+VP2bx3zt/zOK/T/6YxX/f/DGL/375Yxb//fPHLP4H5I9Z/A/MH7P4H5Q/ZvE/OH/M4n9I/pjF/9D8MYv/YfljFv/DVf7vjPfvzmnxP0Ll/+9n8T8yf8zif1T+mMX/6Pwxi/8x+WMW/2Pzxyz+x+WPWfyPzx+z+J+QP2bxPzF/zOJ/Uv6Yxf/k/DGL/yn5Yxb/U/PHLP6n5Y9Z/E/PH7P4n5E/ZvE/M3/M4n9W/pjF/+z8MYv/OfljFv9z88cs/uflj1n8z88fs/hfkD9m8b8wf8zif1H+mMX/4vwxi/8l+WMW/0vzxyz+l+WPWfwvzx+z+F+RP2bxvzJ/zOJ/Vf6Yxf/q/DGL/zX5Yxb/a/PHLP7X5Y9Z/K/PH7P435A/ZvG/MX/M4n9T/pjF/+b8MYv/LfljFv9b88cs/rflj1n8b88fs/jfkT9m8b8zf8zif1f+mMX/7vwxi/89+WMW/3vzxyz+9+WPWfzvzx+z+D+QP2bxfzB/zOL/UP6Yxf/h/DGL/yP5Yxb/R/PHLP6P5Y9Z/B/PH7P4P5E/ZvF/Mn/M4v9U/pjF/+n8MYv/M/ljFv9n88cs/s/lj1n8n88fs/i/kD9m8X8xf8zi/1L+mMX/5fwxi/8r+WMW/1fzxyz+r+WPWfxfzx+z+L+RP2bxfzN/zOL/Vv6Yxf/t/DGL/zv5YxL/UQbyxyz+g/LHLP4j5Y9Z/EfOH7P4j5I/ZvEfnD9m8R81f8ziP1r+mMV/9Pwxi/8Y+WMW/zHzxyz+Y+WPWfzHzh+z+I+TP2bxHzd/zOI/Xv6YxX/8/DGL/wT5Yxb/CfPHLP4T5Y9Z/CfOH7P4fyR/zOI/Sf6Yxf+j+WMW/0nzxyz+H8sfs/hPlj9m8f94/pjF/xP5Yxb/yfPHLP6fzB+z+H8qf8ziP0X+mMX/0/ljFv/P5I9Z/D+bP2bxnzJ/zOL/ufwxi//n88cs/l/IH7P4T5U/ZvH/Yv6Yxf9L+WMW/y/nj1n8v5I/ZvH/av6Yxf9r+WMW/6nzxyz+0+SPWfynzR+z+E+XP2bxnz5/zOI/Q/6Yxf/r+WMW/xnzxyz+M+WPWfxnzh+z+M+SP2bx/0b+mMV/1vwxi/8388cs/rPlj1n8v5U/ZvH/dv6YxX/2/DGL/xz5Yxb/OfPHLP5z5Y9Z/L+TP2bxnzt/zOI/T/6YxX/e/DGL/3fzxyz+8+WPWfy/lz9m8Z8/f8ziv0D+mMV/wfwxi/9C+WMW/+/nj1n8F84fs/gvkj9m8V80f8ziv1j+mMV/8fwxi/8S+WMW/x/kj1n8f5g/ZvFfMn/M4r9U/pjF/0f5Yxb/H+ePWfyXzh+z+C+TP2bxXzZ/zOL/k/wxi/9y+WMW/+Xzxyz+P80fs/ivkD9m8V8xf8ziv1L+mMV/5fwxi/8q+WMW/1Xzxyz+q+WPWfx/lj9m8V89f8ziv0b+mMV/zfwxi/9a+WMW/7Xzxyz+6+SPWfzXzR+z+K+XP2bxXz9/zOK/Qf6Yxf/n+WMW/1/kj1n8N8wfs/hvlD9m8d84f8ziv0n+mMX/l/ljFv9f5Y9Z/DfNH7P4b5Y/ZvHfPH/M4r9F/pjFf8v8MYv/r/PHLP5b5Y9Z/H+TP2bx3zp/zOL/2/wxi/82+WMW/23zxyz+2+WPWfy3zx+z+P8uf8zi//v8MYv/DvljFv8/5I9Z/P+YP2bx3zF/zOK/U/6Yxf9P+WMW/53zxyz+u+SPWfx3zR+z+P85f8zi/5f8MYv/bvljFv+/5o9Z/HfPH7P475E/ZvHfM3/M4r9X/pjFf+/8MYv/PvljFv9988cs/vtJ/Uf7F9db/PeX+v+rLP4H5I9Z/A/MH7P4H5Q/ZvE/OH/M4n9I/pjF/9D8MYv/YfljFv/D88cs/kfkj1n8j8wfs/gflT9m8T86f8zif0z+mMX/2Pwxi/9x+WMW/+Pzxyz+J+SPWfxPzB+z+J+UP2bxPzl/zOJ/Sv6Yxf/U/DGL/2n5Yxb/0/PHLP5n5I9Z/M/MH7P4n5U/ZvE/O3/M4n9O/pjF/9z8MYv/efljFv/z88cs/hfkj1n8L8wfs/hflD9m8b84f8zif0n+mMX/0vwxi/9l+WMW/8vzxyz+V+SPWfyvzB+z+F+VP2bxvzp/zOJ/Tf6Yxf/a/DGL/3X5Yxb/6/PHLP435I9Z/G/MH7P435Q/ZvG/OX/M4n9L/pjF/9b8MYv/bfljFv/b88cs/nfkj1n878wfs/jflT9m8b87f8zif0/+mMX/3vwxi/99+WMW//vzxyz+D+SPWfwfzB+z+D+UP2bxfzh/zOL/SP6Yxf/R/DGL/2P5Yxb/x/PHLP5P5I9Z/J/MH7P4P5U/ZvF/On/M4v9M/pjF/9n8MYv/c/ljFv/n88cs/i/kj1n8X8wfs/i/lD9m8X85f8zi/0r+mMX/1fwxi/9r+WMW/9fzxyz+b+SPWfzfzB+z+L+VP2bxfzt/zOL/Tv6YxH/wQP6YxX9Q/pjFf6T8MYv/yPljFv9R8scs/oPzxyz+o+aPWfxHyx+z+I+eP2bxHyN/zOI/Zv6YxX+s/DGL/9j5Yxb/cfLHLP7j5o9Z/MfLH7P4j58/ZvGfIH/M4j9h/pjFf6L8MYv/xPljFv+P5I9Z/CfJH7P4fzR/zOI/af6Yxf9j+WMW/8nyxyz+H88fs/h/In/M4j95/pjF/5P5Yxb/T+WPWfynyB+z+H86f8zi/5n8MYv/Z/PHLP5T5o9Z/D+XP2bx/3z+mMX/C/ljFv+p8scs/l/MH7P4fyl/zOL/5fwxi/9X8scs/l/NH7P4fy1/zOI/df6YxX+a/DGL/7T5Yxb/6fLHLP7T549Z/GfIH7P4fz1/zOI/Y/6YxX+m/DGL/8z5Yxb/WfLHLP7fyB+z+M+aP2bx/2b+mMV/tvwxi/+38scs/t/OH7P4z54/ZvGfI3/M4j9n/pjFf678MYv/d/LHLP5z549Z/OfJH7P4z5s/ZvH/bv6YxX++/DGL//fyxyz+8+ePWfwXyB+z+C+YP2bxXyh/zOL//fwxi//C+WMW/0Xyxyz+i+aPWfwXyx+z+C+eP2bxXyJ/zOL/g/wxi/8P88cs/kvmj1n8l8ofs/j/KH/M4v/j/DGL/9L5Yxb/ZfLHLP7L5o9Z/H+SP2bxXy5/zOK/fP6Yxf+n+WMW/xXyxyz+K+aPWfxXyh+z+K+cP2bxXyV/zOK/av6YxX+1/DGL/8/yxyz+q+ePWfzXyB+z+K+ZP2bxXyt/zOK/dv6YxX+d/DGL/7r5Yxb/9fLHLP7r549Z/DfIH7P4/zx/zOL/i/wxi/+G+WMW/43yxyz+G+ePWfw3yR+z+P8yf8zi/6v8MYv/pvljFv/N8scs/pvnj1n8t8gfs/hvmT9m8f91/pjFf6v8MYv/b/LHLP5b549Z/H+bP2bx3yZ/zOK/bf6YxX+7/DGL//b5Yxb/3+WPWfx/nz9m8d8hf8zi/4f8MYv/H/PHLP475o9Z/HfKH7P4/yl/zOK/c/6YxX+X/DGL/675Yxb/P+ePWfz/kj9m8d8tf8zi/9f8MYv/7vljFv898scs/nvmj1n898ofs/jvnT9m8d8nf8ziv2/+mMV/v/wxi//++WMW/wPyxyz+B+aPWfwPyh+z+B+cP2bxPyR/zOJ/aP6Yxf+w/DGL/+H5Yxb/I/LHLP5H5o9Z/I/KH7P4H50/ZvE/Jn/M4n9s/pjF/7j8MYv/8fljFv8T8scs/ifmj1n8T8ofs/ifnD9m8T8lf8zif2r+mMX/tPwxi//p+WMW/zPyxyz+Z+aPWfzPyh+z+J+dP2bxPyd/zOJ/bv6Yxf+8/DGL//n5Yxb/C/LHLP4X5o9Z/C/KH7P4X5w/ZvG/JH/M4n9p/pjF/7L8MYv/5fljFv8r8scs/lfmj1n8r8ofs/hfnT9m8b8mf8zif23+mMX/uvwxi//1+WMW/xvyxyz+N+aPWfxvyh+z+N+cP2bxvyV/zOJ/a/6Yxf+2/DGL/+35Yxb/O/LHLP535o9Z/O/KH7P4350/ZvG/J3/M4n9v/pjF/778MYv//fljFv8H8scs/g/mj1n8H8ofs/g/nD9m8X8kf8zi/2j+mMX/sfwxi//j+WMW/yfyxyz+T+aPWfyfyh+z+D+dP2bxfyZ/zOL/bP6Yxf+5/DGL//P5Yxb/F/LHLP4v5o9Z/F/KH7P4v5w/ZvF/JX/M4v9q/pjF/7X8MYv/6/ljFv838scs/m/mj1n838ofs/i/nT9m8X8nf0ziP+pA/pjFf1D+mMV/pPwxi//I+WMW/1Hyxyz+g/PHLP6j5o9Z/EfLH7P4j54/ZvEfI3/M4j9m/pjFf6z8MYv/2PljFv9x8scs/uPmj1n8x8sfs/iPnz9m8Z8gf8ziP2H+mMV/ovwxi//E+WMW/4/kj1n8J8kfs/h/NH/M4j9p/pjF/2P5Yxb/yfLHLP4fzx+z+H8if8ziP3n+mMX/k/ljFv9P5Y9Z/KfIH7P4fzp/zOL/mfwxi/9n88cs/lPmj1n8P5c/ZvH/fP6Yxf8L+WMW/6nyxyz+X8wfs/h/KX/M4v/l/DGL/1fyxyz+X80fs/h/LX/M4j91/pjFf5r8MYv/tPljFv/p8scs/tPnj1n8Z8gfs/h/PX/M4j9j/pjFf6b8MYv/zPljFv9Z8scs/t/IH7P4z5o/ZvH/Zv6YxX+2/DGL/7fyxyz+384fs/jPnj9m8Z8jf8ziP2f+mMV/rvwxi/938scs/nPnj1n858kfs/jPmz9m8f9u/pjFf778MYv/9/LHLP7z549Z/BfIH7P4L5g/ZvFfKH/M4v/9/DGL/8L5Yxb/RfLHLP6L5o9Z/BfLH7P4L54/ZvFfIn/M4v+D/DGL/w/zxyz+S+aPWfyXyh+z+P8of8zi/+P8MYv/0vljFv9l8scs/svmj1n8f5I/ZvFfLn/M4r98/pjF/6f5Yxb/FfLHLP4r5o9Z/FfKH7P4r5w/ZvFfJX/M4r9q/pjFf7X8MYv/z/LHLP6r549Z/NfIH7P4r5k/ZvFfK3/M4r92/pjFf538MYv/uvljFv/18scs/uvnj1n8N8gfs/j/PH/M4v+L/DGL/4b5Yxb/jfLHLP4b549Z/DfJH7P4/zJ/zOL/q/wxi/+m+WMW/83yxyz+m+ePWfy3yB+z+G+ZP2bx/3X+mMV/q/wxi/9v8scs/lvnj1n8f5s/ZvHfJn/M4r9t/pjFf7v8MYv/9vljFv/f5Y9Z/H+fP2bx3yF/zOL/h/wxi/8f88cs/jvmj1n8d8ofs/j/KX/M4r9z/pjFf5f8MYv/rvljFv8/549Z/P+SP2bx3y1/zOL/1/wxi//u+WMW/z3yxyz+e+aPWfz3yh+z+O+dP2bx3yd/zOK/b/6YxX+//DGL//75Yxb/A/LHLP4H5o9Z/A/KH7P4H5w/ZvE/JH/M4n9o/pjF/7D8MYv/4fljFv8j8scs/kfmj1n8j8ofs/gfnT9m8T8mf8zif2z+mMX/uPwxi//x+WMW/xPyxyz+J+aPWfxPyh+z+J+cP2bxPyV/zOJ/av6Yxf+0/DGL/+n5Yxb/M/LHLP5n5o9Z/M/KH7P4n50/ZvE/J3/M4n9u/pjF/7z8MYv/+fljFv8L8scs/hfmj1n8L8ofs/hfnD9m8b8kf8zif2n+mMX/svwxi//l+WMW/yvyxyz+V+aPWfyvyh+z+F+dP2bxvyZ/zOJ/bf6Yxf+6/DGL//X5Yxb/G/LHLP435o9Z/G/KH7P435w/ZvG/JX/M4n9r/pjF/7b8MYv/7fljFv878scs/nfmj1n878ofs/jfnT9m8b8nf8zif2/+mMX/vvwxi//9+WMW/wfyxyz+D+aPWfwfyh+z+D+cP2bxfyR/zOL/aP6Yxf+x/DGL/+P5Yxb/J/LHLP5P5o9Z/J/KH7P4P50/ZvF/Jn/M4v9s/pjF/7n8MYv/8/ljFv8X8scs/i/mj1n8X8ofs/i/nD9m8X8lf8zi/2r+mMX/tfwxi//r+WMW/zfyxyz+b+aPWfzfyh+z+L+dP2bxfyd/TOI/2kD+mMV/UP6YxX+k/DGL/8j5Yxb/UfLHLP6D88cs/qPmj1n8R8sfs/iPnj9m8R8jf8ziP2b+mMV/rPwxi//Y+WMW/3Hyxyz+4+aPWfzHyx+z+I+fP2bxnyB/zOI/Yf6YxX+i/DGL/8T5Yxb/j+SPWfwnyR+z+H80f8ziP2n+mMX/Y/ljFv/J8scs/h/PH7P4fyJ/zOI/ef6Yxf+T+WMW/0/lj1n8p8gfs/h/On/M4v+Z/DGL/2fzxyz+U+aPWfw/lz9m8f98/pjF/wv5Yxb/qfLHLP5fzB+z+H8pf8zi/+X8MYv/V/LHLP5fzR+z+H8tf8ziP3X+mMV/mvwxi/+0+WMW/+nyxyz+0+ePWfxnyB+z+H89f8ziP2P+mMV/pvwxi//M+WMW/1nyxyz+38gfs/jPmj9m8f9m/pjFf7b8MYv/t/LHLP7fzh+z+M+eP2bxnyN/zOI/Z/6YxX+u/DGL/3fyxyz+c+ePWfznyR+z+M+bP2bx/27+mMV/vvwxi//38scs/vPnj1n8F8gfs/gvmD9m8V8of8zi//38MYv/wvljFv9F8scs/ovmj1n8F8sfs/gvnj9m8V8if8zi/4P8MYv/D/PHLP5L5o9Z/JfKH7P4/yh/zOL/4/wxi//S+WMW/2Xyxyz+y+aPWfx/kj9m8V8uf8ziv3z+mMX/p/ljFv8V8scs/ivmj1n8V8ofs/ivnD9m8V8lf8ziv2r+mMV/tfwxi//P8scs/qvnj1n818gfs/ivmT9m8V8rf8ziv3b+mMV/nfwxi/+6+WMW//Xyxyz+6+ePWfw3yB+z+P88f8zi/4v8MYv/hvljFv+N8scs/hvnj1n8N8kfs/j/Mn/M4v+r/DGL/6b5Yxb/zfLHLP6b549Z/LfIH7P4b5k/ZvH/df6YxX+r/DGL/2/yxyz+W+ePWfx/mz9m8d8mf8ziv23+mMV/u/wxi//2+WMW/9/lj1n8f58/ZvHfIX/M4v+H/DGL/x/zxyz+O+aPWfx3yh+z+P8pf8ziv3P+mMV/l/wxi/+u+WMW/z/nj1n8/5I/ZvHfLX/M4v/X/DGL/+75Yxb/PfLHLP575o9Z/PfKH7P4750/ZvHfJ3/M4r9v/pjFf7/8MYv//vljFv8D8scs/gfmj1n8D8ofs/gfnD9m8T8kf8zif2j+mMX/sPwxi//h+WMW/yPyxyz+R+aPWfyPyh+z+B+dP2bxPyZ/zOJ/bP6Yxf+4/DGL//H5Yxb/E/LHLP4n5o9Z/E/KH7P4n5w/ZvE/JX/M4n9q/pjF/7T8MYv/6fljFv8z8scs/mfmj1n8z8ofs/ifnT9m8T8nf8zif27+mMX/vPwxi//5+WMW/wvyxyz+F+aPWfwvyh+z+F+cP2bxvyR/zOJ/af6Yxf+y/DGL/+X5Yxb/K/LHLP5X5o9Z/K/KH7P4X50/ZvG/Jn/M4n9t/pjF/7r8MYv/9fljFv8b8scs/jfmj1n8b8ofs/jfnD9m8b8lf8zif2v+mMX/tvwxi//t+WMW/zvyxyz+d+aPWfzvyh+z+N+dP2bxvyd/zOJ/b/6Yxf++/DGL//35Yxb/B/LHLP4P5o9Z/B/KH7P4P5w/ZvF/JH/M4v9o/pjF/7H8MYv/4/ljFv8n8scs/k/mj1n8n8ofs/g/nT9m8X8mf8zi/2z+mMX/ufwxi//z+WMW/xfyxyz+L+aPWfxfyh+z+L+cP2bxfyV/zOL/av6Yxf+1/DGL/+v5Yxb/N/LHLP5v5o9Z/N/KH7P4v50/ZvF/J39M4j/6QP6YxX9Q/pjFf6T8MYv/yPljFv9R8scs/oPzxyz+o+aPWfxHyx+z+I+eP2bxHyN/zOI/Zv6YxX+s/DGL/9j5Yxb/cfLHLP7j5o9Z/MfLH7P4j58/ZvGfIH/M4j+h2P+dzd//Oov/RGL/D8riP3H+mMX/I/ljFv9J8scs/h/NH7P4T5o/ZvH/WP6YxX+y/DGL/8fzxyz+n8gfs/hPnj9m8f9k/pjF/1P5Yxb/KfLHLP6fzh+z+H8mf8zi/9n8MYv/lPljFv/P5Y9Z/D+fP2bx/0L+mMV/qvwxi/8X88cs/l/KH7P4fzl/zOL/lfwxi/9X88cs/l/LH7P4T50/ZvGfJn/M4j9t/pjFf7r8MYv/9PljFv8Z8scs/l/PH7P4z5g/ZvGfKX/M4j9z/pjFf5b8MYv/N/LHLP6z5o9Z/L+ZP2bxny1/zOL/rfwxi/+388cs/rPnj1n858gfs/jPmT9m8Z8rf8zi/538MYv/3PljFv958scs/vPmj1n8v5s/ZvGfL3/M4v+9/DGL//z5Yxb/BfLHLP4L5o9Z/BfKH7P4fz9/zOK/cP6YxX+R/DGL/6L5Yxb/xfLHLP6L549Z/JfIH7P4/yB/zOL/w/wxi/+S+WMW/6Xyxyz+P8ofs/j/OH/M4r90/pjFf5n8MYv/svljFv+f5I9Z/JfLH7P4L58/ZvH/af6YxX+F/DGL/4r5Yxb/lfLHLP4r549Z/FfJH7P4r5o/ZvFfLX/M4v+z/DGL/+r5Yxb/NfLHLP5r5o9Z/NfKH7P4r50/ZvFfJ3/M4r9u/pjFf738MYv/+vljFv8N8scs/j/PH7P4/yJ/zOK/Yf6YxX+j/DGL/8b5Yxb/TfLHLP6/zB+z+P8qf8ziv2n+mMV/s/wxi//m+WMW/y3yxyz+W+aPWfx/nT9m8d8qf8zi/5v8MYv/1vljFv/f5o9Z/LfJH7P4b5s/ZvHfLn/M4r99/pjF/3f5Yxb/3+ePWfx3yB+z+P8hf8zi/8f8MYv/jvljFv+d8scs/n/KH7P475w/ZvHfJX/M4r9r/pjF/8/5Yxb/v+SPWfx3yx+z+P81f8ziv3v+mMV/j/wxi/+e+WMW/73yxyz+e+ePWfz3yR+z+O+bP2bx3y9/zOK/f/6Yxf+A/DGL/4H5Yxb/g/LHLP4H549Z/A/JH7P4H5o/ZvE/LH/M4n94/pjF/4j8MYv/kfljFv+j8scs/kfnj1n8j8kfs/gfmz9m8T8uf8zif3z+mMX/hPwxi/+J+WMW/5Pyxyz+J+ePWfxPyR+z+J+aP2bxPy1/zOJ/ev6Yxf+M/DGL/5n5Yxb/s/LHLP5n549Z/M/JH7P4n5s/ZvE/L3/M4n9+/pjF/4L8MYv/hfljFv+L8scs/hfnj1n8L8kfs/hfmj9m8b8sf8zif3n+mMX/ivwxi/+V+WMW/6vyxyz+V+ePWfyvyR+z+F+bP2bxvy5/zOJ/ff6Yxf+G/DGL/435Yxb/m/LHLP43549Z/G/JH7P435o/ZvG/LX/M4n97/pjF/478MYv/nfljFv+78scs/nfnj1n878kfs/jfmz9m8b8vf8zif3/+mMX/gfwxi/+D+WMW/4fyxyz+D+ePWfwfyR+z+D+aP2bxfyx/zOL/eP6Yxf+J/DGL/5P5Yxb/p/LHLP5P549Z/J/JH7P4P5s/ZvF/Ln/M4v98/pjF/4X8MYv/i/ljFv+X8scs/i/nj1n8X8kfs/i/mj9m8X8tf8zi/3r+mMX/jfwxi/+b+WMW/7fyxyz+b+ePWfzfyR+T+I8xkD9m8R+UP2bxHyl/zOI/cv6YxX+U/DGL/+D8MYv/qPljFv/R8scs/qPnj1n8x8gfs/iPmT9m8R8rf8ziP3b+mMV/nPwxi/+4+WMW//Hyxyz+4+ePWfwnyB+z+E+YP2bxnyh/zOI/cf6Yxf8j+WMW/0nyxyz+H80fs/hPmj9m8f9Y/pjFf7L8MYv/x/PHLP6fyB+z+E+eP2bx/2T+mMX/U/ljFv8p8scs/p/OH7P4fyZ/zOL/2fwxi/+U+WMW/8/lj1n8P58/ZvH/Qv6YxX+q/DGL/xfzxyz+X8ofs/h/OX/M4v+V/DGL/1fzxyz+X8sfs/hPnT9m8Z8mf8ziP23+mMV/uvwxi//0+WMW/xnyxyz+X88fs/jPmD9m8Z8pf8ziP3P+mMV/lvwxi/838scs/rPmj1n8v5k/ZvGfLX/M4v+t/DGL/7fzxyz+s+ePWfznyB+z+M+ZP2bxnyt/zOL/nfwxi//c+WMW/3nyxyz+8+aPWfy/mz9m8Z8vf8zi/738MYv//PljFv8F8scs/gvmj1n8F8ofs/h/P3/M4r9w/pjFf5H8MYv/ovljFv/F8scs/ovnj1n8l8gfs/j/IH/M4v/D/DGL/5L5Yxb/pfLHLP4/yh+z+P84f8ziv3T+mMV/mfwxi/+y+WMW/5/kj1n8l8sfs/gvnz9m8f9p/pjFf4X8MYv/ivljFv+V8scs/ivnj1n8V8kfs/ivmj9m8V8tf8zi/7P8MYv/6vljFv818scs/mvmj1n818ofs/ivnT9m8V8nf8ziv27+mMV/vfwxi//6+WMW/w3yxyz+P88fs/j/In/M4r9h/pjFf6P8MYv/xvljFv9N8scs/r/MH7P4/yp/zOK/af6YxX+z/DGL/+b5Yxb/LfLHLP5b5o9Z/H+dP2bx3yp/zOL/m/wxi//W+WMW/9/mj1n8t8kfs/hvmz9m8d8uf8ziv33+mMX/d/ljFv/f549Z/HfIH7P4/yF/zOL/x/wxi/+O+WMW/53yxyz+f8ofs/jvnD9m8d8lf8ziv2v+mMX/z/ljFv+/5I9Z/HfLH7P4/zV/zOK/e/6YxX+P/DGL/575Yxb/vfLHLP57549Z/PfJH7P475s/ZvHfL3/M4r9//pjF/4D8MYv/gfljFv+D8scs/gfnj1n8D8kfs/gfmj9m8T8sf8zif3j+mMX/iPwxi/+R+WMW/6Pyxyz+R+ePWfyPyR+z+B+bP2bxPy5/zOJ/fP6Yxf+E/DGL/4n5Yxb/k/LHLP4n549Z/E/JH7P4n5o/ZvE/LX/M4n96/pjF/4z8MYv/mfljFv+z8scs/mfnj1n8z8kfs/ifmz9m8T8vf8zif37+mMX/gvwxi/+F+WMW/4vyxyz+F+ePWfwvyR+z+F+aP2bxvyx/zOJ/ef6Yxf+K/DGL/5X5Yxb/q/LHLP5X549Z/K/JH7P4X5s/ZvG/Ln/M4n99/pjF/4b8MYv/jfljFv+b8scs/jfnj1n8b8kfs/jfmj9m8b8tf8zif3v+mMX/jvwxi/+d+WMW/7vyxyz+d+ePWfzvyR+z+N+bP2bxvy9/zOJ/f/6Yxf+B/DGL/4P5Yxb/h/LHLP4P549Z/B/JH7P4P5o/ZvF/LH/M4v94/pjF/4n8MYv/k/ljFv+n8scs/k/nj1n8n8kfs/g/mz9m8X8uf8zi/3z+mMX/hfwxi/+L+WMW/5fyxyz+L+ePWfxfyR+z+L+aP2bxfy1/zOL/ev6Yxf+N/DGL/5v5Yxb/t/LHLP5v549Z/N/JH5P4jzmQP2bxH5Q/ZvEfKX/M4j9y/pjFf5T8MYv/4Pwxi/+o+WMW/9Hyxyz+o+ePWfzHyB+z+I+ZP2bxHyt/zOI/dv6YxX+c/DGL/7j5Yxb/8fLHLP7j549Z/CfIH7P4T5g/ZvGfKH/M4j9x/pjF/yP5Yxb/SfLHLP4fzR+z+E+aP2bx/1j+mMV/svwxi//H88cs/p/IH7P4T54/ZvH/ZP6Yxf9T+WMW/ynyxyz+n84fs/h/Jn/M4v/Z/DGL/5T5Yxb/z+WPWfw/nz9m8f9C/pjFf6r8MYv/F/PHLP5fyh+z+H85f8zi/5X8MYv/V/PHLP5fyx+z+E+dP2bxnyZ/zOI/bf6YxX+6/DGL//T5Yxb/GfLHLP5fzx+z+M+YP2bxnyl/zOI/c/6YxX+W/DGL/zfyxyz+s+aPWfy/mT9m8Z8tf8zi/638MYv/t/PHLP6z549Z/OfIH7P4z5k/ZvGfK3/M4v+d/DGL/9z5Yxb/efLHLP7z5o9Z/L+bP2bxny9/zOL/vfwxi//8+WMW/wXyxyz+C+aPWfwXyh+z+H8/f8ziv3D+mMV/kfwxi/+i+WMW/8Xyxyz+i+ePWfyXyB+z+P8gf8zi/8P8MYv/kvljFv+l8scs/j/KH7P4/zh/zOK/dP6YxX+Z/DGL/7L5Yxb/n+SPWfyXyx+z+C+fP2bx/2n+mMV/hfwxi/+K+WMW/5Xyxyz+K+ePWfxXyR+z+K+aP2bxXy1/zOL/s/wxi//q+WMW/zXyxyz+a+aPWfzXyh+z+K+dP2bxXyd/zOK/bv6YxX+9/DGL//r5Yxb/DfLHLP4/zx+z+P8if8ziv2H+mMV/I5n/aP/mfBb/jWX+/24W/03yxyz+v8wfs/j/Kn/M4r9p/pjFf7P8MYv/5vljFv8t8scs/lvmj1n8f50/ZvHfKn/M4v+b/DGL/9b5Yxb/3+aPWfy3yR+z+G+bP2bx3y5/zOK/ff6Yxf93+WMW/9/nj1n8d8gfs/j/IX/M4v/H/DGL/475Yxb/nfLHLP5/yh+z+O+cP2bx3yV/zOK/a/6Yxf/P+WMW/7/kj1n8d8sfs/j/NX/M4r97/pjFf4/8MYv/nvljFv+98scs/nvnj1n898kfs/jvmz9m8d8vf8ziv3/+mMX/gPwxi/+B+WMW/4Pyxyz+B+ePWfwPyR+z+B+aP2bxPyx/zOJ/eP6Yxf+I/DGL/5H5Yxb/o/LHLP5H549Z/I/JH7P4H5s/ZvE/Ln/M4n98/pjF/4T8MYv/ifljFv+T8scs/ifnj1n8T8kfs/ifmj9m8T8tf8zif3r+mMX/jPwxi/+Z+WMW/7Pyxyz+Z+ePWfzPyR+z+J+bP2bxPy9/zOJ/fv6Yxf+C/DGL/4X5Yxb/i/LHLP4X549Z/C/JH7P4X5o/ZvG/LH/M4n95/pjF/4r8MYv/lfljFv+r8scs/lfnj1n8r8kfs/hfmz9m8b8uf8zif33+mMX/hvwxi/+N+WMW/5vyxyz+N+ePWfxvyR+z+N+aP2bxvy1/zOJ/e/6Yxf+O/DGL/535Yxb/u/LHLP53549Z/O/JH7P435s/ZvG/L3/M4n9//pjF/4H8MYv/g/ljFv+H8scs/g/nj1n8H8kfs/g/mj9m8X8sf8zi/3j+mMX/ifwxi/+T+WMW/6fyxyz+T+ePWfyfyR+z+D+bP2bxfy5/zOL/fP6Yxf+F/DGL/4v5Yxb/l/LHLP4v549Z/F/JH7P4v5o/ZvF/LX/M4v96/pjF/438MYv/m/ljFv+38scs/m/nj1n838kfk/iPNZA/ZvEflD9m8R8pf8ziP3L+mMV/lPwxi//g/DGL/6j5Yxb/0fLHLP6j549Z/MfIH7P4j5k/ZvEfK3/M4j92/pjFf5z8MYv/uPljFv/x8scs/uPnj1n8J8gfs/hPmD9m8Z8of8ziP3H+mMX/I/ljFv9J8scs/h/NH7P4T5o/ZvH/WP6YxX+y/DGL/8fzxyz+n8gfs/hPnj9m8f9k/pjF/1P5Yxb/KfLHLP6fzh+z+H8mf8zi/9n8MYv/lPljFv/P5Y9Z/D+fP2bx/0L+mMV/qvwxi/8X88cs/l/KH7P4fzl/zOL/lfwxi/9X88cs/l/LH7P4T50/ZvGfJn/M4j9t/pjFf7r8MYv/9PljFv8Z8scs/l/PH7P4z5g/ZvGfKX/M4j9z/pjFf5b8MYv/N/LHLP6z5o9Z/L+ZP2bxny1/zOL/rfwxi/+388cs/rPnj1n858gfs/jPmT9m8Z8rf8zi/538MYv/3PljFv958scs/vPmj1n8v5s/ZvGfL3/M4v+9/DGL//z5Yxb/BfLHLP4L5o9Z/BfKH7P4fz9/zOK/cP6YxX+R/DGL/6L5Yxb/xfLHLP6L549Z/JfIH7P4/yB/zOL/w/wxi/+S+WMW/6Xyxyz+P8ofs/j/OH/M4r90/pjFf5n8MYv/svljFv+f5I9Z/JfLH7P4L58/ZvH/af6YxX+F/DGL/4r5Yxb/lfLHLP4r549Z/FfJH7P4r5o/ZvFfLX/M4v+z/DGL/+r5Yxb/NfLHLP5r5o9Z/NfKH7P4r50/ZvFfJ3/M4r9u/pjFf738MYv/+vljFv8N8scs/j/PH7P4/yJ/zOK/Yf6YxX+j/DGL/8b5Yxb/TfLHLP6/zB+z+P8qf8ziv2n+mMV/s/wxi//m+WMW/y3yxyz+W+aPWfx/nT9m8d8qf8zi/5v8MYv/1vljFv/f5o9Z/LfJH7P4b5s/ZvHfLn/M4r99/pjF/3f5Yxb/3+ePWfx3yB+z+P8hf8zi/8f8MYv/jvljFv+d8scs/n/KH7P475w/ZvHfJX/M4r9r/pjF/8/5Yxb/v+SPWfx3yx+z+P81f8ziv3v+mMV/j/wxi/+e+WMW/73yxyz+e+ePWfz3yR+z+O+bP2bx3y9/zOK/f/6Yxf+A/DGL/4H5Yxb/g/LHLP4H549Z/A/JH7P4H5o/ZvE/LH/M4n94/pjF/4j8MYv/kfljFv+j8scs/kfnj1n8j8kfs/gfmz9m8T8uf8zif3z+mMX/hPwxi/+J+WMW/5Pyxyz+J+ePWfxPyR+z+J+aP2bxPy1/zOJ/ev6Yxf+M/DGL/5n5Yxb/s/LHLP5n549Z/M/JH7P4n5s/ZvE/L3/M4n9+/pjF/4L8MYv/hfljFv+L8scs/hfnj1n8L8kfs/hfmj9m8b8sf8zif3n+mMX/ivwxi/+V+WMW/6vyxyz+V+ePWfyvyR+z+F+bP2bxvy5/zOJ/ff6Yxf+G/DGL/435Yxb/m/LHLP43549Z/G/JH7P435o/ZvG/LX/M4n97/pjF/478MYv/nfljFv+78scs/nfnj1n878kfs/jfmz9m8b8vf8zif3/+mMX/gfwxi/+D+WMW/4fyxyz+D+ePWfwfyR+z+D+aP2bxfyx/zOL/eP6Yxf+J/DGL/5P5Yxb/p/LHLP5P549Z/J/JH7P4P5s/ZvF/Ln/M4v98/pjF/4X8MYv/i/ljFv+X8scs/i/nj1n8X8kfs/i/mj9m8X8tf8zi/3r+mMX/jfwxi/+b+WMW/7fyxyz+b+ePWfzfyR+T+I89kD9m8R+UP2bxHyl/zOI/cv6YxX+U/DGL/+D8MYv/qPljFv/R8scs/qPnj1n8x8gfs/iPmT9m8R8rf8ziP3b+mMV/nPwxi/+4+WMW//Hyxyz+4+ePWfwnyB+z+E+YP2bxnyh/zOI/cf6Yxf8j+WMW/0ne1//td9555//Npv0nZvH/aI9/zOI/af6Yxf9j+WMW/8nyxyz+H88fs/h/In/M4j95/pjF/5P5Yxb/T+WPWfynyB+z+H86f8zi/5n8MYv/Z/PHLP5T5o9Z/D+XP2bx/3z+mMX/C/ljFv+p8scs/l/MH7P4fyl/zOL/5fwxi/9X8scs/l/NH7P4fy1/zOI/df6YxX+a/DGL/7T5Yxb/6fLHLP7T549Z/GfIH7P4fz1/zOI/Y/6YxX+m/DGL/8z5Yxb/WfLHLP7fyB+z+M+aP2bx/2b+mMV/tvwxi/+38scs/t/OH7P4z54/ZvGfI3/M4j9n/pjFf678MYv/d/LHLP5z549Z/OfJH7P4z5s/ZvH/bv6YxX++/DGL//fyxyz+8+ePWfwXyB+z+C+YP2bxXyh/zOL//fwxi//C+WMW/0Xyxyz+i+aPWfwXyx+z+C+eP2bxXyJ/zOL/g/wxi/8P88cs/kvmj1n8l8ofs/j/KH/M4v/j/DGL/9L5Yxb/ZfLHLP7L5o9Z/H+SP2bxXy5/zOK/fP6Yxf+n+WMW/xXyxyz+K+aPWfxXyh+z+K+cP2bxXyV/zOK/av6YxX+1/DGL/8/yxyz+q+ePWfzXyB+z+K+ZP2bxXyt/zOK/dv6YxX+d/DGL/7r5Yxb/9fLHLP7r549Z/DfIH7P4/zx/zOL/i/wxi/+G+WMW/43yxyz+G+ePWfw3yR+z+P8yf8zi/6v8MYv/pvljFv/N8scs/pvnj1n8t8gfs/hvmT9m8f91/pjFf6v8MYv/b/LHLP5b549Z/H+bP2bx3yZ/zOK/bf6YxX+7/DGL//b5Yxb/3+WPWfx/nz9m8d8hf8zi/4f8MYv/H/PHLP475o9Z/HfKH7P4/yl/zOK/c/6YxX+X/DGL/675Yxb/P+ePWfz/kj9m8d8tf8zi/9f8MYv/7vljFv898scs/nvmj1n898ofs/jvnT9m8d8nf8ziv2/+mMV/v/wxi//++WMW/wPyxyz+B+aPWfwPyh+z+B+cP2bxPyR/zOJ/aP6Yxf+w/DGL/+H5Yxb/I/LHLP5H5o9Z/I/KH7P4H50/ZvE/Jn/M4n9s/pjF/7j8MYv/8fljFv8T8scs/ifmj1n8T8ofs/ifnD9m8T8lf8zif2r+mMX/tPwxi//p+WMW/zPyxyz+Z+aPWfzPyh+z+J+dP2bxPyd/zOJ/bv6Yxf+8/DGL//n5Yxb/C/LHLP4X5o9Z/C/KH7P4X5w/ZvG/JH/M4n9p/pjF/7L8MYv/5fljFv8r8scs/lfmj1n8r8ofs/hfnT9m8b8mf8zif23+mMX/uvwxi//1+WMW/xvyxyz+N+aPWfxvyh+z+N+cP2bxvyV/zOJ/a/6Yxf+2/DGL/+35Yxb/O/LHLP535o9Z/O/KH7P4350/ZvG/J3/M4n9v/pjF/778MYv//fljFv8H8scs/g/mj1n8H8p/SINGHAOL/8P5Yxb/R/LHLP6P5o9Z/B/LH7P4P54/ZvF/In/M4v9k/pjF/6n8MYv/0/ljFv9n8scs/s/mj1n8n8sfs/g/nz9m8X8hf8zi/2L+mMX/pfwxi//L+WMW/1fyxyz+r+aPWfxfyx+z+L+eP2bxfyN/zOL/Zv6Yxf+t/DGL/9v5Yxb/d/LHJP7jDOSPWfwH5Y9Z/EfKH7P4j5w/ZvEfJX/M4j84f8ziP2r+mMV/tPwxi//o+WMW/zHyxyz+Y+aPWfzHyh+z+I+dP2bxHyd/zOI/bv6YxX+8/DGL//j5Yxb/CfLHLP4T5o9Z/CfKH7P4T5w/ZvH/SP6YxX+S/DGL/0fzxyz+k+aPWfw/lj9m8Z8sf8zi//H8MYv/J/LHLP6T549Z/D+ZP2bx/1T+mMV/ivwxi/+n88cs/p/JH7P4fzZ/zOI/Zf6Yxf9z+WMW/8/nj1n8v5A/ZvGfKn/M4v/F/DGL/5fyxyz+X84fs/h/JX/M4v/V/DGL/9fyxyz+U+ePWfynyR+z+E+bP2bxny5/zOI/ff6YxX+G/DGL/9fzxyz+M+aPWfxnyh+z+M+cP2bxnyV/zOL/jfwxi/+s+WMW/2/mj1n8Z8sfs/h/K3/M4v/t/DGL/+z5Yxb/OfLHLP5z5o9Z/OfKH7P4fyd/zOI/d/6YxX+e/DGL/7z5Yxb/7+aPWfznyx+z+H8vf8ziP3/+mMV/gfwxi/+C+WMW/4Xyxyz+388fs/gvnD9m8V8kf8ziv2j+mMV/sfwxi//i+WMW/yXyxyz+P8gfs/j/MH/M4r9k/pjFf6n8MYv/j/LHLP4/zh+z+C+dP2bxXyZ/zOK/bP6Yxf8n+WMW/+Xyxyz+y+ePWfx/mj9m8V8hf8ziv2L+mMV/pfwxi//K+WMW/1Xyxyz+q+aPWfxXyx+z+P8sf8ziv3r+mMV/jfwxi/+a+WMW/7Xyxyz+a+ePWfzXyR+z+K+bP2bxXy9/zOK/fv6YxX+D/DGL/8/zxyz+v8gfs/hvmD9m8d8of8ziv3H+mMV/k/wxi/8v88cs/r/KH7P4b5o/ZvHfLH/M4r95/pjFf4v8MYv/lvljFv9f549Z/LfKH7P4/yZ/zOK/df6Yxf+3+WMW/23yxyz+2+aPWfy3yx+z+G+fP2bx/13+mMX/9/ljFv8d8scs/n/IH7P4/zF/zOK/Y/6YxX+n/DGL/5/yxyz+O+ePWfx3yR+z+O+aP2bx/3P+mMX/L/ljFv/d8scs/n/NH7P4754/ZvHfI3/M4r9n/pjFf6/8MYv/3vljFv998scs/vvmj1n898sfs/jvnz9m8T8gf8zif2D+mMX/oPwxi//B+WMW/0Pyxyz+h+aPWfwPyx+z+B+eP2bxPyJ/zOJ/ZP6Yxf+o/DGL/9H5Yxb/Y/LHLP7H5o9Z/I/LH7P4H58/ZvE/IX/M4n9i/pjF/6T8MYv/yfljFv9T8scs/qfmj1n8T8sfs/ifnj9m8T8jf8zif2b+mMX/rPwxi//Z+WMW/3Pyxyz+5+aPWfzPyx+z+J+fP2bxvyB/zOJ/Yf6Yxf+i/DGL/8X5Yxb/S/LHLP6X5o9Z/C/LH7P4X54/ZvG/In/M4n9l/pjF/6r8MYv/1fljFv9r8scs/tfmj1n8r8sfs/hfnz9m8b8hf8zif2P+mMX/pvwxi//N+WMW/1vyxyz+t+aPWfxvyx+z+N+eP2bxvyN/zOJ/Z/6Yxf+u/DGL/935Yxb/e/LHLP735o9Z/O/LH7P4358/ZvF/IH/M4v9g/pjF/6H8MYv/w/ljFv9H8scs/o/mj1n8H8sfs/g/nj9m8X8if8zi/2T+mMX/qfwxi//T+WMW/2fyxyz+z+aPWfyfyx+z+D+fP2bxfyF/zOL/Yv6Yxf+l/DGL/8v5Yxb/V/LHLP6v5o9Z/F/LH7P4v54/ZvF/I3/M4v9m/pjF/638MYv/2/ljFv938sck/uMO5I9Z/Aflj1n8R8ofs/iPnD9m8R8lf8ziPzh/zOI/av6YxX+0/DGL/+j5Yxb/MfLHLP5j5o9Z/MfKH7P4j50/ZvEfJ3/M4j9u/pjFf7z8MYv/+PljFv8J8scs/hPmj1n8J8ofs/hPnD9m8f9I/pjFf5L8MYv/R/PHLP6T5o9Z/D+WP2bxnyx/zOL/8fwxi/8n8scs/pPnj1n8P5k/ZvH/VP6YxX+K/DGL/6fzxyz+n8kfs/h/Nn/M4j9l/pjF/3P5Yxb/z+ePWfy/kD9m8Z8qf8zi/8X8MYv/l/LHLP5fzh+z+H8lf8zi/9X8MYv/1/LHLP5T549Z/KfJH7P4T5s/ZvGfLn/M4j99/pjFf4b8MYv/1/PHLP4z5o9Z/GfKH7P4z5w/ZvGfJX/M4v+N/DGL/6z5Yxb/b+aPWfxnyx+z+H8rf8zi/+38MYv/7PljFv858scs/nPmj1n858ofs/h/J3/M4j93/pjFf578MYv/vPljFv/v5o9Z/OfLH7P4fy9/zOI/f/6YxX+B/DGL/4L5Yxb/hfLHLP7fzx+z+C+cP2bxXyR/zOK/aP6YxX+x/DGL/+L5Yxb/JfLHLP4/yB+z+P8wf8ziv2T+mMV/qfwxi/+P8scs/j/OH7P4L50/ZvFfJn/M4r9s/pjF/yf5Yxb/5fLHLP7L549Z/H+aP2bxXyF/zOK/Yv6YxX+l/DGL/8r5Yxb/VfLHLP6r5o9Z/FfLH7P4/yx/zOK/ev6YxX+N/DGL/5r5Yxb/tfLHLP5r549Z/NfJH7P4r5s/ZvFfL3/M4r9+/pjFf4P8MYv/z/PHLP6/yB+z+G+YP2bx3yh/zOK/cf6YxX+T/DGL/y/zxyz+v8ofs/hvmj9m8d8sf8ziv3n+mMV/i/wxi/+W+WMW/1/nj1n8t8ofs/j/Jn/M4r91/pjF/7f5Yxb/bfLHLP7b5o9Z/LfLH7P4b58/ZvH/Xf6Yxf/3+WMW/x3yxyz+f8gfs/j/MX/M4r9j/pjFf6f8MYv/n/LHLP47549Z/HfJH7P475o/ZvH/c/6Yxf8v+WMW/93yxyz+f80fs/jvnj9m8d8jf8ziv2f+mMV/r/wxi//e+WMW/33yxyz+++aPWfz3yx+z+O+fP2bxPyB/zOJ/YP6Yxf+g/DGL/8H5Yxb/Q/LHLP6H5o9Z/A/LH7P4H54/ZvE/In/M4n9k/pjF/6j8MYv/0fljFv9j8scs/sfmj1n8j8sfs/gfnz9m8T8hf8zif2L+mMX/pPwxi//J+WMW/1Pyxyz+p+aPWfxPyx+z+J+eP2bxPyN/zOJ/Zv6Yxf+s/DGL/9n5Yxb/c/LHLP7n5o9Z/M/LH7P4n58/ZvG/IH/M4n9h/pjF/6L8MYv/xfljFv9L8scs/pfmj1n8L8sfs/hfnj9m8b8if8zif2X+mMX/qvwxi//V+WMW/2vyxyz+1+aPWfyvyx+z+F+fP2bxvyF/zOJ/Y/6Yxf+m/DGL/835Yxb/W/LHLP635o9Z/G/LH7P4354/ZvG/I3/M4n9n/pjF/678MYv/3fljFv978scs/vfmj1n878sfs/jfnz9m8X8gf8zi/2D+mMX/ofwxi//D+WMW/0fyxyz+j+aPWfwfyx+z+D+eP2bxfyJ/zOL/ZP6Yxf+p/DGL/9P5Yxb/Z/LHLP7P5o9Z/J/LH7P4P58/ZvF/IX/M4v9i/pjF/6X8MYv/y/ljFv9X8scs/q/mj1n8X8sfs/i/nj9m8X8jf8zi/2b+mMX/rfwxi//b+WMW/3fyxyT+4w3kj1n8B+WPWfxHyh+z+I+cP2bxHyV/zOI/OH/M4j9q/pjFf7T8MYv/6PljFv8x8scs/mPmj1n8x8ofs/iPnT9m8R8nf8ziP27+mMV/vPwxi//4+WMW/wnyxyz+E+aPWfwnyh+z+E+cP2bx/0j+mMV/kvwxi/9H88cs/v8fe/SUNgoBQAHwVn/mY7Zt27Zt27Zt27Zt27Zt673vrKAzs4UZ1X/U8j+a/6jlf3T/Ucv/GP6jlv8x/Uct/2P5j1r+x/YftfyP4z9q+R/Xf9TyP57/qOV/fP9Ry/8E/qOW/wn9Ry3/E/mPWv4n9h+1/E/iP2r5n9R/1PI/mf+o5X9y/1HL/xT+o5b/Kf1HLf9T+Y9a/qf2H7X8T+M/avmf1n/U8j+d/6jlf3r/Ucv/DP6jlv8Z/Uct/zP5j1r+Z/YftfzP4j9q+Z/Vf9TyP5v/qOV/dv9Ry/8c/qOW/zn9Ry3/c/mPWv7n9h+1/M/jP2r5n9d/1PI/n/+o5X9+/1HL/wL+o5b/Bf1HLf8L+Y9a/hf2H7X8L+I/avlf1H/U8r+Y/6jlf3H/Ucv/Ev6jlv8l/Uct/0v5j1r+l/Yftfwv4z9q+V/Wf9Tyv5z/qOV/ef9Ry/8K/qOW/xX9Ry3/K/mPWv5X9h+1/K/iP2r5X9V/1PK/mv+o5X91/1HL/xr+o5b/Nf1HLf9r+Y9a/tf2H7X8r+M/avlf13/U8r+e/6jlf33/Ucv/Bv6jlv8N/Uct/xv5j1r+N/Yftfxv4j9q+d/Uf9Tyv5n/qOV/c/9Ry/8W/qOW/y39Ry3/W/mPWv639h+1/G/jP2r539Z/1PK/nf+o5X97/1HL/w7+o5b/Hf1HLf87+Y9a/nf2H7X87+I/avnf1X/U8r+b/6jlf3f/Ucv/Hv6jlv89/Uct/3v5j1r+9/Yftfzv4z9q+d/Xf9Tyv5//qOV/f/9Ry/8B/qOW/wP9Ry3/B/mPWv4P9h+1/B/iP2r5P9R/1PJ/mP+o5f9w/1HL/xH+o5b/I/1HLf9H+Y9a/o/2H7X8H+M/avk/1n/U8n+c/6jl/3j/Ucv/Cf6jlv8T/Uct/yf5j1r+T/Yftfyf4j9q+T/Vf9Tyf5r/qOX/dP9Ry/8Z/qOW/zP9Ry3/Z/mPWv7P9h+1/J/jP2r5P9d/1PJ/nv+o5f98/1HL/wX+o5b/C/1HLf8X+Y9a/i/2H7X8X+I/avm/1H/U8n+Z/6jl/3L/Ucv/Ff6jlv8r/Uct/1f5j1r+r/Yftfxf4z9q+b/Wf9Tyf53/qOX/ev9Ry/8N/qOW/xv9Ry3/N/mPWv5v9h+1/N/iP2r5v9V/1PJ/m/+o5f92/1HL/x3+o5b/O/1HLf93+Y9a/u/2H7X83+M/avm/13/U8n+f/6jl/37/Ucv/A/6jlv8H/Uct/w/5j1r+H/Yftfw/4j9q+X/Uf9Ty/5j/qOX/cf9Ry/8T/qOW/yf9Ry3/T/mPWv6f9h+1/D/jP2r5f9Z/1PL/nP+o5f95/1HL/wv+o5b/F/1HLf8v+Y9a/l/2H7X8v+I/avl/1X/U8v+a/6jl/3X/Ucv/G/6jlv83/Uct/2/5j1r+3/Yftfy/4z9q+X/Xf9Ty/57/qOX/ff9Ry/8H/qOW/w/9Ry3/H/mPWv4/9h+1/H/iP2r5/9R/1PL/mf+o5f9z/1HL/xf+/2tgUNH/l/6jlv+v/Ect/1/7j1r+v/Eftfx/6z9q+f/Of9Ty/73/qOX/B/9Ry/+P/qOW/5/8Ry3/P/uPWv5/8R+1/P/qP2r5/81/1PL/u/+o5f8P/1HL/5/+o5b/v/xHLf9/+49a/v/xH5X8jzLIf9TyP5j/qOV/cP9Ry/8Q/qOW/wH/Ucv/kP6jlv+h/Ect/0P7j1r+h/EftfwP6z9q+R/Of9TyP7z/qOV/BP9Ry/+I/qOW/5H8Ry3/I/uP/nf/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzL3t3G5lUWfhw/Xds9/dm/m3N4DRkMNt3Ela1dmQw2H+pjwVQdiwETyBZWRqUw9xDcQK0GJQZjmIwEEXWbugkkxowXwwSElUQlTkXjRDTEIaiLmBomMqJxqbnb3qW91zbrVa9rL/b5vGjvc8rvdFvy3TllawYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQEqbt91yw9qOjrZNXnjhhRcDL07170xAaq9Ff6p/JAAAAAAAAAAAAAAAwEhyfDvRqf45AgAAAADA6aal9V3d1VVDTlUPPpjz87be902vXnn9nucfX1l+3//hy4e55ITBBz09PT0vNXfN7D+cVBRF6bNN7z+eXDkuXb+z6/LtfUeh+O2zza3btjcf3PmVrz88d+r0ObW9Z2uLNde1d7QtmVAUobq22Fo6aKgqijCxttheOmgsHUyqLe4vHSztPZhSHCgdXHjtho51pRMnfGo47bS0fraoHlJsMeR3g8H9d3Zt2lV+P8oly1erKfr7r2v+4d6Kj5WN0H/5+qGqsv8x/wSBEY2t/9sXlt+PcskT7v+PttetGu5jI/dfvn6YoH9IZ5jn/yGN9j7v79k/Y4Tn/7nDXHJg/9O/rOwq9X/TL1+o7z9VczLP/6XP13cUqiv7nzDk+b/0HF9Tfv6fVBShdpy/HHBaaWn9XPdo9//K7of2X3NWxaZqcP9HV+2pLvV/+K4H3t9/qvak+h+4fqgZ5f5f9ZkDQ3+swNi0tO7uqbj/j6H/YsEwlxzof/7uY1eV+j9j55F9gz42lv5rK/tfvOXGTyzevO2W+vYb165vW992U2NjQ9PSZU2NFy1f3PtI0Pd2nL8qcHoY3/2/mFqxqSqKtoH9og8ve6nU/8Fz//G3/lOTx9j/xFHv/8+5/8Owzp9QTJxYbF27Zcumhr635cPGvrd9/9kw/Z/49f+I/c8r/3/A8tfdpS/IB/a/eedXP1Lq/95Jqx7oPzVxjP1PGq3/ztc+LxBhnPf/dRWbIf23v/qddaX+//TK8UP9p8b69f/kUfvf5f4P49HSWvEXfv7HSv2v/tfh4f6c4CSEKf78D9LJ0f/Wab/4Ztw6TNU/pJOj/6Wb2yL/sm34P/1DOjn6/9WOqiNx63CG/iGdHP1/rfvBjXHrME3/kE6O/vfPfuSpuHX4f/1DOjn6P75++lVx61Cnf0gnR/+XfWnv6rh1mK5/SCdH/1WvTHsibh1m6B/SydF/fdXZn4pbh9fpH9LJ0f91nQ+/GLcOM/UP6eTo//M7fx35fTrh9fqHdHL0/9Qft+6IW4dZ+od0cvT/wqz2+rh1OFP/kE6O/u+/4YlH4tbhDfqHdHL0//S3Pngsbh2C/iGdHP1/49kja+LWYbb+IZ0c/e9beOwPcetwlv4hnRz9//ujV38gbh3eqH9IJ0f/Yf/y78atw9n6h3Ry9H/Fk3c1xK3DHP1DOjn671xx251x63CO/iGdHP03NS+cHbcO5+of0snR/4w///3uuHWYq39IJ0f/H7vvvZX/7vdJCufpH9LJ0f/NG1Y/GrcO5+sf0snR/8oZPRfErcM8/UM6Ofo/fPS+H8Wtw3z9Qzo5+r/7ziVXxK3Dm/QP6eTo/we3ntcdtw5v1j+kk6P/l2vvuDVuHRboH9LJ0f+Xf1azLG4dFuof0snR/48f+v6uuHV4i/4hnRz9v/i+x86JW4cL9A/p5Oh/98Wzvhi3Dm/VP6STo/93P7Nxfdw6LNI/pJOj/8l7f380bh3q9Q/p5Oh//qqDH4pbhwv1D+nk6H/DojW/i1uHxfqHdHL0/8yBpw/FrcMS/UM6Ofrf8dinm+PWoUH/kE6O/h+/rOM/cevQqH9IJ0f//2z6ycfj1mGp/iGdHP2feejbX4hbhyb9Qzo5+r/6wckz49bhIv1DOjn633jN7O/FrcMy/UM6Ofq/ZO5Dl8atw9v0D+nk6P89f11xc9w6XKx/SCdH/3X33PNc3Dos1z+kk6P/edfefk3cOlyif0gnR//Xz6l/Mm4dLtU/pJOj/zuOtyyIW4cV+od0cvTfddvz++LWYaX+IZ0c/Xd/8uW6uHV4u/4hnRz9751y5b1x6/AO/QMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBfduBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADBzIAAAAAwvyt82g/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8FAAD//xDC0no=")
r0 = open(&(0x7f0000001b80)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x40086602, &(0x7f00000001c0)=0x10)

1m48.059103418s ago: executing program 1 (id=2031):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_NET_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x24, r1, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0x10, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x4008002}, 0x4000)

1m32.936280405s ago: executing program 33 (id=2031):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
sendmsg$TIPC_NL_NET_SET(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={0x24, r1, 0x1, 0x70bd25, 0x25dfdbfe, {}, [@TIPC_NLA_NET={0x10, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_NODEID={0xc}]}]}, 0x24}, 0x1, 0x0, 0x0, 0x4008002}, 0x4000)

18.693842757s ago: executing program 5 (id=2915):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x4208, r0)
ptrace(0x10, r0)
ptrace$peekuser(0x3, r0, 0x10)

18.386580975s ago: executing program 5 (id=2918):
recvmmsg(0xffffffffffffffff, &(0x7f0000006940)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f00000003c0)=""/6, 0x6}], 0x1}, 0x3}], 0x1, 0x40, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$sock(r0, &(0x7f00000044c0), 0x4000000000001c0, 0x0)
recvfrom(r1, &(0x7f0000000040)=""/60, 0x3c, 0x40, 0x0, 0x0)

18.060092356s ago: executing program 5 (id=2923):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001800)=ANY=[@ANYBLOB="180000002500010324bd7002ffdbdf25010000000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x4008}, 0x0)
recvmsg(r0, &(0x7f00000031c0)={0x0, 0x0, 0x0}, 0x40000000)
recvmmsg(r0, &(0x7f00000001c0)=[{{0x0, 0x0, &(0x7f0000001780)=[{&(0x7f00000007c0)=""/217, 0xd9}, {&(0x7f0000000500)=""/74, 0x4a}, {&(0x7f0000000580)=""/230, 0xe6}, {&(0x7f00000006c0)=""/137, 0x89}, {&(0x7f0000001840)=""/4108, 0x100c}], 0x5, 0x0, 0x300}, 0x70003}, {{0x0, 0x0, 0x0}, 0xfffffffe}, {{0x0, 0x0, 0x0}, 0xfffff001}], 0x3, 0x102, 0x0)

17.886766016s ago: executing program 5 (id=2926):
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file7\x00', 0x200000, &(0x7f0000000200)=ANY=[@ANYBLOB="757466382c696f636861727365743d6d616363e27c726f617469616e2c6769643d", @ANYRESHEX=0x0, @ANYBLOB=',errors=remount-ro,iocharset=cp869,keep_last_dots,errors=remount-ro,allow_utime=00000000000000000000010,errors=remount-ro,\x00'], 0x1, 0x14e1, &(0x7f0000002ac0)="$eJzs3Al0VkW2KODaVXUgxIi/EZlr1z7wiwGKiIjIICIyiIiICIjMIiBiRERERISATCICIgIyRkSGEAGRIUDEMM/zPBhpREREZJJJoN7C7r7cbvsu7uvXt3nvZX9r1UrtnLP3X5Wd5D/nrJX81HVYjcY1qzYgIvHPUH+dwJ8/JAshYoQQA4UQtwkhAiFE2fiy8deO51KQ/E+9CPsf0jD1Zq+A3Uzc/+yN+5+9cf+zN+5/9sb9z964/9kb9z974/4zlq2lFbidR/YdN3j+n/NG3z78/P//Zfz+n71x/7M37n/2xv3P3rj/2Rv3P3vj/mdv3P//j8kbn8L9Zyxb+7/gGTSPmzgYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjLF/gwv+Oi2E+Ov8Zq+LMcYYY4wxxhhj/zo+581eAWOMMcYYY4wxxv7ngZBCCS0CkUPkFDEil4gVt4g4cavILW4TEXG7iBd3iDziTpFX5BP5RQFRUBQShYURKKwgEYoioqiIirtEMXG3SBDFRQlRUjhRSiSKe0Rpca8oI+4TZcX9opx4QJQXFURFUUk8KCqLh0QV8bCoKh4R1UR1UUPUFI+KWuIxUVs8LuqIJ0Rd8aSoJ54S9cXTooFoKBqJZ0Rj8axoIpqKZqK5aCFailb/VP5bood4W/QUvUSy6C36iHdEX9FP9BcDxEDxrhgk3hODxftiiBgqhokPxHDxoRghPhIjxSgxWnwsxoixYpwYLyaIiSJFfCImiU/FZPGZmCKmimliukgVM0Sa+FzMFLPEbPGFmCO+FHPFPDFfLBDpYqFYJBaLDPGVWCK+FpliqVgmlosVYqVYJVaLNWKtWCfWiw1io9gkNostYqvYJraLHWKn2CV2iz1ir9gn9osD4huRJb7938w//3f53UCAAAkSNGjIATkgBmIgFmIhDuIgN+SGCEQgHuIhD+SBvJAX8kN+KAgFoTAUBgQEAoIiUASiEIViUAwSIAFKQAlw4CAREqE03AtloAyUhbJQDspBeagAFaASVILKUBmqQBWoClWhGlSDGlADHoVH4TGoDbWhDtSBulAX6kE9qA/1oQE0gEbQCBpDY2gCTaAZNIMW0AJaQStoDa2hDbSBdtAO2kN76AAdIAmSoCN0hE7QCTpDZ+gCXaArdIVu8Ca8CW/BW/A2vA29oJrsDX2gD/SFvtAfBsAAeBcGwXvwHrwPQ2AoDIMP4AP4EEbAORgJo2A0jIbKciyMg/FAciKkQApMgkkwGSbDFJgKU2E6pMIMSIM0mAmzYBZ8AXPgS/gS5sE8WADpkA6LYDFkQAYsgfOQCUthGSyHFbASVsBqWAOrYR2sh3WwETbCZtgMW2ErbIftsBN2wm7YDXthL+yH/TAEsiALDsJBOASH4DAchiNwBI7CUTgGx+A4HIcTcAJOwik4DafgLJyFc3AeLsAFuASX4DJchqtw9doPv7xGSy1zyBwyRsbIWBkr42SczC1zy4iMyHgZL/PIPDKvzCvzy/yyoCwoC8vCEiVKkqEsIovIqIzKYrKYTJAJsoQsIZ10MlEmytKytCwjy8iy8n5ZTj4gy8sKsq2rJCvJyrKdqyIfllVlVVlNVpc1ZE1ZU9aStWRtWVvWkXVkXVlX1pNPyfqyN/SHhvJaZxrLodBEDoNmsrlsIVvKD+E52VqOgDayrWwnX5CjYCR0kK1dknxZdpTjoJN8VY6H12QXORG6yjdkN/mm7C7fkj1kG9dT9pJToLfsI6dDX9lP9pcD5EyoLq91rIZ8Xw6RQ+Uw+YFcAB/KEfIjOVKOkqPlx3KMHCvHyfFygpwoU+QncpL8VE6Wn8kpcqqcJqfLVDlDpsnP5Uw5S86WX8g58ks5V86T8+UCmS4XykVyscyQX8kl8muZKZfKZXK5XCFXylVytVwj18p1cr3cIDfKTXKz3CK3ym1yu9whd8pdcrfcI/fKfXK/PCC/kVnyW3lQ/kkekt/Jw/J7eUT+II/KH+Ux+ZM8Ln+WJ+Qv8qQ8JU/LM/Ks/FWek+flBXlRXpK/ycvyirwqvRQKlFRKaRWoHCqnilG5VKy6RcWpW1VudZuKqNtVvLpD5VF3qrwqn8qvCqiCqpAqrIxCZRWpUBVRRVVU3aWKqbtVgiquSqiSyqlSKlHdo0qre1UZdZ8qq+5X5dQDqryqoCqqSupBVVk9pKqoh1VV9YiqpqqrGqqmelTVUo+p2upxVUc9oeqqJ1U99ZSqr55WDVRD1Ug9oxqrZ1UT1VQ1U81VC9VStVLPqdbqedVGtVXt1AuqvXpRdVAvqST1suqoXlGd1Kuqs3pNdVGvq67qDdVNvam6qyvqqvKqp+qlklVv1Ue9o/qqfqq/GqAGqnfVIPWeGqzeV0PUUDVMfaCGqw/VCPWRGqlGqdHqYzVGjVXj1Hg1QU1UKeoTNUl9qiarz9QUNVVNU9NVqpqh+v+l0uz/Rv6n/yB/8O+vvlltUVvVNrVd7VA71S61W+1Re9Q+tU8dUAdUlspSB9VBdUgdUofVYXVEHVFH1VF1TB1Tx9VxdUKdUCfVKXVRnVFn1a/qnDqvzquL6pK6pC7/5WsgNGipldY60Dl0Th2jc+lYfYuO07fq3Po2HdG363h9h86j79R5dT6dXxfQBXUhXVgbjdpq0qEuoovqqL5LF9N36wRdXJfQJbXTpXSivuf/OP9G62ulW+nWurVuo9vodrqdbq/b6w66g07SSbqj7qg76U66s+6su+guuqvuqrvpbrq77q576B66p+6pk3Wy7qPf0X11P91fD9AD9bt6kB6kB+vBeogeoofpYXq4Hq5H6BF6pB6pR+vReoweo8fpcXqCnqBTdIqepCfpyXqynqKn6Gl6mk7VqTpNp+mZeqaerWfrOXqOnqvn6vl6vk7X6XqRXqQzdIZeopfoTL1UL9XL9XK9Uq/Uq/VqvVav1ev1er1Rb9SZeoveorfpbXqH3qF36V16j96j9+l9+oA+oLN0lj6oD+pD+pA+rA/rI/qIPqqP6mP6mD6uj+sT+oQ+qU/q0/q0PqvP6nP6nL6gL+hL+pK+rC/rq/rqtcu+QAYy0IEOcgQ5gpggJogNYoO4IC7IHeQOIkEkiA/igzzBnUHeIF+QPygQFAwKBYUDE2BgAwrCoEhQNIgGdwXFgruDhKB4UCIoGbigVJAY3BOUDu4NygT3BWWD+4NywQNB+aBCUDGoFDwYVA4eCqoEDwdVg0eCakH1oEZQM3g0qBU8FtQOHg/qBE8EdYMng3rBU0H94OmgQdAwaBQ8EzQOng2aBE2DZkHzoEXQMmj1L63v/bl8z7ueppdJNr1NH/OO6Wv6mf5mgBlo3jWDzHtmsHnfDDFDzTDzgRluPjQjzEdmpBllRpuPzRgz1owz480EM9GkmE/MJPOpmWw+M1PMVDPNTDepZoZJM5+bmWaWmW2+MHPMl2aumWfmmwUm3Sw0i8xik2G+MkvM1ybTLDXLzHKzwqw0q8xqs8asNevMerPBbDSbzGazxWw128x2s8PsNLvMbrPH7DX7zH5zwHxjssy35qD5kzlkvjOHzffmiPnBHDU/mmPmJ3Pc/GxOmF/MSXPKnDZnzFnzqzlnzpsL5qK5ZH4zl80Vc9X4axf3197eUaPGHJgDYzAGYzEW4zAOc2NujGAE4zEe82AezIt5MT/mx4JYEAtjYbyGkLAIFsEoRrEYFsMETMASWAIdOkzERCyNpbEMlsGyWBbLYTksj+WxIlbEB/FBfAgfwofxYXwEH8HqWB1rYk2shbWwNtbGOlgH62JdrIf1sD7WxwbYABthI2yMjbEJNsFm2AxbYAtsha2wNbbGNtgG22E7bI/tsQN2wCRMwo7YETthJ+yMnbELdsGu2BW7YTfsjt2xB/bAntgTkzEZ+2Af7It9sT/2x4E4EAfhIByMg3EIDsFhOAyH43AcgSNwJI7C0fgxjsGxOA7H4wSciCmYgpNwEk7GyTgFp+A0nIapmIppmIYzcSbOxtk4B+fgXJyL83E+pmM6LsJFmIEZuASXYCZm4jJchitwBa7CVbgG1+A6XIcbcANuwk24BbfgNtyGO3AH7sJduAf34D7chwfwAGZhFh7Eg3gID+FhPIxH8AgexaN4DI/hcTyOJ/AEnsSTeBpP41k8i+fwHF7AC3gJf8PLeAWvoscYm8vG2ltsnL3V5ra32b+P89sCtqAtZAtbY/PafH8To7U2wRa3JWxJ62wpm2jv+UNc3lawFW0l+6CtbB+yVf4Q17KP2dr2cVvHPmFr2kf/Jq5rn7T17LO2vm1qG9jmtpFtaRvbZ20T29Q2s81tC9vStrcv2g72JZtkX7Yd7St/iBfZxXaNXWvX2fV2n91vL9iL9pj9yV6yv9metpcdaN+1g+x7drB93w6xQ/8Qj7Yf2zF2rB1nx9sJduIf4ml2uk21M2ya/dzOtLP+EKfbhXaOzbBz7Tw73y74Pb62pgz7lV1iv7aZdqldZpfbFXalXWVX/8dal9uNdpPdbPfYvXab3W532J12l939e3xtHwfsNzbLfmuP2h/tIfudPWyP2yP2h9/ja/s7bn+2J+wv9qQ9ZU/bM/as/dWes+d/3/+1vZ+xV+xV660gIEmKNAWUg3JSDOWiWLqF4uhWyk23UYRup3i6g/LQnZSX8lF+KkAFqRAVJkNIlohCKkJFKUp3UTG6mxKoOJWgkuSoFCXSPVSa7qUydB+VpfupHD1A5akCVaRK9CBVpoeoCj1MVekRqkbVqQbVpEepFj1GtelxqkNPUF16kurRU1SfnqYG1JAa0TPUmJ6lJtSUmlFzakEtqRU9R63peWpDbakdvUDt6UXqQC9REr1MHekV6kSvUmd6jbrQ69SV3qBu9CZ1p7eoB71NPakXJVNv6kPvUF/qR/1pAA2kd2kQvUeD6X0aQkNpGH1Aw+lDGkEf0UgaRaPpYxpDY2kcjacJNJFS6BOaRJ/SZPqMptBUmkbTKZVmUBp9TjNpFs2mL2gOfUlzaR7NpwWUTgtpES2mDPqKltDXlElLaRktpxW0klbRalpDa2kdracNtJE20WbaQltpG22nHbSTdtFu2kN7aR/tpwP0DWXRt3SQ/kSH6Ds6TN/TEfqBjtKPdIx+ouP0M52gX+gknaLTdIbO0q90js7TBbpIl+g3ukxX6Cp5EiGEMlShDoMwR5gzjAlzhbHhLWFceGuYO7wtjIS3h/HhHWGe8M4wb5gvzB8WCAuGhcLCoQkxtCGFYVgkLBpGw7vCYuHdYUJYPCwRlgxdWCpMDO8JS4f3hmXC+8Ky4f1hufCBsHxYIawYVgofDCuHD4VVwofDquEjYbWwelgjrBk+GtYKHwtrh4+HdcInwjLhk2G98Kmwfvh02CBsGDYKnwkbh8+GTcKmYbOwedgibBm2Cp8LW4fPh23CtmG78IWwffhi2CF8KUwKXw47hq/c8Hhy2DvsE74TvhN6/7iaH10QTY8ujC6KLo5mRL+KLol+Hc2MLo0uiy6ProiujK6Kro6uia6Nrouuj26Iboxuim6Oel8zp3DgpFNOu8DlcDldjMvlYt0tLs7d6nK721zE3e7i3R0uj7vT5XX5XH5XwBV0hVxhZxw668iFrogr6qLuLlfM3e0SXHFXwpV0zpVyia6la+VaudbuedfGtXXt3AvuBfeie9G95F5yL7uO7hXXyb3qOrvXXBf3unvdveG6uTddd/eW6+Hedj1dL5fskl0f18f1dX1df9ffDXQD3SA3yA12g90QN8QNc8PccDfcjXAj3Eg30o12o90YN8aNc+PcBDfBpbgUN8lNcpPdZDfFTXHT3DSX6lJdmktzM91MN9vNdnPcHDfXzXXz3XyX7tLdIrfIZbgMt8QtcZku0y1zy9wKt8KtcqvcGrfGrXPr3Aa3wW1ym9wWt8Vtc9vcDrfD7XK73B63x+1z+9wBd8BluSx30B10h9whd9h97464H9xR96M75n5yx93P7oT7xZ10p9xpd8addb+6c+68u+AuukvuN3fZXXFXnXcpkU8ikyKfRiZHPotMiUyNTItMj6RGZkTSIp9HZkZmRWZHvojMiXwZmRuZF5kfWRBJjyyMLIosjmREvoosiXwdyYwsjSyLLI+siKyMeF9oW+iL+KI+6u/yxfzdPsEX9yV8Se98KZ/o7/Gl/b2+jL/Pl/X3+3L+AV/eV/AVfVPfzDf3LXxL38o/51v7530b39a38y/49v5F38G/5JP8y76jf8V38q/6zv4138W/7rv6N3w3/6bv7t/yPfzbvqfv5ZN9b9/Hv+P7+n6+vx/gB/p3/SD/nh/s3/dD/FA/zH/gh/sP/Qj/kR/pR/nR/mM/xo/14/x4P8FP9Cn+Ez/Jf+on+8/8FD/VT/PTfaqf4dP8536mn+Vn+y/8HP+ln+vn+fl+gU/3C/0iv9hn+K/8Ev+1z/RL/TK/3K/wK/0qv9qv8Wv9Or/eb/Ab/Sa/2W/xW/02v93v8Dv9Lr/b7/F7/T6/3x/w3/gs/60/6P/kD/nv/GH/vT/if/BH/Y/+mP/JH/c/+xP+F3/Sn/Kn/Rl/1v/qz/nz/oK/6C/53/xlf8Vf5b9ZY4wxxhj7b1E3ON77H3xO/mVc00cIcev2Akf+vuaGvH+e95P7OkaEEC/36trwr6Nhw+Tk5L+cm6lEUHSeECJyPT+HuB4vFe3EiyJJtBWl/+H6+smKQDeoH71fiNj/lBMj/hzH/E39e/+L+k0X3rD+PCESil7PySWux9frl/kv6u9uf4P6ub5LEaLNf8qJE9fj6/UTxfPiFZH0N2cyxhhjjDHGGGN/1k9e6naj+9tr9+cF9fWcnOJ6fKP7c8YYY4wxxhhjjN18r73Z/aXnkpLaduYJT3jCk/+Y3OzfTIwxxhhjjLF/tesX/Td7JYwxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWPb17/h3Yjd7j4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxtjN9r8CAAD//3myaBA=")
syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./file0\x00', 0x42, 0x0, 0x0, 0x0, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9101)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)

17.634833513s ago: executing program 5 (id=2929):
r0 = syz_open_dev$evdev(&(0x7f00000000c0), 0x35e, 0x862b01)
ioctl$EVIOCSREP(r0, 0x40084503, &(0x7f0000000100)=[0xc, 0x36])
ioctl$EVIOCSMASK(r0, 0x40104593, &(0x7f0000000000)={0x0, 0x18, &(0x7f0000000180)="08e8fbb8ebc94c839a1a9e2b9879b0c659e61baa8cfcb836"})
write$char_usb(r0, &(0x7f0000000040)="e2", 0x2250)

16.858685892s ago: executing program 5 (id=2936):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0xfffffffffffffffb}, {0x0, 0x0, 0x200000000000000}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0xb8}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0xffff, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x5, 0xfffffffffffffffb}, {0x0, 0x40000000000000, 0x200000000000000}, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x40048d5}, 0x2c000010)

16.493938375s ago: executing program 34 (id=2936):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in6=@empty, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000, 0xfffffffffffffffb}, {0x0, 0x0, 0x200000000000000}, 0x0, 0x0, 0x0, 0x0, 0x1}}, 0xb8}}, 0x0)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0xffff, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x5, 0xfffffffffffffffb}, {0x0, 0x40000000000000, 0x200000000000000}, 0x2}}, 0xb8}, 0x1, 0x0, 0x0, 0x40048d5}, 0x2c000010)

6.4819906s ago: executing program 0 (id=3038):
r0 = memfd_create(&(0x7f0000000700)='\x01\x00\x00\x00\x00\x00\x00\x00\xd64\xf9 \x00\xa4\xb5\x00\x00\x00\x00\x12\x1a\'<\xf5\xbeV\x12\xaal\xfa\xf0o\xd8\xb1,\xbd>M\xe3\x98?Y\x96\xab\xc7\x06F\x8e\xab\xc8\x1e\x89]\x13bZ\x8d \x19\x00k\x95\x9eLV(\x8a\x0e\x93\x93Vc]mP\xbativ\xce\xa4K\xfb\xf2\xe0\xbf\x9d\x82\xa2\xcd\xb39\xb4\x17a9\x1c\x82\x1aLT\xd0\xb9\x1a\xafB\x95\xb4\xcf\x91X\x8c\x87\xc2\xa1\x1b\xfe\xe7\xbc\xf7\xeb\xc0L\x1d\x98Zq\xce\xd3\xefB\xd4\xee\xb5\xee\xe0\xaa\xdd\x00\xb1j$S\xfc\xb1[N\x8d\xcfI\xc8\x91\x87\x1fuYG7}%)\xb9\x00\x00\x00\x00\x00\x00\x00\x80W\xe0I\x0e\xa4\x1e}\x06\vK\xed\x11\x880\x0e\x9c\xaeVU\x88\xb0\x84:kgA]Z\x88\xecIf\xee\xba\x8b\xc6\"\xcej\x84\x06\x8a\x99\x80\xd7\xcf\x96\xed\x89\x1e6\x93+\xec#\x1f2\xee\xce\x17\x89vr\xc5j\xec\x1b\xaa\x996\x14e\xcf\x8axQ\x9e\x035\x8a@\xd4\x1c\xe0\xa2\xc8\xb3c\t\xe8\x1a\x89\xecL\xcf\xd8\xb5\xfb\xbc\tX\x88\xbe\xfc@[\xb2\xd5\x8c\xb9\x0e\x17\x8b\xce\xd09\xd2\xfb\x9e\xef\xabR\x88\x17\x9et\xf7\x9c\x01\x91\x00\x00\xdb\xf9\xcb\x7fh\x83>\x8e\xe1=\xedR\xc9\xe68h\x19\xafLD\x94\x93\xebT\x15\x817\x9d\xf5s\x03\x1a=\xcc\xd1\xa7\'\xa0\xaf\xf7\xec\xaf]\x0e\a\x00\x91T\x1b\xee\x10\x92\x80m\xc7\x90\x9fU\xf9\x8e_f\x8e\x00\xc3r*\xc7\xaf\xe2\'\xe0f9\xde\n,\x8c8C26\xa6u<\xa7@H\xdc\xf1\xb0\xb8\x9f\xc2o\x0f\x02I\xb6\xc3xH\xc3\x88\x7f\xd9\x90\xb7=\x1e@\xda9(\xb6\x97~\xea)\'\xa3:\x8d\xebc>z\xae*\xc2\x14\xe9\x89#\xe2)\x9a\xb0hR\xffa\xf8\xde\xf7q4\xcfV\xbb\xc3t\xfa\xa9\x05>\xaea\x12\xce\x1cY\a\xb1&\xb9\x12v\x1dN\xe1,_3\xa9\xa36\xaa.Cj\xd4\a\x84\xb2j\x86\xe1\x1f\xec1\xb9!lI\xc7\xbf\x85\xdd\x03\xbd\xeb\xec\xf9\xf3\x9b\xe02AzX\x9aO\x93y;\xa7,\xbb\x11\xe6\x8fn\xa0m\xf8\xcf\x92\x19\xba,\x0e\x04\xbe\xbb\xdd\x00\xb1\xb6Enr\x17\xa4\xc5)\xcc}*yN\xdc\xc3\xe0\xf2\x10\xe0<uc\xbc\xec\xe5\xc79\x9c\xcf\xa4m\x06\x12\xd0IY\x18\x15\x8d\x01P\x12\x1e\x9ed\xfe\xa0\xc7-\x9a+\xf3\xf9R\x85\xa5~\xb3\xbeC\xee\xe9\'\x9fW\xb2\xe2\x8f\xfa)?6\x0e\xac-\x82\xe3\xc1\xf7\xd3\x04\xf7\x0e\xe7v\xb2{\xaa\xfc)\xcb\xd4D\xf6#%I\xad\xaap\xddX\x14e\xb4l\x0e9\xf4\x9e\xefT\x9d\x18\xba\x00\x00\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00X\xc1\x9c\xd7\xed\xadC\xc6\xc9\xd6\xe6\xfe*t\x06\xeb]\vr-%{\x86\xcb\xbb4?\xa1\xb5S\xb8\x10pg\xbd\xce\x84\xe9\xfdZ\f\xeb\xd0c\x02\xdc\x90\b\x9fR\x01C8\xa8\xd9\x93\x1a\x97y\xf5\x88\v\x8b=\x14x\xe4l\x01\x00\xfa\x8d\xd0\"-\x82\xad\x1c\f\x9c\xc6$@7\x98\x13rSqy\xca\x02\xb0\xc4c\xdc\xba\xca\xec#\xe4:d\x12\xc9 @\xa8\xd9\xd5\x14\x06\xf9r\xcd\xb9n\x03\xfa\x06\x85\x0f\xed03\xef\x01\xe3\x86\x91\xe6\xbc\xcb\x86d\xbei@&\xf8B|nNQ\xe3\'\xb3\x9b\xae\"\xd3\xf0\xa5\x8bT-\x83\xf4\xec\xbd\xa0:\xfa\x8c\xb7\r\xa0\f)p\xa3I;R\xb7v\xf9\x14\x96z\x8d\xbd6\x87\x99\x1f]\x9fMDK\xea\xd1\xdf@\xc1\xb2z\xd6[\xed\xf0mT\xd1\x84V\'\x95\f\xaa\xf5I\xb5b\xb5\x1e=\xd8\x13\x92z\f}\x05:[\b\x1a\x03\x04?wx#\x81}\xff\xfb\x99\xe6J\x1d\xf8?sB\xc8)<&\xfc\x91\xe50\xac\xbb\t%Y&\xad\xd8#]\x8e\x7fo\xde\xc4\x16\xa4\x05\xdf\x8c\x99]<\xc0\"\x80|\x19\x8fr\x97\xc4\xc6\xc5\xe6 (T\x8f\xf1\x11\xbdT\x1b\xf2\x94\xa4}\xcd\xa6D\xcb\xe0Y\xf0\x150\x89\"\x96\xf7\xae^\x1b\xb0\xcd\xe1N\xd7-p\x04\x06_Nt\xce\x93\xca\xd8+\xeb\xb6\x9e\xdaD8\xaa9\xe2\xf1\x18BqN\xe2\xc1\xb4,\xcf4\xcc\xa9H8\xacQ\xfe\xac\xa1\xd5\xe7\x87\x93\xee\x1aD\xc0$eR\xdc\xa1\xe5%C*VFH\fN\xa62X\xaf\x7fj\xa1/\xcb2\x9d\t[\xd88\xf2\x1b\xc1\xd9\a\xf4\xe4*\xb6;\xb9YomDAN\x10)%\xab=\xac\x9d/\xe3\xb0ybns%\xa7e\xcf\xfd\xe8r*\n\xe0\xc19\xd3&\x84S-\xfc\xc2\xd6\xa1\x15F\x19\xa7\x93y\xf1]\xd3\x93\xa9m\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x99\xe6\xf5\b(N\x06@\xb3\x05U\xd5\xc9\xca\x85\x1c\x9e\x81\xe0\xb8\xd3%\xc6d5\x1a\xb3\xfa\x1b\x1d\x9aB\xc0\xd2I\x9f\xf6\xb3\n\x17\xc5\xf3\xae\xea\'\x8f\xa5\a\xf0\xd7\xa9:,e\xdb=\xcb\x81\x8f\xaaE\xfa\x0eM\xabX.\x05\xba\xae6\xe1\nM\xbd\x80\xf3u\xf0\xc2\xc1\xd1\r\xb6\x11\xfd\xb1\xc4\xbc\x15v\xc0\xa8\x1c\a\xdd\x0f\xa3 B\x8b\x10\x15\xee\xe6\xbd\xd7A\x9d\x9a\xc9\x8bc(\xc9\x92\x02\x01\xa953\xbbx\x86;\xd8\aQ0\x1dw\xa8z8\xe7_\x0f\x8e\xd5\xbe.k\x0es\x1e$:/\xc0\xd6\xe5\x96\xeaT\t[V\x88\xc2A\xd5\x89\xea8\xc3l\xc6\x91\xf3\xc7\xf7\x99l\x95\x8f\xe2\x13\xc1I\x1fSD\x1f\xb4\xa1\xc9\xcf\xf3\x8es\xa9\xe7\xb2\xc6\xb5\xe1}\xb6\x9fmH\xce\xf1\xbe\xd8{fW\xd6Bn\xd5\x13}=\x825}\x11\x93\x18\x14;w\x1e&\xc9\xd0\xc9\x9f\x92\x8et\xd7\x04\xd8/\xa4\xf9\xbe\xe7U\xb6\xb0H\xb9\x0f\ts&\x15\xe3\x1av\xd31j\xa1p1\xceh\xa9\xe3\x9d\xd9\xfb\xe6\xa1\xbe\xaa\\3o\x83\tK\xcc\xa9\xd4PF\xeeOv^\x8a\xbb5=/\x1c\xfa\xa0\x18\x9d\x12LQ\xdf9A\x0e\xdc5\\\x01\a\xe2|y\xf8\auU/P\xa7mZ\xd8\xbb\x058[-\xd7{#x\xf2\xaf\xc8&/B7:\xa0\xecR`@xD\nZ\xa6]\xfe\a\xcb\x80\r`\xf5\x80\xc7/\x81\xf3\x92[\xc2\xd7\xdc\xcdL`|7\x1b\xa0\x82\v\x17\x93d\x87K\x10d\xbd\x9ed\xe9ru\xfc\xe3\xaf\xac\x91\xcd\xba\xcb\xcco]\x10\xd1)\x87\xb2O\xe0\xfd\xc6{H\x9fV\xe0Q\x95\xc9\xe7H,\x9d\xf82\'^\xf6\x85\r\x9c+G^\\d[l\xa6\xe7\x03\xb5[V\v\xd8\xf1\xf7\x8a\xb5\xfe\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xdf\xcd\xc3\xa3Di\x9c\xb21V\xe9U =\xfe\x19\x85\xdf\xf44\x8d\x98\x91.\x16\xe2\xc5\xfbH\x11\x0fC\xaa\xf7\xd5*\x9b\xb5\xcc?\x8e\xb0\x91\xc6\xd1\xfa\xc1\xe4\x10\xfa\x8e\x8c\xedk\tzf\x86\xce\xcc@j\xeb\"\x19\x82\xec\x02(\f\xe4\xb7_Q\x99\xe7\x95\xe9`\xd1\x0fo\x1e\x9e\xf3\x82\xf6\xce\xb7r\xa0\x88P\xa9\xb4\xd0\xbcL`\x0f\x9a\a0S\xa1\xcc\x82\xb1U\xd6\x1c6\x04\xfa\xbc\x81\x91\xc4\xe0\x8aM\x8d3\xd7Fy\x92\xa6\xe7\x044:I\xe3W\fa\x84Z\xda\xef\x01\x00\xfd\xf3\xb4\fd\xb1\xd2\xe1\x90\x94;\x8d`^F\xc6P\xca\x80*\xd8\xf6k\xbb\x9e\xf9K<\x9a\x87=\f\xd37\xcd\x18\x8cO\xbd\xed', 0xf)
fallocate(r0, 0x0, 0x6, 0x8)
fcntl$addseals(r0, 0x409, 0xe)
ftruncate(r0, 0x0)

6.245322408s ago: executing program 0 (id=3041):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x1a0682)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000280)={0x0, 0x0, 0x0, 'queue0\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r0, 0x40bc5311, &(0x7f00000001c0)={0x80, 0x1, 'client1\x00', 0xffffffff80000006, "d62e980da99179cf", "20e48560999fd132b6a5426180a8c27a00fcfffff0003336f794d20352346f8f"})
write$sndseq(r0, &(0x7f00000000c0)=[{0x5, 0x61, 0x0, 0x0, @time, {}, {0x0, 0x1}, @result}], 0x1c)

5.933421478s ago: executing program 0 (id=3045):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000380)='./bus\x00', 0x88, &(0x7f0000000080)={[{@barrier}, {@autodefrag}, {@noacl}, {@compress_algo={'compress', 0x3d, 'no'}}, {@clear_cache}, {@noacl}, {@max_inline={'max_inline', 0x3d, [0x30, 0x37, 0x34, 0x74]}}, {@barrier}, {@nospace_cache}]}, 0x1, 0x55ae, &(0x7f000000ac40)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKArVHV3YPxzZB90a9oyc/Q0H1lRV5/lR+3czuZ9PD6xERD8XxvHbaDO5Wj4Lls2aanrduXBttdwdtjtXdbL3i3FWznJZ623C9SmW8om7eEqkP5zLZZ0xd0zI+PlIfGxj7FatpBz/O6TefM2Jp0r3kdxg40bJfX4QO1k+ove3viwStP/uPp+85fO3Vbu/lczibNTe9o1SHzmus1z2M04dP7PNm8LYW3r539aSv4ljTUl64QwvF/+nzZM3Ne2n3jB6+eOPH2Fy6+etrCa6ZMfHbQL8b+47W73D3t8oL5f8NHz//jyznelufljq1+WJ/MzeMjdTGxsT6ZmwMAAECv0Rv2mn519KsvnfrQ3YteXH5cxXfH/eqk3eorzv5+x/G7rhz/xUuvbH98l4L5/9DSjv/HQ/51uaNdHcKErsQFA0LYrevxJPCz2J2TB4SwV1eqJT9wWCqwOoQvdCX2z1aVKtE3lhiaCvy+PhOYkAqsiYGWVODGGFiSClwYAytSgRkxsDoVODwGQnv+OA6oz4yj5EBNDLQmG3FFPAvhnfrYWmpbrctWBQAAsJ1kZoeV+XdzznXY1gxxermipqcM8QzsohmqUzWkZ7DZaVXRGip6qqG8pxqy41700cMvqLmsp5oLTsMoy8/w4ZDvlA+YuPeP7rpxxE3NL0787rtjj//Kn998d/X+//Tf7zln/nUHFMz/mz56/l/dTUfKCo7/hzC562/MXZ6JdGTjrS15GQAAAIBtcNVjS5+84YCj/s99L99355euvaF89dVf/7+vbLxg71HHDS/r+3ffXlEw/59Q2vn/cZ9In5zM4dG4G2L2gBCa8gNJtQcXBpKj3v0yAQAAAOgNssfjs8fC2zO3ySna6fl0Yf6WrcwfD/xP6Db/5Zv++tkvX/vkiQuH7bPhiv925gdlnx/7u12OXTvy8bf2HPYPDX0Lz/9vKe38/9r826QTa2IvrhwQQt+cwCOxl52BLkNj4OVD8wOZ8a+JG2BxrCpzYkK2qsWxRGsMNKUCy4qV+G22xG75gcyTlW38guw42jMlcgIAAADwiYu7A+Jx+Xj+/z2TD/jS/oNeGvPinvcufG3C0hNOrf3hPrfs+vqAjkljDpxwyBHPFMz/W7fu/P+ueXDB6f0d/UIYWRFCn/QPAx6tTRYGjIG6skzi/tqkrj7pqs6rDWF858DSVb2SWf+/Ir3G4BM1SVUxsNveP900rDNxQ00II3MDz3zz+jGdifmpQLbxb9SEMKRztOnGV/ZNGq9MN35N3xD2zAlkqzq5bwidjVWlq3qwOnMdg3RVt1WHMDAnkK3qwOoQFgYAeqn4r3Rm7oPzFp49e3pHR9sZOzAR9+HXhFntHW2NM+Z0zKwu0qeZqT7nLWN0XuGYSr3yzfOZJYqmDrl9eCnp7O8Em3LbyuzHLzhxMHM/fheq7Bpnc2Xe3dHpIQ/fp7CJkPNNqtiQy3fwkGtzK9nyJBbUH/NXhX6h74J5bWc0njV9/vwzRiV/S83enPyNh5mSbTUqva1qu+tbCS+PoqtlpXzcbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/PQx1v+6qTg118/Uljms7DnX3ipxKPolPDQkJid6WmL6k7PwJ0359/7f2WHPaWSft8fd7zBxx0l9d/pu5JzYeMvlX1//l2oL5/9yPnv/HT534yZ9Zn6HY8f+GeJg/eXzLYf7WGFhW6vH/hmJH87MnBgxNBRbFwCKH+QEAAPhsiLsj497MuFf6urp/uvvImTMOef+XJ0y5+m/Hjjv1rPX7Nlx89bFL/sP6d5asOuLtgvn/otJ+/7+d1v/PLl3/tWLL/O8fSzQVW/8/vcx/dv3/RcXW/08v859d/3/Zp7D+/4JsILVJ3rH+PwAA8Fnwya3/3+Py/ukLBBRk6HF5//QFAgoy9LiMf6kXCNjq9f/ndPxF7aDL54w7dMTcHz+yau8lA2/70vMTf73P0oNG3LvylvdG3Vow/19S2vzfwv0AAACw83jol32/ffG7w+5/6pH3jyy79Lcbbzr+r9oOOOQPA5tPmXx0zfdv+reC+f+y0ub/n/z6f6HY+f9DiwVaii0MaP0/AAAAeqli6//dPPDloavnj7jxsZ+/ectLrb+YOf61f7fkB1+ZPqzp5jXrftMwY33B/H9FafP/eNpFeV7u2JsP65M17UJ6TbuN9dmfDAAAAEDvUB4aGytLzJu3MuphH7/NdZmlQD8qnevp+watWlD+0FVl1Rt/cMm0QxrPPfbMOUdetP77tU/+pHZqY/UZBfP/1aXN//N+l/FA7aT6y96eePCHK0/+4+n7zl87dcvxfwAAAGDHKXW/BAAAAAAAAAAAAAAA8Ol7qnXpQR+MOvqNmXuN+tM3jn3hB4u/+M1H/ubaP5/588Pv26t987ApBb//D5O7yhX7/X+87l/8fcGuebljqz2v/5e5P+WYWxd2LVn4aH0I++QGZp8/+3Mhc23+/XIDq6buP7gzcX66xH0vHv5aZ2JaOnDUiF3e60yMTwVa4yKJX0gH4lUV3+ufCsTlFZ9MB+L2WJEOVGUCl/RPxlGW3lYb6pJtVZbeVs/VhTAgJ5DdVnfXJW2UpQd4VSqQHeDp6UAc4KRMoDzdq1v7Jb2KgbpY9G/6Jb0CAGCnFb8FVoZZ7R1tTfErfLzdvSL/Nspbsuy8wmrLSmz++czSZFOH3D68lHSf9HfRLdcarwzVnUMYVfB1NTdLWdcot08tPWy6XYsMuafV3sqLlEvb2k1XVXxENcmIGmfM6ZhZ2ePAR/ecpbmixyyjCiY7uVnKuzZpCbWU0JcSRlTitimhy/F+eWhs7JPKNS4GG0Kenl4Rpf5eP3edv2Kvgtw8f1tz7aV9Bvd5/9/GX/TQgwMqO06d3HbR7o/988BRM3/8wwdbr/l9wfy/obT5f3XuuN7LXAxgUbyy3sEDQmgtcUQAAADw2fc/z11+x4lz1myYtbri2d/9bnb5cSdWbj7nrnPOvui5+xcfdcm/v3lb4yvKntp04hubzvrrN37ylesePuulw2ecddekdYesb6u+8bt/sfzUIQXz/6Glzf/jHqzMoeBkb8fqeP3/CwaE0HVp/YYk8LM43JMHhLBXV6ollkguqP+1WKIpCfws7jDZP5Zobcmvqm8MrEgFfl+fCaxOBdbEQGYvxU9DZlfOFfUhjOlKTc4vMTeWaEgFjouBoalAYww0pQL9Y2BCKvBm/0ygJRX4xxgI7fnb6s7+mW0FAACwNTLzrMr8uyE9z1tR0VOGsp4y1PaUobynDNU9ZSg2inj/jpihMnXySllOpsp0rTWpWgoyxIvhb3W/CjKE3+bnTBcsaDqef5A936AsP8O4H97RetDX5v1408U/evzIAy88csmVb196dL/BVz77v9vP7dd/U23B/L+ptPl/bf5t0vqaOP/fcv2/JPBI7N6V8dTxoTHw8qH5gcyOgTVxsrs4W1VLpkRm0r44lpgQA0NTgbkxMCEVaJ2cCSwbnB/IzLSzjV+Qbbw9UyInAAAAAJ+4uIMg7qaJ8/+V48I7exz5fvPuVw6cO+7xR847YnrNrtU1/zx+7dLxl1Y/tF/fgvn/hNLm/7G9frmNXRh782r/EO4u29KbbGBEXRKI+zHq4s/j96gL4XM5OziyJdpqkxJVqYbDwzXJL9Sr0lXdW5OsMRDvT3niwVWXdSauqglh35y9L9k2XqhO2qhJB4ZVJYHadGBORRKIe36ygXvKkwBss+xewfiCypzqktXQfbkir7/PyjVB08Mr2AfaTb7ufnO1o1SnH8jsU83auqetoDp2iIK3x2rvtt74bmvwbsv9IpX5hrJ5S6g6lM9smzV9Qcf8+EjuL1kL7KDnOfdXqqWkt8PrcNHH723PqtMdaEp9fDR1X67712FZrO6B2kn1l7098eCVJ//x9H3nr51acjeKiD8UPvjWuQc8l7N5d7TqkHnN9brPkxafJ73x38BQT1sIYfkFs5584l/ef75iffN/OXDs8tvefGz5Tw56YNaIL2y45Msb33r3qIL5f0tp8/+K1G2XD+LGnDcghOE5G/fRuPknDkg+B3MCyafkwMJAcsh9fX3RT04AAADY3rK7O7L7C9ozt8kJ4el5cmH+lq3MH/dXTOg2f6n9HjjmH7536FWvf+Pr63e//NGlT637T2++csS0Qx/Y9PSKla83H/v5pwvm/60fPf/vm+qm4/+O/7ODOP7frZ19V3Tf9AOLtmlXdEF17BCO/3drZ3+3Of7fLcf/Hf/vjuP/PXD8v1s7+9NW8C1pri9dIYTWATfc/ova6cP7XXHOt2as/fnT7zSNe6Hu3KPv/B+HLw7XnLfqzwXz/7mlzf+t/9f9on3Z9f9ai63/N7fY+n+LrP8HAADsUEUWmkvP8wpW7yvIkF69ryBDjwsE9rjEoPX/tnr9v9qTzj7plfq39rpm4u3/+c7pFz5/0onP7tvn+RNuP+GmkVcPf+nLGwrm/4tKm//Hl0O/3NZ7y/p/QycXqWpJDMy1MCAAAAA7o2I7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh0rXhw8Rc3L97noJue/fxNh//rsjWz9v7VAZtHjzm5cfjigWVX/t2/vDVowcI32iadeW3L9OXXbFi5NIT2rnJlSfGyhwaVl4/+wzF33XbFw03TBk85tzpTb2Xm9ot5uWOrH9aHsCznkbqY2FjfeWdLYMoxty6s6Ew8Wh/CPrmB2efP/lxn4sb6EPbLDayauv/gzsT56RL3vXj4a52JaenAUSN2ea8zMT4TKEt397r+SXfL0t29rH8IA3IC2e5+u39+Vdk2/mMmUJ5u4+a6pI0YqItFf1SXtBEDHbFEe98QRlaE0Cdd1a+rk6r6pKv6++qkqj7pqv5rdQjjQwgV6aperEqqqkiPfG1VUlUM7Lb3TzcN60wsqwphZG7gmW9eP6YzcXoqkG3861UhDOl8yaQbv6Myabwy3fhVlSHsGUKoSpf414qkRFW6xCsVIQzMCWQbP7UihIWBz4T44TMz98F5C8+ePb2jo+2MHZioyrRVE2a1d7Q1zpjTMbM61adiynLSm8/7+GN/ftM5Mzpvpw65fXgp6YpMucquLjdX5t0dvbP3PvarNreSLc9HQf0xf1XoF/oumNd2RuNZ0+fPP2NU8rfU7M3J3z6ZaLKtRvWWbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/22Oo13/yQ929IqeST+IDQEJCorclyvM+3Zp29g/ygi/6WzpaGaq7PqALphW5Wcq6Rrk9Bn3Yxxzxx/me0uOIRhVMHAqyNPecZXTBZGJLlpokS9f3uoLJYW5N5V2bNN4vD42NfYpth4b8u7mb961t2LzrMpuu1DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBYAAAAAECYv3UYPRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//WKHPZA==")
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)

5.335761704s ago: executing program 4 (id=3047):
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000980)='./file0\x00', 0x0, &(0x7f0000000a40)=ANY=[@ANYBLOB="6e6f626172726965722c706172743d3078303030303030303030303030303030392c756d61736b3d30303030303030303030303030303030343030302c626172726965722c747970653df268d6512c6e6c733d69736f383835392d312c756d61736b3d30303030303030303030303030303030303030303030372c00000000"], 0x3, 0x6c0, &(0x7f0000001cc0)="$eJzs3U+IXHcdAPDvezuZ3Ymw3bRpGkXI0kDRBpPdHWoiCI0isocgQS+9LsmmWTJJy+5GtkXMxFoFT56kBw8VWQ8VQUSEeirWsyB48bT3gDcPOagr79/s/MtmNpvd2bafD7x9v9/8/n3ft++9+dcwAXxmLb4Wx9qRxOK5KxtZfWuz2drabN6uyhExGRFpRK3YRdKISD6OuBzFFp/PHiynSx61zisPPkxq733QLGq1csv7p7uNGzC0ZztiqlOZiIjZovifkacdmC/f8nmu7cz3hJJO3FnCzlaJg3HbHtDeaUwfO3z06xY4su4Vz5sDZiKOR/Hsmr0OiPLu8Pg7wzg0emq73pvaBx0LAAAAHLyh7+W7PfMwHsZGTB9OOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDpkBS/GZiUW1qVZyOpfv+/3vWb+vUxh7tP797Id999ZtyBAAAAAAAAAMC+nHkYD2Mjpqv6dpJ/5/9iXjmZ//1c3I21WI7VOB8bsRTrsR6rE1nLTNdE9Y2l9fXV+cGRv4hs5Pb29r1iZCwMHbnQG1e7P9Bh/6fBQCcAAAAAAAAA+Mz6USzufP8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABHQRIxUezy7WRVnom0FhFTEVFPZjvd62MNdl+K0D8adxgAAABweKaT/xWF7SR/z38qf98/FXfjTqzHSqxHK5bjev5ZQPHWOf17u9na2mzezrbBCb/xrz2tn88YxWcPw1eey3s83xmxGN+O78W5mI2rsRor8f1YivVYjtn4Vl5aiiRmyk8vZrY2G1HFOhjv5Z7a1f7YznSVs/hO55E04kas5LGdj2v1KvS07He6s1o0/1SP6Fvxfpad5NXSiDm6Xu6zI/p5uT8aZvIjPxZJmZG5MvdZNk50530w93s8T6qVqtzPR9r5DOrkzipZtX+lJ8r58XJ/CLne40dpvZlo/yyrVWffqd1zHvHlf/zl6s30zq2bN9bOHZ3T6An1nxPNrky8MFImWlkm2vvIxNR+4n966mU2irvo3u6WL+Zjp2MlvhNvxPVYjosxF/NxKebia7EQzVjoyuvzu+c1v9bSvV1rZ79UFhoR8dNyf6gmH9WQ5fVEV153zrW5PN8neh7ZydKzI2QpqUcnS3e7I/jn0FBqXygL2RrvdD3jjF9/Jua7MvHc7pn41X+3I2KtdefW6s2lN0dc76Vyn1227/beo3/9VA5o78rDzc6XZ7P/WFnlJ9FzdmRtz1Vtffmql9+41MrJetrqkV/PRdvjrtRsplP3h81UtL0wdJVm3na6q63nVU68Ea3OqxAAjqw0jr98vN540Phb4/3Gjxs3G1emvjl5afKL9Tj219qfJ36f/ib9evJyvB8/jOlxxwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ8Ga2+9fWup1VpePYKFSEfo/LsYfcL7Q5uqVBSP1A/6uIrFPvrt2NP7VAvViTS52xn1h4jYZZ76OIJvFD/bdIBLnBmtc9QO4ZAnY0jTlc4jjYi0E09E3DoiP3AHHIQL67ffvLD21ttfWbm99Pry68t3Fi5dfPVi86vz9y7cWGktzxV/xx0lcBD6X5cCAAAAAAAAAAAAR99h/CuLIcsm7TEcKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDJtPhaHGtHEvNz5+ey+tZms5VtVXmnZy0i0ohIfhCRfBxxOYotZrqmSx61zisPPvzlS+990NyZq1b1T/vG/fHf29ujBf9ONa5dbjEbERPl/vEmH9XQM9+1rvnaowXWJ+kcYZaws1XiYNz+HwAA//+INALe")
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x143042, 0x0)
setxattr$trusted_overlay_redirect(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100), 0x0, 0x0, 0x2)

4.713376744s ago: executing program 4 (id=3052):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x4, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
readlink(0x0, 0x0, 0x0)

3.204679851s ago: executing program 0 (id=3058):
syz_mount_image$ext4(&(0x7f00000007c0)='ext4\x00', &(0x7f0000000800)='./file0\x00', 0x0, &(0x7f0000000840), 0x1, 0x782, &(0x7f0000000880)="$eJzs3FGIVNUfB/Dfvbvrf//u5LgZCGEkaCVE4+omGURsEMj6FAgRKOSWs7rt6NrORu3mgxZIvUQIZiCJvkTQi/QSvUkPoSSED/USGUVFBVZYD9HLxszsrMs6Y4O769X184G7c86Zvfd7zszlcA/MvQHctlZX/iQRuYjYGRH5qfY0IpZUS50RB2v/d6T39J7KlsTk5Lbfk8pucaD39J76sZKp166o7hKbI+LTviTWLLk6tzw+MTxQKhVHp+rrx/buX18en3hoaO/A7uLu4r5HHt60qbe3p2fz/I31nZU7Vnz5eP+moys/X7X6n2+OJ9FXHXfMGsd8Spo09i9EWIZmjjNpz7AjtGxZ53MLcs4DADe3ynV+W0S0V6/389EWtYu3j1/bcTkfjzW9TL3zyRO/3Mh+AgAAANdvsm0SAAAAWPSSyLoHAAAAwMKq/w7gQO/pPfXtRv324J7tEZeeiIjltfz6/cW1d9ur9xBHdEZHRCz9M4mZt5Umtd3mlv/sHA8wR+Wt2eZfeDrb/O4Ps80/+XXEwUMRcaavwfmfTJ1/169nVn32veD3rZhjwBz98H22+WvvzTb/6EjEmcr809do/kun559oMP+015+dMAevdl+Z/45cNf9dyW9rMv/1tZjz1vvn3mvUfvaLiEuHIu5ub5SfTOcnTfKfajG/u23tukbtz3wQMXkq4v5onD8zq/nzIdYPDpWKPbW/jfM/++7NYqP2/o7a+Jc2y0/imp//zhbH3/XThfP7G7RP9tfy16259vff6PNvm3rGRitOjX872qi98EItf1eT8f/X9/92i/lfbX/0bKP2Yx+1eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABuO2lE5CJJC9PlNC0UIroi4q5YmpZGymMPDo68tG9X5b2I5dGRDg6Vij0Rka/Vk0p9Q7V8pb5xVr03Iroj4o38/6v1wvMjpV1ZDx4AAAAWuVzExe2vf7Iy634AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBr6IqIXCRpISLSiPg5n6aFQta9AgAAAOZDLuLiqpMnjlfKf+Wz7g0AAACwECrr/8uHfzsX1v8AAACwaFn/AwAAwOI3c/0PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwM8hVtyQtRERaLadpoRBxR0Qsj45kcKhU7ImIZRFxPt/xv0p9Q9adBgAAAFqSi7i4pXPLj1n3AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAW0N5fGJ4oFQqjiooKChMF7KemQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyEJ5fGJ4oFQqjpaz7gkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZSn9NIqKyPZBfm3vx0uGtM99dkvydr75GxMvHtx17ZWBsbHRDpf2P6faxd6faN2Y1BgAAAGCm+jq9vo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoVXl8YnigVCqOLmAh6zECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw/f4NAAD//100t4w=")
r0 = creat(&(0x7f0000000e40)='./file1\x00', 0x18)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file2\x00', 0xa4c42, 0x108)
ioctl$EXT4_IOC_MOVE_EXT(r1, 0xc028660f, &(0x7f0000000040)={0xc, r0, 0x0, 0x54, 0x0, 0xfffffffffe000001})

2.380010548s ago: executing program 4 (id=3063):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x8ab43, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f00000001c0)={0x1, 0x0, [{0x400000b6, 0x0, 0x40000}]})

2.289148935s ago: executing program 6 (id=3065):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x1000)
r0 = io_uring_setup(0x1694, &(0x7f0000000080))
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)

1.866110198s ago: executing program 4 (id=3069):
r0 = syz_io_uring_setup(0xec5, &(0x7f0000000d00)={0x0, 0x0, 0x3400, 0xffffe, 0x126}, &(0x7f0000000bc0)=<r1=>0x0, &(0x7f0000000b80)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_TIMEOUT={0xb, 0x2, 0x0, 0x0, 0x4000, &(0x7f00000001c0), 0x1, 0x40})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
io_uring_enter(r0, 0x2, 0x10a5, 0x3, 0x0, 0x0)

1.795239803s ago: executing program 2 (id=3070):
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
r0 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=@base={0x1b, 0x0, 0x0, 0x2000}, 0x48)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x3000013, 0x13, r0, 0x0)
syz_clone(0x4021400, 0x0, 0x9000, 0x0, 0x0, 0x0)

1.729907985s ago: executing program 7 (id=3071):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000240)={'wg0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x5a, &(0x7f0000000040)={&(0x7f0000000440)=@ipv4_newroute={0x2c, 0x18, 0xaba64f4add525e83, 0x0, 0x0, {0x2, 0x0, 0x10, 0x4, 0x2, 0x0, 0xfe, 0x2, 0x700}, [@RTA_OIF={0x8, 0x4, r1}, @RTA_PREFSRC={0x8, 0x7, @broadcast}]}, 0x2c}, 0x1, 0xffffff7f, 0x0, 0x8000}, 0x4040000)

1.508983131s ago: executing program 2 (id=3072):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000700)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, r0}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x16, 0x1c, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000180000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000008200000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7020000000000008500000008000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b80a000500000000", &(0x7f0000000300)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

1.350106057s ago: executing program 7 (id=3073):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000002200)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)={0x1c, r0, 0x1, 0x0, 0x0, {{0xa}, {@val={0x8, 0x3, r2}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

1.310268151s ago: executing program 0 (id=3074):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r0, &(0x7f00000008c0)=[{{&(0x7f0000000480)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}}, 0x1c, &(0x7f0000000300)=[{&(0x7f00000005c0)="99", 0x1}], 0x1}}, {{&(0x7f00000000c0)={0xa, 0x4e24, 0x0, @private0={0xfc, 0x0, '\x00', 0x1}, 0x4}, 0x1c, &(0x7f0000000280)=[{&(0x7f00000003c0)=')', 0x1}], 0x1}}], 0x2, 0x44)
shutdown(r0, 0x1)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r0, 0x84, 0x75, &(0x7f0000000040)={0x0, 0x5}, 0x8)

1.242423104s ago: executing program 6 (id=3075):
syz_open_procfs$namespace(0x0, &(0x7f0000000100)='ns/uts\x00')
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='wchan\x00')
readlinkat(r0, &(0x7f0000000100)='./mnt\x00', &(0x7f0000000540)=""/76, 0x4c)

1.191432447s ago: executing program 2 (id=3076):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000a00)={0x6, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000580)={'veth1_to_bond\x00', <r2=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000001c0)={r0, r2, 0x25, 0x2, @val=@perf_event={0x11}}, 0x18)

1.176859147s ago: executing program 6 (id=3077):
r0 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f0000000040)=[<r1=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r0, 0xc06864a1, &(0x7f0000000140)={0x0, 0xffd5, r1, <r2=>0x0})
ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f0000000200)={0x0, 0x0, r1, r2, 0x0, 0x0, 0x0, 0x7, {0xfffffffc, 0xfbff, 0x9, 0x4, 0x0, 0xffff, 0x0, 0x20, 0x0, 0x0, 0xffff, 0x0, 0x1, 0xfffffffe, "d20bddda7d1db9342d97752251560ed1000000001c00"}})

1.122870569s ago: executing program 7 (id=3078):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x101800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x6)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f00000002c0)={0x1, 0x0, [{0x7, 0x0, 0x2, 0x19, 0x1000, 0xfffffffe, 0x1}]})

1.074548406s ago: executing program 4 (id=3079):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x3, 0x3, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000008000000000000000000910095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
r1 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={r0, r0, 0x2f, 0x0, @void}, 0x10)
bpf$LINK_DETACH(0x22, &(0x7f0000000140)=r1, 0x4)
bpf$BPF_GET_BTF_INFO(0xf, &(0x7f0000000240)={r1, 0x0, 0x0}, 0x10)

946.075682ms ago: executing program 2 (id=3080):
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000a00)={0x84, 0x0, 0x2, 0x301, 0x0, 0x0, {0x7, 0x0, 0x2}, [@CTA_EXPECT_NAT={0x70, 0xa, 0x0, 0x1, [@CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_TUPLE={0x54, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x3a}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x4}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0x3c}}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x21}}]}, @CTA_EXPECT_NAT_DIR={0x8}, @CTA_EXPECT_NAT_DIR={0x8, 0x1, 0x1, 0x0, 0x1}]}]}, 0x84}, 0x1, 0x0, 0x0, 0x40010}, 0x4008000)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x321}, {&(0x7f0000000280)=""/85, 0x21}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000580)=""/106, 0x659}, {&(0x7f0000000980)=""/73, 0xd}, {&(0x7f0000000200)=""/77, 0x69}, {&(0x7f00000007c0)=""/141, 0xc4}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0x41}, 0x5}], 0x4000000000003b4, 0x2000, &(0x7f0000003700)={0x77359400})

913.441772ms ago: executing program 6 (id=3081):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_SREGS2(r2, 0x4140aecd, &(0x7f0000000400)={{0xdddd1000, 0x1000, 0x4, 0x49, 0x4, 0xc, 0x4, 0xe2, 0x0, 0x2, 0x5, 0x4}, {0x10000, 0x80a0000, 0xf, 0x0, 0xe, 0x1, 0x2, 0x4, 0xb0, 0x8, 0x58, 0x6}, {0x8080000, 0x100000, 0xc, 0xa7, 0x5, 0xbb, 0xde, 0x1, 0x4, 0xf5, 0x8, 0x8}, {0xeeee0000, 0x100000, 0x0, 0x6, 0x5, 0x2, 0x4, 0x40, 0x3f, 0x7, 0x90}, {0x8080000, 0xdddd0000, 0x4, 0x5, 0x53, 0x4, 0x88, 0x0, 0x78, 0x0, 0x10, 0xa}, {0x2000, 0xdddd1000, 0x0, 0x7, 0x1, 0x41, 0x5, 0x9, 0x4, 0x9, 0x9, 0x7}, {0x1000, 0x2000, 0x9, 0x7, 0x7f, 0x3, 0x0, 0x81, 0x4, 0xb, 0x8b, 0x6c}, {0x1000, 0x80a0000, 0x0, 0x3, 0x5, 0x8, 0xee, 0x4, 0x0, 0x7, 0x50, 0x81}, {0x6000, 0x1}, {0x2000}, 0xe0010009, 0x0, 0xeeee8000, 0x102528, 0xe, 0x800, 0xdddd0000, 0x1, [0x200000005c, 0xffffffffffffff18, 0x20010000, 0xcea8]})

756.282436ms ago: executing program 4 (id=3082):
r0 = socket(0x840000000002, 0x3, 0x100)
connect$inet(r0, &(0x7f0000000000)={0x2, 0x0, @remote}, 0x10)
sendmmsg$inet(r0, &(0x7f0000005240), 0x4000095, 0x0)
setsockopt$inet_buf(r0, 0x0, 0x2f, 0x0, 0x0)

705.908772ms ago: executing program 0 (id=3083):
r0 = syz_io_uring_setup(0x495, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x1000007, 0x428b}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_WRITE={0x17, 0x0, 0x4000, @fd_index, 0x2, &(0x7f0000001480)="2b010ed9a2708e87eed9561f0432352e1295f4c90b262faee2ffca25ff8b5270f8cc6d625f2a6627cbda7a81a206c732a17edf76dec3dba5816f4bd691270e8fec16d55a01b3edb3081cb59cb7d6469341ea46e938341854ecccff854ab569c15b380d35f0930c6d7f7607549ae92972e7d746e158a704f630b0e66cecdda1b446dfe8f0ef7bd860e3bf6d81160033ec8ffcd7ef4ebd50c6f21a3d43c7f54391bb0d8212b2e7fe61d82e1ef7a17c866dabb72ff7910cbb75abd9fb5415c5bf19c4aff0e99598f04ff9efeeda111ebbb137d6136bc684a2a72d3e2275d4bc434d6b293bd469041ddbd67cfa562b73bf07bdc5df2471716e295f0c1eb346e0ec70d39efab77ae9b547eb0ebdc409b4696f6cc45d1de6fdce488a09fcd23d151b769c9d6fcc0fb00fed72a6668fc2af0091cfc07ca12712045661bc002dc81e88f26371be78cfb6652dc70adcf4035372ebd59a9c34129a7dcdcedbaac6b530248be621964f88ae16374008284a22df5dd5b7cc53b4cba88514f5a89b8e74505ab4fa430231bf3acccbc94d80075bdc14c71e68e9ef3a35099d0a2bf67935349e94af85aee75afee6922116253eb9dc8394cd25fe6a4c18ed53a1873cacff12044b5b7f4f9a98540d6332e683e24f0c7aab1041e7fe2e7c051081e3b03e1f0039788dfd7a231159a4b43ba14755175d5baf05", 0x1f1})
io_uring_enter(r0, 0x3516, 0x0, 0x1, 0x0, 0x0)

617.692333ms ago: executing program 2 (id=3084):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[@ANYBLOB="6c0000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x6c}, 0x1, 0x0, 0x0, 0x1}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="ac00000000010104000000000000000002000000240001801400018008000100e000000108000200e00000010c000280050001000000000024000280140001800800010000000000080002007f0000010c00028005000100000000000800074000000000340018"], 0xac}}, 0x0)

575.435736ms ago: executing program 7 (id=3085):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000001a00)={'wpan0\x00', <r2=>0x0})
sendmsg$NL802154_CMD_NEW_SEC_DEVKEY(r0, &(0x7f0000001e40)={0x0, 0x0, &(0x7f0000001e00)={&(0x7f0000001d80)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010029bd7000fedbdf251d00000008000300", @ANYRES32=r2, @ANYBLOB="18002f80080001"], 0x34}}, 0x40080d0)

429.947683ms ago: executing program 6 (id=3086):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty, 0x0, 0x4}, 0x20)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
connect$l2tp6(r0, &(0x7f0000000080)={0xa, 0x0, 0x3, @remote, 0xd964, 0x20800004}, 0x20)

247.44387ms ago: executing program 7 (id=3087):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000900)=@newqdisc={0x14c, 0x24, 0x3fe3aa0262d8c783, 0x70bd28, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x0, 0xffe0}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x11c, 0x2, [@TCA_CHOKE_PARMS={0x14, 0x1, {0x0, 0x0, 0x0, 0x1c}}, @TCA_CHOKE_STAB={0x104, 0x2, "1c2015f3c5e23d27d29a00dd397b5c11d4cf201c1a0619fc314514ab71788e4079fdbe4f2a0d60b83a7d04c1d709981110401e5e10685abbad9b6f18e303e902c77244658a099a36fa486760c4941ea7df64250af29a4935de5d244f0549d93679b3d4fb358c2076bc6b1c9735ff8243f088e67455ba14975d12e5903ceeb7a23d62ecb5253ad444ef726b58a00f13f22ccc84cc06c9912b621c3ddc5f3229dc84c0880b5c6faefe33413b34a146e592fc15ae234dac030f05bb99eab08dfd2cb5659c6fc21fb7da6c380165ddde4659e75538dc864a53f691e1d785d6e6f73a03abf2120bce67e2d50075fd811b3e03a1cc2d66335bdee19738a0c1fb79b77d"}]}}]}, 0x14c}}, 0x20000004)

219.506494ms ago: executing program 2 (id=3088):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_ro(r0, &(0x7f0000000040)='cgroup.freeze\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000200)=0x80, 0x12)

117.545338ms ago: executing program 6 (id=3089):
openat$audio(0xffffffffffffff9c, 0x0, 0xa2442, 0x0)
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000440)=ANY=[@ANYBLOB="1201000006c055080a115014cb62010203010902120001fe0000000904"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000800)={0x44, &(0x7f0000000900)={0x40, 0x30}, 0x0, 0x0, &(0x7f0000000500)={0x20, 0x81, 0x2, "b90b"}, 0x0, 0x0, 0x0, &(0x7f00000007c0)={0x20, 0x85, 0x3, "3782c7"}})

0s ago: executing program 7 (id=3090):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$sock_SIOCINQ(r2, 0x541b, 0x0)

kernel console output (not intermixed with test programs):

? lockdep_hardirqs_on+0x7a/0x110
[  256.045289][ T5826]  deactivate_locked_super+0xbc/0x130
[  256.045315][ T5826]  cleanup_mnt+0x437/0x4d0
[  256.045340][ T5826]  ? _raw_spin_unlock_irq+0x23/0x50
[  256.045368][ T5826]  task_work_run+0x1d9/0x270
[  256.045400][ T5826]  ? __pfx_task_work_run+0x10/0x10
[  256.045432][ T5826]  exit_to_user_mode_loop+0xed/0x480
[  256.045456][ T5826]  ? rcu_is_watching+0x15/0xb0
[  256.045479][ T5826]  do_syscall_64+0x32d/0xf80
[  256.045493][ T5826]  ? trace_irq_disable+0x3b/0x150
[  256.045514][ T5826]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.045532][ T5826]  ? clear_bhb_loop+0x40/0x90
[  256.045554][ T5826]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  256.045572][ T5826] RIP: 0033:0x7f3dcad9d9d7
[  256.045590][ T5826] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  256.045604][ T5826] RSP: 002b:00007ffcf8635458 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  256.045622][ T5826] RAX: 0000000000000000 RBX: 00007f3dcae32050 RCX: 00007f3dcad9d9d7
[  256.045632][ T5826] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcf8635510
[  256.045642][ T5826] RBP: 00007ffcf8635510 R08: 00007ffcf8636510 R09: 00000000ffffffff
[  256.045653][ T5826] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffcf86365a0
[  256.045663][ T5826] R13: 00007f3dcae32050 R14: 000000000003e785 R15: 00007ffcf86365e0
[  256.045692][ T5826]  </TASK>
[  256.045699][ T5826] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  256.275399][ T1158] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  256.516428][ T3539] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  256.532441][ T3539] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  256.868773][T11317] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1928'.
[  257.061318][T11323] loop0: detected capacity change from 0 to 1024
[  257.265325][   T30] audit: type=1326 audit(1773238892.498:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11327 comm="syz.4.2085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f406319c799 code=0x7ffc0000
[  257.296536][T11331] loop5: detected capacity change from 0 to 64
[  257.355511][   T30] audit: type=1326 audit(1773238892.498:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11327 comm="syz.4.2085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f406319c799 code=0x7ffc0000
[  257.464191][   T30] audit: type=1326 audit(1773238892.498:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11327 comm="syz.4.2085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f406319c799 code=0x7ffc0000
[  257.590998][T11339] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2088'.
[  257.592526][   T30] audit: type=1326 audit(1773238892.498:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11327 comm="syz.4.2085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f406319c799 code=0x7ffc0000
[  257.677121][T11331] overlayfs: upper fs needs to support d_type.
[  257.718195][   T30] audit: type=1326 audit(1773238892.498:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11327 comm="syz.4.2085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=73 compat=0 ip=0x7f406319c799 code=0x7ffc0000
[  257.789958][   T30] audit: type=1326 audit(1773238892.498:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11327 comm="syz.4.2085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f406319c799 code=0x7ffc0000
[  257.812069][   T10] kernel write not supported for file /snd/seq (pid: 10 comm: kworker/0:1)
[  257.858908][   T30] audit: type=1326 audit(1773238892.498:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11327 comm="syz.4.2085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f406319c799 code=0x7ffc0000
[  257.904979][T11331] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  257.928492][T11331] overlayfs: failed to set xattr on upper
[  257.941908][T11331] overlayfs: ...falling back to redirect_dir=nofollow.
[  257.957189][   T30] audit: type=1326 audit(1773238892.498:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11327 comm="syz.4.2085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f406319c799 code=0x7ffc0000
[  257.981458][T11331] overlayfs: ...falling back to index=off.
[  258.029297][T11331] overlayfs: ...falling back to uuid=null.
[  258.055926][   T30] audit: type=1326 audit(1773238892.498:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11327 comm="syz.4.2085" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f406319c799 code=0x7ffc0000
[  258.397465][T10895] Trying to free block not in datazone
[  258.646263][T11362] loop5: detected capacity change from 0 to 256
[  258.676745][T11362] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  259.110502][T11370] loop2: detected capacity change from 0 to 512
[  259.119167][T11353] loop0: detected capacity change from 0 to 40427
[  259.133676][T11353] F2FS-fs (loop0): Image doesn't support compression
[  259.142117][T11353] F2FS-fs (loop0): build fault injection rate: 684
[  259.151637][T11353] F2FS-fs (loop0): build fault injection type: 0x35f7
[  259.153315][T11370] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  259.160055][T11353] F2FS-fs (loop0): invalid crc value
[  259.202745][T11370] ext4 filesystem being mounted at /423/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  259.216323][T11375] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2104'.
[  259.267237][T11375] netlink: 'syz.4.2104': attribute type 5 has an invalid length.
[  259.287290][T11353] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  259.317463][T11353] F2FS-fs (loop0): Start checkpoint disabled!
[  259.321238][T11375] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2104'.
[  259.341485][T11353] F2FS-fs (loop0): f2fs_disable_checkpoint() finish, err:0
[  259.375007][T11353] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  259.397366][ T5835] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  259.497341][   T30] audit: type=1800 audit(1773238894.728:139): pid=11353 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.2095" name="file1" dev="loop0" ino=10 res=0 errno=0
[  259.583892][T11375] geneve2: entered promiscuous mode
[  259.589321][T11375] geneve2: entered allmulticast mode
[  259.614455][T11383] loop5: detected capacity change from 0 to 1024
[  259.637292][ T1158] kworker/u8:9: attempt to access beyond end of device
[  259.637292][ T1158] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  259.648270][T11382] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  259.692980][T11382] macsec1: entered promiscuous mode
[  259.699644][ T1158] CPU: 0 UID: 0 PID: 1158 Comm: kworker/u8:9 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  259.699671][ T1158] Tainted: [L]=SOFTLOCKUP
[  259.699676][ T1158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  259.699686][ T1158] Workqueue: writeback wb_workfn (flush-7:0)
[  259.699719][ T1158] Call Trace:
[  259.699724][ T1158]  <TASK>
[  259.699731][ T1158]  dump_stack_lvl+0xe8/0x150
[  259.699756][ T1158]  f2fs_handle_critical_error+0x37c/0x540
[  259.699779][ T1158]  f2fs_write_end_io+0x1274/0x1740
[  259.699815][ T1158]  __submit_merged_bio+0x256/0x700
[  259.699837][ T1158]  __submit_merged_write_cond+0x3c9/0x4e0
[  259.699861][ T1158]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  259.699897][ T1158]  f2fs_write_data_pages+0x287e/0x34f0
[  259.699947][ T1158]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  259.699976][ T1158]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  259.700024][ T1158]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  259.700062][ T1158]  ? __lock_acquire+0x6b5/0x2cf0
[  259.700098][ T1158]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  259.700117][ T1158]  do_writepages+0x32e/0x550
[  259.700141][ T1158]  ? reacquire_held_locks+0x104/0x190
[  259.700156][ T1158]  ? writeback_sb_inodes+0x477/0x1a20
[  259.700178][ T1158]  __writeback_single_inode+0x133/0x11a0
[  259.700196][ T1158]  ? do_raw_spin_unlock+0xf5/0x210
[  259.700217][ T1158]  writeback_sb_inodes+0x992/0x1a20
[  259.700251][ T1158]  ? __lock_acquire+0x6b5/0x2cf0
[  259.700275][ T1158]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  259.700290][ T1158]  ? do_raw_spin_lock+0x12b/0x2f0
[  259.700338][ T1158]  ? rcu_is_watching+0x15/0xb0
[  259.700360][ T1158]  wb_writeback+0x456/0xb70
[  259.700379][ T1158]  ? queue_io+0x1d1/0x4a0
[  259.700403][ T1158]  ? __pfx_wb_writeback+0x10/0x10
[  259.700417][ T1158]  ? do_raw_spin_lock+0x12b/0x2f0
[  259.700457][ T1158]  wb_workfn+0x414/0xf50
[  259.700482][ T1158]  ? look_up_lock_class+0x57/0x110
[  259.700514][ T1158]  ? __pfx_wb_workfn+0x10/0x10
[  259.700539][ T1158]  ? do_raw_spin_lock+0x12b/0x2f0
[  259.700561][ T1158]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  259.700595][ T1158]  ? process_one_work+0x8b2/0x1760
[  259.700619][ T1158]  process_one_work+0x9a5/0x1760
[  259.700656][ T1158]  ? __pfx_process_one_work+0x10/0x10
[  259.700675][ T1158]  ? do_raw_spin_lock+0x12b/0x2f0
[  259.700709][ T1158]  worker_thread+0xb49/0x1140
[  259.700746][ T1158]  kthread+0x388/0x470
[  259.700763][ T1158]  ? __pfx_worker_thread+0x10/0x10
[  259.700774][ T1158]  ? __pfx_kthread+0x10/0x10
[  259.700791][ T1158]  ret_from_fork+0x51e/0xb90
[  259.700815][ T1158]  ? __pfx_ret_from_fork+0x10/0x10
[  259.700833][ T1158]  ? __switch_to+0xc7d/0x1450
[  259.700855][ T1158]  ? __pfx_kthread+0x10/0x10
[  259.700873][ T1158]  ret_from_fork_asm+0x1a/0x30
[  259.700903][ T1158]  </TASK>
[  259.912853][ T1158] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  259.978517][T11382] netdevsim netdevsim2 netdevsim0: left promiscuous mode
[  260.035663][T11385] netlink: 488 bytes leftover after parsing attributes in process `syz.4.2110'.
[  260.044973][T11385] netlink: 1041 bytes leftover after parsing attributes in process `syz.4.2110'.
[  260.111079][   T49] netdevsim netdevsim4 netdevsim0: set [1, 1] type 2 family 0 port 256 - 0
[  260.119931][   T49] netdevsim netdevsim4 netdevsim1: set [1, 1] type 2 family 0 port 256 - 0
[  260.149558][   T49] netdevsim netdevsim4 netdevsim2: set [1, 1] type 2 family 0 port 256 - 0
[  260.210375][   T49] netdevsim netdevsim4 netdevsim3: set [1, 1] type 2 family 0 port 256 - 0
[  260.308428][T11390] loop4: detected capacity change from 0 to 128
[  260.612101][T11394] loop5: detected capacity change from 0 to 256
[  260.640465][T11394] exfat: Deprecated parameter 'utf8'
[  260.668197][T11394] exfat: Deprecated parameter 'namecase'
[  260.678483][T11397] loop4: detected capacity change from 0 to 256
[  260.706223][T11394] exFAT-fs (loop5): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc374f927, utbl_chksum : 0xe619d30d)
[  260.722705][T11397] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  261.001449][T11401] netlink: 'syz.2.2115': attribute type 298 has an invalid length.
[  261.241566][T11406] loop5: detected capacity change from 0 to 2048
[  261.320732][T11406] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  262.081117][T11435] set_capacity_and_notify: 1 callbacks suppressed
[  262.081137][T11435] loop2: detected capacity change from 0 to 512
[  262.173659][T11435] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  262.202651][T11435] ext4 filesystem being mounted at /430/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  262.317096][T11422] loop4: detected capacity change from 0 to 32768
[  262.361742][T11422] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  262.418025][ T5835] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.480035][T11454] loop5: detected capacity change from 0 to 512
[  262.497362][T11422] XFS (loop4): Ending clean mount
[  262.563370][T11454] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c198, mo2=0002]
[  262.585846][T11454] System zones: 1-12
[  262.604251][T11454] EXT4-fs error (device loop5): ext4_iget_extra_inode:5028: inode #15: comm syz.5.2136: corrupted in-inode xattr: e_value size too large
[  262.678522][T11454] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  262.682404][    C1] EXT4-fs (loop5): error count since last fsck: 1
[  262.698871][    C1] EXT4-fs (loop5): initial error at time 1773238897: ext4_iget_extra_inode:5028: inode 15
[  262.709386][    C1] EXT4-fs (loop5): last error at time 1773238897: ext4_iget_extra_inode:5028: inode 15
[  262.746765][ T5836] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  262.772819][T11454] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.2136: couldn't read orphan inode 15 (err -117)
[  262.862515][T11454] loop5: lost filesystem error report for type 5 error -117
[  262.870123][T11454] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  263.043125][T11459] loop0: detected capacity change from 0 to 4096
[  263.140153][T10895] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  263.196376][T11464] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  263.655394][T11475] loop2: detected capacity change from 0 to 512
[  263.670075][T11476] netlink: 165 bytes leftover after parsing attributes in process `syz.5.2144'.
[  263.717257][T11475] EXT4-fs (loop2): Test dummy encryption mode enabled
[  263.780067][T11475] EXT4-fs (loop2): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  263.896350][T11475] EXT4-fs error (device loop2): htree_dirblock_to_tree:1051: inode #2: comm syz.2.2145: Directory hole found for htree leaf block 0
[  263.978622][T11475] EXT4-fs (loop2): Remounting filesystem read-only
[  264.081190][ T5835] EXT4-fs (loop2): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[  264.318339][ T5151] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  264.335660][ T5151] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  264.349404][ T5151] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  264.359356][ T5151] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  264.372125][ T5151] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  264.469105][T11479] loop0: detected capacity change from 0 to 32768
[  264.484523][T11479] (syz.0.2147,11479,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  264.504239][T11479] (syz.0.2147,11479,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  264.532977][T11479] JBD2: Ignoring recovery information on journal
[  264.723700][T11479] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  265.207983][T11519] loop5: detected capacity change from 0 to 256
[  265.208030][T11520] loop4: detected capacity change from 0 to 64
[  265.237229][T11519] exfat: Deprecated parameter 'utf8'
[  265.248159][T11519] exfat: Deprecated parameter 'namecase'
[  265.270444][T11519] exFAT-fs (loop5): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc374f927, utbl_chksum : 0xe619d30d)
[  265.338801][ T5826] ocfs2: Unmounting device (7,0) on (node local)
[  265.461144][T11524] loop2: detected capacity change from 0 to 512
[  265.569836][T11524] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  265.660633][T11524] ext4 filesystem being mounted at /442/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  265.764195][T11538] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth0_to_bond, syncid = 0, id = 0
[  266.085261][ T5835] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  266.264681][ T3539] netdevsim netdevsim1 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  266.305480][T11557] loop2: detected capacity change from 0 to 512
[  266.322813][T11557] EXT4-fs (loop2): can't mount with journal_checksum, fs mounted w/o journal
[  266.338380][ T3539] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.473926][ T5828] Bluetooth: hci5: command tx timeout
[  266.595886][T11488] chnl_net:caif_netlink_parms(): no params data found
[  267.002930][ T3539] netdevsim netdevsim1 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  267.046648][ T3539] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.497958][T11588] syz.5.2186 (11588): /proc/11586/oom_adj is deprecated, please use /proc/11586/oom_score_adj instead.
[  267.546159][ T3539] netdevsim netdevsim1 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  267.581035][T11575] set_capacity_and_notify: 1 callbacks suppressed
[  267.581054][T11575] loop0: detected capacity change from 0 to 32768
[  267.582063][ T3539] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  267.658266][T11575] 
[  267.658266][T11575]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  267.658266][T11575] 
[  267.747021][T11596] netlink: 65039 bytes leftover after parsing attributes in process `syz.2.2196'.
[  267.801373][T11595] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  267.816963][T11595] macsec1: entered promiscuous mode
[  267.834189][T11595] netdevsim netdevsim4 netdevsim0: left promiscuous mode
[  267.885301][T11599] loop5: detected capacity change from 0 to 2048
[  267.988327][T11599] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  268.041235][T11575] blkno = 0, nblocks = 40
[  268.061694][T11575] ERROR: (device loop0): dbFree: block to be freed is outside the map
[  268.061694][T11575] 
[  268.128427][T11575] ERROR: (device loop0): remounting filesystem as read-only
[  268.128773][T11599] EXT4-fs error (device loop5): ext4_find_extent:939: inode #2: comm syz.5.2188: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  268.164703][ T3539] netdevsim netdevsim1 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  268.212614][ T3539] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  268.323988][T11599] EXT4-fs (loop5): Remounting filesystem read-only
[  268.371590][T11614] netlink: 'syz.4.2190': attribute type 1 has an invalid length.
[  268.391546][T11488] bridge0: port 1(bridge_slave_0) entered blocking state
[  268.411745][T11488] bridge0: port 1(bridge_slave_0) entered disabled state
[  268.433685][T11488] bridge_slave_0: entered allmulticast mode
[  268.479517][T11488] bridge_slave_0: entered promiscuous mode
[  268.509444][T10895] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  268.521573][T11488] bridge0: port 2(bridge_slave_1) entered blocking state
[  268.585184][ T5828] Bluetooth: hci5: command tx timeout
[  268.597794][T11488] bridge0: port 2(bridge_slave_1) entered disabled state
[  268.606958][T11488] bridge_slave_1: entered allmulticast mode
[  268.615962][T11488] bridge_slave_1: entered promiscuous mode
[  268.778515][T11488] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  268.973561][T11488] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  269.164549][T11488] team0: Port device team_slave_0 added
[  269.198790][T11488] team0: Port device team_slave_1 added
[  269.220322][T11620] loop0: detected capacity change from 0 to 32768
[  269.239640][T11620] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2191 (11620)
[  269.319915][T11620] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  269.360318][T11620] BTRFS info (device loop0): using sha256 checksum algorithm
[  269.381910][T11633] loop2: detected capacity change from 0 to 64
[  269.581677][T11488] batman_adv: batadv0: Adding interface: batadv_slave_0
[  269.621136][T11620] BTRFS info (device loop0): enabling ssd optimizations
[  269.651077][T11488] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  269.692573][T11620] BTRFS info (device loop0): turning on async discard
[  269.724539][T11620] BTRFS info (device loop0): enabling free space tree
[  269.729568][T11617] loop4: detected capacity change from 0 to 32768
[  269.789701][T11488] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  269.850687][T11617] XFS (loop4): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  270.116337][T11488] batman_adv: batadv0: Adding interface: batadv_slave_1
[  270.176473][T11488] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  270.236382][ T5826] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  270.276370][T11488] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  270.368624][T11617] XFS (loop4): Starting recovery (logdev: internal)
[  270.547975][T11617] XFS (loop4): Ending recovery (logdev: internal)
[  270.636819][ T5828] Bluetooth: hci5: command tx timeout
[  270.866835][ T3539] bridge_slave_1: left allmulticast mode
[  270.875689][ T3539] bridge_slave_1: left promiscuous mode
[  270.933129][ T3539] bridge0: port 2(bridge_slave_1) entered disabled state
[  270.957285][T11690] raw_sendmsg: syz.0.2205 forgot to set AF_INET. Fix it!
[  271.006255][ T3539] bridge_slave_0: left allmulticast mode
[  271.047494][ T3539] bridge_slave_0: left promiscuous mode
[  271.065956][ T3539] bridge0: port 1(bridge_slave_0) entered disabled state
[  271.136349][ T5836] XFS (loop4): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  271.146124][ T3539] batman_adv: batadv0: Interface deactivated: gretap1
[  271.160596][T11653] loop2: detected capacity change from 0 to 40427
[  271.206120][T11653] F2FS-fs (loop2): Invalid segment/section count (31, 24 x 1)
[  271.249388][T11653] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  271.269322][T11653] F2FS-fs (loop2): invalid crc value
[  271.291307][T11653] F2FS-fs (loop2): Ignore s_resuid=0, s_resgid=60928 w/o reserve_root and reserve_node
[  271.628304][T11708] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2210'.
[  271.712940][T11653] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  271.756788][T11653] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  271.774109][T11653] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  271.896511][T11715] Invalid logical block size (32)
[  272.186039][T11722] loop4: detected capacity change from 0 to 512
[  272.219033][T11722] EXT4-fs: inline encryption not supported
[  272.250166][T11722] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  272.277950][T11722] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  272.371919][T11722] __quota_error: 8 callbacks suppressed
[  272.371937][T11722] Quota error (device loop4): do_insert_tree: Free block already used in tree: block 1
[  272.389664][T11722] Quota error (device loop4): qtree_write_dquot: Error -5 occurred while creating quota
[  272.406932][T11722] EXT4-fs error (device loop4): ext4_acquire_dquot:7001: comm syz.4.2214: Failed to acquire dquot type 1
[  272.422516][T11722] loop4: lost filesystem error report for type 5 error -5
[  272.424339][T11722] EXT4-fs (loop4): Remounting filesystem read-only
[  272.438345][    C0] EXT4-fs (loop4): error count since last fsck: 1
[  272.438368][    C0] EXT4-fs (loop4): initial error at time 1773238907: ext4_acquire_dquot:7001
[  272.438387][    C0] EXT4-fs (loop4): last error at time 1773238907: ext4_acquire_dquot:7001
[  272.466062][T11728] loop0: detected capacity change from 0 to 512
[  272.476329][T11728] EXT4-fs: Ignoring removed i_version option
[  272.489731][T11728] EXT4-fs: Ignoring removed bh option
[  272.500780][T11722] EXT4-fs (loop4): 1 truncate cleaned up
[  272.512038][ T3539] batman_adv: batadv0: Removing interface: gretap1
[  272.542826][T11728] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  272.560484][T11722] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  272.584226][T11728] ext4 filesystem being mounted at /420/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  272.677226][ T5836] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.714108][ T5828] Bluetooth: hci5: command tx timeout
[  272.750525][ T5826] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.775599][ T3539] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  272.886607][T11737] IPVS: ip_vs_edit_dest(): lower threshold is higher than upper threshold
[  272.940027][ T3539] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  272.995231][ T3539] bond0 (unregistering): Released all slaves
[  273.096317][T11488] hsr_slave_0: entered promiscuous mode
[  273.126190][T11488] hsr_slave_1: entered promiscuous mode
[  273.347022][ T3539] IPVS: stopping backup sync thread 10327 ...
[  273.597595][T11758] netlink: 56 bytes leftover after parsing attributes in process `syz.2.2226'.
[  273.631003][T11758] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2226'.
[  273.747908][T11741] loop0: detected capacity change from 0 to 32768
[  273.816982][T11741] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2217 (11741)
[  273.867813][T11741] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  273.908985][T11741] BTRFS info (device loop0): using blake2b checksum algorithm
[  274.095511][T11786] loop5: detected capacity change from 0 to 128
[  274.124459][T11741] BTRFS info (device loop0 state E): setting nodatasum
[  274.156370][T11786] EXT4-fs (loop5): Test dummy encryption mode enabled
[  274.177965][T11741] BTRFS info (device loop0 state E): setting nodatacow
[  274.198617][T11741] BTRFS info (device loop0 state E): disabling log replay at mount time
[  274.214145][T11741] BTRFS info (device loop0 state E): turning on async discard
[  274.227415][T11786] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  274.274063][T11741] BTRFS info (device loop0 state E): enabling free space tree
[  274.332562][T11786] ext4 filesystem being mounted at /44/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  274.372719][T11741] BTRFS info (device loop0 state E): force clearing of disk cache
[  274.427772][T11741] BTRFS info (device loop0 state E): enabling auto defrag
[  274.641437][T10895] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  274.678884][T11762] loop4: detected capacity change from 0 to 32768
[  274.692331][ T5826] BTRFS info (device loop0 state E): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  274.767535][ T3539] hsr_slave_0: left promiscuous mode
[  274.773774][T11762] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  274.843896][ T3539] hsr_slave_1: left promiscuous mode
[  274.862119][ T3539] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  274.905683][T11762] XFS (loop4): Ending clean mount
[  274.911896][ T3539] batman_adv: batadv0: Removing interface: batadv_slave_0
[  274.960787][ T3539] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  274.998924][ T3539] batman_adv: batadv0: Removing interface: batadv_slave_1
[  275.464287][T11821] loop0: detected capacity change from 0 to 512
[  275.483431][T11821] EXT4-fs: Ignoring removed orlov option
[  275.500556][T11821] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c119, mo2=0002]
[  275.532932][T11821] EXT4-fs error (device loop0): ext4_iget_extra_inode:5028: inode #15: comm syz.0.2239: corrupted in-inode xattr: e_value size too large
[  275.572721][T11821] loop0: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  275.574721][T11821] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.2239: couldn't read orphan inode 15 (err -117)
[  275.583958][    C1] EXT4-fs (loop0): error count since last fsck: 1
[  275.583984][    C1] EXT4-fs (loop0): initial error at time 1773238910: ext4_iget_extra_inode:5028: inode 15
[  275.584016][    C1] EXT4-fs (loop0): last error at time 1773238910: ext4_iget_extra_inode:5028: inode 15
[  275.642475][T11821] loop0: lost filesystem error report for type 5 error -117
[  275.647588][T11821] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  275.703611][T11807] loop5: detected capacity change from 0 to 32768
[  275.763514][ T5836] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  275.786926][ T3539] veth1_macvtap: left promiscuous mode
[  275.793247][ T3539] veth0_macvtap: left promiscuous mode
[  275.794890][T11807] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  275.801795][ T3539] veth1_vlan: left promiscuous mode
[  275.868248][ T3539] veth0_vlan: left promiscuous mode
[  275.906832][ T5826] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  275.967439][T11807] XFS (loop5): Ending clean mount
[  276.076763][T11832] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2240'.
[  276.191130][T10895] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  276.763043][T11848] loop0: detected capacity change from 0 to 1024
[  276.926415][   T58] hfsplus: b-tree write err: -5, ino 25
[  276.945207][   T58] hfsplus: b-tree write err: -5, ino 4
[  276.975385][   T58] hfsplus: b-tree write err: -5, ino 2
[  277.099697][T11854] netlink: 'syz.0.2250': attribute type 10 has an invalid length.
[  277.458590][ T3539] team0 (unregistering): Port device team_slave_1 removed
[  277.564634][ T3539] team0 (unregistering): Port device team_slave_0 removed
[  277.654436][T11868] loop5: detected capacity change from 0 to 512
[  277.695926][T11868] EXT4-fs error (device loop5): ext4_orphan_get:1417: comm syz.5.2256: bad orphan inode 15
[  277.712613][T11868] loop5: lost filesystem error report for type 5 error -117
[  277.715723][T11868] ext4_test_bit(bit=14, block=5) = 0
[  277.723181][    C0] EXT4-fs (loop5): error count since last fsck: 1
[  277.723206][    C0] EXT4-fs (loop5): initial error at time 1773238912: ext4_orphan_get:1417
[  277.723231][    C0] EXT4-fs (loop5): last error at time 1773238912: ext4_orphan_get:1417
[  277.830681][T11868] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  277.910644][T11853] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  277.933022][T11868] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 7987 vs 220 free clusters
[  277.962705][T11868] EXT4-fs error (device loop5): ext4_free_inode:354: comm syz.5.2256: bit already cleared for inode 13
[  278.100506][T10895] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  278.147147][T11854] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  278.452199][T11875] loop4: detected capacity change from 0 to 32768
[  278.580786][T11875] ERROR: (device loop4): diAllocAG: numfree > numinos
[  278.580786][T11875] 
[  278.642592][T11875] ialloc: diAlloc returned -5!
[  278.969954][T11886] loop0: detected capacity change from 0 to 4096
[  279.008608][T11886] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  279.083682][T11488] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  279.174717][T11488] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  279.249558][T11886] ntfs3(loop0): ino=3, ntfs_set_state failed, -22.
[  279.266589][T11488] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  279.311622][T11902] loop5: detected capacity change from 0 to 1024
[  279.343897][T11902] EXT4-fs: Ignoring removed nomblk_io_submit option
[  279.351116][T11488] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  279.428577][ T3539] ntfs3(loop0): ino=3, ntfs3_write_inode failed, -22.
[  279.465445][ T5826] ntfs3(loop0): ino=3, ntfs_set_state failed, -22.
[  279.470742][T11902] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  279.494324][ T5826] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  279.537429][ T5826] ntfs3(loop0): ino=3, ntfs_set_state failed, -22.
[  279.552093][ T1146] ntfs3(loop0): ino=3, ntfs3_write_inode failed, -22.
[  279.858269][T10895] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.984262][T11933] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2278'.
[  280.118174][T11488] 8021q: adding VLAN 0 to HW filter on device bond0
[  280.212305][T11488] 8021q: adding VLAN 0 to HW filter on device team0
[  280.298989][   T58] bridge0: port 1(bridge_slave_0) entered blocking state
[  280.306272][   T58] bridge0: port 1(bridge_slave_0) entered forwarding state
[  280.361689][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[  280.369017][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[  280.424510][T11946] loop2: detected capacity change from 0 to 764
[  280.625425][T11949] loop4: detected capacity change from 0 to 2048
[  280.679046][T11949] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found!
[  280.703893][T11949] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  281.006887][T11932] loop0: detected capacity change from 0 to 32768
[  281.033236][T11932] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2277 (11932)
[  281.076236][T11932] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  281.076270][T11932] BTRFS info (device loop0): using sha256 checksum algorithm
[  281.209186][T11932] BTRFS info (device loop0): enabling ssd optimizations
[  281.209215][T11932] BTRFS info (device loop0): turning on async discard
[  281.209232][T11932] BTRFS info (device loop0): enabling free space tree
[  281.209248][T11932] BTRFS info (device loop0): enabling auto defrag
[  281.209266][T11932] BTRFS info (device loop0): max_inline set to 4096
[  281.496673][T11488] 8021q: adding VLAN 0 to HW filter on device batadv0
[  281.798099][T11999] Cannot find add_set index 46338 as target
[  282.150795][ T5826] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  282.179555][T12013] loop2: detected capacity change from 0 to 256
[  282.192266][T12010] loop4: detected capacity change from 0 to 1024
[  282.232140][T12010] hfsplus: invalid btree flag
[  282.334602][T12010] hfsplus: failed to load extents file
[  282.385929][   T30] audit: type=1800 audit(1773238917.618:148): pid=12013 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2297" name="file1" dev="loop2" ino=1048784 res=0 errno=0
[  282.675945][T11488] veth0_vlan: entered promiscuous mode
[  282.823179][T11488] veth1_vlan: entered promiscuous mode
[  282.888032][T12030] netlink: 92 bytes leftover after parsing attributes in process `syz.5.2301'.
[  282.901479][T12033] loop2: detected capacity change from 0 to 1024
[  282.988532][T12033] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  283.061439][T12033] ext4 filesystem being mounted at /476/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  283.243109][T11488] veth0_macvtap: entered promiscuous mode
[  283.307561][T11488] veth1_macvtap: entered promiscuous mode
[  283.411767][ T5835] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  283.429856][T11488] batman_adv: batadv0: Interface activated: batadv_slave_0
[  283.496254][T11488] batman_adv: batadv0: Interface activated: batadv_slave_1
[  283.610618][T12056] loop5: detected capacity change from 0 to 512
[  283.633421][  T330] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  283.650712][T12056] EXT4-fs: Ignoring removed nobh option
[  283.667261][  T330] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  283.683408][T12056] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  283.832112][T12056] EXT4-fs (loop5): 1 truncate cleaned up
[  283.879648][  T330] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  283.889616][T12066] IPVS: sync thread started: state = BACKUP, mcast_ifn = vlan1, syncid = 4, id = 0
[  283.893219][T12056] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  283.905037][T12065] IPVS: stopping backup sync thread 12066 ...
[  283.942132][  T330] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  284.083556][T10895] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  284.386992][ T1158] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  284.415070][ T1158] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  284.660694][ T3539] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  284.689126][ T3539] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  285.084446][T12106] loop0: detected capacity change from 0 to 64
[  285.169486][T12106] hfs: bad catalog entry type 0
[  285.455520][T12123] loop0: detected capacity change from 0 to 256
[  285.458564][T12120] loop5: detected capacity change from 0 to 1024
[  285.568578][T12123] FAT-fs (loop0): Directory bread(block 64) failed
[  285.598939][T12123] FAT-fs (loop0): Directory bread(block 65) failed
[  285.599279][T12127] loop2: detected capacity change from 0 to 1024
[  285.635275][T12123] FAT-fs (loop0): Directory bread(block 66) failed
[  285.654237][ T3539] hfsplus: b-tree write err: -5, ino 25
[  285.679807][ T3539] hfsplus: b-tree write err: -5, ino 4
[  285.681844][T12123] FAT-fs (loop0): Directory bread(block 67) failed
[  285.718010][ T3539] hfsplus: b-tree write err: -5, ino 2
[  285.728100][T12123] FAT-fs (loop0): Directory bread(block 68) failed
[  285.759858][T12123] FAT-fs (loop0): Directory bread(block 69) failed
[  285.791371][T12123] FAT-fs (loop0): Directory bread(block 70) failed
[  285.824259][T12123] FAT-fs (loop0): Directory bread(block 71) failed
[  285.854710][T12123] FAT-fs (loop0): Directory bread(block 72) failed
[  285.878099][T12123] FAT-fs (loop0): Directory bread(block 73) failed
[  285.949404][ T1158] hfsplus: b-tree write err: -5, ino 25
[  285.968027][ T1158] hfsplus: b-tree write err: -5, ino 4
[  285.989873][ T1158] hfsplus: b-tree write err: -5, ino 2
[  286.267583][T12144] loop0: detected capacity change from 0 to 512
[  286.374704][T12144] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 49, start 000000c8)
[  286.504949][T12152] loop4: detected capacity change from 0 to 1024
[  286.562879][T12152] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  286.704413][   T30] audit: type=1326 audit(1773238921.938:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12155 comm="syz.5.2350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ee059c799 code=0x7ffc0000
[  286.778224][   T30] audit: type=1326 audit(1773238921.968:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12155 comm="syz.5.2350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ee059c799 code=0x7ffc0000
[  286.813988][   T30] audit: type=1326 audit(1773238921.968:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12155 comm="syz.5.2350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f3ee059b607 code=0x7ffc0000
[  286.838051][   T30] audit: type=1326 audit(1773238921.968:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12155 comm="syz.5.2350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ee059c799 code=0x7ffc0000
[  286.866176][ T5836] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  286.904909][   T30] audit: type=1326 audit(1773238921.968:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12155 comm="syz.5.2350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ee059c799 code=0x7ffc0000
[  286.951333][   T30] audit: type=1326 audit(1773238921.968:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12155 comm="syz.5.2350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=92 compat=0 ip=0x7f3ee059c799 code=0x7ffc0000
[  287.020734][   T30] audit: type=1326 audit(1773238921.968:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12155 comm="syz.5.2350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ee059c799 code=0x7ffc0000
[  287.091558][   T30] audit: type=1326 audit(1773238921.968:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12155 comm="syz.5.2350" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3ee059c799 code=0x7ffc0000
[  287.121195][T12147] loop2: detected capacity change from 0 to 32768
[  287.188749][T12147] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  287.227907][T12173] loop5: detected capacity change from 0 to 4096
[  287.234312][T12147] XFS (loop2): Ending clean mount
[  287.301299][ T5835] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  287.380033][T12179] netlink: 552 bytes leftover after parsing attributes in process `syz.6.2357'.
[  287.392308][T12180] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  287.702146][T12184] netlink: 'syz.6.2360': attribute type 6 has an invalid length.
[  288.239343][T12169] loop4: detected capacity change from 0 to 32768
[  288.288799][T12169] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  288.390356][T12169] XFS (loop4): Ending clean mount
[  288.444299][T12169] XFS (loop4): Quotacheck needed: Please wait.
[  288.618815][T12182] loop0: detected capacity change from 0 to 32768
[  288.726979][T12182] 
[  288.726979][T12182]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  288.726979][T12182] 
[  288.788661][T12182] ialloc: diAlloc returned -5!
[  288.818159][T12169] XFS (loop4): Quotacheck: Done.
[  288.912311][ T5826] 
[  288.912311][ T5826]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  288.912311][ T5826] 
[  288.949244][ T5826] 
[  288.949244][ T5826]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  288.949244][ T5826] 
[  289.019896][ T5836] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  289.702260][T12240] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2380'.
[  289.733988][T12240] netlink: 'syz.5.2380': attribute type 4 has an invalid length.
[  289.749408][T12242] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2374'.
[  290.241142][T12258] loop4: detected capacity change from 0 to 4096
[  290.303107][T12264] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  290.609201][T12275] program syz.5.2395 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  290.629223][T12277] Bluetooth: hci0: Opcode 0x0401 failed: -22
[  290.630762][T12274] vlan2: entered promiscuous mode
[  290.662275][T12274] hsr0: entered promiscuous mode
[  291.119467][T12266] loop2: detected capacity change from 0 to 32768
[  291.159552][T12266] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  291.321153][T12294] loop5: detected capacity change from 0 to 4096
[  291.377063][T12266] XFS (loop2): Ending clean mount
[  291.499152][T12309] ieee802154 phy0 wpan0: encryption failed: -22
[  291.591920][T12313] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2408'.
[  291.685543][T12294] ntfs3(loop5): failed to convert "0080" to cp860
[  291.708719][T12266] XFS (loop2): Metadata CRC error detected at xfs_rmapbt_read_verify+0x42/0xe0, xfs_rmapbt block 0x14 
[  291.767592][T12266] XFS (loop2): Unmount and run xfs_repair
[  291.803181][T12266] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  291.828357][T12294] ntfs3(loop5): failed to convert name for inode 1e.
[  291.831974][T12266] 00000000: 52 4d 42 33 00 00 00 0c ff ff ff ff ff ff ff ff  RMB3............
[  291.851774][T12266] 00000010: 00 a7 50 00 00 00 00 14 00 00 00 01 00 00 00 80  ..P.............
[  291.861392][T12266] 00000020: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91  ..G...N..b..1...
[  291.875028][T12294] ntfs3(loop5): ino=1f, mi_enum_attr
[  291.879919][T12266] 00000030: 00 00 00 00 5b af 3b 1d 00 00 00 00 00 00 00 01  ....[.;.........
[  291.889763][T12266] 00000040: ff ff ff ff ff ff ff fd 00 00 00 00 00 00 00 00  ................
[  291.899691][T12322] loop6: detected capacity change from 0 to 256
[  291.901823][T12266] 00000050: 00 00 00 01 00 00 00 02 ff ff ff ff ff ff ff fb  ................
[  291.921507][T12266] 00000060: 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 02  ................
[  291.973657][T12266] 00000070: ff ff ff ff ff ff ff fa 00 00 00 00 00 00 00 00  ................
[  292.024145][T12266] XFS (loop2): metadata I/O error in "xfs_btree_read_buf_block+0x2b0/0x490" at daddr 0x14 len 4 error 74
[  292.050995][T12322] FAT-fs (loop6): Directory bread(block 64) failed
[  292.062807][T12322] FAT-fs (loop6): Directory bread(block 65) failed
[  292.092544][T12266] XFS (loop2): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x518/0x950 (fs/xfs/xfs_trans_buf.c:311).  Shutting down filesystem.
[  292.108882][T12322] FAT-fs (loop6): Directory bread(block 66) failed
[  292.123330][T12322] FAT-fs (loop6): Directory bread(block 67) failed
[  292.136456][T12266] XFS (loop2): Please unmount the filesystem and rectify the problem(s)
[  292.144605][T12322] FAT-fs (loop6): Directory bread(block 68) failed
[  292.184501][T12322] FAT-fs (loop6): Directory bread(block 69) failed
[  292.212219][T12322] FAT-fs (loop6): Directory bread(block 70) failed
[  292.237814][T12322] FAT-fs (loop6): Directory bread(block 71) failed
[  292.252797][T12322] FAT-fs (loop6): Directory bread(block 72) failed
[  292.254661][ T5835] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  292.259481][T12322] FAT-fs (loop6): Directory bread(block 73) failed
[  292.430749][T12335] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2419'.
[  292.778597][T12343] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2424'.
[  292.915661][ T5914] kernel read not supported for file /vga_arbiter (pid: 5914 comm: kworker/1:5)
[  293.078902][T12358] loop4: detected capacity change from 0 to 64
[  293.303301][T12366] loop0: detected capacity change from 0 to 256
[  293.330862][T12366] exfat: Deprecated parameter 'utf8'
[  293.364492][T12366] exfat: Deprecated parameter 'utf8'
[  293.429197][T12366] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x22bddf5f, utbl_chksum : 0xe619d30d)
[  293.596814][T12369] loop4: detected capacity change from 0 to 4096
[  293.613290][   T30] audit: type=1326 audit(1773238928.838:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12372 comm="syz.5.2437" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f3ee059c799 code=0x0
[  293.820028][T12345] loop6: detected capacity change from 0 to 32768
[  293.894041][T12345] ERROR: (device loop6): jfs_readdir: JFS:Dtree error: ino = 2, bn=0, index = 1
[  293.894041][T12345] 
[  294.201051][T12367] loop2: detected capacity change from 0 to 32768
[  294.248705][T12367] OCFS2: ERROR (device loop2): int ocfs2_validate_inode_block(struct super_block *, struct buffer_head *): Invalid dinode 73: bits per cluster 32
[  294.264904][T12367] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  294.276007][T12367] OCFS2: File system is now read-only.
[  294.285080][T12367] (syz.2.2434,12367,1):ocfs2_read_locked_inode:599 ERROR: status = -30
[  294.294431][T12367] (syz.2.2434,12367,1):_ocfs2_get_system_file_inode:144 ERROR: status = -30
[  294.305266][T12367] (syz.2.2434,12367,1):ocfs2_init_local_system_inodes:496 ERROR: status=-30, sysfile=8, slot=0
[  294.315957][T12367] (syz.2.2434,12367,1):ocfs2_init_local_system_inodes:505 ERROR: status = -30
[  294.325441][T12367] (syz.2.2434,12367,1):ocfs2_mount_volume:1758 ERROR: status = -30
[  294.364229][T12367] (syz.2.2434,12367,1):ocfs2_fill_super:1177 ERROR: status = -30
[  294.426293][T12367] CIFS mount error: No usable UNC path provided in device string!
[  294.426293][T12367] 
[  294.453250][T12367] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  294.605019][T12390] loop5: detected capacity change from 0 to 256
[  294.652126][T12390] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe3865569, utbl_chksum : 0xe619d30d)
[  295.287645][T12416] loop2: detected capacity change from 0 to 512
[  295.342261][T12416] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  295.414439][T12416] EXT4-fs (loop2): orphan cleanup on readonly fs
[  295.454188][T12426] loop0: detected capacity change from 0 to 256
[  295.468918][T12418] loop5: detected capacity change from 0 to 1024
[  295.485209][T12416] EXT4-fs warning (device loop2): ext4_enable_quotas:7236: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  295.494800][T12418] EXT4-fs: Ignoring removed orlov option
[  295.549398][T12418] EXT4-fs: inline encryption not supported
[  295.632256][T12416] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  295.652766][T12416] EXT4-fs error (device loop2): ext4_ext_check_inode:521: inode #13: comm syz.2.2456: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  295.732721][T12416] loop2: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[  295.735058][T12418] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  295.737660][T12416] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.2456: couldn't read orphan inode 13 (err -117)
[  295.756911][    C1] EXT4-fs (loop2): error count since last fsck: 1
[  295.756937][    C1] EXT4-fs (loop2): last error at time 1773238930: ext4_ext_check_inode:521: inode 13
[  295.873122][T12416] loop2: lost filesystem error report for type 5 error -117
[  295.880830][T12416] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  295.939784][T12441] netlink: 822 bytes leftover after parsing attributes in process `syz.0.2464'.
[  295.976943][T10895] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  296.166580][T12416] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  296.235655][T12416] EXT4-fs (loop2): warning: mounting fs with errors, running e2fsck is recommended
[  296.299570][T12416] EXT4-fs warning (device loop2): ext4_enable_quotas:7236: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  296.427937][ T5835] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.636605][T12471] loop5: detected capacity change from 0 to 32768
[  297.684421][T12471] XFS (loop5): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  298.034947][T12471] XFS (loop5): Starting recovery (logdev: internal)
[  298.168124][T12486] loop4: detected capacity change from 0 to 32768
[  298.195958][T12471] XFS (loop5): Ending recovery (logdev: internal)
[  298.214174][T12486] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.2477 (12486)
[  298.296995][T12486] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  298.343352][T12486] BTRFS info (device loop4): using crc32c checksum algorithm
[  298.531008][T12486] BTRFS info (device loop4): enabling ssd optimizations
[  298.551426][T12486] BTRFS info (device loop4): turning on flush-on-commit
[  298.568765][T12486] BTRFS info (device loop4): enabling free space tree
[  298.599129][T12486] BTRFS info (device loop4): enabling auto defrag
[  298.622589][T12486] BTRFS info (device loop4): use lzo compression, level 1
[  298.649329][T12486] BTRFS info (device loop4): max_inline set to 4096
[  298.686820][T10895] XFS (loop5): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  299.145207][T12564] bond0: option packets_per_slave: invalid value (18446744071562067968)
[  299.181019][T12564] bond0: option packets_per_slave: allowed values 0 - 65535
[  299.376701][ T5836] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  299.499157][T12524] loop6: detected capacity change from 0 to 40427
[  299.571871][T12524] F2FS-fs (loop6): invalid crc value
[  299.584242][T12575] loop0: detected capacity change from 0 to 256
[  299.899652][   T30] audit: type=1326 audit(1773238935.118:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12584 comm="syz.2.2501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cafd9c799 code=0x7ffc0000
[  299.929768][T12575] FAT-fs (loop0): Directory bread(block 64) failed
[  300.042066][   T30] audit: type=1326 audit(1773238935.118:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12584 comm="syz.2.2501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cafd9c799 code=0x7ffc0000
[  300.058207][T12575] FAT-fs (loop0): Directory bread(block 65) failed
[  300.067949][T12524] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  300.172225][T12524] F2FS-fs (loop6): Start checkpoint disabled!
[  300.179344][   T30] audit: type=1326 audit(1773238935.158:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12584 comm="syz.2.2501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cafd9c799 code=0x7ffc0000
[  300.215214][T12524] F2FS-fs (loop6): f2fs_disable_checkpoint() finish, err:0
[  300.261905][T12524] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  300.275596][   T30] audit: type=1326 audit(1773238935.158:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12584 comm="syz.2.2501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cafd9c799 code=0x7ffc0000
[  300.296271][T12575] FAT-fs (loop0): Directory bread(block 66) failed
[  300.324448][T12575] FAT-fs (loop0): Directory bread(block 67) failed
[  300.358674][T12593] loop2: detected capacity change from 0 to 1024
[  300.382927][T12575] FAT-fs (loop0): Directory bread(block 68) failed
[  300.391192][   T30] audit: type=1326 audit(1773238935.158:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12584 comm="syz.2.2501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f5cafd9b607 code=0x7ffc0000
[  300.429153][T12598] loop4: detected capacity change from 0 to 256
[  300.464441][T12575] FAT-fs (loop0): Directory bread(block 69) failed
[  300.488218][   T30] audit: type=1326 audit(1773238935.158:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12584 comm="syz.2.2501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cafd9c799 code=0x7ffc0000
[  300.543940][T12575] FAT-fs (loop0): Directory bread(block 70) failed
[  300.557632][T12595] loop5: detected capacity change from 0 to 4096
[  300.607841][T12575] FAT-fs (loop0): Directory bread(block 71) failed
[  300.621523][   T30] audit: type=1326 audit(1773238935.158:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12584 comm="syz.2.2501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cafd9c799 code=0x7ffc0000
[  300.623536][T12595] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  300.666791][T12598] FAT-fs (loop4): Directory bread(block 64) failed
[  300.691660][T12575] FAT-fs (loop0): Directory bread(block 72) failed
[  300.707725][ T1158] kworker/u8:9: attempt to access beyond end of device
[  300.707725][ T1158] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  300.725384][T12598] FAT-fs (loop4): Directory bread(block 65) failed
[  300.730478][   T30] audit: type=1326 audit(1773238935.168:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12584 comm="syz.2.2501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cafd9c799 code=0x7ffc0000
[  300.752484][T12598] FAT-fs (loop4): Directory bread(block 66) failed
[  300.756874][T12595] NILFS (loop5): mounting unchecked fs
[  300.791335][ T1158] CPU: 0 UID: 0 PID: 1158 Comm: kworker/u8:9 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  300.791364][ T1158] Tainted: [L]=SOFTLOCKUP
[  300.791371][ T1158] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  300.791381][ T1158] Workqueue: writeback wb_workfn (flush-7:6)
[  300.791428][ T1158] Call Trace:
[  300.791435][ T1158]  <TASK>
[  300.791442][ T1158]  dump_stack_lvl+0xe8/0x150
[  300.791471][ T1158]  f2fs_handle_critical_error+0x37c/0x540
[  300.791497][ T1158]  f2fs_write_end_io+0x1274/0x1740
[  300.791539][ T1158]  __submit_merged_bio+0x256/0x700
[  300.791565][ T1158]  __submit_merged_write_cond+0x3c9/0x4e0
[  300.791594][ T1158]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  300.791632][ T1158]  f2fs_write_data_pages+0x287e/0x34f0
[  300.791688][ T1158]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  300.791720][ T1158]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  300.791771][ T1158]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  300.791835][ T1158]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  300.791858][ T1158]  do_writepages+0x32e/0x550
[  300.791883][ T1158]  ? reacquire_held_locks+0x104/0x190
[  300.791902][ T1158]  ? writeback_sb_inodes+0x477/0x1a20
[  300.791927][ T1158]  __writeback_single_inode+0x133/0x11a0
[  300.791951][ T1158]  ? do_raw_spin_unlock+0xf5/0x210
[  300.791977][ T1158]  writeback_sb_inodes+0x992/0x1a20
[  300.792020][ T1158]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  300.792040][ T1158]  ? do_raw_spin_lock+0x12b/0x2f0
[  300.792100][ T1158]  ? rcu_is_watching+0x15/0xb0
[  300.792129][ T1158]  wb_writeback+0x456/0xb70
[  300.792153][ T1158]  ? queue_io+0x1d1/0x4a0
[  300.792183][ T1158]  ? __pfx_wb_writeback+0x10/0x10
[  300.792202][ T1158]  ? do_raw_spin_lock+0x12b/0x2f0
[  300.792241][ T1158]  wb_workfn+0x414/0xf50
[  300.792271][ T1158]  ? look_up_lock_class+0x57/0x110
[  300.792311][ T1158]  ? __pfx_wb_workfn+0x10/0x10
[  300.792344][ T1158]  ? do_raw_spin_lock+0x12b/0x2f0
[  300.792367][ T1158]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  300.792417][ T1158]  ? process_one_work+0x8b2/0x1760
[  300.792443][ T1158]  process_one_work+0x9a5/0x1760
[  300.792491][ T1158]  ? __pfx_process_one_work+0x10/0x10
[  300.792515][ T1158]  ? do_raw_spin_lock+0x12b/0x2f0
[  300.792555][ T1158]  worker_thread+0xb49/0x1140
[  300.792599][ T1158]  kthread+0x388/0x470
[  300.792621][ T1158]  ? __pfx_worker_thread+0x10/0x10
[  300.792636][ T1158]  ? __pfx_kthread+0x10/0x10
[  300.792659][ T1158]  ret_from_fork+0x51e/0xb90
[  300.792689][ T1158]  ? __pfx_ret_from_fork+0x10/0x10
[  300.792713][ T1158]  ? __switch_to+0xc7d/0x1450
[  300.792740][ T1158]  ? __pfx_kthread+0x10/0x10
[  300.792764][ T1158]  ret_from_fork_asm+0x1a/0x30
[  300.792800][ T1158]  </TASK>
[  300.839931][   T30] audit: type=1326 audit(1773238935.168:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12584 comm="syz.2.2501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cafd9c799 code=0x7ffc0000
[  300.860026][ T5839] udevd[5839]: incorrect nilfs2 checksum on /dev/loop5
[  300.864241][T12598] FAT-fs (loop4): Directory bread(block 67) failed
[  300.901263][ T5839] udevd[5839]: incorrect nilfs2 checksum on /dev/loop5
[  300.910324][T12575] FAT-fs (loop0): Directory bread(block 73) failed
[  300.932007][T12593] hfsplus: inconsistency in B*Tree (9,1,255,1,0)
[  300.970862][T12595] NILFS (loop5): recovery complete
[  300.975917][ T1158] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  300.977432][T12593] hfsplus: xattr searching failed
[  301.055444][T12598] FAT-fs (loop4): Directory bread(block 68) failed
[  301.092826][   T30] audit: type=1326 audit(1773238935.198:167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12584 comm="syz.2.2501" exe="/root/syz-executor" sig=0 arch=c000003e syscall=84 compat=0 ip=0x7f5cafd9c799 code=0x7ffc0000
[  301.165900][T12603] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  301.200203][T12598] FAT-fs (loop4): Directory bread(block 69) failed
[  301.217857][T12598] FAT-fs (loop4): Directory bread(block 70) failed
[  301.225458][T12600] hfsplus: inconsistency in B*Tree (9,1,255,1,0)
[  301.262116][T12598] FAT-fs (loop4): Directory bread(block 71) failed
[  301.287666][T12600] hfsplus: xattr search failed
[  301.293658][T12598] FAT-fs (loop4): Directory bread(block 72) failed
[  301.324586][T12598] FAT-fs (loop4): Directory bread(block 73) failed
[  301.475661][T12600] hfsplus: b-tree write err: -5, ino 2
[  301.731208][ T3539] hfsplus: b-tree write err: -5, ino 25
[  301.778479][ T3539] hfsplus: b-tree write err: -5, ino 4
[  301.815677][ T3539] hfsplus: b-tree write err: -5, ino 2
[  302.143677][ T5880] kernel write not supported for file /uinput (pid: 5880 comm: kworker/1:3)
[  302.805490][T12618] loop5: detected capacity change from 0 to 32768
[  302.824852][T12650] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2520'.
[  302.837360][T12618] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2510 (12618)
[  302.926292][T12618] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  302.977763][T12618] BTRFS info (device loop5): using sha256 checksum algorithm
[  303.169276][T12618] BTRFS info (device loop5): enabling ssd optimizations
[  303.210791][T12618] BTRFS info (device loop5): turning on async discard
[  303.252469][T12618] BTRFS info (device loop5): enabling free space tree
[  303.316060][T12618] BTRFS error (device loop5): balance: mixed groups data and metadata options must be the same
[  303.448280][T12680] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2528'.
[  303.519066][T10895] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  303.556852][T12683] loop0: detected capacity change from 0 to 164
[  303.585833][T12685] loop4: detected capacity change from 0 to 128
[  304.211041][T12698] loop6: detected capacity change from 0 to 64
[  304.317714][T12704] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2539'.
[  305.183543][T12731] netlink: 60 bytes leftover after parsing attributes in process `syz.5.2552'.
[  305.254692][T12735] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2553'.
[  305.275624][T12735] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2553'.
[  305.428496][T12738] loop4: detected capacity change from 0 to 512
[  305.455665][T12741] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2555'.
[  305.476167][T12738] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  305.484422][T12706] loop2: detected capacity change from 0 to 32768
[  305.502165][T12738] EXT4-fs (loop4): orphan cleanup on readonly fs
[  305.516498][T12738] EXT4-fs error (device loop4): ext4_quota_enable:7188: comm syz.4.2556: Bad quota inum: 2, type: 2
[  305.591491][T12706] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  305.627020][T12738] loop4: lost filesystem error report for type 5 error -117
[  305.630451][T12738] EXT4-fs warning (device loop4): ext4_enable_quotas:7236: Failed to enable quota tracking (type=2, err=-117, ino=2). Please run e2fsck to fix.
[  305.637876][    C1] EXT4-fs (loop4): error count since last fsck: 1
[  305.637899][    C1] EXT4-fs (loop4): last error at time 1773238940: ext4_quota_enable:7188
[  305.768222][T12706] XFS (loop2): Ending clean mount
[  305.808535][T12738] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  305.816918][T12706] XFS (loop2): Quotacheck needed: Please wait.
[  305.827549][T12725] loop0: detected capacity change from 0 to 32768
[  305.845711][T12738] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  306.018258][T12725] ea_get: invalid extended attribute
[  306.069887][ T5836] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  306.114642][T12706] XFS (loop2): Quotacheck: Done.
[  306.127986][T12725] ffff88805acc8330: 04 00 00 00                                      ....
[  306.374014][ T5835] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  306.870551][T12753] loop6: detected capacity change from 0 to 32768
[  307.048647][T12753] JBD2: Ignoring recovery information on journal
[  307.253369][T12753] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  307.466886][T12788] loop4: detected capacity change from 0 to 256
[  307.526441][T12788] vfat: Bad value for 'uid'
[  307.549997][T12788] vfat: Bad value for 'uid'
[  307.659934][T12791] delete_channel: no stack
[  307.696642][T11488] ocfs2: Unmounting device (7,6) on (node local)
[  308.041751][T12793] loop0: detected capacity change from 0 to 4096
[  308.409956][T12816] genirq: Flags mismatch irq 4. 00200000 (pcl816) vs. 00200080 (ttyS0)
[  308.838096][T12825] loop6: detected capacity change from 0 to 4096
[  308.861049][T12825] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512).
[  309.033299][T12825] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[  309.070702][T12825] ntfs3(loop6): ino=1a, mi_enum_attr
[  309.089066][T12825] ntfs3(loop6): Failed to initialize $Extend/$ObjId.
[  309.201814][T12802] loop5: detected capacity change from 0 to 32768
[  309.278594][T12838] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2586'.
[  309.281981][T12802] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  309.381482][T12838] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2586'.
[  309.417900][T12802] XFS (loop5): Ending clean mount
[  309.505154][T12853] loop2: detected capacity change from 0 to 64
[  309.548004][T12802] XFS (loop5): Quotacheck needed: Please wait.
[  309.800122][T12802] XFS (loop5): Quotacheck: Done.
[  310.032867][ T5835] hfs: node 4:3 still has 1 user(s)!
[  310.055251][T10895] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  310.120947][T12858] loop4: detected capacity change from 0 to 32768
[  310.167342][T12858] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.2590 (12858)
[  310.319075][T12858] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  310.369414][T12858] BTRFS info (device loop4): using sha256 checksum algorithm
[  310.411950][T12858] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  310.769824][T12888] loop5: detected capacity change from 0 to 1024
[  310.866204][T12858] BTRFS info (device loop4): rebuilding free space tree
[  310.909041][T12888] hfsplus: bad catalog entry type
[  310.982286][T12858] BTRFS info (device loop4): disabling free space tree
[  311.000181][T12858] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  311.034502][  T330] hfsplus: b-tree write err: -5, ino 25
[  311.056136][T12858] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  311.077450][  T330] hfsplus: b-tree write err: -5, ino 4
[  311.092516][  T330] hfsplus: b-tree write err: -5, ino 2
[  311.117414][T12858] BTRFS info (device loop4): enabling ssd optimizations
[  311.147407][T12858] BTRFS info (device loop4): enabling disk space caching
[  311.200552][T12858] BTRFS info (device loop4): force clearing of disk cache
[  311.229294][T12858] BTRFS info (device loop4): enabling auto defrag
[  311.254518][T12858] BTRFS info (device loop4): max_inline set to 0
[  311.440254][T12869] loop6: detected capacity change from 0 to 32768
[  311.483520][T12869] BTRFS info: device /dev/loop6 (7:6) using temp-fsid 34de3964-0460-48a8-ba15-1226cfe8b5c9
[  311.514368][T12902] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2601'.
[  311.537066][T12869] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.2594 (12869)
[  311.638517][T12869] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  311.670369][T12869] BTRFS info (device loop6): using sha256 checksum algorithm
[  311.815931][ T3539] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared)
[  311.818717][ T5836] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  311.995071][T12869] BTRFS info (device loop6): enabling ssd optimizations
[  312.024056][T12869] BTRFS info (device loop6): turning on async discard
[  312.045179][T12869] BTRFS info (device loop6): enabling free space tree
[  312.171543][T12935] netlink: 'syz.2.2608': attribute type 1 has an invalid length.
[  312.272089][T11488] BTRFS info (device loop6): last unmount of filesystem 34de3964-0460-48a8-ba15-1226cfe8b5c9
[  313.883872][T12997] loop5: detected capacity change from 0 to 1024
[  313.919905][T12997] EXT4-fs: inline encryption not supported
[  313.945727][T12997] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  314.086098][T12997] EXT4-fs error (device loop5): ext4_map_blocks:779: inode #3: block 2: comm syz.5.2631: lblock 2 mapped to illegal pblock 2 (length 1)
[  314.101468][T12997] loop5: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[  314.102377][    C0] EXT4-fs (loop5): error count since last fsck: 1
[  314.117905][    C0] EXT4-fs (loop5): initial error at time 1773238949: ext4_map_blocks:779: inode 3: block 2
[  314.123456][T12997] EXT4-fs (loop5): Remounting filesystem read-only
[  314.127984][    C0] EXT4-fs (loop5): last error at time 1773238949: ext4_map_blocks:779: inode 3: block 2
[  314.172021][T12997] __quota_error: 19 callbacks suppressed
[  314.172038][T12997] Quota error (device loop5): qtree_write_dquot: dquota write failed
[  314.192255][T12997] Quota error (device loop5): v2_write_file_info: Can't write info structure
[  314.213938][T12997] EXT4-fs (loop5): 1 orphan inode deleted
[  314.234521][T12997] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  314.359512][T13008] syz_tun: entered promiscuous mode
[  314.379998][T13008] macsec1: entered allmulticast mode
[  314.380368][T10895] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  314.406968][T13008] syz_tun: entered allmulticast mode
[  314.415241][T13014] loop4: detected capacity change from 0 to 1024
[  314.470919][T13008] syz_tun: left allmulticast mode
[  314.480798][T13014] EXT4-fs: Ignoring removed orlov option
[  314.506746][T13008] syz_tun: left promiscuous mode
[  314.570867][T13014] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  314.588982][T12984] loop0: detected capacity change from 0 to 32768
[  314.599295][T12984] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2626 (12984)
[  314.605625][T13018] loop2: detected capacity change from 0 to 1024
[  314.719880][T12984] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  314.742001][T12984] BTRFS info (device loop0): using crc32c checksum algorithm
[  314.939816][T12984] BTRFS info (device loop0): enabling ssd optimizations
[  314.952864][T12984] BTRFS info (device loop0): turning on async discard
[  315.033474][ T5836] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  315.042793][T12984] BTRFS info (device loop0): enabling free space tree
[  315.353570][ T5826] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  315.556681][T13056] loop6: detected capacity change from 0 to 1024
[  315.567220][T13056] EXT4-fs: Ignoring removed bh option
[  315.625863][T13058] gfs2: path_lookup on c::;��N���L���;o$: returned error -2
[  315.655936][T13056] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  315.735451][T13056] EXT4-fs error (device loop6): ext4_find_dest_de:2050: inode #2: block 16: comm syz.6.2645: bad entry in directory: directory entry overrun - offset=0, inode=2, rec_len=131168, size=1024 fake=1
[  315.890308][T11488] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  316.164456][T13074] loop2: detected capacity change from 0 to 256
[  316.267065][T13074] FAT-fs (loop2): Directory bread(block 64) failed
[  316.310484][T13074] FAT-fs (loop2): Directory bread(block 65) failed
[  316.338609][T13074] FAT-fs (loop2): Directory bread(block 66) failed
[  316.378595][T13074] FAT-fs (loop2): Directory bread(block 67) failed
[  316.407151][T13074] FAT-fs (loop2): Directory bread(block 68) failed
[  316.417027][T13074] FAT-fs (loop2): Directory bread(block 69) failed
[  316.437434][T13083] loop0: detected capacity change from 0 to 64
[  316.452916][T13074] FAT-fs (loop2): Directory bread(block 70) failed
[  316.478399][T13074] FAT-fs (loop2): Directory bread(block 71) failed
[  316.499768][T13074] FAT-fs (loop2): Directory bread(block 72) failed
[  316.520382][T13074] FAT-fs (loop2): Directory bread(block 73) failed
[  317.199349][ T1306] ieee802154 phy0 wpan0: encryption failed: -22
[  317.206267][ T1306] ieee802154 phy1 wpan1: encryption failed: -22
[  317.426611][T13079] loop4: detected capacity change from 0 to 40427
[  317.431720][T13079] F2FS-fs (loop4): invalid crc value
[  317.630357][T13079] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  317.668927][T13079] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  317.827520][ T5836] syz-executor: attempt to access beyond end of device
[  317.827520][ T5836] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  317.863503][T13121] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2672'.
[  317.882279][T13095] loop2: detected capacity change from 0 to 40427
[  317.900680][T13095] F2FS-fs (loop2): Image doesn't support compression
[  317.900729][ T5836] CPU: 1 UID: 0 PID: 5836 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  317.900755][ T5836] Tainted: [L]=SOFTLOCKUP
[  317.900760][ T5836] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  317.900769][ T5836] Call Trace:
[  317.900775][ T5836]  <TASK>
[  317.900781][ T5836]  dump_stack_lvl+0xe8/0x150
[  317.900809][ T5836]  f2fs_handle_critical_error+0x37c/0x540
[  317.900832][ T5836]  f2fs_write_end_io+0x1274/0x1740
[  317.900870][ T5836]  __submit_merged_bio+0x256/0x700
[  317.900894][ T5836]  __submit_merged_write_cond+0x3c9/0x4e0
[  317.900933][ T5836]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  317.900968][ T5836]  f2fs_write_data_pages+0x287e/0x34f0
[  317.901011][ T5836]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  317.901038][ T5836]  ? __pfx_css_rstat_updated+0x10/0x10
[  317.901079][ T5836]  ? mod_memcg_lruvec_state+0x208/0x220
[  317.901098][ T5836]  ? __lock_acquire+0x6b5/0x2cf0
[  317.901128][ T5836]  ? __lock_acquire+0x6b5/0x2cf0
[  317.901151][ T5836]  ? do_raw_spin_lock+0x12b/0x2f0
[  317.901175][ T5836]  ? do_raw_spin_unlock+0xf5/0x210
[  317.901192][ T5836]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  317.901210][ T5836]  do_writepages+0x32e/0x550
[  317.901233][ T5836]  ? do_raw_spin_unlock+0xf5/0x210
[  317.901262][ T5836]  filemap_fdatawrite+0x1e9/0x2f0
[  317.901281][ T5836]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  317.901329][ T5836]  ? do_raw_spin_unlock+0xf5/0x210
[  317.901349][ T5836]  f2fs_sync_dirty_inodes+0x30e/0x860
[  317.901378][ T5836]  f2fs_write_checkpoint+0x9df/0x26a0
[  317.901421][ T5836]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  317.901478][ T5836]  kill_f2fs_super+0x314/0x720
[  317.901501][ T5836]  ? __pfx_kill_f2fs_super+0x10/0x10
[  317.901528][ T5836]  ? lockdep_hardirqs_on+0x7a/0x110
[  317.901575][ T5836]  deactivate_locked_super+0xbc/0x130
[  317.901598][ T5836]  cleanup_mnt+0x437/0x4d0
[  317.901617][ T5836]  ? _raw_spin_unlock_irq+0x23/0x50
[  317.901638][ T5836]  task_work_run+0x1d9/0x270
[  317.901658][ T5836]  ? __pfx_task_work_run+0x10/0x10
[  317.901682][ T5836]  exit_to_user_mode_loop+0xed/0x480
[  317.901701][ T5836]  ? rcu_is_watching+0x15/0xb0
[  317.901718][ T5836]  do_syscall_64+0x32d/0xf80
[  317.901730][ T5836]  ? trace_irq_disable+0x3b/0x150
[  317.901745][ T5836]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.901760][ T5836]  ? clear_bhb_loop+0x40/0x90
[  317.901778][ T5836]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.901791][ T5836] RIP: 0033:0x7f406319d9d7
[  317.901806][ T5836] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  317.901818][ T5836] RSP: 002b:00007ffc1051cce8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  317.901833][ T5836] RAX: 0000000000000000 RBX: 00007f4063232050 RCX: 00007f406319d9d7
[  317.901843][ T5836] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc1051cda0
[  317.901850][ T5836] RBP: 00007ffc1051cda0 R08: 00007ffc1051dda0 R09: 00000000ffffffff
[  317.901860][ T5836] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc1051de30
[  317.901868][ T5836] R13: 00007f4063232050 R14: 000000000004d92a R15: 00007ffc1051de70
[  317.901891][ T5836]  </TASK>
[  317.913162][ T5836] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  317.932859][T13095] F2FS-fs (loop2): build fault injection rate: 684
[  317.999252][T13107] loop0: detected capacity change from 0 to 32768
[  318.152614][T13095] F2FS-fs (loop2): build fault injection type: 0x35f7
[  318.292472][T13095] F2FS-fs (loop2): invalid crc value
[  318.300460][T13107] jfs_create: dtInsert returned -EIO
[  318.321322][T13124] loop6: detected capacity change from 0 to 128
[  318.332007][T13107] ERROR: (device loop0): jfs_create: 
[  318.332007][T13107] 
[  318.610417][T13095] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  318.621781][T13130] netlink: 'syz.6.2677': attribute type 1 has an invalid length.
[  318.643876][T13130] netlink: 96 bytes leftover after parsing attributes in process `syz.6.2677'.
[  318.653710][T13095] F2FS-fs (loop2): Start checkpoint disabled!
[  318.670794][T13095] F2FS-fs (loop2): f2fs_disable_checkpoint() finish, err:0
[  318.680038][T13130] netlink: 1 bytes leftover after parsing attributes in process `syz.6.2677'.
[  318.701449][T13095] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  319.009594][T13141] netlink: 'syz.4.2673': attribute type 46 has an invalid length.
[  319.026580][T13141] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2673'.
[  319.262216][T13145] input: syz1 as /devices/virtual/input/input8
[  319.382626][   T10] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  319.436403][T13153] ptrace attach of "./syz-executor exec"[10895] was attempted by "\x22"[13153]
[  319.587245][   T10] usb 7-1: Using ep0 maxpacket: 32
[  319.611522][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  319.627564][   T10] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  319.638839][   T10] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  319.649339][   T10] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  319.681298][   T10] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  319.713651][   T10] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  319.739055][   T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.774285][   T10] usb 7-1: config 0 descriptor??
[  319.813207][ T5914] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  319.983546][ T5914] usb 6-1: Using ep0 maxpacket: 16
[  320.008870][ T5914] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  320.039716][ T5914] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  320.083947][ T5914] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  320.121164][   T10] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 2 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  320.131548][ T5914] usb 6-1: New USB device found, idVendor=056a, idProduct=0315, bcdDevice= 0.00
[  320.169164][ T5914] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  320.244070][ T5914] usb 6-1: config 0 descriptor??
[  320.288068][T13185] loop2: detected capacity change from 0 to 512
[  320.299903][T13185] EXT4-fs: Ignoring removed oldalloc option
[  320.324781][T13185] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  320.343490][T13185] ext4 filesystem being mounted at /558/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  320.427975][T13185] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.2703: bg 0: block 217: padding at end of block bitmap is not set
[  320.518561][T13185] EXT4-fs (loop2): Remounting filesystem read-only
[  320.569858][ T5835] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.758348][ T5914] hid_parser_main: 91 callbacks suppressed
[  320.758379][ T5914] wacom 0003:056A:0315.0002: unknown main item tag 0x0
[  320.799209][ T5914] wacom 0003:056A:0315.0002: unknown main item tag 0x0
[  320.818574][ T5914] wacom 0003:056A:0315.0002: unknown main item tag 0x0
[  320.838932][ T5914] wacom 0003:056A:0315.0002: unknown main item tag 0x0
[  320.856502][ T5914] wacom 0003:056A:0315.0002: unknown main item tag 0x0
[  320.876385][ T5914] wacom 0003:056A:0315.0002: unknown main item tag 0x0
[  320.882926][T13201] loop0: detected capacity change from 0 to 4096
[  320.889091][ T5914] wacom 0003:056A:0315.0002: unknown main item tag 0x0
[  320.911383][ T5914] wacom 0003:056A:0315.0002: unknown main item tag 0x0
[  320.926189][ T5914] wacom 0003:056A:0315.0002: unknown main item tag 0x0
[  320.949756][ T5914] wacom 0003:056A:0315.0002: unknown main item tag 0x0
[  320.988071][T13207] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  321.049140][ T5914] usb 6-1: USB disconnect, device number 2
[  321.290068][T13212] vxcan0: tx drop: invalid sa for name 0x0000000000000001
[  321.813130][T13206] loop2: detected capacity change from 0 to 32768
[  321.856138][T13206] (syz.2.2709,13206,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  321.898105][T13206] (syz.2.2709,13206,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  322.015952][T13206] JBD2: Ignoring recovery information on journal
[  322.162550][T13206] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  322.190274][   T29] usb 7-1: USB disconnect, device number 2
[  322.355139][   T29] usblp0: removed
[  322.585867][T13219] loop0: detected capacity change from 0 to 40427
[  322.603760][T13219] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  322.615077][ T5835] ocfs2: Unmounting device (7,2) on (node local)
[  322.618862][T13252] netlink: 'syz.4.2721': attribute type 2 has an invalid length.
[  322.628242][T13219] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  322.705512][T13219] F2FS-fs (loop0): invalid crc_offset: 33558524
[  322.937803][T13255] loop5: detected capacity change from 0 to 4096
[  322.971932][T13255] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512).
[  323.057467][T13219] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  323.104698][T13219] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  323.113454][T13219] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  323.210440][T13255] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  323.235401][T13255] ntfs3(loop5): ino=19, mi_enum_attr
[  323.266828][T13219] F2FS-fs (loop0): f2fs_fill_dentries: corrupted namelen=27648, run fsck to fix.
[  323.326215][T13273] loop4: detected capacity change from 0 to 64
[  323.744407][T13248] loop6: detected capacity change from 0 to 40427
[  323.765798][T13248] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  323.783500][T13248] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  323.812122][T13248] F2FS-fs (loop6): invalid crc value
[  324.078301][T13248] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  324.104555][T13248] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  324.121304][T13248] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  324.248548][T13297] loop4: detected capacity change from 0 to 256
[  324.367841][T13297] FAT-fs (loop4): Directory bread(block 64) failed
[  324.390402][T13297] FAT-fs (loop4): Directory bread(block 65) failed
[  324.403192][T13297] FAT-fs (loop4): Directory bread(block 66) failed
[  324.421737][T13297] FAT-fs (loop4): Directory bread(block 67) failed
[  324.435934][T13297] FAT-fs (loop4): Directory bread(block 68) failed
[  324.464000][T13297] FAT-fs (loop4): Directory bread(block 69) failed
[  324.489365][T13297] FAT-fs (loop4): Directory bread(block 70) failed
[  324.527643][T13297] FAT-fs (loop4): Directory bread(block 71) failed
[  324.557003][T13307] loop5: detected capacity change from 0 to 256
[  324.562126][T13297] FAT-fs (loop4): Directory bread(block 72) failed
[  324.599044][T13297] FAT-fs (loop4): Directory bread(block 73) failed
[  324.611157][T13307] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x395e47cf, utbl_chksum : 0xe619d30d)
[  324.991017][T13317] loop4: detected capacity change from 0 to 256
[  325.019774][T13317] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  325.066495][T13317] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  325.243676][T13327] loop5: detected capacity change from 0 to 4095
[  325.963575][T13353] input: syz0 as /devices/virtual/input/input9
[  325.992237][T13355] netlink: 'syz.0.2761': attribute type 1 has an invalid length.
[  326.013877][T13355] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2761'.
[  326.268867][T13335] loop2: detected capacity change from 0 to 32768
[  326.341209][T13335] syz.2.2752: attempt to access beyond end of device
[  326.341209][T13335] loop2: rw=8388609, sector=4680032, nr_sectors = 8 limit=32768
[  326.408008][T13335] metapage_write_end_io: I/O error
[  326.408321][T13374] EXT4-fs error (device loop6): ext4_orphan_get:1391: inode #15: comm syz.6.2767: inode has both inline data and extents flags
[  326.428154][T13374] loop6: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  326.428620][T13374] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.2767: couldn't read orphan inode 15 (err -117)
[  326.437864][    C0] EXT4-fs (loop6): error count since last fsck: 1
[  326.437890][    C0] EXT4-fs (loop6): initial error at time 1773238961: ext4_orphan_get:1391: inode 15
[  326.437925][    C0] EXT4-fs (loop6): last error at time 1773238961: ext4_orphan_get:1391: inode 15
[  326.478837][T13374] loop6: lost filesystem error report for type 5 error -117
[  326.480810][T13374] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  326.484665][T13335] ERROR: (device loop2): release_metapage: metapage_write_one() failed
[  326.484665][T13335] 
[  326.535584][T13335] ERROR: (device loop2): remounting filesystem as read-only
[  326.563598][T11488] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  326.581709][  T118] blkno = 8ed2c, nblocks = 1
[  326.587887][T13335] blkno = 8ed2c, nblocks = 1
[  326.596134][  T118] ERROR: (device loop2): dbUpdatePMap: blocks are outside the map
[  326.596134][  T118] 
[  326.608262][T13335] ERROR: (device loop2): dbUpdatePMap: blocks are outside the map
[  326.608262][T13335] 
[  326.678453][T13380] exfat: Deprecated parameter 'namecase'
[  326.687704][T13335] ERROR: (device loop2): dtSearch: DT_GETPAGE: dtree page corrupt
[  326.687704][T13335] 
[  326.718940][T13380] exfat: Deprecated parameter 'namecase'
[  326.730663][T13335] jfs_mkdir: dtSearch returned -5
[  326.787740][T13380] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xbc8dc3cd, utbl_chksum : 0xe619d30d)
[  326.831180][T13380] exFAT-fs (loop4): start_clu is invalid cluster(0xff000008)
[  326.848450][ T5835] syz-executor: attempt to access beyond end of device
[  326.848450][ T5835] loop2: rw=8388609, sector=4680032, nr_sectors = 8 limit=32768
[  326.884243][ T5835] metapage_write_end_io: I/O error
[  326.899606][ T5835] JFS: metapage_get_blocks failed
[  326.916561][ T5835] JFS: metapage_get_blocks failed
[  326.932316][ T5835] JFS: metapage_get_blocks failed
[  326.940586][ T5835] JFS: metapage_get_blocks failed
[  327.438447][    C1] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  327.489181][T13400] set_capacity_and_notify: 2 callbacks suppressed
[  327.489199][T13400] loop6: detected capacity change from 0 to 128
[  327.543448][T13402] program syz.0.2780 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  327.750095][T13404] dvmrp6: entered allmulticast mode
[  328.008719][T13412] loop4: detected capacity change from 0 to 512
[  328.048763][T13412] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  328.061578][T13412] ext4 filesystem being mounted at /598/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  328.141504][T13423] loop5: detected capacity change from 0 to 256
[  328.222207][T13423] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  328.275801][ T5836] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  328.528199][T13430] loop4: detected capacity change from 0 to 1024
[  328.629176][T13435] loop2: detected capacity change from 0 to 64
[  329.145573][T13455] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2802'.
[  329.199292][T13456] netlink: 'syz.6.2801': attribute type 83 has an invalid length.
[  329.528246][T13468] loop6: detected capacity change from 0 to 2048
[  329.566905][T13468] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024)
[  329.650517][ T5833] udevd[5833]: incorrect nilfs2 checksum on /dev/loop6
[  329.692543][T13476] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  329.741907][T13478] loop4: detected capacity change from 0 to 512
[  329.795844][T13478] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.2812: Invalid inode bitmap blk 4 in block_group 0
[  329.879641][T13478] loop4: lost filesystem error report for type 5 error -117
[  329.896436][T13476] NILFS (loop6): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  329.920305][T13478] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  330.005505][T13478] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 7969 vs 220 free clusters
[  330.033709][T13476] NILFS error (device loop6): nilfs_bmap_propagate: broken bmap (inode number=4)
[  330.077847][T13476] Remounting filesystem read-only
[  330.104936][T11488] NILFS (loop6): disposed unprocessed dirty file(s) when stopping log writer
[  330.124480][T13478] EXT4-fs error (device loop4): ext4_read_inode_bitmap:139: comm syz.4.2812: Invalid inode bitmap blk 4 in block_group 0
[  330.170615][T13473] loop5: detected capacity change from 0 to 40427
[  330.183342][T13478] EXT4-fs error (device loop4) in ext4_free_inode:361: Corrupt filesystem
[  330.195388][T13473] F2FS-fs: heap/no_heap options were deprecated
[  330.248155][T13473] F2FS-fs (loop5): build fault injection rate: 19
[  330.273623][T13473] F2FS-fs (loop5): build fault injection type: 0x3bfe8c
[  330.307323][T13473] F2FS-fs (loop5): invalid crc value
[  330.348829][T13473] F2FS-fs (loop5): inject page alloc in f2fs_grab_cache_folio of f2fs_build_free_nids+0x9d8/0x1810
[  330.435521][ T5836] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  330.654295][T13473] F2FS-fs (loop5): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x221/0x410
[  330.717766][T13473] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  330.742049][T13473] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  330.812017][T13473] F2FS-fs (loop5): inject page alloc in f2fs_grab_cache_folio of f2fs_get_dnode_of_data+0x911/0x2060
[  330.863853][T13510] loop0: detected capacity change from 0 to 2048
[  330.871691][T13473] F2FS-fs (loop5): inject slab alloc in f2fs_kmem_cache_alloc of vfs_getxattr_alloc+0x42e/0x590
[  330.898331][T13510] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  330.996481][T10895] syz-executor: attempt to access beyond end of device
[  330.996481][T10895] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  331.055811][T10895] CPU: 1 UID: 0 PID: 10895 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  331.055843][T10895] Tainted: [L]=SOFTLOCKUP
[  331.055849][T10895] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/27/2026
[  331.055860][T10895] Call Trace:
[  331.055868][T10895]  <TASK>
[  331.055876][T10895]  dump_stack_lvl+0xe8/0x150
[  331.055911][T10895]  f2fs_handle_critical_error+0x37c/0x540
[  331.055942][T10895]  f2fs_write_end_io+0x1274/0x1740
[  331.055990][T10895]  __submit_merged_bio+0x256/0x700
[  331.056020][T10895]  __submit_merged_write_cond+0x3c9/0x4e0
[  331.056052][T10895]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  331.056100][T10895]  f2fs_write_data_pages+0x287e/0x34f0
[  331.056165][T10895]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  331.056205][T10895]  ? __pfx_css_rstat_updated+0x10/0x10
[  331.056263][T10895]  ? mod_memcg_lruvec_state+0x208/0x220
[  331.056290][T10895]  ? __lock_acquire+0x6b5/0x2cf0
[  331.056334][T10895]  ? __lock_acquire+0x6b5/0x2cf0
[  331.056367][T10895]  ? do_raw_spin_lock+0x12b/0x2f0
[  331.056402][T10895]  ? do_raw_spin_unlock+0xf5/0x210
[  331.056432][T10895]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  331.056458][T10895]  do_writepages+0x32e/0x550
[  331.056491][T10895]  ? do_raw_spin_unlock+0xf5/0x210
[  331.056519][T10895]  filemap_fdatawrite+0x1e9/0x2f0
[  331.056545][T10895]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  331.056618][T10895]  ? do_raw_spin_unlock+0xf5/0x210
[  331.056649][T10895]  f2fs_sync_dirty_inodes+0x30e/0x860
[  331.056690][T10895]  f2fs_write_checkpoint+0x9df/0x26a0
[  331.056753][T10895]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  331.056837][T10895]  kill_f2fs_super+0x314/0x720
[  331.056869][T10895]  ? __pfx_kill_f2fs_super+0x10/0x10
[  331.056909][T10895]  ? lockdep_hardirqs_on+0x7a/0x110
[  331.056950][T10895]  deactivate_locked_super+0xbc/0x130
[  331.056978][T10895]  cleanup_mnt+0x437/0x4d0
[  331.057004][T10895]  ? _raw_spin_unlock_irq+0x23/0x50
[  331.057033][T10895]  task_work_run+0x1d9/0x270
[  331.057060][T10895]  ? __pfx_task_work_run+0x10/0x10
[  331.057092][T10895]  exit_to_user_mode_loop+0xed/0x480
[  331.057115][T10895]  ? rcu_is_watching+0x15/0xb0
[  331.057138][T10895]  do_syscall_64+0x32d/0xf80
[  331.057154][T10895]  ? trace_irq_disable+0x3b/0x150
[  331.057172][T10895]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.057190][T10895]  ? clear_bhb_loop+0x40/0x90
[  331.057212][T10895]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  331.057230][T10895] RIP: 0033:0x7f3ee059d9d7
[  331.057247][T10895] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  331.057259][T10895] RSP: 002b:00007ffdce4d90e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  331.057278][T10895] RAX: 0000000000000000 RBX: 00007f3ee0632050 RCX: 00007f3ee059d9d7
[  331.057290][T10895] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdce4d91a0
[  331.057301][T10895] RBP: 00007ffdce4d91a0 R08: 00007ffdce4da1a0 R09: 00000000ffffffff
[  331.057313][T10895] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffdce4da230
[  331.057325][T10895] R13: 00007f3ee0632050 R14: 0000000000050c87 R15: 00007ffdce4da270
[  331.057353][T10895]  </TASK>
[  331.061784][T10895] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  331.354975][T13520] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  331.578537][T13524] loop2: detected capacity change from 0 to 512
[  331.589318][T13524] EXT4-fs: Ignoring removed orlov option
[  331.604068][T13524] EXT4-fs: Ignoring removed mblk_io_submit option
[  331.681348][T13524] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -13
[  331.771427][T13524] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #13: comm syz.2.2832: attempt to clear invalid blocks 2 len 1
[  331.890057][T13524] loop2: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[  331.893525][    C0] EXT4-fs (loop2): initial error at time 1773238967: ext4_clear_blocks:876: inode 13
[  331.912265][    C0] EXT4-fs (loop2): last error at time 1773238967: ext4_clear_blocks:876: inode 13
[  331.995764][T13524] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  332.044204][T13524] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.2832: invalid indirect mapped block 1819239214 (level 0)
[  332.080929][T13524] loop2: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[  332.081592][T13524] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.2832: invalid indirect mapped block 1819239214 (level 1)
[  332.127117][T13524] loop2: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[  332.129507][T13524] EXT4-fs (loop2): 1 truncate cleaned up
[  332.175885][T13524] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  332.282493][T13524] EXT4-fs (loop2): shut down requested (2)
[  332.371200][ T5835] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.507330][T13540] UDF-fs: error (device loop5): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  332.590231][T13540] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found
[  332.628513][T13540] UDF-fs: Scanning with blocksize 512 failed
[  332.680938][T13540] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  333.043870][T13555] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2843'.
[  333.100092][T13559] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2844'.
[  333.338732][T13563] set_capacity_and_notify: 1 callbacks suppressed
[  333.338750][T13563] loop4: detected capacity change from 0 to 4096
[  333.370856][T13569] loop6: detected capacity change from 0 to 512
[  333.393356][T13563] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512).
[  333.400019][T13569] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem
[  333.655728][T13569] EXT4-fs error (device loop6): ext4_validate_block_bitmap:432: comm syz.6.2850: bg 0: block 104: invalid block bitmap
[  333.707970][T13569] loop6: lost filesystem error report for type 5 error -117
[  333.712401][    C1] EXT4-fs (loop6): error count since last fsck: 1
[  333.726338][    C1] EXT4-fs (loop6): initial error at time 1773238968: ext4_validate_block_bitmap:432
[  333.735795][    C1] EXT4-fs (loop6): last error at time 1773238968: ext4_validate_block_bitmap:432
[  333.757777][T13569] EXT4-fs error (device loop6) in ext4_mb_clear_bb:6685: Corrupt filesystem
[  333.817685][T13569] loop6: lost filesystem error report for type 5 error -117
[  333.818242][T13569] EXT4-fs error (device loop6): ext4_free_branches:1023: inode #11: comm syz.6.2850: invalid indirect mapped block 1 (level 1)
[  333.857453][T13582] loop0: detected capacity change from 0 to 64
[  333.865562][T13569] loop6: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  333.909940][T13569] EXT4-fs (loop6): 1 truncate cleaned up
[  333.986191][T13569] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  334.227785][T13595] loop2: detected capacity change from 0 to 512
[  334.247782][T11488] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  334.296384][T13595] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  334.353533][T13595] EXT4-fs (loop2): orphan cleanup on readonly fs
[  334.404441][T13595] EXT4-fs warning (device loop2): ext4_enable_quotas:7236: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  334.544026][T13595] EXT4-fs (loop2): Cannot turn on quotas: error -22
[  334.563108][T13595] EXT4-fs error (device loop2): ext4_ext_check_inode:521: inode #13: comm syz.2.2861: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  334.653604][T13595] loop2: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[  334.657834][T13595] EXT4-fs error (device loop2): ext4_orphan_get:1396: comm syz.2.2861: couldn't read orphan inode 13 (err -117)
[  334.667177][    C1] EXT4-fs (loop2): error count since last fsck: 1
[  334.667202][    C1] EXT4-fs (loop2): last error at time 1773238969: ext4_ext_check_inode:521: inode 13
[  334.698422][T13595] loop2: lost filesystem error report for type 5 error -117
[  334.738159][T13595] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  334.860368][T13595] EXT4-fs (loop2): shut down requested (0)
[  334.964541][ T5835] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.097170][T13629] loop2: detected capacity change from 0 to 24
[  335.133492][T13631] loop5: detected capacity change from 0 to 128
[  335.134342][T13629] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  335.153192][T13631] EXT4-fs (loop5): Test dummy encryption mode enabled
[  335.220268][T13631] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  335.276463][T13631] ext4 filesystem being mounted at /185/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  335.320382][T13629] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  335.366192][T13637] netlink: 'syz.0.2874': attribute type 32 has an invalid length.
[  335.415710][T13637] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2874'.
[  335.459388][T13631] EXT4-fs error (device loop5): ext4_validate_block_bitmap:423: comm syz.5.2872: bg 0: bad block bitmap checksum
[  335.570110][T10895] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  335.586890][T13637] bond1: option coupled_control: invalid value (118)
[  335.618267][T13637] bond1 (unregistering): Released all slaves
[  335.945935][T13650] loop5: detected capacity change from 0 to 4096
[  336.407920][T13665] netlink: 'syz.4.2887': attribute type 1 has an invalid length.
[  336.437410][T13665] netlink: 'syz.4.2887': attribute type 7 has an invalid length.
[  336.494759][T13665] netlink: 'syz.4.2887': attribute type 8 has an invalid length.
[  336.525571][T13665] netlink: 208 bytes leftover after parsing attributes in process `syz.4.2887'.
[  337.280218][T13671] loop2: detected capacity change from 0 to 32768
[  337.300410][T13671] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  337.394039][T13671] XFS (loop2): Ending clean mount
[  337.450299][T13706] loop0: detected capacity change from 0 to 2048
[  337.486805][T13706] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  337.505398][T13671] XFS (loop2): Quotacheck needed: Please wait.
[  337.755245][T13671] XFS (loop2): Quotacheck: Done.
[  338.000934][ T5835] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  338.083799][T13725] loop6: detected capacity change from 0 to 256
[  338.117201][T13725] exfat: Deprecated parameter 'utf8'
[  338.151790][T13725] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  338.780617][T13748] loop4: detected capacity change from 0 to 2048
[  338.811491][T13748] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  338.886002][T13755] usb usb1: usbfs: interface 0 claimed by hub while 'syz.6.2924' sets config #0
[  338.888789][   T30] audit: type=1800 audit(1773238974.118:187): pid=13748 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2920" name="file3" dev="loop4" ino=1416 res=0 errno=0
[  338.940156][T13755] usb usb1: usbfs: interface 0 claimed by hub while 'syz.6.2924' sets config #1
[  339.027665][T13760] loop5: detected capacity change from 0 to 256
[  339.055945][T13760] exfat: Deprecated parameter 'utf8'
[  339.205664][T13764] loop7: detected capacity change from 0 to 7
[  339.257961][T10895] exFAT-fs (loop5): error, data size is invalid(34359738378)
[  339.284845][T10895] exFAT-fs (loop5): Filesystem has been set read-only
[  339.303214][T10895] exFAT-fs (loop5): error, data size is invalid(34359738378)
[  339.429076][T13764] Dev loop7: unable to read RDB block 7
[  339.436657][T13764]  loop7: unable to read partition table
[  339.443236][T13764] loop7: partition table beyond EOD, truncated
[  339.452456][T13764] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  339.470266][    C0] invalid error, dev loop7, sector 0 op 0x1:(WRITE) flags 0x800800 phys_seg 1 prio class 2
[  339.480677][    C0] Buffer I/O error on dev loop7, logical block 0, lost async page write
[  339.682235][T13773] loop6: detected capacity change from 0 to 2048
[  339.876955][T13775] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  340.101615][T13781] NILFS error (device loop6): nilfs_lookup: deleted inode referenced: 12
[  340.105347][   T30] audit: type=1800 audit(1773238975.328:188): pid=13773 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2933" name="file2" dev="loop6" ino=16 res=0 errno=0
[  340.160417][T13781] Remounting filesystem read-only
[  340.252688][   T49] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  340.417411][T13789] ptrace attach of "./syz-executor exec"[5835] was attempted by ""[13789]
[  340.621611][   T49] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  340.673467][ T5151] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  340.686621][ T5151] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  340.700921][ T5151] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  340.724532][ T5151] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  340.746969][ T5151] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  340.999350][T13806] loop2: detected capacity change from 0 to 256
[  341.077205][T13806] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x11bc5d80, utbl_chksum : 0xe619d30d)
[  341.229268][   T49] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  341.411097][T13819] sctp: [Deprecated]: syz.2.2953 (pid 13819) Use of int in max_burst socket option.
[  341.411097][T13819] Use struct sctp_assoc_value instead
[  341.501966][   T49] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  341.673546][T13831] loop0: detected capacity change from 0 to 1024
[  341.958233][T13796] chnl_net:caif_netlink_parms(): no params data found
[  341.980098][   T58] hfsplus: b-tree write err: -5, ino 25
[  342.002631][   T58] hfsplus: b-tree write err: -5, ino 4
[  342.015940][   T58] hfsplus: b-tree write err: -5, ino 2
[  342.244480][T13848] loop4: detected capacity change from 0 to 512
[  342.294361][T13848] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=6054e01c, mo2=0102]
[  342.327857][T13848] System zones: 1-12
[  342.347130][T13848] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.2965: inode has both inline data and extents flags
[  342.367316][T13848] loop4: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  342.369709][T13848] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.2965: couldn't read orphan inode 15 (err -117)
[  342.378974][    C1] EXT4-fs (loop4): error count since last fsck: 1
[  342.378996][    C1] EXT4-fs (loop4): initial error at time 1773238977: ext4_orphan_get:1391: inode 15
[  342.379026][    C1] EXT4-fs (loop4): last error at time 1773238977: ext4_orphan_get:1391: inode 15
[  342.576811][T13848] loop4: lost filesystem error report for type 5 error -117
[  342.578539][T13848] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  342.757570][T13796] bridge0: port 1(bridge_slave_0) entered blocking state
[  342.777000][T13796] bridge0: port 1(bridge_slave_0) entered disabled state
[  342.787225][ T5836] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  342.819165][ T5151] Bluetooth: hci1: command tx timeout
[  342.831633][T13796] bridge_slave_0: entered allmulticast mode
[  342.840876][T13796] bridge_slave_0: entered promiscuous mode
[  342.893896][T13796] bridge0: port 2(bridge_slave_1) entered blocking state
[  342.909973][T13796] bridge0: port 2(bridge_slave_1) entered disabled state
[  342.918737][T13796] bridge_slave_1: entered allmulticast mode
[  342.928325][T13796] bridge_slave_1: entered promiscuous mode
[  343.076413][T13867] netlink: 'syz.4.2970': attribute type 3 has an invalid length.
[  343.103499][T13867] netlink: 64 bytes leftover after parsing attributes in process `syz.4.2970'.
[  343.176117][T13796] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  343.200835][T13796] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  343.333882][   T49] bridge_slave_1: left allmulticast mode
[  343.348586][   T49] bridge_slave_1: left promiscuous mode
[  343.375835][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  343.408431][   T49] bridge_slave_0: left allmulticast mode
[  343.437992][   T49] bridge_slave_0: left promiscuous mode
[  343.452948][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  343.560240][T13877] loop6: detected capacity change from 0 to 256
[  343.567481][T13876] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2975'.
[  343.577747][T13863] loop0: detected capacity change from 0 to 32768
[  343.587683][T13863] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.2969 (13863)
[  343.683392][T13863] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  343.725299][T13863] BTRFS info (device loop0): using crc32c checksum algorithm
[  343.908473][T13896] loop6: detected capacity change from 0 to 64
[  344.020527][T13863] BTRFS info (device loop0): rebuilding free space tree
[  344.070982][T13863] BTRFS info (device loop0): checking UUID tree
[  344.098665][T13863] BTRFS info (device loop0): allowing degraded mounts
[  344.110440][T13863] BTRFS info (device loop0): enabling ssd optimizations
[  344.117913][T13863] BTRFS info (device loop0): enabling free space tree
[  344.126969][T13863] BTRFS info (device loop0): force clearing of disk cache
[  344.134501][T13863] BTRFS info (device loop0): enabling auto defrag
[  344.141686][T13863] BTRFS info (device loop0): force zlib compression, level 3
[  344.391520][ T5826] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  344.407877][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  344.443242][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  344.474214][   T49] bond0 (unregistering): Released all slaves
[  344.569781][T13796] team0: Port device team_slave_0 added
[  344.767859][T13796] team0: Port device team_slave_1 added
[  344.833245][   T49] IPVS: stopping backup sync thread 11538 ...
[  344.873181][ T5151] Bluetooth: hci1: command tx timeout
[  345.230362][T13796] batman_adv: batadv0: Adding interface: batadv_slave_0
[  345.270800][T13796] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  345.321136][T13796] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  345.360174][T13928] option changes via remount are deprecated (pid=13922 comm=syz.2.2989)
[  345.379272][T13796] batman_adv: batadv0: Adding interface: batadv_slave_1
[  345.400642][T13796] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  345.428947][T13796] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  345.449814][T13928] cgroup: option or name mismatch, new: 0x4 "", old: 0x0 ""
[  345.498111][T13927] loop0: detected capacity change from 0 to 4096
[  345.540013][T13927] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512).
[  345.761060][T13927] ntfs3(loop0): Failed to load $Extend (-22).
[  345.788170][T13927] ntfs3(loop0): Failed to initialize $Extend.
[  345.998056][T13796] hsr_slave_0: entered promiscuous mode
[  346.051920][T13796] hsr_slave_1: entered promiscuous mode
[  346.089762][T13796] debugfs: 'hsr0' already exists in 'hsr'
[  346.135934][T13796] Cannot create hsr debugfs directory
[  346.216230][   T49] hsr_slave_0: left promiscuous mode
[  346.260001][   T49] hsr_slave_1: left promiscuous mode
[  346.277092][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  346.304634][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[  346.354568][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  346.362092][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[  346.426574][T13961] loop4: detected capacity change from 0 to 128
[  346.461243][   T49] veth1_macvtap: left promiscuous mode
[  346.495294][   T49] veth0_macvtap: left promiscuous mode
[  346.519425][T13961] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  346.558495][   T49] veth1_vlan: left promiscuous mode
[  346.589877][   T49] veth0_vlan: left promiscuous mode
[  346.611613][T13961] ext4 filesystem being mounted at /648/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  346.736813][T13961] fscrypt (loop4, inode 12): Unsupported encryption flags (0x2a)
[  346.852241][ T5836] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  346.953460][ T5151] Bluetooth: hci1: command tx timeout
[  347.039613][T13986] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  347.039613][T13986] The task syz.4.3006 (13986) triggered the difference, watch for misbehavior.
[  347.158519][   T49] team0 (unregistering): Port device team_slave_1 removed
[  347.180245][   T49] team0 (unregistering): Port device team_slave_0 removed
[  347.663845][T13996] loop6: detected capacity change from 0 to 64
[  347.919566][    C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  348.009291][   T30] audit: type=1800 audit(1773238983.238:189): pid=13998 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.3012" name="file1" dev="loop6" ino=5 res=0 errno=0
[  348.074013][   T30] audit: type=1800 audit(1773238983.238:190): pid=14000 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.3012" name="file1" dev="loop6" ino=5 res=0 errno=0
[  348.261673][T14010] loop2: detected capacity change from 0 to 1024
[  348.316056][T14010] EXT4-fs: inline encryption not supported
[  348.342027][T14010] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  348.425836][T14010] EXT4-fs error (device loop2): ext4_map_blocks:779: inode #3: block 2: comm syz.2.3016: lblock 2 mapped to illegal pblock 2 (length 1)
[  348.455152][T14014] netlink: 60 bytes leftover after parsing attributes in process `syz.6.3017'.
[  348.511109][T14010] loop2: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[  348.513333][    C0] EXT4-fs (loop2): error count since last fsck: 1
[  348.528865][    C0] EXT4-fs (loop2): initial error at time 1773238983: ext4_map_blocks:779: inode 3: block 2
[  348.539653][    C0] EXT4-fs (loop2): last error at time 1773238983: ext4_map_blocks:779: inode 3: block 2
[  348.565670][T14010] EXT4-fs (loop2): Remounting filesystem read-only
[  348.577102][T14023] netlink: 60 bytes leftover after parsing attributes in process `syz.6.3017'.
[  348.591849][T14010] Quota error (device loop2): qtree_write_dquot: dquota write failed
[  348.621775][T13796] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  348.627520][T14010] Quota error (device loop2): v2_write_file_info: Can't write info structure
[  348.653229][T14010] EXT4-fs (loop2): 1 orphan inode deleted
[  348.683120][T14010] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  348.701229][T14021] netlink: 60 bytes leftover after parsing attributes in process `syz.6.3017'.
[  348.728508][T13796] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  348.810749][T13796] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  348.846789][T13796] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  348.904953][ T5835] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  349.033173][ T5151] Bluetooth: hci1: command tx timeout
[  349.124448][T14042] sctp: [Deprecated]: syz.4.3024 (pid 14042) Use of int in max_burst socket option.
[  349.124448][T14042] Use struct sctp_assoc_value instead
[  349.388390][T13796] 8021q: adding VLAN 0 to HW filter on device bond0
[  349.488138][T13796] 8021q: adding VLAN 0 to HW filter on device team0
[  349.560874][ T1158] bridge0: port 1(bridge_slave_0) entered blocking state
[  349.568088][ T1158] bridge0: port 1(bridge_slave_0) entered forwarding state
[  349.655622][   T58] bridge0: port 2(bridge_slave_1) entered blocking state
[  349.662936][   T58] bridge0: port 2(bridge_slave_1) entered forwarding state
[  349.847542][T14068] trusted_key: encrypted_key: keyword '��date' not recognized
[  350.137775][T14075] loop6: detected capacity change from 0 to 4096
[  350.229492][T14079] overlayfs: invalid origin (0000)
[  350.526467][T14089] ntfs3(loop6): ino=0, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ni_find_attr
[  350.591598][T13796] 8021q: adding VLAN 0 to HW filter on device batadv0
[  350.946480][T14107] loop4: detected capacity change from 0 to 64
[  351.018196][T14112] loop2: detected capacity change from 0 to 512
[  351.077950][T14112] EXT4-fs error (device loop2): ext4_validate_block_bitmap:432: comm syz.2.3044: bg 0: block 5: invalid block bitmap
[  351.149036][T14112] loop2: lost filesystem error report for type 5 error -117
[  351.152395][    C0] EXT4-fs (loop2): error count since last fsck: 1
[  351.166374][    C0] EXT4-fs (loop2): initial error at time 1773238986: ext4_validate_block_bitmap:432
[  351.175860][    C0] EXT4-fs (loop2): last error at time 1773238986: ext4_validate_block_bitmap:432
[  351.206699][T14112] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6685: Corrupt filesystem
[  351.263881][T14112] loop2: lost filesystem error report for type 5 error -117
[  351.265897][T14112] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.3044: invalid indirect mapped block 3 (level 2)
[  351.305314][T14112] loop2: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  351.308844][T14112] EXT4-fs (loop2): 1 orphan inode deleted
[  351.359114][T13796] veth0_vlan: entered promiscuous mode
[  351.368166][T14112] EXT4-fs (loop2): 1 truncate cleaned up
[  351.399922][T14112] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  351.438215][T13796] veth1_vlan: entered promiscuous mode
[  351.531737][ T5835] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  351.609737][T13796] veth0_macvtap: entered promiscuous mode
[  351.647420][T13796] veth1_macvtap: entered promiscuous mode
[  351.659557][T14124] loop4: detected capacity change from 0 to 1024
[  351.798747][T14124] hfsplus: b-tree write err: -5, ino 2
[  351.811119][T13796] batman_adv: batadv0: Interface activated: batadv_slave_0
[  351.889107][T13796] batman_adv: batadv0: Interface activated: batadv_slave_1
[  351.893858][T14124] hfsplus: b-tree write err: -5, ino 2
[  351.930480][T14133] hfsplus: catalog searching failed
[  351.992651][   T13] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  352.019346][   T13] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  352.077483][   T13] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  352.107198][ T3539] hfsplus: b-tree write err: -5, ino 25
[  352.113769][   T13] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  352.128087][ T3539] hfsplus: b-tree write err: -5, ino 4
[  352.141153][ T3539] hfsplus: b-tree write err: -5, ino 2
[  352.151543][T14114] loop0: detected capacity change from 0 to 32768
[  352.187928][ T3539] hfsplus: b-tree write err: -5, ino 26
[  352.219146][T14114] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.3045 (14114)
[  352.240705][ T3539] hfsplus: b-tree write err: -5, ino 27
[  352.344249][T14114] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  352.400275][T14114] BTRFS info (device loop0): using sha256 checksum algorithm
[  352.526639][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  352.566357][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  352.688752][T14114] BTRFS info (device loop0): rebuilding free space tree
[  352.703161][ T1146] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  352.759335][ T1146] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  352.849761][T14114] BTRFS info (device loop0): disabling free space tree
[  352.883017][T14114] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  352.921873][T14114] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  353.013092][T14114] BTRFS info (device loop0): enabling ssd optimizations
[  353.049835][T14114] BTRFS info (device loop0): turning on async discard
[  353.085836][T14114] BTRFS info (device loop0): force clearing of disk cache
[  353.129597][T14114] BTRFS info (device loop0): enabling auto defrag
[  353.155934][T14114] BTRFS info (device loop0): max_inline set to 4096
[  353.295284][T14114] BTRFS info (device loop0 state M): max_inline set to 4096
[  353.347631][T14114] BTRFS info (device loop0 state M): max_inline set to 4096
[  353.384313][T14170] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3054'.
[  353.597767][ T5826] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  353.739836][T14142] loop6: detected capacity change from 0 to 32768
[  353.815226][T14142] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.3053 (14142)
[  353.930091][T14142] BTRFS info (device loop6): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  353.975809][T14142] BTRFS info (device loop6): using blake2b checksum algorithm
[  354.050129][T14182] netlink: 76 bytes leftover after parsing attributes in process `syz.2.3060'.
[  354.167002][T14142] BTRFS info (device loop6): enabling ssd optimizations
[  354.241018][T14142] BTRFS info (device loop6): turning on async discard
[  354.303737][T14142] BTRFS info (device loop6): enabling free space tree
[  354.412502][T14202] Failed to get privilege flags for destination (handle=0x2:0x0)
[  354.668017][T14210] loop0: detected capacity change from 0 to 2048
[  354.746735][T11488] BTRFS info (device loop6): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  354.854227][T14210] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  354.967998][T14210] ext4 filesystem being mounted at /593/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  355.139239][   T30] audit: type=1800 audit(1773238990.348:191): pid=14223 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.3058" name="file2" dev="loop0" ino=16 res=0 errno=0
[  355.526337][ T5826] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  356.373083][T14263] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3084'.
[  356.420814][T14263] netlink: 20 bytes leftover after parsing attributes in process `syz.2.3084'.
[  356.428753][T14265] netlink: 12 bytes leftover after parsing attributes in process `syz.7.3085'.
[  356.446584][T14263] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3084'.
[  356.787629][    C0] BUG: workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[  357.033819][ T5907] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  357.232443][ T5907] usb 7-1: Using ep0 maxpacket: 8
[  357.253462][ T5907] usb 7-1: New USB device found, idVendor=110a, idProduct=1450, bcdDevice=62.cb
[  357.266821][ T5907] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  357.292169][ T5907] usb 7-1: Product: syz
[  357.301504][ T5907] usb 7-1: Manufacturer: syz
[  357.318915][ T5907] usb 7-1: SerialNumber: syz
[  357.794996][ T5907] mxuport 7-1:254.0: mxuport_recv_ctrl_urb - short read (0 / 4)
[  357.803333][ T5907] mxuport 7-1:254.0: probe with driver mxuport failed with error -5
[  358.011867][ T5907] usb 7-1: USB disconnect, device number 3